NetworkManager
- Drop nm-add-CAP_CHOWN-capability.patch: This solution was denied
  by upstream maintainers.
- Add nm-add-CAP_CHOWN-capability.patch: Add CAP_CHOWN to
  CapabilityBoundingSet to make teamd work properly
  (glfo#NetworkManager/NetworkManager!860, bsc#1185424).
- Exclude systemd.automount from nfs processing: fix boo#1116625
  as suggested from Neil Brown
SUSEConnect
- Update to 0.3.32
- Allow --regcode and --instance-data attributes at the same time (jsc#PCT-164)
- Document that 'debug' can also get set in the config file
- --status will also print the subscription name
- Update to 0.3.31
- Disallow registering via SUSEConnect if the system is managed by SUSE Manager.
- Add subscription name to output of 'SUSEConnect --status'
- Update to 0.3.30
- send payload of GET requests as part of the url,
  not in the body (see bsc#1185611)
aaa_base
- use autopatch
  - update first two patches from git originals to have the
    same apply depth as the rest:
  - git-01-61c106aac03930e03935172eaf94d92c02a343bd.patch
  - git-02-4e5fe2a6ec5690b51a369d2134a1119962438fd1.patch
  - fix get_kernel_version.c to work also for recent kernels
    on the s390/X platform (bsc#1191563)
  - git-37-dfc5b8af96bec249e44a83d573af1f95a661a85c.patch
  - support xz compressed kernel (bsc#1162581)
  - git-38-4c0060639f6fa854830a708a823976772afe7764.patch
  - Fixing possible resource leak
  - git-39-df622b89bc92fd882a6715c5743095528a643546.patch
  - excluding new kernel string in version search
- Add git-36-16d1cb895c2742e96a56af98111f8281bedd3188.patch:
  * Add $HOME/.local/bin to PATH, if it exists (bsc#1192248)
- Add patch git-34-9a1bc15517d6da56d75182338c0f1bc4518b2b75.patch
  * sysctl.d/50-default.conf:
    allow everybody to create IPPROTO_ICMP sockets (bsc#1174504)
- Add patch git-35-91f496b1f65af29832192bad949685a7bc25da0a.patch
  * sysctl.d/50-default.conf: fix ping_group_range syntax error
apparmor
- Fixed requires of python3 module (bsc#1191690)
- Don't provide python2 symbol for python3 package (bsc#1191690).
- Be explicit about using python2 macros, when needed.
augeas
- Allow all printable ASCII characters in WPA-PSK definition
  * augeas-allow_printable_ASCII.patch
  * bsc#1187512
  * Sourced from https://github.com/hercules-team/augeas/pull/723/commits
  * Credit to Michal Filka <mfilka@suse.com
autogen
- Add reproducible.patch to normalize tar
- Normalize date in man-pages (boo#1047218)
autoyast2
- Update the rules.xml schema:
  - add the "/hostname"/ element (bsc#1190696).
  - remove the 'haspcmica' element (related to bsc#1183352).
- 4.2.56
- Copy the files to the right location when a <file_location>
  is given (bsc#1188357).
- 4.2.55
- Add missing elements to rules.xml schema:
  - installed_product and installed_product_version (boo#1176089)
  - dialog section (bsc#1188153)
- 4.2.54
- Do not export the general/storage section when it is empty
  (related to bsc#1171356 and bsc#1187916).
- 4.2.53
- Backport gh#651 by schubi@suse.de:
  - Moving <files> section handling from second installation stage
    to first installation stage. (bsc#1174194)
- 4.2.52
- During autoupgrade do not try to register the system if it is
  explicitly disabled in the profile (bsc#1176965)
- 4.2.51
aws-cli
- Update to version 1.20.7 (bsc#1189649)
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.20.7/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.19.112
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.19.112/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.19.86
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.19.86/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.19.75
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.19.75/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.19.50
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.19.50/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.19.9 (bsc#1182421, bsc#1182422, jsc#ECO-3352, jsc#PM-2485)
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.19.9/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.18.212
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.18.212/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.18.185
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.18.185/CHANGELOG.rst
- Rename README.md to README.rst in %doc section
- Update Requires in spec file from setup.py
- Update to version 1.18.156
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.18.156/CHANGELOG.rst
- Drop patches no longer required
  + hide_py_pckgmgmt.patch
- Update Requires in spec file from setup.py
- Update to version 1.18.133
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.18.133/CHANGELOG.rst
  + Forward port hide_py_pckgmgmt.patch
  + Update Requires in spec file from setup.py
bind
- Fixed CVE-2021-25219:
  The lame-ttl option controls how long named caches certain types
  of broken responses from authoritative servers (see the security
  advisory for details). This caching mechanism could be abused by
  an attacker to significantly degrade resolver performance. The
  vulnerability has been mitigated by changing the default value of
  lame-ttl to 0 and overriding any explicitly set value with 0,
  effectively disabling this mechanism altogether. ISC's testing has
  determined that doing that has a negligible impact on resolver
  performance while also preventing abuse.
  Administrators may observe more traffic towards servers issuing
  certain types of broken responses than in previous BIND 9 releases.
  [bsc#1192146, CVE-2021-25219, bind-CVE-2021-25219.patch]
- Fix off-by-one error when calculating new hashtable size
  When calculating the new hashtable bitsize, there was an off-by-one
  error that would allow the new bitsize to be larger than maximum allowed
  causing assertion failure in the rehash() function.
  [bsc#1188763, 0001-Fix-off-by-one-error-when-calculating-new-hashtable.patch]
- Since BIND 9.9, it has been easier to use tsig-keygen and
  ddns-confgen to generare TSIG keys. In 9.13, TSIG support was
  removed from dnssec-keygen, so now it is just for DNSKEY (and KEY
  for obscure cases). tsig-keygen is now used to generate DDNS keys.
  [bsc#1187921, vendor-files.tar.bz2]
binutils
- Add binutils-revert-hlasm-insns.diff for compatibility on old
  code stream that expect 'brcl 0,label' to not be disassembled
  as 'jgnop label' on s390x.  [bsc#1192267]
- Rebase binutils-2.37-branch.diff: fixes PR28523 aka boo#1188941.
- Fix empty man-pages from broken release tarball [PR28144].
- Update binutils-skip-rpaths.patch with contained a memory corruption
  (boo#1191473).
- Configure with --disable-x86-used-note on old code streams.
- Disable libalternatives temporarily for build cycle reasons.
- make TARGET-bfd=headers again, we patch bfd-in.h
- This state submitted to SLE12 and SLE15 code streams for annual
  toolchain update. [jsc#PM-2767, jsc#SLE-21561, jsc#SLE-19618]
- Bump binutils-2.37-branch.diff to 66d5c7003, to include fixes for
  PR28422, PR28192, PR28391.  Also adds some s390x arch14
  instructions [jsc#SLE-18637].
- Using libalternatives instead of update-alternatives.
- Adjust for testsuite fails on older products that configure
  binutils in different ways, adds  binutils-compat-old-behaviour.diff
  and adjusts binutils-revert-nm-symversion.diff and
  binutils-revert-plt32-in-branches.diff.
- Bump binutils-2.37-branch.diff: fixes PR28138.
- Use LTO & PGO build.
- Update to binutils 2.37:
  * The GNU Binutils sources now requires a C99 compiler and library to
    build.
  * Support for the arm-symbianelf format has been removed.
  * Support for Realm Management Extension (RME) for AArch64 has been
    added.
  * A new linker option '-z report-relative-reloc' for x86 ELF targets
    has been added to report dynamic relative relocations.
  * A new linker option '-z start-stop-gc' has been added to disable
    special treatment of __start_*/__stop_* references when
  - -gc-sections.
  * A new linker options '-Bno-symbolic' has been added which will
    cancel the '-Bsymbolic' and '-Bsymbolic-functions' options.
  * The readelf tool has a new command line option which can be used to
    specify how the numeric values of symbols are reported.
  - -sym-base=0|8|10|16 tells readelf to display the values in base 8,
    base 10 or base 16.  A sym base of 0 represents the default action
    of displaying values under 10000 in base 10 and values above that in
    base 16.
  * A new format has been added to the nm program.  Specifying
    '--format=just-symbols' (or just using -j) will tell the program to
    only display symbol names and nothing else.
  * A new command line option '--keep-section-symbols' has been added to
    objcopy and strip.  This stops the removal of unused section symbols
    when the file is copied.  Removing these symbols saves space, but
    sometimes they are needed by other tools.
  * The '--weaken', '--weaken-symbol' and '--weaken-symbols' options
    supported by objcopy now make undefined symbols weak on targets that
    support weak symbols.
  * Readelf and objdump can now display and use the contents of .debug_sup
    sections.
  * Readelf and objdump will now follow links to separate debug info
    files by default.  This behaviour can be stopped via the use of the
    new '-wN' or '--debug-dump=no-follow-links' options for readelf and
    the '-WN' or '--dwarf=no-follow-links' options for objdump.  Also
    the old behaviour can be restored by the use of the
    '--enable-follow-debug-links=no' configure time option.
    The semantics of the =follow-links option have also been slightly
    changed.  When enabled, the option allows for the loading of symbol
    tables and string tables from the separate files which can be used
    to enhance the information displayed when dumping other sections,
    but it does not automatically imply that information from the
    separate files should be displayed.
    If other debug section display options are also enabled (eg
    '--debug-dump=info') then the contents of matching sections in both
    the main file and the separate debuginfo file *will* be displayed.
    This is because in most cases the debug section will only be present
    in one of the files.
    If however non-debug section display options are enabled (eg
    '--sections') then the contents of matching parts of the separate
    debuginfo file will *not* be displayed.  This is because in most
    cases the user probably only wanted to load the symbol information
    from the separate debuginfo file.  In order to change this behaviour
    a new command line option --process-links can be used.  This will
    allow di0pslay options to applied to both the main file and any
    separate debuginfo files.
  * Nm has a new command line option: '--quiet'.  This suppresses "/no
    symbols"/ diagnostic.
- Includes fixes for these CVEs:
  bnc#1181452 aka CVE-2021-20197 aka PR26945
  bnc#1183511 aka CVE-2021-20284 aka PR26931
  bnc#1184519 aka CVE-2021-20294 aka PR26929
  bnc#1184620 aka CVE-2021-3487 aka PR26946
  bnc#1184794 aka CVE-2020-35448 aka PR26574
- Also fixes:
  bsc#1183909 - slow performance of stripping some binaries
- Rebased patches: binutils-build-as-needed.diff, binutils-fix-abierrormsg.diff,
  binutils-fix-invalid-op-errata.diff, binutils-fix-relax.diff,
  binutils-revert-nm-symversion.diff, binutils-revert-plt32-in-branches.diff
- Removed patches (are in upstream): ppc-ensure-undef-dynamic-weak-undefined.patch and
  ppc-use-local-plt.patch.
- Add binutils-2.37-branch.diff.gz.
- ppc-ensure-undef-dynamic-weak-undefined.patch: PPC: ensure_undef_dynamic
  on weak undef only in plt
- ppc-use-local-plt.patch: PowerPC use_local_plt (prerequisite for above
  patch)
- Update 2.36 branch diff which fixes PR27587.
- Do not run make TARGET-bfd=headers separately.
- Bump 2.36 branch diff (includes fix for PR27441 aka bsc#1182252).
- Bump 2.36 branch diff.
- Update 2.36 branch diff which should fix PR27311 completely.
  It fixes also PR27284.
- Remove temporary fix 0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch.
- Add temporary upstream fix for PR27311
  0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch.
- Update to binutils 2.36:
  New features in the Assembler:
    General:
  * When setting the link order attribute of ELF sections, it is now
    possible to use a numeric section index instead of symbol name.
  * Added a .nop directive to generate a single no-op instruction in
    a target neutral manner.  This instruction does have an effect on
    DWARF line number generation, if that is active.
  * Removed --reduce-memory-overheads and --hash-size as gas now
    uses hash tables that can be expand and shrink automatically.
    X86/x86_64:
  * Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key
    Locker instructions.
  * Support non-absolute segment values for lcall and ljmp.
  * Add {disp16} pseudo prefix to x86 assembler.
  * Configure with --enable-x86-used-note by default for Linux/x86.
    ARM/AArch64:
  * Add support for Cortex-A78, Cortex-A78AE and Cortex-X1,
    Cortex-R82, Neoverse V1, and Neoverse N2 cores.
  * Add support for ETMv4 (Embedded Trace Macrocell), ETE (Embedded
    Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call
    Stack Recorder Extension) and BRBE (Branch Record Buffer
    Extension) system registers.
  * Add support for Armv8-R and Armv8.7-A ISA extensions.
  * Add support for DSB memory nXS barrier, WFET and WFIT
    instruction for Armv8.7.
  * Add support for +csre feature for -march. Add CSR PDEC
    instruction for CSRE feature in AArch64.
  * Add support for +flagm feature for -march in Armv8.4 AArch64.
  * Add support for +ls64 feature for -march in Armv8.7
    AArch64. Add atomic 64-byte load/store instructions for this
    feature.
  * Add support for +pauth (Pointer Authentication) feature for
  - march in AArch64.
    New features in the Linker:
  * Add --error-handling-script=<NAME> command line option to allow
    a helper script to be invoked when an undefined symbol or a
    missing library is encountered.  This option can be suppressed
    via the configure time switch: --enable-error-handling-script=no.
  * Add -z x86-64-{baseline|v[234]} to the x86 ELF linker to mark
    x86-64-{baseline|v[234]} ISA level as needed.
  * Add -z unique-symbol to avoid duplicated local symbol names.
  * The creation of PE format DLLs now defaults to using a more
    secure set of DLL characteristics.
  * The linker now deduplicates the types in .ctf sections.  The new
    command-line option --ctf-share-types describes how to do this:
    its default value, share-unconflicted, produces the most compact
    output.
  * The linker now omits the "/variable section"/ from .ctf sections
    by default, saving space.  This is almost certainly what you
    want unless you are working on a project that has its own
    analogue of symbol tables that are not reflected in the ELF
    symtabs.
  New features in other binary tools:
  * The ar tool's previously unused l modifier is now used for
    specifying dependencies of a static library. The arguments of
    this option (or --record-libdeps long form option) will be
    stored verbatim in the __.LIBDEP member of the archive, which
    the linker may read at link time.
  * Readelf can now display the contents of LTO symbol table
    sections when asked to do so via the --lto-syms command line
    option.
  * Readelf now accepts the -C command line option to enable the
    demangling of symbol names.  In addition the --demangle=<style>,
  - -no-demangle, --recurse-limit and --no-recurse-limit options
    are also now availale.
- Includes fixes for these CVEs:
  bnc#1179898 aka CVE-2020-16590 aka PR25821
  bnc#1179899 aka CVE-2020-16591 aka PR25822
  bnc#1179900 aka CVE-2020-16592 aka PR25823
  bnc#1179901 aka CVE-2020-16593 aka PR25827
  bnc#1179902 aka CVE-2020-16598 aka PR25840
  bnc#1179903 aka CVE-2020-16599 aka PR25842
  bnc#1180451 aka CVE-2020-35493 aka PR25307
  bnc#1180454 aka CVE-2020-35496 aka PR25308
  bnc#1180461 aka CVE-2020-35507 aka PR25308
- Rebase the following patches:
  * binutils-fix-relax.diff
  * binutils-revert-nm-symversion.diff
  * binutils-revert-plt32-in-branches.diff
- Add missing dependency on bc (ld.gold testsuite uses it).
- Use --enable-obsolete for cross builds as ia64 is deprecated now.
- Add binutils-2.36-branch.diff.gz.
blktrace
- Fix crash due to dropped first event while using pipe input (bsc#1191788).
  * blkparse: skip check_cpu_map with pipe input
  * blkparse: fix incorrectly sized memset in check_cpu_map
  * Added:
  - blkparse-skip-check_cpu_map-with-pipe-input.patch
  - blkparse-fix-incorrectly-sized-memset-in-check_cpu_m.patch
c-ares
- 5c995d5.patch: augment input validation on hostnames to allow _
  as part of DNS response (bsc#1190225)
- Version update to git snapshot 1.17.1+20200724:
  * fixes missing input validation on hostnames returned by DNS
    servers (bsc#1188881, CVE-2021-3672)
  * If ares_getaddrinfo() was terminated by an ares_destroy(),
    it would cause crash
  * Crash in sortaddrinfo() if the list size equals 0 due to
    an unexpected DNS response
  * Expand number of escaped characters in DNS replies as
    per RFC1035 5.1 to prevent spoofing
  * Use unbuffered /dev/urandom for random data to prevent early startup
    performance issues
- missing_header.patch: upstreamed
ca-certificates-mozilla
- remove the DST_Root_CA_X3.pem trust, as it expires september 30th 2021.
  (bsc#1190858)
chrony
- bsc#1173760: MD5 is not available from mozilla-nss in FIPS mode,
  but needed for calculating refids from IPv6 addresses as part of
  the NTP protocol (rfc5905). As this is a non-cryptographic use of
  MD5 we can use our own implementation without violating FIPS
  rules: chrony-refid-internal-md5.patch .
- boo#1162964, bsc#1183783, clknetsim-glibc-2.31.patch:
cloud-init
- Update to version 21.2 (bsc#1186004)
  + Remove patches included upstream:
  - cloud-init-azure-def-usr-pass.patch
  - cloud-init-after-kvp.diff
  - cloud-init-recognize-hpc.patch
  - use_arroba_to_include_sudoers_directory-bsc_1181283.patch
  - cloud-init-bonding-opts.patch
  - cloud-init-log-file-mode.patch
  - cloud-init-no-pwd-in-log.patch
  - 0001-templater-drop-Jinja-Python-2-compatibility-shim.patch
  + Remove cloud-init-sle12-compat.patch, version in SLE 12 is frozen to 20.2
  + Remove cloud-init-tests-set-exec.patch no longer needed
  + Forward port:
  - cloud-init-write-routes.patch
  - cloud-init-break-resolv-symlink.patch
  - cloud-init-sysconf-path.patch
  - cloud-init-no-tempnet-oci.patch
  +  Add rn check for SSH keys in Azure (#889)
  +  Revert "/Add support to resize rootfs if using LVM (#721)"/ (#887)
    (LP: #1922742)
  +  Add Vultaire as contributor (#881) [Paul Goins]
  +  Azure: adding support for consuming userdata from IMDS (#884) [Anh Vo]
  +  test_upgrade: modify test_upgrade_package to run for more sources (#883)
  +  Fix chef module run failure when chef_license is set (#868) [Ben Hughes]
  +  Azure: Retry net metadata during nic attach for non-timeout errs (#878)
    [aswinrajamannar]
  +  Azure: Retrieve username and hostname from IMDS (#865) [Thomas Stringer]
  +  Azure: eject the provisioning iso before reporting ready (#861) [Anh Vo]
  +  Use `partprobe` to re-read partition table if available (#856)
    [Nicolas Bock] (LP: #1920939)
  +  fix error on upgrade caused by new vendordata2 attributes (#869)
    (LP: #1922739)
  +  add prefer_fqdn_over_hostname config option (#859)
    [hamalq] (LP: #1921004)
  +  Emit dots on travis to avoid timeout (#867)
  +  doc: Replace remaining references to user-scripts as a config module
    (#866) [Ryan Harper]
  +  azure: Removing ability to invoke walinuxagent (#799) [Anh Vo]
  +  Add Vultr support (#827) [David Dymko]
  +  Fix unpickle for source paths missing run_dir (#863)
    [lucasmoura] (LP: #1899299)
  +  sysconfig: use BONDING_MODULE_OPTS on SUSE (#831) [Jens Sandmann]
  +  bringup_static_routes: fix gateway check (#850) [Petr Fedchenkov]
  +  add hamalq user (#860) [hamalq]
  +  Add support to resize rootfs if using LVM (#721)
    [Eduardo Otubo] (LP: #1799953)
  +  Fix mis-detecting network configuration in initramfs cmdline (#844)
    (LP: #1919188)
  +  tools/write-ssh-key-fingerprints: do not display empty header/footer
    (#817) [dermotbradley]
  +  Azure helper: Ensure Azure http handler sleeps between retries (#842)
    [Johnson Shi]
  +  Fix chef apt source example (#826) [timothegenzmer]
  +  .travis.yml: generate an SSH key before running tests (#848)
  +  write passwords only to serial console, lock down cloud-init-output.log
    (#847) (LP: #1918303)
  +  Fix apt default integration test (#845)
  +  integration_tests: bump pycloudlib dependency (#846)
  +  Fix stack trace if vendordata_raw contained an array (#837) [eb3095]
  +  archlinux: Fix broken locale logic (#841)
    [Kristian Klausen] (LP: #1402406)
  +  Integration test for #783 (#832)
  +  integration_tests: mount more paths IN_PLACE (#838)
  +  Fix requiring device-number on EC2 derivatives (#836) (LP: #1917875)
  +  Remove the vi comment from the part-handler example (#835)
  +  net: exclude OVS internal interfaces in get_interfaces (#829)
    (LP: #1912844)
  +  tox.ini: pass OS_* environment variables to integration tests (#830)
  +  integration_tests: add OpenStack as a platform (#804)
  +  Add flexibility to IMDS api-version (#793) [Thomas Stringer]
  +  Fix the TestApt tests using apt-key on Xenial and Hirsute (#823)
    [Paride Legovini] (LP: #1916629)
  +  doc: remove duplicate "/it"/ from nocloud.rst (#825) [V.I. Wood]
  +  archlinux: Use hostnamectl to set the transient hostname (#797)
    [Kristian Klausen]
  +  cc_keys_to_console.py: Add documentation for recently added config key
    (#824) [dermotbradley]
  +  Update cc_set_hostname documentation (#818) [Toshi Aoyama]
  From 21.1
  +  Azure: Support for VMs without ephemeral resource disks. (#800)
    [Johnson Shi] (LP: #1901011)
  +  cc_keys_to_console: add option to disable key emission (#811)
    [Michael Hudson-Doyle] (LP: #1915460)
  +  integration_tests: introduce lxd_use_exec mark (#802)
  +  azure: case-insensitive UUID to avoid new IID during kernel upgrade
    (#798) (LP: #1835584)
  +  stale.yml: don't ask submitters to reopen PRs (#816)
  +  integration_tests: fix use of SSH agent within tox (#815)
  +  integration_tests: add UPGRADE CloudInitSource (#812)
  +  integration_tests: use unique MAC addresses for tests (#813)
  +  Update .gitignore (#814)
  +  Port apt cloud_tests to integration tests (#808)
  +  integration_tests: fix test_gh626 on LXD VMs (#809)
  +  Fix attempting to decode binary data in test_seed_random_data test (#806)
  +  Remove wait argument from tests with session_cloud calls (#805)
  +  Datasource for UpCloud (#743) [Antti Myyrä]
  +  test_gh668: fix failure on LXD VMs (#801)
  +  openstack: read the dynamic metadata group vendor_data2.json (#777)
    [Andrew Bogott] (LP: #1841104)
  +  includedir in suoders can be prefixed by "/arroba"/ (#783)
    [Jordi Massaguer Pla]
  +  [VMware] change default max wait time to 15s (#774) [xiaofengw-vmware]
  +  Revert integration test associated with reverted #586 (#784)
  +  Add jordimassaguerpla as contributor (#787) [Jordi Massaguer Pla]
  +  Add Rick Harding to CLA signers (#792) [Rick Harding]
  +  HACKING.rst: add clarifying note to LP CLA process section (#789)
  +  Stop linting cloud_tests (#791)
  +  cloud-tests: update cryptography requirement (#790) [Joshua Powers]
  +  Remove 'remove-raise-on-failure' calls from integration_tests (#788)
  +  Use more cloud defaults in integration tests (#757)
  +  Adding self to cla signers (#776) [Andrew Bogott]
  +  doc: avoid two warnings (#781) [Dan Kenigsberg]
  +  Use proper spelling for Red Hat (#778) [Dan Kenigsberg]
  +  Add antonyc to .github-cla-signers (#747) [Anton Chaporgin]
  +  integration_tests: log image serial if available (#772)
  +  [VMware] Support cloudinit raw data feature (#691) [xiaofengw-vmware]
  +  net: Fix static routes to host in eni renderer (#668) [Pavel Abalikhin]
  +  .travis.yml: don't run cloud_tests in CI (#756)
  +  test_upgrade: add some missing commas (#769)
  +  cc_seed_random: update documentation and fix integration test (#771)
    (LP: #1911227)
  +  Fix test gh-632 test to only run on NoCloud (#770) (LP: #1911230)
  +  archlinux: fix package upgrade command handling (#768) [Bao Trinh]
  +  integration_tests: add integration test for LP: #1910835 (#761)
  +  Fix regression with handling of IMDS ssh keys (#760) [Thomas Stringer]
  +  integration_tests: log cloud-init version in SUT (#758)
  +  Add ajmyyra as contributor (#742) [Antti Myyrä]
  +  net_convert: add some missing help text (#755)
  +  Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL
    (#753) [Eduardo Otubo]
  +  doc: document missing IPv6 subnet types (#744) [Antti Myyrä]
  +  Add example configuration for datasource `AliYun` (#751) [Xiaoyu Zhong]
  +  integration_tests: add SSH key selection settings (#754)
  +  fix a typo in man page cloud-init.1 (#752) [Amy Chen]
  +  network-config-format-v2.rst: add Netplan Passthrough section (#750)
  +  stale: re-enable post holidays (#749)
  +  integration_tests: port ca_certs tests from cloud_tests (#732)
  +  Azure: Add telemetry for poll IMDS (#741) [Johnson Shi]
  +  doc: move testing section from HACKING to its own doc (#739)
  +  No longer allow integration test failures on travis (#738)
  +  stale: fix error in definition (#740)
  +  integration_tests: set log-cli-level to INFO by default (#737)
  +  PULL_REQUEST_TEMPLATE.md: use backticks around commit message (#736)
  +  stale: disable check for holiday break (#735)
  +  integration_tests: log the path we collect logs into (#733)
  +  .travis.yml: add (most) supported Python versions to CI (#734)
  +  integration_tests: fix IN_PLACE CLOUD_INIT_SOURCE (#731)
  +  cc_ca_certs: add RHEL support (#633) [cawamata]
  +  Azure: only generate config for NICs with addresses (#709)
    [Thomas Stringer]
  +  doc: fix CloudStack configuration example (#707) [Olivier Lemasle]
  +  integration_tests: restrict test_lxd_bridge appropriately (#730)
  +  Add integration tests for CLI functionality (#729)
  +  Integration test for gh-626 (#728)
  +  Some test_upgrade fixes (#726)
  +  Ensure overriding test vars with env vars works for booleans (#727)
  +  integration_tests: port lxd_bridge test from cloud_tests (#718)
  +  Integration test for gh-632. (#725)
  +  Integration test for gh-671 (#724)
  +  integration-requirements.txt: bump pycloudlib commit (#723)
  +  Drop unnecessary shebang from cmd/main.py (#722) [Eduardo Otubo]
  +  Integration test for LP: #1813396 and #669 (#719)
  +  integration_tests: include timestamp in log output (#720)
  +  integration_tests: add test for LP: #1898997 (#713)
  +  Add integration test for power_state_change module (#717)
  +  Update documentation for network-config-format-v2 (#701) [ggiesen]
  +  sandbox CA Cert tests to not require ca-certificates (#715)
    [Eduardo Otubo]
  +  Add upgrade integration test (#693)
  +  Integration test for 570 (#712)
  +  Add ability to keep snapshotted images in integration tests (#711)
  +  Integration test for pull #586 (#706)
  +  integration_tests: introduce skipping of tests by OS (#702)
  +  integration_tests: introduce IntegrationInstance.restart (#708)
  +  Add lxd-vm to list of valid integration test platforms (#705)
  +  Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL
    (#685) [Eduardo Otubo]
  +  Delete image snapshots created for integration tests (#682)
  +  Parametrize ssh_keys_provided integration test (#700) [lucasmoura]
  +  Drop use_sudo attribute on IntegrationInstance (#694) [lucasmoura]
  +  cc_apt_configure: add riscv64 as a ports arch (#687)
    [Dimitri John Ledkov]
  +  cla: add xnox (#692) [Dimitri John Ledkov]
  +  Collect logs from integration test runs (#675)
  From 20.4.1
  +  Revert "/ssh_util: handle non-default AuthorizedKeysFile config (#586)"/
  From 20.4
  +  tox: avoid tox testenv subsvars for xenial support (#684)
  +  Ensure proper root permissions in integration tests (#664) [James Falcon]
  +  LXD VM support in integration tests (#678) [James Falcon]
  +  Integration test for fallocate falling back to dd (#681) [James Falcon]
  +  .travis.yml: correctly integration test the built .deb (#683)
  +  Ability to hot-attach NICs to preprovisioned VMs before reprovisioning
    (#613) [aswinrajamannar]
  +  Support configuring SSH host certificates. (#660) [Jonathan Lung]
  +  add integration test for LP: #1900837 (#679)
  +  cc_resizefs on FreeBSD: Fix _can_skip_ufs_resize (#655)
    [Mina Galić] (LP: #1901958, #1901958)
  +  DataSourceAzure: push dmesg log to KVP (#670) [Anh Vo]
  +  Make mount in place for tests work (#667) [James Falcon]
  +  integration_tests: restore emission of settings to log (#657)
  +  DataSourceAzure: update password for defuser if exists (#671) [Anh Vo]
  +  tox.ini: only select "/ci"/ marked tests for CI runs (#677)
  +  Azure helper: Increase Azure Endpoint HTTP retries (#619) [Johnson Shi]
  +  DataSourceAzure: send failure signal on Azure datasource failure (#594)
    [Johnson Shi]
  +  test_persistence: simplify VersionIsPoppedFromState (#674)
  +  only run a subset of integration tests in CI (#672)
  +  cli: add  + -system param to allow validating system user-data on a
    machine (#575)
  +  test_persistence: add VersionIsPoppedFromState test (#673)
  +  introduce an upgrade framework and related testing (#659)
  +  add  + -no-tty option to gpg (#669) [Till Riedel] (LP: #1813396)
  +  Pin pycloudlib to a working commit (#666) [James Falcon]
  +  DataSourceOpenNebula: exclude SRANDOM from context output (#665)
  +  cloud_tests: add hirsute release definition (#662)
  +  split integration and cloud_tests requirements (#652)
  +  faq.rst: add warning to answer that suggests running `clean` (#661)
  +  Fix stacktrace in DataSourceRbxCloud if no metadata disk is found (#632)
    [Scott Moser]
  +  Make wakeonlan Network Config v2 setting actually work (#626)
    [dermotbradley]
  +  HACKING.md: unify network-refactoring namespace (#658) [Mina Galić]
  +  replace usage of dmidecode with kenv on FreeBSD (#621) [Mina Galić]
  +  Prevent timeout on travis integration tests. (#651) [James Falcon]
  +  azure: enable pushing the log to KVP from the last pushed byte  (#614)
    [Moustafa Moustafa]
  +  Fix launch_kwargs bug in integration tests (#654) [James Falcon]
  +  split read_fs_info into linux & freebsd parts (#625) [Mina Galić]
  +  PULL_REQUEST_TEMPLATE.md: expand commit message section (#642)
  +  Make some language improvements in growpart documentation (#649)
    [Shane Frasier]
  +  Revert "/.travis.yml: use a known-working version of lxd (#643)"/ (#650)
  +  Fix not sourcing default 50-cloud-init ENI file on Debian (#598)
    [WebSpider]
  +  remove unnecessary reboot from gpart resize (#646) [Mina Galić]
  +  cloudinit: move dmi functions out of util (#622) [Scott Moser]
  +  integration_tests: various launch improvements (#638)
  +  test_lp1886531: don't assume /etc/fstab exists (#639)
  +  Remove Ubuntu restriction from PR template (#648) [James Falcon]
  +  util: fix mounting of vfat on *BSD (#637) [Mina Galić]
  +  conftest: improve docstring for disable_subp_usage (#644)
  +  doc: add example query commands to debug Jinja templates (#645)
  +  Correct documentation and testcase data for some user-data YAML (#618)
    [dermotbradley]
  +  Hetzner: Fix instance_id / SMBIOS serial comparison (#640)
    [Markus Schade]
  +  .travis.yml: use a known-working version of lxd (#643)
  +  tools/build-on-freebsd: fix comment explaining purpose of the script
    (#635) [Mina Galić]
  +  Hetzner: initialize instance_id from system-serial-number (#630)
    [Markus Schade] (LP: #1885527)
  +  Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on static6 (#634)
    [Eduardo Otubo]
  +  get_interfaces: don't exclude Open vSwitch bridge/bond members (#608)
    [Lukas Märdian] (LP: #1898997)
  +  Add config modules for controlling IBM PowerVM RMC. (#584)
    [Aman306] (LP: #1895979)
  +  Update network config docs to clarify MAC address quoting (#623)
    [dermotbradley]
  +  gentoo: fix hostname rendering when value has a comment (#611)
    [Manuel Aguilera]
  +  refactor integration testing infrastructure (#610) [James Falcon]
  +  stages: don't reset permissions of cloud-init.log every boot (#624)
    (LP: #1900837)
  +  docs: Add how to use cloud-localds to boot qemu (#617) [Joshua Powers]
  +  Drop vestigial update_resolve_conf_file function (#620) [Scott Moser]
  +  cc_mounts: correctly fallback to dd if fallocate fails (#585)
    (LP: #1897099)
  +  .travis.yml: add integration-tests to Travis matrix (#600)
  +  ssh_util: handle non-default AuthorizedKeysFile config (#586)
    [Eduardo Otubo]
  +  Multiple file fix for AuthorizedKeysFile config (#60) [Eduardo Otubo]
  +  bddeb: new  + -packaging-branch argument to pull packaging from branch
    (#576) [Paride Legovini]
  +  Add more integration tests (#615) [lucasmoura]
  +  DataSourceAzure: write marker file after report ready in preprovisioning
    (#590) [Johnson Shi]
  +  integration_tests: emit settings to log during setup (#601)
  +  integration_tests: implement citest tests run in Travis (#605)
  +  Add Azure support to integration test framework (#604) [James Falcon]
  +  openstack: consider product_name as valid chassis tag (#580)
    [Adrian Vladu] (LP: #1895976)
  +  azure: clean up and refactor report_diagnostic_event (#563) [Johnson Shi]
  +  net: add the ability to blacklist network interfaces based on driver
    during enumeration of physical network devices (#591) [Anh Vo]
  +  integration_tests: don't error on cloud-init failure (#596)
  +  integration_tests: improve cloud-init.log assertions (#593)
  +  conftest.py: remove top-level import of httpretty (#599)
  +  tox.ini: add integration-tests testenv definition (#595)
  +  PULL_REQUEST_TEMPLATE.md: empty checkboxes need a space (#597)
  +  add integration test for LP: #1886531 (#592)
  +  Initial implementation of integration testing infrastructure (#581)
    [James Falcon]
  +  Fix name of ntp and chrony service on CentOS and RHEL. (#589)
    [Scott Moser] (LP: #1897915)
  +  Adding a PR template (#587) [James Falcon]
  +  Azure parse_network_config uses fallback cfg when generate IMDS network
    cfg fails (#549) [Johnson Shi]
  +  features: refresh docs for easier out-of-context reading (#582)
  +  Fix typo in resolv_conf module's description (#578) [Wacław Schiller]
  +  cc_users_groups: minor doc formatting fix (#577)
  +  Fix typo in disk_setup module's description (#579) [Wacław Schiller]
  +  Add vendor-data support to seedfrom parameter for NoCloud and OVF (#570)
    [Johann Queuniet]
  +  boot.rst: add First Boot Determination section (#568) (LP: #1888858)
  +  opennebula.rst: minor readability improvements (#573) [Mina Galić]
  +  cloudinit: remove unused LOG variables (#574)
  +  create a shutdown_command method in distro classes (#567)
    [Emmanuel Thomé]
  +  user_data: remove unused constant (#566)
  +  network: Fix type and respect name when rendering vlan in
    sysconfig. (#541) [Eduardo Otubo] (LP: #1788915, #1826608)
  +  Retrieve SSH keys from IMDS first with OVF as a fallback (#509)
    [Thomas Stringer]
  +  Add jqueuniet as contributor (#569) [Johann Queuniet]
  +  distros: minor typo fix (#562)
  +  Bump the integration-requirements versioned dependencies (#565)
    [Paride Legovini]
  +  network-config-format-v1: fix typo in nameserver example (#564)
    [Stanislas]
  +  Run cloud-init-local.service after the hv_kvp_daemon (#505)
    [Robert Schweikert]
  +  Add method type hints for Azure helper (#540) [Johnson Shi]
  +  systemd: add Before=shutdown.target when Conflicts=shutdown.target is
    used (#546) [Paride Legovini]
  +  LXD: detach network from profile before deleting it (#542)
    [Paride Legovini] (LP: #1776958)
  +  redhat spec: add missing BuildRequires (#552) [Paride Legovini]
  +  util: remove debug statement (#556) [Joshua Powers]
  +  Fix cloud config on chef example (#551) [lucasmoura]
  From 20.3
  +  Azure: Add netplan driver filter when using hv_netvsc driver (#539)
    [James Falcon] (LP: #1830740)
  +  query: do not handle non-decodable non-gzipped content (#543)
  +  DHCP sandboxing failing on noexec mounted /var/tmp (#521) [Eduardo Otubo]
  +  Update the list of valid ssh keys. (#487)
    [Ole-Martin Bratteng] (LP: #1877869)
  +  cmd: cloud-init query to handle compressed userdata (#516) (LP: #1889938)
  +  Pushing cloud-init log to the KVP (#529) [Moustafa Moustafa]
  +  Add Alpine Linux support. (#535) [dermotbradley]
  +  Detect kernel version before swap file creation (#428) [Eduardo Otubo]
  +  cli: add devel make-mime subcommand (#518)
  +  user-data: only verify mime-types for TYPE_NEEDED and x-shellscript
    (#511) (LP: #1888822)
  +  DataSourceOracle: retry twice (and document why we retry at all) (#536)
  +  Refactor Azure report ready code (#468) [Johnson Shi]
  +  tox.ini: pin correct version of httpretty in xenial{,-dev} envs (#531)
  +  Support Oracle IMDSv2 API (#528) [James Falcon]
  +  .travis.yml: run a doc build during CI (#534)
  +  doc/rtd/topics/datasources/ovf.rst: fix doc8 errors (#533)
  +  Fix 'Users and Groups' configuration documentation (#530) [sshedi]
  +  cloudinit.distros: update docstrings of add_user and create_user (#527)
  +  Fix headers for device types in network v2 docs (#532)
    [Caleb Xavier Berger]
  +  Add AlexBaranowski as contributor (#508) [Aleksander Baranowski]
  +  DataSourceOracle: refactor to use only OPC v1 endpoint (#493)
  +  .github/workflows/stale.yml: s/Josh/Rick/ (#526)
  +  Fix a typo in apt pipelining module (#525) [Xiao Liang]
  +  test_util: parametrize devlist tests (#523) [James Falcon]
  +  Recognize LABEL_FATBOOT labels (#513) [James Falcon] (LP: #1841466)
  +  Handle additional identifier for SLES For HPC (#520) [Robert Schweikert]
  +  Revert "/test-requirements.txt: pin pytest to <6 (#512)"/ (#515)
  +  test-requirements.txt: pin pytest to <6 (#512)
  +  Add "/tsanghan"/ as contributor (#504) [tsanghan]
  +  fix brpm building (LP: #1886107)
  +  Adding eandersson as a contributor (#502) [Erik Olof Gunnar Andersson]
  +  azure: disable bouncing hostname when setting hostname fails (#494)
    [Anh Vo]
  +  VMware: Support parsing DEFAULT-RUN-POST-CUST-SCRIPT (#441)
    [xiaofengw-vmware]
  +  DataSourceAzure: Use ValueError when JSONDecodeError is not available
    (#490) [Anh Vo]
  +  cc_ca_certs.py: fix blank line problem when removing CAs and adding
    new one (#483) [dermotbradley]
  +  freebsd: py37-serial is now py37-pyserial (#492) [Gonéri Le Bouder]
  +  ssh exit with non-zero status on disabled user (#472)
    [Eduardo Otubo] (LP: #1170059)
  +  cloudinit: remove global disable of pylint W0107 and fix errors (#489)
  +  networking: refactor wait_for_physdevs from cloudinit.net (#466)
    (LP: #1884626)
  +  HACKING.rst: add pytest.param pytest gotcha (#481)
  +  cloudinit: remove global disable of pylint W0105 and fix errors (#480)
  +  Fix two minor warnings (#475)
  +  test_data: fix faulty patch (#476)
  +  cc_mounts: handle missing fstab (#484) (LP: #1886531)
  +  LXD cloud_tests: support more lxd image formats (#482) [Paride Legovini]
  +  Add update_etc_hosts as default module on *BSD (#479) [Adam Dobrawy]
  +  cloudinit: fix tip-pylint failures and bump pinned pylint version (#478)
  +  Added BirknerAlex as contributor and sorted the file (#477)
    [Alexander Birkner]
  +  Update list of types of modules in cli.rst [saurabhvartak1982]
  +  tests: use markers to configure disable_subp_usage (#473)
  +  Add mention of vendor-data to no-cloud format documentation (#470)
    [Landon Kirk]
  +  Fix broken link to OpenStack metadata service docs (#467)
    [Matt Riedemann]
  +  Disable ec2 mirror for non aws instances (#390)
    [lucasmoura] (LP: #1456277)
  +  cloud_tests: don't pass  + -python-version to read-dependencies (#465)
  +  networking: refactor is_physical from cloudinit.net (#457) (LP: #1884619)
  +  Enable use of the caplog fixture in pytest tests, and add a
    cc_final_message test using it (#461)
  +  RbxCloud: Add support for FreeBSD (#464) [Adam Dobrawy]
  +  Add schema for cc_chef module (#375) [lucasmoura] (LP: #1858888)
  +  test_util: add (partial) testing for util.mount_cb (#463)
  +  .travis.yml: revert to installing ubuntu-dev-tools (#460)
  +  HACKING.rst: add details of net refactor tracking (#456)
  +  .travis.yml: rationalise installation of dependencies in host (#449)
  +  Add dermotbradley as contributor. (#458) [dermotbradley]
  +  net/networking: remove unused functions/methods (#453)
  +  distros.networking: initial implementation of layout (#391)
  +  cloud-init.service.tmpl: use "/rhel"/ instead of "/redhat"/ (#452)
  +  Change from redhat to rhel in systemd generator tmpl (#450)
    [Eduardo Otubo]
  +  Hetzner: support reading user-data that is base64 encoded. (#448)
    [Scott Moser] (LP: #1884071)
  +  HACKING.rst: add strpath gotcha to testing gotchas section (#446)
  +  cc_final_message: don't create directories when writing boot-finished
    (#445) (LP: #1883903)
  +  .travis.yml: only store new schroot if something has changed (#440)
  +  util: add ensure_dir_exists parameter to write_file (#443)
  +  printing the error stream of the dhclient process before killing it
    (#369) [Moustafa Moustafa]
  +  Fix link to the MAAS documentation (#442)
    [Paride Legovini] (LP: #1883666)
  +  RPM build: disable the dynamic mirror URLs when using a proxy (#437)
    [Paride Legovini]
  +  util: rename write_file's copy_mode parameter to preserve_mode (#439)
  +  .travis.yml: use $TRAVIS_BUILD_DIR for lxd_image caching (#438)
  +  cli.rst: alphabetise devel subcommands and add net-convert to list (#430)
  +  Default to UTF-8 in /var/log/cloud-init.log (#427) [James Falcon]
  +  travis: cache the chroot we use for package builds (#429)
  +  test: fix all flake8 E126 errors (#425) [Joshua Powers]
  +  Fixes KeyError for bridge with no "/parameters:"/ setting (#423)
    [Brian Candler] (LP: #1879673)
  +  When tools.conf does not exist, running cmd "/vmware-toolbox-cmd
    config get deployPkg enable-custom-scripts"/, the return code will
    be EX_UNAVAILABLE(69), on this condition, it should not take it as
    error. (#413) [chengcheng-chcheng]
  +  Document CloudStack data-server well-known hostname (#399) [Gregor Riepl]
  +  test: move conftest.py to top-level, to cover tests/ also (#414)
  +  Replace cc_chef is_installed with use of subp.is_exe. (#421)
    [Scott Moser]
  +  Move runparts to subp. (#420) [Scott Moser]
  +  Move subp into its own module. (#416) [Scott Moser]
  +  readme: point at travis-ci.com (#417) [Joshua Powers]
  +  New feature flag functionality and fix includes failing silently (#367)
    [James Falcon] (LP: #1734939)
  +  Enhance poll imds logging (#365) [Moustafa Moustafa]
  +  test: fix all flake8 E121 and E123 errors (#404) [Joshua Powers]
  +  test: fix all flake8 E241 (#403) [Joshua Powers]
  +  test: ignore flake8 E402 errors in main.py (#402) [Joshua Powers]
  +  cc_grub_dpkg: determine idevs in more robust manner with grub-probe
    (#358) [Matthew Ruffell] (LP: #1877491)
  +  test: fix all flake8 E741 errors (#401) [Joshua Powers]
  +  tests: add groovy integration tests for ubuntu (#400)
  +  Enable chef_license support for chef infra client (#389) [Bipin Bachhao]
  +  testing: use flake8 again (#392) [Joshua Powers]
  +  enable Puppet, Chef mcollective in default config (#385)
    [Mina Galić (deprecated: Igor Galić)] (LP: #1880279)
  +  HACKING.rst: introduce .net  + > Networking refactor section (#384)
  +  Travis: do not install python3-contextlib2 (dropped dependency) (#388)
    [Paride Legovini]
  +  HACKING: mention that .github-cla-signers is alpha-sorted (#380)
  +  Add bipinbachhao as contributor (#379) [Bipin Bachhao]
  +  cc_snap: validate that assertions property values are strings (#370)
  +  conftest: implement partial disable_subp_usage (#371)
  +  test_resolv_conf: refresh stale comment (#374)
  +  cc_snap: apply validation to snap.commands properties (#364)
  +  make finding libc platform independent (#366)
    [Mina Galić (deprecated: Igor Galić)]
  +  doc/rtd/topics/faq: Updates LXD docs links to current site (#368) [TomP]
  +  templater: drop Jinja Python 2 compatibility shim (#353)
  +  cloudinit: minor pylint fixes (#360)
  +  cloudinit: remove unneeded __future__ imports (#362)
  +  migrating momousta lp user to Moustafa-Moustafa GitHub user (#361)
    [Moustafa Moustafa]
  +  cloud_tests: emit dots on Travis while fetching images (#347)
  +  Add schema to apt configure config (#357) [lucasmoura] (LP: #1858884)
  +  conftest: add docs and tests regarding CiTestCase's subp functionality
    (#343)
  +  analyze/dump: refactor shared string into variable (#350)
  +  doc: update boot.rst with correct timing of runcmd (#351)
  +  HACKING.rst: change contact info to Rick Harding (#359) [lucasmoura]
  +  HACKING.rst: guide people to add themselves to the CLA file (#349)
  +  HACKING.rst: more unit testing documentation (#354)
  +  .travis.yml: don't run lintian during integration test package builds
    (#352)
  +  Add test to ensure docs examples are valid cloud-init configs (#355)
    [James Falcon] (LP: #1876414)
  +  make suse and sles support 127.0.1.1 (#336) [chengcheng-chcheng]
  +  Create tests to validate schema examples (#348)
    [lucasmoura] (LP: #1876412)
  +  analyze/dump: add support for Amazon Linux 2 log lines (#346)
    (LP: #1876323)
  +  bsd: upgrade support (#305) [Gonéri Le Bouder]
  +  Add lucasmoura as contributor (#345) [lucasmoura]
  +  Add "/therealfalcon"/ as contributor (#344) [James Falcon]
  +  Adapt the package building scripts to use Python 3 (#231)
    [Paride Legovini]
  +  DataSourceEc2: use metadata's NIC ordering to determine route-metrics
    (#342) (LP: #1876312)
  +  .travis.yml: introduce caching (#329)
  +  cc_locale: introduce schema (#335)
  +  doc/rtd/conf.py: bump copyright year to 2020 (#341)
  +  yum_add_repo: Add Centos to the supported distro list (#340)
- Add cloud-init-update-test-characters-in-substitution-unit-test.patch
  to fix unit test fail in TestGetPackageMirrorInfo::test_substitution.
- Add patch from upstream to remove python2 compatibility so
  cloud-init builds fine in Tumbleweed with a recent Jinja2
  version. This patch is only applied in TW.
  * 0001-templater-drop-Jinja-Python-2-compatibility-shim.patch
- Add cloud-init-log-file-mode.patch (bsc#1183939)
  + Change log file creation mode to 640
- Add cloud-init-no-pwd-in-log.patch (bsc#1184758)
  + Do not write the generated password to the log file
- Add cloud-init-purge-cache-py-ver-change.patch
cloud-netconfig
- Update to version 1.6:
  + Ignore proxy when accessing metadata (bsc#1187939)
  + Print warning in case metadata is not accessible
  + Documentation update
containerd
- Update to containerd v1.4.11, to fix CVE-2021-41103 bsc#1191121. bsc#1191355
- Switch to Go 1.16.x compiler, in line with upstream.
- Install systemd service file as well (fixes bsc#1190826)
- Update to containerd v1.4.8, to fix CVE-2021-32760. bsc#1188282
- Remove upstreamed patches:
  - bsc1188282-use-chmod-path-for-checking-symlink.patch
[ This patch was only released in SLES and Leap. ]
- Add patch for GHSA-c72p-9xmj-rx3w. CVE-2021-32760 bsc#1188282
  + bsc1188282-use-chmod-path-for-checking-symlink.patch
- Build with go1.15 for reproducible build results (boo#1102408)
corosync
- corosync totemudpu: bsc#1192467, Fix don't block local socketpair when interface is down
  Added: bsc#1192467_dont-block-local-socket-pair.patch
- corosync totem: bsc#1189680, Add cancel_token_hold_on_retransmit config option
  Added: bsc#1189680-cancel_token_hold_on_retransmit-option.patch
cpio
- Add another patch to fix regression (bsc#1189465)
  * fix-CVE-2021-38185_3.patch
- Fix regression in last update (bsc#1189465)
  * fix-CVE-2021-38185_2.patch
- Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr
  (CVE-2021-38185, bsc#1189206)
  * fix-CVE-2021-38185.patch
cracklib
- %check: really test the package [bsc#1191736]
crash
- Added crash-xen-increase-__physical_mask_shift_xen-to-52.patch
  (bsc#1177050)
- Fix "/kmem -i"/ option on Linux 5.9-rc1 and later kernels (bsc#1179970 ltc#188981).
  crash-Fix-kmem-i-option-on-Linux-5.9-rc1-and-later-kernels.patch
- Fix crash utility is taking forever to initialize a vmcore from large config
  system (bsc#1178827 ltc#189279).
  crash-task.c-avoid-unnecessary-cpu-cycles-in-stkptr_to_tas.patch
- Corrected project URL in spec file to match the changed upstream
  location as-of May 30th 2020.
  Noted the project URL change in README.SUSE without removing the old URL
  because it represents the location the project source was obtained from.
  The next project source update is available from the new project URL. When
  the package is updated with that source all URL project references will be
  modified to only show the new URL.
  Add crash-update-whitepaper-URL.patch
  Note change of no longer valid old project whitepaper URL to current valid
  project whitepaper URL in help output. Leave the old one reported because it
  represents the location the project source was obtained from for this
  package version.
  (bsc#1179536)
- Fix build on aarch64:
  crash-gdb-fix-aarch64.patch
- Add crash-verify-exception-frame-accessible-for-all-verify-requests.patch
  In calls to search a stack for x86_64 exceptions a flag is used
  to request the stack be verified for room to contain saved
  registers. The verify is not performed if other flags are used
  in the same call. Fixing this exposes another bug where only a
  kernel stack is verified anyway, even if the exception is being
  searched for on a userspace stack. Patch fixes both problems.
  (bsc#1162297)
- Add eppic-remove-duplicate-symbols.patch
  Fix eppic extension build.
- Add crash-fix-memory_driver-build-kernel-5.8.patch
  Fix memory driver build failure with kernels 5.8+.
- Always build crash KMPs.
- remove bypass lto and add -mfull-toc for ppc64le to check boo#1146646
- Add crash-Define-fallback-PN_XNUM.patch
  Add a fallback PN_XNUM definition.
crmsh
- Update to version 4.3.1+20211119.97feb471:
  * Fix: ui_resource: Parse node and lifetime correctly (bsc#1192618)
- Update to version 4.3.1+20211012.52d4086a:
  * Fix: ui_resource: Parse lifetime option correctly (bsc#1191508)
  * Fix: utils: Improve detect_cloud function and support non-Hyper-V in Azure
- Update to version 4.3.1+20210827.4fb174c4:
  * Fix: hb_report: Using python way to collect ra trace files (bsc#1189641)
  * Fix: bootstrap: adjust host list for parallax to get and copy known_hosts file(bsc#1188971)
- Update to version 4.3.1+20210811.2a30e37e:
  * Dev: ui_resource: Enhancement trace output
  * Fix: doc: Note that resource tracing is only supported by OCF RAs(bsc#1188966)
  * Medium: ra: performance/usability improvement (avoid systemd)
  * Dev: ui_context: Add info when spell-corrections happen
  * Fix: parse: Should still be able to show the empty property if it already exists(bsc#1188290)
- Update to version 4.3.1+20210702.4e0ee8fb:
  * Fix: bootstrap: check for missing fields in 'crm_node -l' output (bsc#1182131)
  * Fix: resource: make untrace consistent with trace (bsc#1187396)
  * Dev: sbd: enable SBD_DELAY_START in virtualization environment
- Update to version 4.3.1+20210624.67223df2:
  * Fix: ocfs2: Skip verifying UUID for ocfs2 device on top of raid or lvm on the join node (bsc#1187553)
- Update to version 4.3.0+20210616.cdcfe52e:
  * Fix: history: use Path.mkdir instead of mkdir command(bsc#1179999, CVE-2020-35459)
  * Dev: crash_test: Add big warnings to have users' attention to potential failover(jsc#SLE-17979)
  * Dev: crash_test: rename preflight_check as crash_test(jsc#SLE-17979)
  * Fix: bootstrap: update sbd watchdog timeout when using diskless SBD with qdevice(bsc#1184465)
  * Dev: utils: allow configure link-local ipv6 address(bsc#1163460)
  * Fix: parse: shouldn't allow property setting with an empty value(bsc#1185423)
  * Fix: help: show help message from argparse(bsc#1175982)
- Remove patches:
  0001-Fix-history-use-Path.mkdir-instead-of-mkdir-command-.patch
cronie
- Increase limit of allowed entries in crontab files to fix bsc#1187508
  * cronie-1.5.1-increase_crontab_limit.patch
csync2
- (bsc#1187080) Upgrade and removal of csync2 package throws error
  for non-existent service template:
  Removeinstance templates from %service_* macros.
curl
- MIME: Properly check Content-Type even if it has parameters
  * Add curl-check-content-type.patch [bsc#1190153]
- Security fix: [bsc#1190374, CVE-2021-22947]
  * STARTTLS protocol injection via MITM
  * Add curl-CVE-2021-22947.patch
- Security fix: [bsc#1190373, CVE-2021-22946]
  * Protocol downgrade required TLS bypassed
  * Add curl-CVE-2021-22946.patch
- Security fix: [bsc#1188220, CVE-2021-22925]
  * TELNET stack contents disclosure again
  * Add curl-CVE-2021-22925.patch
- Security fix: [bsc#1188219, CVE-2021-22924]
  * Bad connection reuse due to flawed path name checks
  * Add curl-CVE-2021-22924.patch
- Security fix: Disable the metalink feature:
  * Insufficiently Protected Credentials [bsc#1188218, CVE-2021-22923]
  * Wrong content via metalink not discarded [bsc#1188217, CVE-2021-22922]
dbus-1
- Add missing patch for CVE-2020-12049
  * fix-upstream-CVE-2020-12049_2.patch
- Fix CVE-2020-12049 truncated messages lead to resource exhaustion
  (CVE-2020-12049, bsc#1172505)
  * fix-upstream-CVE-2020-12049.patch
- Rebased fix-CVE-2019-12749.patch
- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105)
  * fix-upstream-userdb-constpointer.patch
  * fix-upstream-CVE-2020-35512.patch
docker
- Update to Docker 20.10.9-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1191355
  CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
  * 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Switch to Go 1.16.x compiler, in line with upstream.
- Add patch to return ENOSYS for clone3 to avoid breaking glibc again.
  bsc#1190670
  + 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Add shell requires for the *-completion subpackages.
dosfstools
- To be able to create filesystems compatible with previous
  version, add -g command line option to mkfs (boo#1188401,
  dosfstools-add-g.patch).
- BREAKING CHANGES:
  After fixing of bsc#1172863 in the last update, mkfs started to
  create different images than before. Applications that depend on
  exact FAT file format (e. g. embedded systems) may be broken in
  two ways:
  * The introduction of the alignment may create smaller images
    than before, with a different positions of important image
    elements. It can break existing software that expect images in
    doststools <= 4.1 style.
    To work around these problems, use "/-a"/ command line argument.
  * The new image may contain a different geometry values. Geometry
    sensitive applications expecting doststools <= 4.1 style images
    can fails to accept different geometry values.
    There is no direct work around for this problem. But you can
    take the old image, use "/file -s $IMAGE"/, check its
    "/sectors/track"/ and "/heads"/, and use them in the newly
    introduced "/-g"/ command line argument.
- Add fix-calculation.patch (gh#dosfstools/dosfstools#153, bsc#1172863)
  to work with different size of clusters.
dracut
- Update to version 049.1+suse.224.gd285ddd8:
  * fix(dracut.spec): change util-linux-systemd version for SLE15-SP2 (bsc#1194162)
  * fix(dracut.spec): require util-linux-systemd (bsc#1194162)
  * fix(url-lib): improve ca-bundle detection (bsc#1175892)
- Update to version 049.1+suse.218.gca24e614:
  * fix(iscsi): add iscsi-init.service requirements (bsc#1193512)
- Update to version 049.1+suse.216.gf705637b:
  * fix(iscsi): add support for the new iscsiadm "/no-wait"/ (-W) command
  * fix(iscsi): add iscsid.service requirements
    (bsc#1187190)
- Update to version 049.1+suse.213.g346cf20c:
  * fix(suse): add 60-io-scheduler.rules (bsc#1188713)
  * fix(kernel-modules): add blk_mq_alloc_disk and blk_cleanup_disk to blockfuncs (bsc#1190326)
- Update to version 049.1+suse.209.gebcf4f33:
  * fix(systemd): add unit files for systemd-coredump (bsc#1190845)
- Update to version 049.1+suse.207.g72a93d93:
  * fcoe/fcoe-genrules.sh: use $name instead of $env{INTERFACE} (bsc#1186260)
  * fix: /var/lib/nfs/statd/sm is /var/lib/nfs/sm on SUSE (bsc#1184970)
- Update to version 049.1+suse.203.g8ee14a90:
  * fix(suse-initrd): use $kernel rather than $(uname -r)
  * fix(suse-initrd): exclude modules that are built-in (bsc#1185646)
  * fix(suse-initrd): inform on usage of obsolete -f parameter (bsc#1187470)
  * docs: fix reference to insmodpost module (bsc#1187774)
- Update to version 049.1+suse.196.g8706843b:
  * fix(suse-initrd): restore INITRD_MODULES in mkinitrd script
  * fix(suse-initrd): call dracut_instmods with hostonly=
- Update to version 049.1+suse.192.g00425ead:
  * fix(suse-initrd): remove references to INITRD_MODULES (bsc#1187115)
  * fix(suse-initrd) fix list of modprobe.d directories
  * fix(install): handle $LIB in ldd output parsing (bsc#1185615)
drbd
- bsc#1189995, backport to fix the stuck in resync.
  Add patch fix-stuck-resync-when-cancelled.patch
efibootmgr

      
efivar
- Add efivar-bsc1187386-fix-emmc-parsing.patch to fix the eMMC
  sysfs parsing (bsc#1187386)
expat
- Security fix (CVE-2021-45960, bsc#1194251)
  * A left shift by 29 (or more) places in the storeAtts function
    in xmlparse.c can lead to realloc misbehavior.
  * Added expat-CVE-2021-45960.patch
- Security fix (CVE-2021-46143, bsc#1194362)
  * Integer overflow exists for m_groupSize in doProlog
  * Added expat-CVE-2021-46143.patch
- Security fix (CVE-2022-22822, bsc#1194474)
  * Integer overflow in addBinding in xmlparse.c
  * Added expat-CVE-2022-22822.patch
- Security fix (CVE-2022-22823, bsc#1194476)
  * Integer overflow in build_model in xmlparse.c
  * Added expat-CVE-2022-22823.patch
- Security fix (CVE-2022-22824, bsc#1194477)
  * Integer overflow in defineAttribute in xmlparse.c
  * Added expat-CVE-2022-22824.patch
- Security fix (CVE-2022-22825, bsc#1194478)
  * Integer overflow in lookup in xmlparse.c
  * Added expat-CVE-2022-22825.patch
- Security fix (CVE-2022-22826, bsc#1194479)
  * Integer overflow in nextScaffoldPart in xmlparse.c
  * Added expat-CVE-2022-22826.patch
- Security fix (CVE-2022-22827, bsc#1194480)
  * Integer overflow in storeAtts in xmlparse.c
  * Added expat-CVE-2022-22826.patch
- Refresh expat-CVE-2018-20843.patch as a p1 patch.
- Use %autosetup macro
fence-agents
- Update to version 4.9.0+git.1624456340.8d746be9:
  * fence_azure_arm: corrections to support Azure SDK >= 15 - including backward compatibility (#415)
    (bsc#1185058)
  * fence_gce: make serviceaccount work with new libraries
  * fence_kubevirt: new fence agent
  * fence_virt*: simple_auth: use %zu for sizeof to avoid failing verbose builds on some archs
  * configure: dont fail when --with-agents contains virt
  * fence_mpath: watchdog retries support
  * fencing: add multi plug support for reboot-action
  * fence_redfish: add missing diag logic
  * fencing: fix issue with hardcoded help text length for metadata
  * fence_lindypdu: update metadata
  * fence_lindypdu: new fence agent
  * fencing: add stonith_status_sleep parameter for sleep between status calls during a STONITH action
  * fence_openstack: code formatting fixes per: https://github.com/ClusterLabs/fence-agents/pull/397#pullrequestreview-634281798
  * Proper try-except for connection exception.
  * Fix CI.
  * Do not wrap as many values.
  * Restore port metadata.
  * Update xml metadata.
  * Use standard logging.
  * Revert change to __all__
  * fence_virt: fix required=1 parameters that used to not be required and add deprecated=1 for old deprecated params
  * Major rework of the original agent:
  * fence_gce: default method moved back to powercycle (#389)
  * fence_aws: add filter parameter to be able to limit which nodes are listed
  * virt: fix a bunch of coverity scan errors in ip_lookup
  * virt: make sure to provide an empty default to strncpy
  * virt: make sure buffers are big enough for 0 byte end string
  * virt: increase buffer size to avoid overruns
  * virt: check return code in virt-sockets
  * virt: fix error code checking
  * virt: fix plugin (minor) memory leak and plug in load race
  * virt: attempt to open file directly and avoid race condition
  * virt: fix different coverity scan errors in common/tcp
  * virt: cleanup deadcode in client/vsock
  * virt: cleanup deadcode in client/tcp
  * virt: fix potential buffer overrun
  * virt: fix mcast coverity scan errors
  * virt: drop pm-fence plugin
  * build: tidy up module sources
  * virt: drop libvirt-qmf plugin
  * virt: drop null plugin
  * build: enable fence_virtd cpg plugin by default
  * virt: drop fence_virtd non-modular build
  * virt: fix plugin installation regression on upgrades
  * build: temporary disable -Wcast-align for some agents
  * build: fix CFLAGS overrides when using clang
  * fence_virt: metadata fixes, implement manpage generation and metadata/delay/rng checks
  * virt: make sure variable is initialized
  * Drop travis CI
  * Revert "/virt: drop -Werror to avoid unnecessary failures"/
  * zvm: reformat fence_zvm to avoid gcc warnings
  * build: fix make maintainerclean
  * build: remove unnecessary build snippets
  * virt: drop -Werror to avoid unnecessary failures
  * virt: disable -Wunused for yy generated files
  * virt: disable fence-virt on bsd variants
  * virt: merge spec files
  * build: fix more gcc warnings
  * build: remove unused / obsoleted options
  * build: fix some annoying warnings at ./autogen.sh time
  * virt: move all virt CFLAGS/LDFLAGS in the right location
  * virt: fix unused gcc warnings and re-enable all build warnings
  * virt: fix write-strings gcc warnings
  * virt: fix pointer-arith gcc warnings
  * virt: fix declaration-after-statement gcc warnings
  * virt: fix build with -Wmissing-prototypes
  * build: don´t override clean target
  * virt: plug fence_virt into the build
  * virt: allow fence_virt build to be optional
  * virt: drop support for LSB init script
  * virt: collect docs in one location
  * virt: remove unnecessary files and move build macros in place
  * Ignore fence-virt man pages
  * Merge done
  * Move fence_virt to the correct location
  * Start merge
  * spec: use python3 path for newer releases
  * spec: undo autosetup change that breaks builds w/git commit hashes
  * Ignore unknown options on stdin
  * fence_gce: support google-auth and oauthlib and fallback to deprecated libs when not available
  * spec: add aliyun subpackage and fence_mpath_check* to mpath subpackage
  * fence_gce: Adds cloud-platform scope for bare metal API and optional proxy flags (#382)
  * fence_virt: Fix minor typo in metadata
  * fence_gce: update module reqs for SLES 15 (#383)
  * Add fence_ipmilanplus as fence_ipmilan wrapper always enabling lanplus
  * fence_redfish: Add diag action
  * fence_vbox: updated metadata file
  * fence_vbox: do not flood host account with vboxmanage calls
  * fence_aws/fence_gce: allow building without cloud libs
  * fence_gce: default to onoff
  * fence_lpar: Make --managed a required option
  * fence_zvmip: fix shell-timeout when using new disable-timeout parameter
  * Adds service account authentication to GCE fence agent
  * spec: dont build -all subpackage as noarch
  * fence_virt: add plug parameter that obsoletes old port parameter
  * Try to detect directory for initscripts configuration
  * Accept SIGTERM while waiting for initialization.
  * Add man pages to fence_virtd service file.
  * Fix spelling error in fence_virt.conf.5
  * build: fix BRs for suse distros
  * build: remove ExclusiveArch
  * build: removed gcc-c++ BR
  * build: add spec-file and rpm build targets
  * build: cleanup/improvements to reworked build system
  * [build] rework build system to use automake/libtool
  * fence_virtd: Fix segfault in vl_get when no domains are found
  * fence_virt: fix core dump
  * build: harden and make it possible to build with -fPIE
  * fence_virt: dont report success for incorrect parameters
  * fence_virt: mcast: config: Warn when provided mcast addr is not used
  * fence_virtd: Return control to main loop on select interruption
  * fence-virtd: Add missing vsock makefile bits
  * fence-virt: Add vsock support
  * fence_virtd: Fix transposed arguments in startup message
  * fence_virt: Rename challenge functions
  * fence_virtd: Cleanup: remove unused configuration options
  * fence_virt: Remove remaining references to checkpoints
  * fence_virt: Remove remaining references to checkpoints
  * fence-virt: Format string cleanup
  * fence_virtd: Implment hostlist for the cpg backend
  * fence_virt: Fix logic error in fence_xvm
  * fence_virtd: Cleanup config module
  * fence_virtd: cpg: Fail initialization if no hypervisor connections
  * fence_virtd: Make the libvirt backend survive libvirtd restarts
  * fence_virtd: Allow the cpg backend to survive libvirt failures
  * fence_virtd: cpg: Fix typo
  * fence-virtd: Add cpg-virt backend plugin
  * fence_virtd: Remove checkpoint, replace it with a CPG only plugin
  * fence-virt: Bump version
  * fence_virtd: Add better debugging messages for the TCP listner
  * fence_virtd: Fix potential unlocked pthread_cond_timedwait()
  * fence-virtd: Cleanup small memory leak
  * fence_virtd: Fix select logic in listener plugins
  * Factor out common libvirt code so that it can be reused by multiple backends
  * Document the fence_virtd -p command line flag
  * fence_virtd: Log an error when startup fails
  * Retry writes in the TCP, mcast, and serial listener plugins while sending a response to clients, if the write fails or is incomplete.
  * Make the packet authentication code more resilient in the face of transient failures.
  * Remove erroneous 'inline'
  * Disable the libvirt-qmf backend by default
  * Bump the versions of the libvirt and checkpoint plugins
  * fence-virtd: Enable TCP listener plugin by default
  * fence-virtd: Cleanup documentation of the TCP listener
  * fence_xvm/fence_virt: Add support for the validate-all status op
  * fence-virt: Add list-status command to man page and metadata
  * fence-virt: Cleanup numeric argument parsing
  * fence-virt: Log message to syslog in addition to stdout/stderr
  * fence-virt: Permit explicitly setting delay to 0
  * fence-virt: Add 'list-status' operation for compat with other agents
  * Fix use of undefined #define
  * Allow fence_virtd to run as non-root
  * Remove delay from the status, monitor and list functions
  * Resolves serveral problems in checkpoint plugin, making it functional.
  * Current implementation of event listener in virt-serial does not support keepalive, it does not generate nor capable to answer to keepalive requests, which causes libvirt connection to disconnect every 30 seconds (interval*timeout in libvirtd.conf). Furthermore, it does not clean up filehandlers and leaves hanging sockets. Also, if other thread opens its own connection to libvirt (i.e. checkpoint.c), event function in virt-serial.c just updates event listener file handler with a wrong one, what causes checkpoint.c malfunctions, fence_virtd hangs and so on. This patch uses default event listener implementation from libvirt and resolves theese problems.
  * daemon_init: Removed PID check and update
  * fence_virtd: drop legacy SysVStartPriority from service unit
  * fence-virt: client: Do not truncate VM domains in list output
  * client: fix "/delay"/ parameter checking (copy-paste)
  * fence-virt: Fix broken restrictions on the port ranges
  * Clarify debug message
  * fence-virtd: Use perror only if the last system call returns an error.
  * fence-virtd: Fix printing wrong system call in perror
  * fence-virtd: Allow multiple hypervisors for the libvirt backend
  * fence-virt: Don't overrwrite saved errno
  * fence-virt: Fix small memory leak in the config module
  * fence-virt: Fix mismatched sizeof in memset call
  * fence-virt: Send complete hostlist info
  * fence-virt: Clarify the path option in serial mode
  * Bump version
  * fence-virt: Bump version
  * fence_virtd: Fix broken systemd service file
  * fence_virt/fence_xvm: Print status when invoked with -o status
  * fence-virt: Fix for missed libvirtd events
  * fence-virt: Fail properly if unable to bind the listener socket
  * client: dump all arguments structure in debug mode
  * Drop executable flag for man pages (finally)
  * Honor implicit "/ip_family=auto"/ in fence_xvm w/IPv6 mult.addr.
  * Fix using bad struct item for auth algorithm
  * Drop executable flag for man pages
  * use bswap_X() instead of b_swapX()
  * fence_virtd: Fix memcpy size params in the TCP plugin
  * Revert "/fence-virt: Fix possible descriptor leak"/
  * fence_virtd: Return success if a domain exists but is already off.
  * fence-virt: Add back missing tcp_listener.h file
  * fence-virt: Fix a few fd leaks
  * fence-virt: Fix free of uninitialized variable
  * fence-virt: Fix possible null pointer dereference
  * fence-virt: Fix memory leak
  * fence-virt: Fix fd leak when finding local addresses
  * fence-virt: Fix possible descriptor leak
  * fence-virt: Fix possible fd leak
  * fence-virt: Fix null pointer deref
  * fence-virt: Explicitly set delay to 0
  * fence-virt: Fix return with lock held
  * fence_virt: Fix typo in fence_virt(8) man page
  * fence_virt: Return failure for nonexistent domains
  * Initial commit
  * Improve fence_virt.conf man page description of 'hash'
  * Add a delay (-w) option.
  * Remove duplicated port struct entry
  * Add a TCP listener plugin for use with viosproxy
  * In serial mode, return failure if the other end closes the connection before we see SERIAL_MAGIC in the reply or timeout.
  * Stop linking against unnecessary QPid libs.
  * Update libvirt-qmf plugin and docs
  * Fix crash when we fail to read key file.
  * Fix erroneous man page XML
  * Add 'interface' directive to example.conf
  * Fix build
  * Add old wait_for_backend directive handling & docs
  * Return proper error if we can't set up our socket.
  * Fix startup in systemd environments
  * Add systemd unit file and generation
  * Don't override user's pick for backend server module
  * Use libvirt as default in shipped config
  * Clean up compiler warnings
  * Fix serial domain handling
  * Fix monolithic build
  * Clean up build and comments.
  * Add missing pm_fence source code
  * Disable CMAN / checkpoint build by default
  * Rename libvirt-qpid -> libvirt-qmf
  * Fix static analysis errors
  * Reword assignment to appease static analyzers
  * Handle return value from virDomainGetInfo
  * Fix bad sizeof()
  * Make listen() retry
  * Add map_check on 'status' action
  * Update README
  * Don't reference out-of-scope temporary
  * Ensure we don't try to strdup() or atoi() on NULL
  * Add libvirt-qmf support to the libvirt-qpid plugin
  * Convert libvirt-qpid plugin to QMFv2
  * Fix incorrect return value on hash mismatch
  * Fix error getting status from libvirt-qpid plugin
  * Fix typo that broke multicast plugin
  * Make fence-virt requests endian clean
  * Update TODO
  * Fix input parsing to allow domain again
  * Provide 'domain' in metadata output for compatibility
  * High: Fix UUID lookups in checkpoint backend
  * Curtail 'list' operation requests
  * Fix man page references: fence_virtd.conf -> fence_virt.conf
  * Add 'list' operation for plugins; fix missing getopt line
  * Fix build with newer versions of qpid
  * Make configure.in actually disable plugins
  * Fix metadata output
  * Rename parameters to match other fencing agents
  * Fix fence_xvm man page to point to the right location
  * client: Clarify license in serial.c
  * Return 2 for 'off' like other fencing agents
  * Reset flags before returning from connect_nb
  * Use nonblocking connect to vmchannel sockets
  * More parity with other fencing agents' parameters
  * Fix memory leaks found with valgrind
  * Add basic daemon functions
  * Fix bug in path pruning support for serial plugin
  * Fix libvirt-qpid bugs found while testing
  * Fix segfault caused by invalid map pointer assignment
  * Fix another compiler warning
  * Fix build warnings in client/serial.c
  * Add 'monitor' as an alias for 'status'
  * Add serial listener to configuration utility
  * Make serial/vmchannel module enabled by default
  * Add missing 'metadata' option to help text
  * Add missing static_map.h
  * Add metadata support to fence_xvm/fence_virt
  * Allow IPs to be members of groups
  * Allow use of static mappings w/ mcast listener
  * Make 'path' be a directory
  * Update TODO
  * Remove useless debug printfs
  * Enable VM Channel support in serial plugin
  * Update TODO based on progress
  * Pass source VM UUID (if known) to backend
  * Mirror libvirt-qpid's settings in libvirt-qpid plugin
  * libvirt-qpid: clean up global variable
  * Enable a configurable host/port on libvirt-qpid plugin
  * Minor config utility cleanups
  * Man page cleanups
  * Remove unnecessary name_mode from multicast plugin
  * Add prototypes and clean up build warnings
  * Use seqno in serial requests
  * Minor debugging message cleanup
  * Fix build error due to improper value
  * Static map support and permissions reporting
  * Sync up on SERIAL_MAGIC while waiting for a response
  * Don't build serial vmchannel module by default
  * Update TODO
  * Initial checkin of serial server-side support
  * Fix fence_virt.conf man page name
  * Add Fedora init script
  * Compiler warning cleanups in virt-serial.c
  * Add wait-for-backend mode
  * Fix up help text for clients
  * Minor XML cleanups, add missing free() call
  * add missing module_path to fence_virtd.conf.5
  * Add capabilities to virt-serial
  * Note that serial support is experimental
  * Add a serial.so build target
  * Add vmchannel serial event interface
  * Split fence_virt vs. fence_xvm args
  * Add static map functions.
  * Fix build warning due to missing #include
  * Fix multiple query code
  * Better config query & multiple value/tag support
  * Add simple configuration mode
  * Add missing man pages
  * More minor config cleanups
  * Allow setting config values to NULL to clear them
  * Clean up example config file
  * Sort plugins by type when printing them
  * Revert "/Sort plugins by type when printing them"/
  * Sort plugins by type when printing them
  * Clean up some configuration plugin information
  * add empty line between names
  * Make libvirt to automatically use uuid or names
  * Improve error reporting
  * Fix build for hostlist functionality
  * Hostlist functionality for libvirt, libvirt-qpid
  * Update TODO
  * Work around broken nspr headers
  * Fix installation target for man pages
  * Fix default build script
  * Add man page build infrastructure
  * Initial commit of fence_virt & fence_xvm man pages
  * Make fence_xvm compatibility mode enabled by default
  * Fix libvirt / mcast support for name_mode
  * Fix agent option parsing
  * Fix dlsym mapping of C++ module
  * Make uuids work with libvirt-qpid
  * Fix uninitialized variable causing false returns
  * Update monolithic build
  * Fix linking problem
  * Add 'help' to fence_virtd
  * Fix libvirt-qpid build
  * Make 'reboot' work
  * Fix libvirt-qpid build
  * Add libvirt-qpid build target
  * Initial checking of libvirt-qpid plugin
  * Fix build on i686
  * Make symlink/compatibilty mode disabled by default
  * Add simple tarball / release script
  * Update TODO and requirements file
  * Update TODO
  * Use immediate resolution of symbols
  * Example config tweaks
  * Use sysconfdir for /etc/fence_virt.conf
  * Fix package name and install locations
  * Fix daemon return code
  * Add 'maintainer-clean' target
  * Fix build errors on Fedora
  * Add missing header file
  * Ignore automake error
  * Add missing COPYING file; update TODO
  * Make the build script actually build
  * Make cluster mode plugin work
  * Add basic cpg stuff for later
  * Enable 'on' operation for libvirt backend
  * Clean up modular build
  * Minor build cleanups
  * Yet more build fixes
  * More build cleanups
  * Build cleanups
  * Initial port to autoconf
  * Add checkpoint.c stub functions
  * Add sequence numbers to requests for tracking
  * Include missing include
  * Call generic history functions
  * Make history functions generic
  * Make debugging work from modules again
  * Revert "/Fix build issue breaking debug printing from modules"/
  * Fix build issue breaking debug printing from modules
  * Fix libvirt backend; VALIDATE was wrong
  * Cleanups, add daemon support
  * Add simple 'null' skeleton backend plugin
  * Make all plugins dynamically loaded.
  * Fix error message
  * Remove dummy serial prototypes
  * Remove modules in 'make clean'
  * Make listeners plugins.
  * Fix whitespace
  * Move name_mode to fence_virtd block
  * Add name_mode to example.conf
  * Move VM naming scheme to top level of config
  * Fix bad assignment due to wrong variable
  * Fix use of wrong variable
  * Revert "/Fix use of wrong variable"/
  * Fix use of wrong variable
  * Enable UUID use in libvirt.c
  * Add missing log.c.  Enable syslog wrapping
  * Move options.c to client directory
  * Fix context type names
  * Minor cleanup
  * Drop duplicate fencing requests
  * Don't require specifying an interface in fence_virt.conf
  * Fix empty node parsing
  * Fix segfault
  * Fix install targets
  * Actually use the default port by default
  * Don't overwrite config files
  * Install modules, too.
  * Fix config file name
  * Add temporary 'make install' target
  * Make a default configuration file
  * Make mcast work with UUIDs
  * Update TODO
  * Remove useless prototype
  * Update todo
  * Add checkpoint.so to the build
  * Fix missing carriage returns on debug prints
  * Add architecture overview description
  * Make serial_init match mcast_init.
  * Make multicast use config file
  * Integrate config file processing
  * Create server-side plugin architecture
  * Remove bad list_do/list_done macros
  * Make libvirt a built-in plugin
  * Update description text.
  * Fix header in serial.c.
  * serial: Make client work.
- remove patch contained by the update:
  - 0001-Adds-service-account-authentication-to-GCE-fence-age.patch
  (jsc#SLE-18182) ECO: Update fence-agents
  (jsc#SLE-18027) Add upstream PR to aws-vpc-move-ip and apply required resource & fence agent patches
file
- Add patch bsc1189996-9fbe768a.patch to fix bsc#1189996
gcc
- With gcc-PIE add -pie even when -fPIC is specified but we are
  not linking a shared library.  [boo#1185348]
- Fix postun of gcc-go alternative.
gcc7
- Adjust some ambiguous SPDX license specifications to prevent
  spec-cleaner from messing up.
- Add gcc7-pr55917.patch to do not handle exceptions in std::thread
  (jsc#CAR-1182)
- - Add gcc7-pfe-0001-Backport-Add-entry-for-patchable_function_entry.patch
  gcc7-pfe-0002-Backport-Skip-fpatchable-function-entry-tests-for-nv.patch
  gcc7-pfe-0003-Backport-Error-out-on-nvptx-for-fpatchable-function-.patch
  gcc7-pfe-0004-Backport-Adapt-scan-assembler-times-for-alpha.patch
  gcc7-pfe-0005-Backport-patchable_function_entry-decl.c-Use-3-NOPs-.patch
  gcc7-pfe-0006-Backport-IBM-Z-Use-the-dedicated-NOP-instructions-fo.patch
  gcc7-pfe-0007-Backport-Add-regex-to-search-for-uppercase-NOP-instr.patch
  gcc7-pfe-0008-Backport-ICE-segmentation-fault-with-patchable_funct.patch
  gcc7-pfe-0009-Backport-patchable_function_entry-decl.c-Pass-mcpu-g.patch
  gcc7-pfe-0010-Backport-patchable_function_entry-decl.c-Do-not-run-.patch
  gcc7-pfe-0011-Backport-patchable_function_entry-decl.c-Add-fno-pie.patch
  gcc7-pfe-0012-Backport-PR-c-89946-ICE-in-assemble_start_function-a.patch
  gcc7-pfe-0013-Backport-targhooks.c-default_print_patchable_functio.patch
  gcc7-pfe-0014-Backport-Align-__patchable_function_entries-to-POINT.patch
  gcc7-pfe-0015-Backport-Fix-PR-93242-patchable-function-entry-broke.patch
  gcc7-pfe-0016-Backport-AArch64-PR92424-Fix-fpatchable-function-ent.patch
  gcc7-pfe-0017-Backport-Fix-patchable-function-entry-on-arc.patch
  gcc7-pfe-0018-Backport-Add-patch_area_size-and-patch_area_entry-to.patch
  gcc7-pfe-0019-Backport-testsuite-Adjust-patchable_function-tests-f.patch
  gcc7-pfe-0020-Backport-Use-the-section-flag-o-for-__patchable_func.patch
  gcc7-pfe-0021-Backport-varasm-Fix-up-__patchable_function_entries-.patch
  gcc7-pfe-0022-Backport-rs6000-Avoid-fpatchable-function-entry-regr.patch
  gcc7-pfe-0023-Fix-unwinding-issues-when-pfe-is-enabled.patch
  to add -fpatchable-function-entry feature to gcc-7.
- Add gcc7-ada-MINSTKSZ.patch to fix build with glibc 2.34.
- Add bits/unistd_ext.h to the list of removed fixed includes.
- Add gcc7-sanitizer-cyclades.patch to remove cyclades.h use from
  libsanitizer fixing builds with recent kernels.
gd
  fix CVE-2021-40812 [bsc#1190400], out-of-bounds read in GD library
  + gd-CVE-2021-40812.patch
- security update
- added patches
glibc
- always-do-locking-when-iterating-over-list-of-streams.patch: Upstream
  part of fix-locking-in-_IO_cleanup.patch
- libio-do-not-attempt-to-free-wide-buffers-of-legacy-streams.patch:
  libio: do not attempt to free wide buffers of legacy streams
  (bsc#1183085, BZ #24228)
- fix-locking-in-_IO_cleanup.patch: rediff
- iconv-option-parsing.patch: Rewrite iconv option parsing
  (CVE-2016-10228, bsc#1027496, BZ #19519)
- wordexp-param-overflow.patch: wordexp: handle overflow in positional
  parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)
- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify
  (CVE-2021-33574, bsc#1186489, BZ #27896)
gmp
- Add gmp-6.2.1-CVE-2021-43618.patch to fix buffer overflow on
  malformed input to mpz_inp_raw.  [bsc#1192717, CVE-2021-43618]
gnutls
- Add gnutls-3.6.7-fix-FTBFS-2024.patch to let tests pass after 2024 (boo#1186579)
- Add gnutls-3.6.7-reproducible-date.patch to override build date (boo#1047218)
graphviz
-  Added graphviz-2.40.1-fix-dot-segfault.patch to fix a segfault in dot
  bsc#1151207
grub2
- Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of
  nvme namespace (bsc#1177751)
  * 0001-ieee1275-Avoiding-many-unecessary-open-close.patch
- Fix error lvmid disk cannot be found after second disk added to the root
  volume group (bsc#1189874) (bsc#1071559)
  * 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch
- Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769)
  * 0001-grub-install-Fix-inverted-test-for-NLS-enabled-when-.patch
  * 0001-Filter-out-POSIX-locale-for-translation.patch
- Fix unknown TPM error on buggy uefi firmware (bsc#1191504)
  * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch
- Fix error gfxterm isn't found with multiple terminals (bsc#1187565)
- Patch refreshed
  * grub2-fix-error-terminal-gfxterm-isn-t-found.patch
- Fix boot failure after kdump due to the content of grub.cfg is not
  completed with pending modificaton in xfs journal (bsc#1186975)
- Patch refreshed
  * grub-install-force-journal-draining-to-ensure-data-i.patch
  * grub2-mkconfig-default-entry-correction.patch
ha-cluster-bootstrap
- Add deprecated warning when using ha-cluster-bootstrap (bsc#1193437)
  Add 0001-Add-deprecated-warning-when-using-ha-cluster-bootstr.patch
habootstrap-formula
- Version bump 0.4.4
  * Wait for cluster startup after corosync restart
  (bsc#1190940)
- Add OCFS2 support
- Version bump 0.4.3
  * Add packages to enable native fencing for microsoft-azure
  * Documentation on how to enable native fencing
- Version bump 0.4.2
  * Fix SUSE Manager integration
  * Move SUMA pillar data modifications to map.jinja file <xarbulu@suse.com>
  (bsc#1181731)
insserv-compat
- Require sysvinit-tools (boo#1187941)
iproute2
  ss-fix-end-of-line-printing-in-misc-ss.c.patch
  xfrm-also-check-for-ipv6-state-in-xfrm_state_keep.patch
  bridge-Fix-typo.patch
  bridge-Fix-output-with-empty-vlan-lists.patch
  tc-action-fix-time-values-output-in-JSON-format.patch
  Revert-bpf-replace-snprintf-with-asprintf-when-deali.patch
  bpf-Fixes-a-snprintf-truncation-warning.patch
  tipc-fixed-a-compile-warning-in-tipc-link.c.patch
  ip-xfrm-update-man-page-on-setting-printing-XFRMA_IF.patch
  bridge-fdb-show-fix-fdb-entry-state-output-for-json-.patch
  ip-link-Fix-indenting-in-help-text.patch
  ip-iplink_ipoib.c-Remove-extra-spaces.patch
  devlink-fix-uninitialized-warning.patch
  bridge-fix-string-length-warning.patch
  f_u32-fix-compiler-gcc-10-compiler-warning.patch
  rdma-Fix-statistics-bind-unbing-argument-handling.patch
  lib-namespace-fix-ip-all-netns-return-code.patch
  lib-bpf-Fix-and-simplify-bpf_mnt_check_target.patch
  lib-fs-avoid-double-call-to-mkdir-on-make_path.patch
  q_cake-Fix-incorrect-printing-of-signed-values-in-cl.patch
  ip-xfrm-limit-the-length-of-the-security-context-nam.patch
  erspan-fix-JSON-output.patch
  devlink-always-check-strslashrsplit-return-value.patch
  nexthop-fix-memory-leak-in-add_nh_group_attr.patch
  rdma-stat-initialize-ret-in-stat_qp_show_parse_cb.patch
  rdma-stat-fix-return-code.patch
  lib-bpf_legacy-treat-0-as-a-valid-file-descriptor.patch
  lib-bpf_legacy-fix-missing-socket-close-when-connect.patch
  ip-drop-2-char-command-assumption.patch
  man-fix-syntax-for-ip-link-property.patch
  lib-bpf_legacy-avoid-to-pass-invalid-argument-to-clo.patch
  ip-route-ignore-ENOENT-during-save-if-RT_TABLE_MAIN-.patch
  libnetlink-check-error-handler-is-present-before-a-c.patch
  ipmonitor-Fix-recvmsg-with-ancillary-data.patch
  tc-u32-Fix-key-folding-in-sample-option.patch
  man-bridge-fix-the-typo-to-change-c-lor-into-c-olor-.patch
  ss-fix-fallback-to-procfs-for-raw-sockets.patch
  iptuntap-fix-multi-queue-flag-display.patch
  tc-f_flower-fix-port-range-parsing.patch
  lib-bpf_legacy-fix-bpffs-mount-when-sys-fs-bpf-exist.patch
- refresh:
  ip-link_gre-Do-not-send-ERSPAN-attributes-to-GRE-tun.patch
  tc-fq_codel-fix-class-stat-deficit-is-signed-int.patch
- follow-up fixes backported from upstream (bsc#1160242):
  ip-link_gre-Do-not-send-ERSPAN-attributes-to-GRE-tun.patch
  tc-fq_codel-fix-class-stat-deficit-is-signed-int.patch
- follow-up fixes backported from upstream (bsc#1160242):
java-1_8_0-ibm
- Update to Java 8.0 Service Refresh 7 Fix Pack 0 [bsc#1194232]
  [bsc#1194198, bsc#1192052, CVE-2021-41035]
  [bsc#1191902, CVE-2021-35560] [bsc#1191904, CVE-2021-35578]
  [bsc#1191914, CVE-2021-35586] [bsc#1191913, CVE-2021-35564]
  [bsc#1191911, CVE-2021-35559] [bsc#1191910, CVE-2021-35556]
  [bsc#1191909, CVE-2021-35565] [bsc#1191905, CVE-2021-35588]
- Update to Java 8.0 Service Refresh 6 Fix Pack 35
  [bsc#1188565, CVE-2021-2369] [bsc#1188564, CVE-2021-2341]
- Update to Java 8.0 Service Refresh 6 Fix Pack 30
  [bsc#1185056, CVE-2021-2161][bsc#1185055, CVE-2021-2163]
  * Service, Build, Packaging and Deliver:
  - Symlink issue reported for javaws in jre packages
  - ibmjceplus security provider depends on msvcr120.dll on windows
  * Class Libraries:
  - Exception in pure ipv6 environment in IBM sdk
  - Fix security vulnerability CVE-2021-2161
  - Update cacerts to include certificates from entrust and globalsign
  - Update timezone information to the latest tzdata2021a
  * Java Virtual Machine:
  - Sssertion failed at copyforwardscheme.cpp because a tag slot
    (0x3) was treated as an object
  - GPF event from method unlinkclassloadingconstraints
  - JVM takes more time to start up
  - xgc:classunloadingkickoffthreshold not working as expected
  * JIT Compiler:
  - The JIT incorrectly compiles a method consisting of non-javac
    generated bytecodes from java 8.0.6.20 and up to 8.0.6.30
  * Security:
  - httpsurlconnection drops the timeout and hangs forever in read
  - sslsocket that is never bound or connected leaks socket resources
  - TLS connection always receives close_notify exception
  - JSSE fails to open racf keystores
  - Kerberos ticket renewal fails with debug enabled following
    java.lang.illegalstateexception
  - Update JSSE to oracle jdk8u281 fix level
- Update to Java 8.0 Service Refresh 6 Fix Pack 26
  * Java Virtual Machine:
  - Behaviour change in getmethod for java8_sr6_fp20
  - Crash when outputting to verbose GC log using the specifier
    characters
  - Outofmemoryerror happens due to nursery heap space shortage
  * JIT Compiler:
  - Occasional assertion being triggered in code generation
  - SEGV when using hashmap$hashiterator.nextnode() in
    multiple threads concurrently
json-c
- Add patch bsc1171479.patch
  + fix integer overflow and out-of-bounds write (CVE-2020-12762, bsc#1171479)
kdump
- kdump-do-not-iterate-past-end-of-string.patch:
  URLParser::extractAuthority(): Do not iterate past end of string
  (bsc#1186037).
- kdump-fix-incorrect-exit-code-checking.patch: Fix incorrect exit
  code checking after "/local"/ with assignment (bsc#1184616
  LTC#192282).
- kdump-Add-bootdev-to-dracut-command-line.patch: Add 'bootdev=' to
  dracut command line (bsc#1182309).
- kdump-install-etc-resolv.conf-using-resolved-path.patch: Install
  /etc/resolv.conf using its resolved path (bsc#1183070).
- kdump-avoid-endless-loop-EAI_AGAIN.patch: Avoid an endless loop
  when resolving a hostname fails with EAI_AGAIN (bsc#1183070).
- kdump-query-systemd-network.service.patch: Query systemd
  network.service to find out if wicked is used (bsc#1182309).
- kdump-check-explicit-ip-options.patch: Do not add network-related
  dracut options if ip= is set explicitly (bsc#1182309 bsc#1188090
  LTC#193461).
- kdump-ensure-initrd.target.wants-directory.patch: Make sure that
  initrd.target.wants directory exists (bsc#1172670).
kernel-default
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/livepatch-Avoid-CPU-hogging-with-cond_resched.patch
- commit 69d8236
- kabi/severities: Add a kabi exception for drivers/tee/tee
  According to the partner modules database, the structs of this driver
  are not used by anything external so make a kABI exception for them.
  Do that on purpose so that any external module using this fails to load
  instead of causing a potential memory corruption due to a kabi
  workaround which would use the same offset but for a different thing:
  - struct dma_buf *dmabuf;
  +	refcount_t refcount;
  See upstream commit
  dfd0743f1d9e ("/tee: handle lookup of shm with reference count 0"/)
- commit c1b7aec
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/powerpc-fadump-Fix-inaccurate-CPU-state-info-in-vmco.patch
  - patches.suse/powerpc-handle-kdump-appropriately-with-crash_kexec_.patch
  - patches.suse/powerpc-watchdog-Avoid-holding-wd_smp_lock-over-prin.patch
  - patches.suse/powerpc-watchdog-Fix-missed-watchdog-reset-due-to-me.patch
  - patches.suse/powerpc-watchdog-Fix-wd_smp_last_reset_tb-reporting.patch
  - patches.suse/powerpc-watchdog-read-TB-close-to-where-it-is-used.patch
  - patches.suse/powerpc-watchdog-tighten-non-atomic-read-modify-writ.patch
- commit 72b7db7
- series.conf: cleanup
- move to "/mainline soon"/ section:
  - patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
- commit 07d55c3
- vfs: fs_context: fix up param length parsing in
  legacy_parse_param (CVE-2022-0185 bsc#1194517).
- Rename and retag following upstream merge from:
  patches.suse/vfs-Out-of-bounds-write-of-heap-buffer-in-fs_context-c.patch
  to patches.suse/vfs-fs_context-fix-up-param-length-parsing-in-legacy.patch
- commit 33860f2
- sctp: account stream padding length for reconf chunk
  (bsc#1194985 CVE-2022-0322).
- commit a6cab40
- moxart: fix potential use-after-free on remove path
  (bsc#1194516).
- commit 3fae095
- vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888).
- commit 4717473
- tee: handle lookup of shm with reference count 0 (bsc#1193767
  CVE-2021-44733).
- commit be75d82
- tee: don't assign shm id for private shms (bsc#1193767
  CVE-2021-44733).
- commit 9ab9ee2
- tee: remove linked list of struct tee_shm (bsc#1193767
  CVE-2021-44733).
- commit a3c7739
- livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).
- commit c87c172
- tpm: fix potential NULL pointer access in tpm_del_char_device
  (bsc#1184209 ltc#190917 git-fixes bsc#1193660 ltc#195634).
- commit 5e87849
- cgroup: cgroup.{procs,threads} factor out common parts
  (bsc#1194302 CVE-2021-4197).
- commit 0d9ce26
- cgroup: Use open-time cgroup namespace for process migration
  perm checks (bsc#1194302 CVE-2021-4197).
- cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
  (bsc#1194302 CVE-2021-4197).
- cgroup: Use open-time credentials for process migraton perm
  checks (bsc#1194302 CVE-2021-4197).
- commit 716e0d8
- patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch: Update
  tags
- commit 4b927bf
- fget: clarify and improve __fget_files() implementation
  (bsc#1193727).
- commit 4b3242f
- vfs: Out-of-bounds write of heap buffer in fs_context.c
  (CVE-2022-0185 bsc#1194517).
- commit 11341d2
- netdevsim: Zero-initialize memory for new map's value in
  function nsim_bpf_map_alloc (bsc#1193927 CVE-2021-4135).
- commit 4b3887a
- Update patch references for NFC security fixes (CVE-2021-4202 bsc#1194529)
- commit 69a4a1d
- series.conf: cleanup
- move submitted patch to "/almost mainline"/ section
  patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch
- commit dc09b47
- ext4: Avoid trim error on fs with small groups (bsc#1191271).
- commit f67e52e
- powerpc/fadump: Fix inaccurate CPU state info in vmcore
  generated with panic (bsc#1193901 ltc#194976).
- powerpc: handle kdump appropriately with
  crash_kexec_post_notifiers option (bsc#1193901 ltc#194976).
- commit 8924f63
- fget: check that the fd still exists after getting a ref to it
  (bsc#1193727 CVE-2021-4083).
- commit 9958eae
- btrfs: unlock newly allocated extent buffer after error (bsc#1194001, CVE-2021-4149).
- commit 5719af8
- kprobes: Limit max data_size of the kretprobe instances
  (bsc#1193669).
- commit c7a83f7
- ipv6: use prandom_u32() for ID generation (CVE-2021-45485
  bsc#1194094).
- commit ea9f5f6
- inet: use bigger hash table for IP ID generation (CVE-2021-45486
  bsc#1194087).
- commit 1f316eb
- media: Revert "/media: uvcvideo: Set unique vdev name based in
  type"/ (bsc#1193255).
- commit 6d6cdd3
- recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267).
- commit cd27ffb
- recordmcount.pl: look for jgnop instruction as well as bcrl
  on s390 (bsc#1192267).
- Delete patches.suse/ftrace-recordmcount-binutils.patch.
- commit b7ea99b
- EDAC/amd64: Handle three rank interleaving mode (bsc#1152489).
- commit 24c4284
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
  (bsc#1152489).
- commit 86f2e0e
- x86/cpu: Fix migration safety with X86_BUG_NULL_SEL
  (bsc#1152489).
- commit 653ca7c
- blacklist.conf: ef775a0e36c6 x86/Kconfig: Fix an unused variable error in dell-smm-hwmon
- commit 77f7f56
- Refresh patches.suse/new-helper-lookup_positive_unlocked.patch.
  Fix part of hunk removed by an earlier refresh.
  (non-functional change)
- commit 74aed66
- handle KABI change in struct bpf_map (bsc#1192990
  CVE-2021-4001).
- bpf: Fix toctou on read-only map's constant scalar tracking
  (bsc#1192990 CVE-2021-4001).
- commit 38c062a
- xen/netback: don't queue unlimited number of packages
  (CVE-2021-28715 XSA-392 bsc#1193442).
- commit e989a63
- xen/netback: fix rx queue stall detection (CVE-2021-28714
  XSA-392 bsc#1193442).
- commit bee9756
- xen/console: harden hvc_xen against event channel storms
  (CVE-2021-28713 XSA-391 bsc#1193440).
- commit fc934bd
- xen/netfront: harden netfront against event channel storms
  (CVE-2021-28712 XSA-391 bsc#1193440).
- commit 0168f42
- xen/blkfront: harden blkfront against event channel storms
  (CVE-2021-28711 XSA-391 bsc#1193440).
- commit 80dd44a
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/01-cifs-remove-redundant-initialization-of-variable-rc.patch
  - patches.suse/03-cifs-update-internal-module-version-number.patch
  - patches.suse/CIFS-Fix-bug-which-the-return-value-by-asynchronous-read-is-error.patch
  - patches.suse/CIFS-Spelling-s-EACCESS-EACCES-.patch
  - patches.suse/CIFS-Warn-less-noisily-on-default-mount.patch
  - patches.suse/CIFS-check-new-file-size-when-extending-file-by-fallocate.patch
  - patches.suse/Replace-HTTP-links-with-HTTPS-ones-CIFS.patch
  - patches.suse/SMB3-Add-new-compression-flags.patch
  - patches.suse/SMB3-Add-new-info-level-for-query-directory.patch
  - patches.suse/SMB3-Additional-compression-structures.patch
  - patches.suse/SMB3-Minor-cleanup-of-protocol-definitions.patch
  - patches.suse/cifs-Allocate-encryption-header-through-kmalloc.patch
  - patches.suse/cifs-Avoid-field-over-reading-memcpy-.patch
  - patches.suse/cifs-Constify-static-struct-genl_ops.patch
  - patches.suse/cifs-Do-not-leak-EDEADLK-to-dgetents64-for-STATUS_USER_SESSION_DELE.patch
  - patches.suse/cifs-allow-unlock-flock-and-OFD-lock-across-fork.patch
  - patches.suse/cifs-avoid-extra-calls-in-posix_info_parse.patch
  - patches.suse/cifs-cifs_md4-convert-to-SPDX-identifier.patch
  - patches.suse/cifs-cifspdu-h-Replace-zero-length-array-with-flexible-array-membe.patch
  - patches.suse/cifs-clear-PF_MEMALLOC-before-exiting-demultiplex-thread.patch
  - patches.suse/cifs-convert-list_for_each-to-entry-variant-in-cifs_debug-c.patch
  - patches.suse/cifs-convert-list_for_each-to-entry-variant-in-smb2misc-c.patch
  - patches.suse/cifs-create-a-MD4-module-and-switch-cifs-ko-to-use-it.patch
  - patches.suse/cifs-create-sd-context-must-be-a-multiple-of-8.patch
  - patches.suse/cifs-enable-extended-stats-by-default.patch
  - patches.suse/cifs-fix-NULL-dereference-in-smb2_check_message-.patch
  - patches.suse/cifs-fix-SMB1-error-path-in-cifs_get_file_info_unix.patch
  - patches.suse/cifs-fix-a-memleak-with-modefromsid.patch
  - patches.suse/cifs-fix-doc-warnings-in-cifs_dfs_ref-c.patch
  - patches.suse/cifs-fix-incorrect-kernel-doc-comments.patch
  - patches.suse/cifs-fix-ipv6-formating-in-cifs_ses_add_channel.patch
  - patches.suse/cifs-fix-missing-spinlock-around-update-to-ses-status.patch
  - patches.suse/cifs-fix-unneeded-null-check.patch
  - patches.suse/cifs-fix-wrong-release-in-sess_alloc_buffer-failed-path.patch
  - patches.suse/cifs-fork-arc4-and-create-a-separate-module-for-it-for-cifs-and-oth.patch
  - patches.suse/cifs-have-cifs_fattr_to_inode-refuse-to-change-type-on-live-inode.patch
  - patches.suse/cifs-have-mkdir-handle-race-with-another-client-sanely.patch
  - patches.suse/cifs-improve-fallocate-emulation.patch
  - patches.suse/cifs-missed-ref-counting-smb-session-in-find.patch
  - patches.suse/cifs-missing-null-check-for-newinode-pointer.patch
  - patches.suse/cifs-nosharesock-should-be-set-on-new-server.patch
  - patches.suse/cifs-populate-server_hostname-for-extra-channels.patch
  - patches.suse/cifs-remove-duplicated-prototype.patch
  - patches.suse/cifs-remove-pathname-for-file-from-SPDX-header.patch
  - patches.suse/cifs-remove-two-cases-where-rc-is-set-unnecessarily-in-sid_to_id.patch
  - patches.suse/cifs-retry-lookup-and-readdir-when-EAGAIN-is-returned-.patch
  - patches.suse/cifs-smb2pdu-h-Replace-zero-length-array-with-flexible-array-membe.patch
  - patches.suse/cifs-smbd-Calculate-the-correct-maximum-packet-size-for-segmented-.patch
  - patches.suse/cifs-smbd-Check-and-extend-sender-credits-in-interrupt-context.patch
  - patches.suse/cifs-update-internal-version-number-0b03fe6d.patch
  - patches.suse/cifs-use-SPDX-Licence-Identifier.patch
  - patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch
  - patches.suse/do_cifs_create-don-t-set-i_mode-of-something-we-had-not-created.patch
  - patches.suse/fs-cifs-Initialize-filesystem-timestamp-ranges.patch
  - patches.suse/fs-cifs-fix-gcc-warning-in-sid_to_id.patch
  - patches.suse/linux-parser-h-add-include-guards.patch
  - patches.suse/smb2-clarify-rc-initialization-in-smb2_reconnect.patch
  - patches.suse/smb3-Avoid-Mid-pending-list-corruption.patch
  - patches.suse/smb3-Call-cifs-reconnect-from-demultiplex-thread.patch
  - patches.suse/smb3-Handle-error-case-during-offload-read-path.patch
  - patches.suse/smb3-fix-posix-extensions-mount-option.patch
  - patches.suse/smb3-fix-possible-access-to-uninitialized-pointer-to-DACL.patch
  - patches.suse/smb3-fix-uninitialized-value-for-port-in-witness-protocol-move.patch
  - patches.suse/smb3-prevent-races-updating-CurrentMid.patch
  - patches.suse/smb3-use-SMB2_SIGNATURE_SIZE-define.patch
  - patches.suse/smb311-remove-dead-code-for-non-compounded-posix-query-info.patch
  - patches.suse/smbdirect-missing-rc-checks-while-waiting-for-rdma-events.patch
  - patches.suse/vfs-don-t-parse-forbidden-flags.patch
- commit 9d51829
- kernel-obs-build: remove duplicated/unused parameters
  lbs=0 - this parameters is just giving "/unused parameter"/ and it looks
  like I can not find any version that implemented this.
  rd.driver.pre=binfmt_misc is not needed when setup_obs is used, it
  alread loads the kernel module.
  quiet and panic=1 will now be also always added by OBS, so we don't have
  to set it here anymore.
- commit 972c692
- nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
- ice: ignore dropped packets during init (git-fixes).
- i40e: Fix pre-set max number of queues for VF (git-fixes).
- i40e: Fix failed opcode appearing if handling messages from VF
  (git-fixes).
- iavf: Fix reporting when setting descriptor count (git-fixes).
- qede: validate non LSO skb length (git-fixes).
- net/mlx4_en: Fix an use-after-free bug in
  mlx4_en_try_alloc_resources() (git-fixes).
- net: qlogic: qlcnic: Fix a NULL pointer dereference in
  qlcnic_83xx_add_rings() (git-fixes).
- rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1154353
  bnc#1151927 5.3.9).
- igb: fix netpoll exit with traffic (git-fixes).
- ice: avoid bpf_prog refcount underflow (jsc#SLE-7926).
- nfp: checking parameter process for rx-usecs/tx-usecs is invalid
  (git-fixes).
- iavf: Prevent changing static ITR values if adaptive moderation
  is on (git-fixes).
- i40e: Fix ping is lost after configuring ADq on VF (git-fixes).
- net/mlx5: Update error handler for UCTX and UMEM (git-fixes).
- iavf: Restore VLAN filters after link down (git-fixes).
- iavf: don't clear a lock we don't hold (git-fixes).
- net/mlx5e: reset XPS on error flow if netdev isn't registered
  yet (git-fixes).
- commit 03289fd
- Update
  patches.suse/ring-buffer-Protect-ring_buffer_reset-from-reentrancy.patch
  (CVE-2020-27825 bsc#1179960).
- commit dc9e1e4
- ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init (git-fixes)
- commit 34f6968
- blacklist.conf: Add commit ec2a29593c83
  Not a fix per-se, and removes a logging feature we need.
- commit a11b223
- tracing: Change STR_VAR_MAX_LEN (git-fixes).
- Refresh patches.suse/tracing-save-normal-string-variables.patch.
- commit 38905d3
- tty: hvc: replace BUG_ON() with negative return value
  (git-fixes).
- commit 7ffe7bd
- xen/netfront: don't trust the backend response data blindly
  (git-fixes).
- commit da41a54
- xen/netfront: disentangle tx_skb_freelist (git-fixes).
- commit b0fca08
- xen/netfront: don't read data from request on the ring page
  (git-fixes).
- commit 6ebcb04
- xen/netfront: read response from backend only once (git-fixes).
- commit fedf742
- xen/blkfront: don't trust the backend response data blindly
  (git-fixes).
- commit 6a791ee
- xen/blkfront: don't take local copy of a request from the ring
  page (git-fixes).
- commit 7bc0bc1
- xen/blkfront: read response from backend only once (git-fixes).
- commit 674c286
- xen: sync include/xen/interface/io/ring.h with Xen's newest
  version (git-fixes).
- commit 0333f3c
- xen/pvh: add missing prototype to header (git-fixes).
- commit 3762eb9
- x86/pvh: add prototype for xen_pvh_init() (git-fixes).
- commit 0b2da73
- tracing: Add length protection to histogram string copies
  (git-fixes).
- commit e386e69
- ring-buffer: Protect ring_buffer_reset() from reentrancy
  (bsc#1179960).
- commit c5cf6b9
- elfcore: correct reference to CONFIG_UML (git-fixes).
- commit 2b36804
- blacklist.conf: ("/ARM: at91: pm: do not panic if ram controllers are not enabled"/)
- commit ef792af
- ARM: dts: turris-omnia: fix hardware buffer management (git-fixes)
- commit e2dd35b
- ARM: dts: BCM5301X: Add interrupt properties to GPIO node (git-fixes)
- commit c7eba50
- ARM: dts: BCM5301X: Fix I2C controller interrupt (git-fixes)
- commit 119681c
- ARM: 9155/1: fix early early_iounmap() (git-fixes)
- commit 70adb7b
- blacklist.conf: ("/ARM: dts: stm32: fix SAI sub nodes register range"/)
- commit e027ea9
- ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY (git-fixes)
- commit 48ea472
- ARM: dts: at91: tse850: the emac<->phy interface is rmii (git-fixes)
- commit 41f0870
- arm: dts: omap3-gta04a4: accelerometer irq fix (git-fixes)
- commit 0163af2
- ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc() (git-fixes)
- commit ec0a139
- blacklist.conf: ("/ARM: 9131/1: mm: Fix PXN process with LPAE feature"/)
- commit 93193ac
- ARM: 9141/1: only warn about XIP address when not compile testing (git-fixes)
- commit 8331a56
- ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype (git-fixes)
- commit 47dc5e0
- ARM: 9134/1: remove duplicate memcpy() definition (git-fixes)
- commit 72d9e60
- ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned (git-fixes)
- commit 8c43bfe
- ARM: dts: omap3430-sdp: Fix NAND device node (git-fixes)
- commit b68c97c
- ARM: imx6: disable the GIC CPU interface before calling stby-poweroff (git-fixes)
- commit 1f4fc66
- ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo (git-fixes)
- commit afd1b25
- ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference (git-fixes)
- commit f888650
- bpf, arm: Fix register clobbering in div/mod implementation (git-fixes)
- commit 8a7bc09
- ARM: dts: vf610-zii-dev-rev-b: Remove #address-cells and #size-cells (git-fixes)
- commit 6cf3093
- ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties (git-fixes)
- commit 51225a0
- ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties (git-fixes)
- commit 47ca382
- ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties (git-fixes)
- commit 7b83a15
- ARM: dts: meson8: Use a higher default GPU clock frequency (git-fixes)
- commit 9c0ad71
- ARM: dts: at91: add pinctrl-{names, 0} for all gpios (git-fixes)
- commit 87f59d6
- ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out (git-fixes)
- commit f2b1a59
- ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz (git-fixes)
- commit 0950c36
- ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms (git-fixes)
- commit 2c0a46d
- ARM: imx: add missing clk_disable_unprepare() (git-fixes)
- commit 7574099
- ARM: imx: add missing iounmap() (git-fixes)
- commit ba7a7f4
- ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (git-fixes)
- commit 0c3bad2
- ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery (git-fixes)
- commit 9a36822
- ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems (git-fixes)
- commit 510212d
- Revert "/- rpm/*build: use buildroot macro instead of env variable"/
  buildroot macro is not being expanded inside a shell script. go
  back to the environment variable usage. This reverts parts of
  commit e2f60269b9330d7225b2547e057ef0859ccec155.
- commit fe85f96
- kernel-obs-build: include the preferred kernel parameters
  Currently the Open Build Service hardcodes the kernel boot parameters
  globally. Recently functionality was added to control the parameters
  by the kernel-obs-build package, so make use of that. parameters here
  will overwrite what is used by OBS otherwise.
- commit a631240
- blacklist.conf: duplicate
- commit 9669784
- blacklist.conf: this is a feature, not a bug fix
- commit e867f95
- blacklist.conf: breaks kABI
- commit 8b90f7c
- net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
  (git-fixes).
- commit 2b7a551
- Update patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch (bsc#1189158)
- commit bf246e6
- ARM: dts: imx6q-dhcom: Fix ethernet reset time properties (git-fixes)
- commit cff82d0
- ARM: dts: at91: sama5d4: fix pinctrl muxing (git-fixes)
- commit a7ab48f
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (git-fixes)
- commit b28eb93
- ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 (git-fixes)
- commit 4640950
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (git-fixes)
- commit 07a7105
- ARM: dts: r8a7779, marzen: Fix DU clock names (git-fixes)
- commit fb3d156
- cifs: modefromsid: write mode ACE first (bsc#1164565).
- commit 6f413fc
- smb3: add missing worker function for SMB3 change notify
  (bsc#1164565).
- commit 7dfec0e
- cifs: clarify comment about timestamp granularity for old
  servers (bsc#1192606).
- commit e302b8e
- cifs: add shutdown support (bsc#1192606).
- commit 45b0629
- fs/cifs: Fix resource leak (bsc#1192606).
- commit 435efab
- SMB3: incorrect file id in requests compounded with open
  (bsc#1192606).
- commit 7138acd
- scsi: mpt3sas: Fix system going into read-only mode (git-fixes).
- scsi: iscsi: Adjust iface sysfs attr detection (git-fixes).
- commit 7179a79
- cifs: fix check of dfs interlinks (bsc#1185902).
- commit 243e364
- scsi: mpt3sas: Fix kernel panic during drive powercycle test
  (git-fixes).
- commit 57e2087
- net: linkwatch: fix failure to restore device state across
  suspend/resume (bsc#1192511).
- commit da353d0
- net: mana: Fix memory leak in mana_hwc_create_wq (jsc#SLE-18779,
  bsc#1185726).
- commit dc924dc
- net: mana: Fix spelling mistake "/calledd"/ -> "/called"/
  (jsc#SLE-18779, bsc#1185726).
- commit 171413e
- net: mana: Support hibernation and kexec (jsc#SLE-18779,
  bsc#1185726).
- commit ab32809
- net: mana: Improve the HWC error handling (jsc#SLE-18779,
  bsc#1185726).
- commit 0f23087
- net: mana: Fix the netdev_err()'s vPort argument in
  mana_init_port() (jsc#SLE-18779, bsc#1185726).
- commit 0f3038d
- net: mana: Allow setting the number of queues while the NIC
  is down (jsc#SLE-18779, bsc#1185726).
- commit 9e016ed
- net: mana: Use kcalloc() instead of kzalloc() (jsc#SLE-18779,
  bsc#1185726).
- commit dc3817d
- kernel-obs-build: inform build service about virtio-serial
  Inform the build worker code that this kernel supports virtio-serial,
  which improves performance and relability of logging.
- commit 301a3a7
- rpm/*.spec.in: use buildroot macro instead of env variable
  The RPM_BUILD_ROOT variable is considered deprecated over
  a buildroot macro. future proof the spec files.
- commit e2f6026
- scsi: lpfc: Fix non-recovery of remote ports following an
  unsolicited LOGO (bsc#1189126).
- commit 96fe76d
- x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
  (bsc#1152489).
- commit b35a237
- perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
  (git-fixes).
- perf/x86/intel/uncore: Support extra IMC channel on Ice Lake
  server (git-fixes).
- perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server
  (git-fixes).
- perf/x86/intel/uncore: Fix the scale of the IMC free-running
  events (git-fixes).
- perf: Correctly handle failed perf_get_aux_event() (git-fixes).
- commit 3214492
- ARM: dts: gemini-rut1xx: remove duplicate ethernet node (git-fixes)
- commit cd23dfc
- ARM: exynos: add missing of_node_put for loop iteration (git-fixes)
- commit 9fec7bf
- ARM: 9091/1: Revert "/mm: qsd8x50: Fix incorrect permission faults"/ (git-fixes)
- commit cc97587
- ARM: 9081/1: fix gcc-10 thumb2-kernel regression (git-fixes)
- commit 9fd71ed
- ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (git-fixes)
- commit e361720
- ARM: dts: imx7d-pico: Fix the 'tuning-step' property (git-fixes)
- commit 39de4e4
- ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property (git-fixes)
- commit 2108be4
- ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (git-fixes)
- commit 51106d9
- ARM: 9064/1: hw_breakpoint: Do not directly check the event's (git-fixes)
- commit 8a73a55
- ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch (git-fixes)
- commit 9dccbbe
- blacklist.conf: ("/ARM: Qualify enabling of swiotlb_init()"/)
- commit 3a03503
- ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins (git-fixes)
- commit c4443e6
- ARM: dts: exynos: correct PMIC interrupt trigger level on Snow (git-fixes)
- commit 0989312
- ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 (git-fixes)
- commit b1ce2e7
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 (git-fixes)
- commit efd5a9f
- ARM: dts: exynos: correct PMIC interrupt trigger level on Midas (git-fixes)
- commit 98458fd
- ARM: dts: exynos: correct MUIC interrupt trigger level on Midas (git-fixes)
- commit 35f11a7
- ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas (git-fixes)
- commit d659cd8
- ARM: 9071/1: uprobes: Don't hook on thumb instructions (git-fixes)
- commit 9bc79c0
- ARM: footbridge: fix PCI interrupt mapping (git-fixes)
- commit f0751f6
- ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (git-fixes)
- commit 76d939a
- ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (git-fixes)
- commit cf71c65
- ARM: dts: at91-sama5d27_som1: fix phy address to 7 (git-fixes)
- commit d08c1a8
- ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (git-fixes)
- commit 54e3c21
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 (git-fixes)
- commit ff66c7e
- ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale (git-fixes)
- commit f75be8b
- ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (git-fixes)
- commit 55a4d6f
- ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (git-fixes)
- commit 55c22ee
- ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (git-fixes)
- commit 0c032b5
- ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 (git-fixes)
- commit 76998ea
- ARM: dts: armada388-helios4: assign pinctrl to each fan (git-fixes)
- commit 022b373
- ARM: dts: armada388-helios4: assign pinctrl to LEDs (git-fixes)
- commit 99c5961
- ARM: dts: Configure missing thermal interrupt for 4430 (git-fixes)
- commit 41b7bae
- blacklist.conf: ("/ARM: s3c: fix fiq for clang IAS"/)
- commit 6ccea05
- ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode (git-fixes)
- commit 9b80745
- ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (git-fixes)
- commit 8b86722
- ARM: imx: build suspend-imx6.S with arm instruction set (git-fixes)
- commit ec1774b
- ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (git-fixes)
- commit 9bd1841
- ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status (git-fixes)
- commit 5590e0e
- ARM: OMAP2+: omap_device: fix idling of devices during probe (git-fixes)
- commit 750c3a4
- ARM: p2v: fix handling of LPAE translation in BE mode (git-fixes)
- commit 9b258e6
- ARM: dts: aspeed: tiogapass: Remove vuart (git-fixes)
- commit 3cf3bd7
- ARM: dts: aspeed: s2600wf: Fix VGA memory region location (git-fixes)
- commit dac825a
- ARM: dts: meson: fix PHY deassert timing requirements (git-fixes)
- commit ca1a6a8
- ARM: dts: at91: sama5d2: fix CAN message ram offset and size (git-fixes)
- commit ac20b20
- ARM: dts: at91: sama5d2: map securam as device (git-fixes)
- commit 5e0e26a
- ARM: dts: at91: at91sam9rl: fix ADC triggers (git-fixes)
- commit d32253c
- ARM: dts: turris-omnia: add SFP node (git-fixes)
- commit 264fa55
- ARM: dts: turris-omnia: describe switch interrupt (git-fixes)
- commit 8c11719
- ARM: dts: turris-omnia: add comphy handle to eth2 (git-fixes)
- commit 45dd6a7
- ARM: dts: turris-omnia: enable HW buffer management (git-fixes)
- commit 8c11cde
- ARM: dts: Remove non-existent i2c1 from 98dx3236 (git-fixes)
- commit bb3a041
- ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (git-fixes)
- commit 4b9245d
- ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (git-fixes)
- commit 24a6157
- ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard (git-fixes)
- commit 0d31715
- ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid (git-fixes)
- commit 6c723a3
- ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on (git-fixes)
- commit 4c799c5
- ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (git-fixes)
- commit 8a89ac4
- ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (git-fixes)
- commit ed85b4a
- nvme-multipath: Skip not ready namespaces when revalidating paths (bsc#1191793 bsc#1192507 bsc#1192969).
- commit 37f8e3a
- ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY (git-fixes)
- commit eaab047
- ARM: dts: sun8i: v3s: fix GIC node memory range (git-fixes)
- commit 478b5c3
- ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (git-fixes)
- commit 1c3142f
- ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (git-fixes)
- commit dc84d7f
- ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY (git-fixes)
- commit 181dea6
- ARM: dts: dra76x: m_can: fix order of clocks (git-fixes)
- commit 43c7beb
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (git-fixes)
- commit 87a64a2
- arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (git-fixes)
- commit 58f3f8d
- usb: dwc2: hcd_queue: Fix use of floating point literal
  (git-fixes).
- commit 9a72c31
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of
  "/0"/ if no IRQ is available (git-fixes).
- commit b87f8ef
- lpfc: Reintroduce old IRQ probe logic (bsc#1183897).
- commit aae012d
- ARM: dts: sunxi: bananapi-m2-plus: Enable RGMII RX/TX delay on (git-fixes)
- commit 2016228
- ARM: dts: sun9i: Enable both RGMII RX/TX delay on Ethernet PHY (git-fixes)
- commit 1a093ea
- ARM: dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY (git-fixes)
- commit 531deee
- ARM: dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on (git-fixes)
- commit 88a897f
- ARM: dts: sun7i: bananapi-m1-plus: Enable RGMII RX/TX delay on (git-fixes)
- commit 87e604e
- ARM: dts: sun7i: cubietruck: Enable RGMII RX/TX delay on Ethernet PHY (git-fixes)
- commit a152164
- ARM: dts: sun6i: a31-hummingbird: Enable RGMII RX/TX delay on (git-fixes)
- commit 6b97887
- Revert "/arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to (git-fixes)
- commit 5efc234
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node (git-fixes)
- commit 3f47a53
- blacklist.conf: ("/ARM: dts: stm32: Enable thermal sensor support on stm32mp15xx-dhcor"/)
- commit c1ed2bb
- ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe (git-fixes)
- commit 1123941
- blacklist.conf: Same fix was already added
- commit b659a50
- ARM: mvebu: drop pointless check for coherency_base (git-fixes)
- commit 8b93ab4
- ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers (git-fixes)
- commit 441e98d
- ARM: dts: meson8: remove two invalid interrupt lines from the GPU (git-fixes)
- commit 5979072
- arm: dts: mt7623: add missing pause for switchport (git-fixes)
- commit 96b3f01
- ARM: dts: imx6sl: fix rng node (git-fixes)
- commit 39ee2e5
- blacklist.conf: ("/ARM: imx: Place "/Cortex-A/Cortex-M"/ comment in the correct location"/)
- commit 3f47f6f
- ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (git-fixes)
- commit 18aa25f
- ARM: at91: pm: of_node_put() after its usage (git-fixes)
- commit 1722a9b
- ARM: samsung: don't build plat/pm-common for Exynos (git-fixes)
- commit 7b4ccbe
- ARM: s3c24xx: fix mmc gpio lookup tables (git-fixes)
- commit 7a7156c
- ARM: s3c24xx: fix missing system reset (git-fixes)
- commit e7eaa12
- ARM: dts: am437x-l4: fix typo in can@0 node (git-fixes)
- commit 7cece2c
- kabi: hide changes to struct uv_info (git-fixes).
- commit 1dd17d6
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
  (git-fixes).
- serial: 8250_pci: rewrite pericom_do_set_divisor() (git-fixes).
- serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
  (git-fixes).
- tty: serial: msm_serial: Deactivate RX DMA for polling support
  (git-fixes).
- serial: core: fix transmit-buffer reset and memleak (git-fixes).
- i2c: stm32f7: stop dma transfer in case of NACK (git-fixes).
- i2c: stm32f7: recover the bus on access timeout (git-fixes).
- i2c: stm32f7: flush TX FIFO upon transfer errors (git-fixes).
- i2c: cbus-gpio: set atomic transfer callback (git-fixes).
- drm/msm: Do hw_init() before capturing GPU state (git-fixes).
- rt2x00: do not mark device gone on EPROTO errors during start
  (git-fixes).
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of
  "/0"/ if no IRQ is available (git-fixes).
- USB: serial: option: add Fibocom FM101-GL variants (git-fixes).
- USB: serial: option: add Telit LE910S1 0x9200 composition
  (git-fixes).
- ALSA: ctxfi: Fix out-of-range access (git-fixes).
- commit bab211f
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
  (bsc#1192569).
- commit 9d2b3aa
- tracing: Fix pid filtering when triggers are attached
  (git-fixes).
- commit 8872e72
- blacklist.conf: 27ff768fa21c ("/tracing: Test the 'Do not trace this pid' case in create event"/)
  Not applicable. SLE15-SP2 does not have no_pid_list.
- commit a013b01
- tracing: Check pid filtering when creating events (git-fixes).
- commit 44dc77e
- atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
  (bsc#1192845 CVE-2021-43975).
- commit 6156c39
- s390/uv: fully validate the VMA before calling follow_page()
  (git-fixes).
- commit 3c6388f
- s390: mm: Fix secure storage access exception handling
  (git-fixes).
- commit 0d49ecf
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
  (git-fixes).
- commit d4d7214
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
  (git-fixes).
- commit 39dcce2
- ibmvnic: drop bad optimization in reuse_tx_pools() (bsc#1193349
  ltc#195568).
- ibmvnic: drop bad optimization in reuse_rx_pools() (bsc#1193349
  ltc#195568).
- commit 718e27a
- fuse: release pipe buf after last use (bsc#1193318).
- commit b7ec5ee
- rpm/kernel-binary.spec.in: don't strip vmlinux again (bsc#1193306)
  After usrmerge, vmlinux file is not named vmlinux-<version>, but simply
  vmlinux. And this is not reflected in STRIP_KEEP_SYMTAB we set.
  So fix this by removing the dash...
- commit 83af88d
- Blacklist SCSI commit that breaks kABI (git-fixes)
- commit 43a023a
- series.conf: cleanup
- drop superfluous empty lines
- commit 72e63ac
- fix patch metadata
- fix Patch-mainline and drop duplicate References tag:
  - patches.suse/hugetlbfs-flush-TLBs-correctly-after-huge_pmd_unshar.patch
- commit e2f354b
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/NFS-Don-t-set-NFS_INO_DATA_INVAL_DEFER-and-NFS_INO_I.patch
  - patches.suse/NFS-Fix-deadlocks-in-nfs_scan_commit_list.patch
  - patches.suse/NFS-Fix-up-commit-deadlocks.patch
  - patches.suse/NFSv4-Fix-a-regression-in-nfs_set_open_stateid_locke.patch
  - patches.suse/md-fix-a-lock-order-reversal-in-md_alloc.patch
  - patches.suse/nfsd-don-t-alloc-under-spinlock-in-rpc_parse_scope_i.patch
  - patches.suse/nfsd-fix-error-handling-of-register_pernet_subsys-in.patch
  - patches.suse/nfsd4-Handle-the-NFSv4-READDIR-dircount-hint-being-z.patch
  - patches.suse/pnfs-flexfiles-Fix-misplaced-barrier-in-nfs4_ff_layo.patch
- commit baf4f8d
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator (git-fixes)
- commit 85cbd0e
- ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT (git-fixes)
- commit 365e0a3
- ARM: dts: BCM5301X: Fixed QSPI compatible string (git-fixes)
- commit 653ed7e
- ARM: dts: NSP: Fixed QSPI compatible string (git-fixes)
- commit 6bfe2b5
- ARM: dts: bcm: HR2: Fixed QSPI compatible string (git-fixes)
- commit 2da4f3c
- ARM: dts: imx6sx: fix the pad QSPI1B_SCLK mux mode for uart3 (git-fixes)
- commit 3bc0dcb
- ARM: dts: imx6sx: Add missing UART RTS/CTS pins mux (git-fixes)
- commit 9eeb7d3
- ARM: dts: imx6sx: Improve UART pins macro defines (git-fixes)
- commit d0779ee
- ARM: dts: logicpd-som-lv-baseboard: Fix missing video (git-fixes)
- commit de0d442
- ARM: dts: logicpd-som-lv-baseboard: Fix broken audio (git-fixes)
- commit d1cc45c
- blacklist.conf: ("/ARM: dts: stm32: fix uart7_pins_a comments in stm32mp15-pinctrl"/)
  Fix comment in a devicetree file.
- commit 4d3a412
- Update patches.suse/ixgbe-fix-large-MTU-request-from-VF.patch
  (bsc#1192877 CVE-2021-33098).
  Changed reference to CVE bug.
- commit 964f375
- blacklist.conf: ("/ARM: dts: sunxi: bananapi-m2-plus-v1.2: Add regulator supply to all"/)
  Unsupported platform
- commit a16ce64
- blacklist.conf: ("/ARM: dts: renesas: Fix SD Card/eMMC interface device node names"/)
  Cosmetic devicetree nodes name change
- commit 7ad6f49
- ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema (git-fixes)
- commit b39464e
- blacklist.conf: ("/ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32mp15"/)
- commit ad658c1
- blacklist.conf: ("/ARM: uaccess: fix DACR mismatch with nested exceptions"/)
  ARM cpus v3, v4, v4T, v5 are not supported
- commit 78b5a5d
- mwifiex: Fix skb_over_panic in mwifiex_usb_recv()
  (CVE-2021-43976 bsc#1192847).
- commit 1075cc3
- blacklist.conf: 85b6d24646e4 ("/shm: extend forced shm destroy to support objects from several IPC nses"/)
  Unfortunately this breaks kABI and presents significant risk for
  addressing a theoretical issue.
- commit e55a163
- ARM: dts: logicpd-torpedo-baseboard: Fix broken audio (git-fixes)
- commit 8ec6f19
- ARM: dts: vfxxx: Add syscon compatible with OCOTP (git-fixes)
- commit 6f5837f
- ARM: dts: imx7ulp: Correct gpio ranges (git-fixes)
- commit 3f5621e
- ARM: dts: ls1021a: fix QuadSPI-memory reg range (git-fixes)
- commit 6c84d7b
- ARM: dts: socfpga: fix register entry for timer3 on Arria10 (git-fixes)
- commit 495045e
- ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh() (git-fixes)
- commit e76b97f
- ARM: at91: pm: add missing put_device() call in at91_pm_sram_init() (git-fixes)
- commit d5fa0dd
- ARM: exynos: MCPM: Restore big.LITTLE cpuidle support (git-fixes)
- commit dc169bf
- ARM: dts: at91: sama5d2_xplained: classd: pull-down the R1 and R3 lines (git-fixes)
- commit d09ddcf
- ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages (git-fixes)
- commit b837795
- ARM: dts: gose: Fix ports node name for adv7612 (git-fixes)
- commit e9fee74
- ARM: dts: gose: Fix ports node name for adv7180 (git-fixes)
- commit 40b6417
- ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints (git-fixes)
- commit 8ad414c
- ARM: dts: armada-38x: fix NETA lockup when repeatedly switching speeds (git-fixes)
- commit 40f3f7f
- ARM: dts: imx6qdl-icore: Fix OTG_ID pin and sdcard detect (git-fixes)
- commit 0fbc45e
- ARM: dts: imx6sx-sabreauto: Fix the phy-mode on fec2 (git-fixes)
- commit f3253e8
- ARM: dts: imx6sx-sdb: Fix the phy-mode on fec2 (git-fixes)
- commit c6689bd
- ARM: dts sunxi: Relax a bit the CMA pool allocation range (git-fixes)
- commit d32973c
- ARM: dts: Fix dcan driver probe failed on am437x platform (git-fixes)
- commit c712eb3
- ARM: dts: imx6qdl-gw551x: fix audio SSI (git-fixes)
- commit 8b361c5
- ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link' (git-fixes)
- commit 2acafcb
- ARM: dts: Fix duovero smsc interrupt for suspend (git-fixes)
- commit f5f5222
- ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect (git-fixes)
- commit a210c92
- ARM: OMAP2+: Fix legacy mode dss_reset (git-fixes)
- commit 518acf3
- ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram() (git-fixes)
- commit ab8eba4
- ARM: bcm: Select ARM_TIMER_SP804 for ARCH_BCM_NSP (git-fixes)
- commit b7c7df8
- ARM: dts: NSP: Correct FA2 mailbox node (git-fixes)
- commit 9479804
- ARM: dts: NSP: Disable PL330 by default, add dma-coherent property (git-fixes)
- commit 4c7d3d5
- Revert "/ARM: sti: Implement dummy L2 cache's write_sec"/ (git-fixes)
- commit 29d8881
- ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin (git-fixes)
- commit 159db4e
- ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description (git-fixes)
- commit dc96655
- ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity (git-fixes)
- commit 240d4e7
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32h743 (git-fixes)
- commit 7258033
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32f429 (git-fixes)
- commit 64d852f
- nvme-pci: add NO APST quirk for Kioxia device (git-fixes).
- commit 8c6d859
- PM: hibernate: use correct mode for swsusp_close() (git-fixes).
- commit fef6f6f
- xhci: Fix USB 3.1 enumeration issues by increasing roothub
  power-on-good delay (git-fixes).
- zram: off by one in read_block_state() (git-fixes).
- soc/tegra: Fix an error handling path in
  tegra_powergate_power_up() (git-fixes).
- spi: bcm-qspi: Fix missing clk_disable_unprepare() on error
  in bcm_qspi_probe() (git-fixes).
- spi: spl022: fix Microwire full duplex mode (git-fixes).
- zram: fix return value on writeback_store (git-fixes).
- commit 4e28ede
- nfc: pn533: Fix double free when pn533_fill_fragment_skbs()
  fails (git-fixes).
- PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros (git-fixes).
- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).
- platform/x86: wmi: do not fail if disabling fails (git-fixes).
- PM: hibernate: Get block device exclusively in swsusp_check()
  (git-fixes).
- mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
  (git-fixes).
- r8169: Add device 10ec:8162 to driver r8169 (git-fixes).
- reset: socfpga: add empty driver allowing consumers to probe
  (git-fixes).
- commit 864c87f
- mtd: core: don't remove debugfs directory if device is in use
  (git-fixes).
- mwifiex: Read a PCI register after writing the TX ring write
  pointer (git-fixes).
- mwifiex: Properly initialize private structure on interface
  type changes (git-fixes).
- mwifiex: Run SET_BSS_MODE when changing from P2P to STATION
  vif-type (git-fixes).
- memstick: r592: Fix a UAF bug when removing the driver
  (git-fixes).
- media: usb: dvd-usb: fix uninit-value bug in
  dibusb_read_eeprom_byte() (git-fixes).
- media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info (git-fixes).
- media: ipu3-imgu: imgu_fmt: Handle properly try (git-fixes).
- mmc: winbond: don't build on M68K (git-fixes).
- commit f93cc37
- media: rcar-csi2: Add checking to rcsi2_start_receiver()
  (git-fixes).
- media: mceusb: return without resubmitting URB in case of
  - EPROTO error (git-fixes).
- media: ir-kbd-i2c: improve responsiveness of hauppauge zilog
  receivers (git-fixes).
- media: imx: set a media_device bus_info string (git-fixes).
- media: s5p-mfc: fix possible null-pointer dereference in
  s5p_mfc_probe() (git-fixes).
- media: uvcvideo: Set unique vdev name based in type (git-fixes).
- media: uvcvideo: Return -EIO for control errors (git-fixes).
- media: uvcvideo: Set capability in s_param (git-fixes).
- media: stm32: Potential NULL pointer dereference in
  dcmi_irq_thread() (git-fixes).
- media: netup_unidvb: handle interrupt properly according to
  the firmware (git-fixes).
- commit 0db8c1e
- drm/plane-helper: fix uninitialized variable reference
  (git-fixes).
- Input: iforce - fix control-message timeout (git-fixes).
- i2c: xlr: Fix a resource leak in the error handling path of
  'xlr_i2c_probe()' (git-fixes).
- drm/panel-orientation-quirks: add Valve Steam Deck (git-fixes).
- libata: fix checking of DMA state (git-fixes).
- ipmi: Disable some operations during a panic (git-fixes).
- media: mt9p031: Fix corrupted frame after restarting stream
  (git-fixes).
- lib/xz: Validate the value before assigning it to an enum
  variable (git-fixes).
- lib/xz: Avoid overlapping memcpy() with invalid input with
  in-place decompression (git-fixes).
- commit 40bd6e4
- dmaengine: dmaengine_desc_callback_valid(): Check for
  `callback_result` (git-fixes).
- dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro (git-fixes).
- drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy
  Book 10.6 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for KD Kurio Smart
  C15200 2-in-1 (git-fixes).
- drm: panel-orientation-quirks: Update the Lenovo Ideapad D330
  quirk (v2) (git-fixes).
- brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
  (git-fixes).
- crypto: s5p-sss - Add error handling in s5p_aes_probe()
  (git-fixes).
- crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win3
  (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
  (git-fixes).
- commit 6b1a3ad
- ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
  (git-fixes).
- ALSA: synth: missing check for possible NULL after the call
  to kstrdup (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS UX550VE (git-fixes).
- ALSA: timer: Unconditionally unlink slave instances, too
  (git-fixes).
- ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
  (git-fixes).
- ALSA: timer: Fix use-after-free problem (git-fixes).
- ath10k: fix invalid dma_addr_t token assignment (git-fixes).
- ath: dfs_pattern_detector: Fix possible null-pointer dereference
  in channel_detector_create() (git-fixes).
- ath10k: high latency fixes for beacon buffer (git-fixes).
- Bluetooth: fix use-after-free error in lock_sock_nested()
  (git-fixes).
- commit 3915ea5
- ASoC: topology: Add missing rwsem around snd_ctl_remove()
  calls (git-fixes).
- ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
  (git-fixes).
- PCI/MSI: Deal with devices lying about their MSI mask capability
  (git-fixes).
- ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
  (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PC70HS (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 400
  (git-fixes).
- ACPI: battery: Accept charges over the design capacity as full
  (git-fixes).
- ACPICA: Avoid evaluating methods too early during system resume
  (git-fixes).
- soc/tegra: pmc: Fix imbalanced clock disabling in error code
  path (git-fixes).
- commit ce23462
- usb: typec: fusb302: Fix masking of comparator and bc_lvl
  interrupts (git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for elapsed frames (git-fixes).
- drm/vc4: fix error code in vc4_create_object() (git-fixes).
- tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
  (git-fixes).
- usb-storage: Add compatibility quirk flags for iODD 2531/2541
  (git-fixes).
- usb: xhci: Enable runtime-pm by default on AMD Yellow Carp
  platform (git-fixes).
- usb: host: ohci-tmio: check return value after calling
  platform_get_resource() (git-fixes).
- usb: musb: tusb6010: check return value after calling
  platform_get_resource() (git-fixes).
- commit f36d57f
- NFC: reorder the logic in nfc_{un,}register_device (git-fixes).
- Refresh
  patches.suse/NFC-SUSE-specific-brutal-fix-for-runtime-PM.patch.
- commit 176d8d4
- drm/amdgpu: fix set scaling mode Full/Full aspect/Center not
  works on vga and dvi connectors (git-fixes).
- drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
  (git-fixes).
- platform/x86: hp_accel: Fix an error handling path in
  'lis3lv02d_probe()' (git-fixes).
- NFC: add NCI_UNREG flag to eliminate the race (git-fixes).
- NFC: reorganize the functions in nci_request (git-fixes).
- clk: ingenic: Fix bugs with divided dividers (git-fixes).
- iio: imu: st_lsm6dsx: Avoid potential array overflow in
  st_lsm6dsx_set_odr() (git-fixes).
- mmc: dw_mmc: Dont wait for DRTO on Write RSP error (git-fixes).
- commit 84fae0c
- ASoC: DAPM: Cover regression by kctl change notification fix
  (git-fixes).
- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
  (git-fixes).
- clk: imx: imx6ul: Move csi_sel mux to correct base register
  (git-fixes).
- ASoC: nau8824: Add DMI quirk mechanism for active-high
  jack-detect (git-fixes).
- ALSA: gus: fix null pointer dereference on pointer block
  (git-fixes).
- ALSA: ISA: not for M68K (git-fixes).
- ASoC: SOF: Intel: hda-dai: fix potential locking issue
  (git-fixes).
- ALSA: hda: hdac_ext_stream: fix potential locking issues
  (git-fixes).
- ALSA: hda: hdac_stream: fix potential locking issue in
  snd_hdac_stream_assign() (git-fixes).
- commit 970a05a
- Move upstreamed i8042 patch into sorted section
- commit c3e6588
- iommu/amd: Remove iommu_init_ga() (git-fixes).
- iommu/amd: Relocate GAMSup check to early_enable_iommus
  (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- swiotlb: Fix the type of index (git-fixes).
- commit 8842f17
- powerpc/paravirt: correct preempt debug splat in
  vcpu_is_preempted() (bsc#1181148 ltc#190702 git-fixes).
- powerpc/paravirt: vcpu_is_preempted() commentary (bsc#1181148
  ltc#190702 git-fixes).
- powerpc: fix unbalanced node refcount in check_kvm_guest()
  (jsc#SLE-15869 jsc#SLE-16321 git-fixes).
- commit 62ae409
- powerpc/pseries: Move some PAPR paravirt functions to their own file
  (bsc#1181148 ltc#190702 git-fixes).
- Refresh patches.suse/powerpc-Fix-build-error-in-paravirt.h.patch.
- Refresh patches.suse/powerpc-paravirt-Use-is_kvm_guest-in-vcpu_is_preempt.patch.
- commit 70c6628
- block: Fix use-after-free issue accessing struct io_cq
  (bsc#1193042).
- commit fba138d
- ice: fix vsi->txq_map sizing (jsc#SLE-7926).
- igc: Remove phy->type checking (bsc#1193169).
- igc: Remove _I_PHY_ID checking (bsc#1193169).
- commit d98ae3f
- blacklist.conf: Add 78cc316e9583 bpf, cgroup: Assign cgroup in cgroup_sk_alloc when called from interrupt
- commit 0433f83
- hugetlbfs: flush TLBs correctly after huge_pmd_unshare
  (bsc#1192946 CVE-2021-4002).
- commit 881e565
- tlb: mmu_gather: add tlb_flush_*_range APIs
- commit d3b54bc
- ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries (git-fixes)
- commit 8a979c1
- vfs: don't parse forbidden flags (bsc#1192606).
- commit b4f81da
- cifs: update internal version number (bsc#1192606).
- commit 533a712
- smb2: clarify rc initialization in smb2_reconnect (bsc#1192606).
- commit 78cfa97
- cifs: populate server_hostname for extra channels (bsc#1192606).
- commit e0e5007
- cifs: nosharesock should be set on new server (bsc#1192606).
- commit b2eb0d5
- cifs: introduce cifs_ses_mark_for_reconnect() helper
  (bsc#1192606).
- commit fabb658
- cifs: protect srv_count with cifs_tcp_ses_lock (bsc#1192606).
- commit f988cac
- cifs: move debug print out of spinlock (bsc#1192606).
- commit 72a7576
- smb3: correct smb3 ACL security descriptor (bsc#1192606).
- commit 063d4ac
- Pass consistent param->type to fs_parse() (bsc#1192606).
  [ ematsumiya:
  - drop the case fs_param_is_fd
  - leave .has_value in fs_parse_result so it doesn't break kabi
  - still set .has_value in fs_parse() for real kabi compatibility
  ]
- commit 079697d
- cifs_debug: use %pd instead of messing with ->d_name
  (bsc#1192606).
- commit 5879c56
- cifs: do not duplicate fscache cookie for secondary channels
  (bsc#1192606).
- commit b392b26
- cifs: connect individual channel servers to primary channel
  server (bsc#1192606).
- commit 6b9934f
- cifs: protect session channel fields with chan_lock
  (bsc#1192606).
- commit cba50eb
- cifs: do not negotiate session if session already exists
  (bsc#1192606).
- commit 37b3456
- smb3: do not setup the fscache_super_cookie until fsinfo
  initialized (bsc#1192606).
- commit dc8e6c9
- cifs: fix potential use-after-free bugs (bsc#1192606, jsc#SLE-20042).
- commit 7bd3c2c
- cifs: fix memory leak of smb3_fs_context_dup::server_hostname
  (bsc#1192606).
- commit 57f8572
- smb3: add additional null check in SMB311_posix_mkdir
  (bsc#1192606).
- commit f7ca16b
- cifs: release lock earlier in dequeue_mid error case
  (bsc#1192606).
- commit 6ed3f27
- smb3: add additional null check in SMB2_tcon (bsc#1192606).
- commit 7f013cc
- smb3: add additional null check in SMB2_open (bsc#1192606).
- commit 5aa4789
- smb3: add additional null check in SMB2_ioctl (bsc#1192606).
- commit edaf472
- smb3: remove trivial dfs compile warning (bsc#1192606, jsc#SLE-20042).
- commit 1b9729f
- cifs: support nested dfs links over reconnect (bsc#1192606, jsc#SLE-20042).
- commit 977ff65
- smb3: do not error on fsync when readonly (bsc#1192606).
- commit a53c076
- cifs: for compound requests, use open handle if possible
  (bsc#1192606).
- commit 523067d
- cifs: set a minimum of 120s for next dns resolution
  (bsc#1192606).
- commit 4683b0e
- cifs: split out dfs code from cifs_reconnect() (bsc#1192606, jsc#SLE-20042).
- commit 25eec6a
- cifs: convert list_for_each to entry variant (bsc#1192606, jsc#SLE-20042).
- commit 5c260fb
- cifs: introduce new helper for cifs_reconnect() (bsc#1192606, jsc#SLE-20042).
- commit 8cc2716
- cifs: fix print of hdr_flags in dfscache_proc_show()
  (bsc#1192606, jsc#SLE-20042).
- commit d8767b8
- cifs: send workstation name during ntlmssp session setup
  (bsc#1192606).
- commit 191b330
- cifs: nosharesock should not share socket with future sessions
  (bsc#1192606).
- commit f8381d3
- smb3: add dynamic trace points for socket connection
  (bsc#1192606).
- commit af7190b
- cifs: Move SMB2_Create definitions to the shared area
  (bsc#1192606).
- commit c39b2e7
- cifs: Move more definitions into the shared area (bsc#1192606).
- commit 46ad0a8
- cifs: move NEGOTIATE_PROTOCOL definitions out into the common
  area (bsc#1192606).
- commit 471ec2c
- cifs: Create a new shared file holding smb2 pdu definitions
  (bsc#1192606).
- commit 666d060
- cifs: add mount parameter tcpnodelay (bsc#1192606).
- commit 3f1b011
- cifs: To match file servers, make sure the server hostname
  matches (bsc#1192606).
- commit 3d59b5a
- cifs: fix incorrect check for null pointer in header_assemble
  (bsc#1192606).
- commit 4a5b3cf
- smb3: correct server pointer dereferencing check to be more
  consistent (bsc#1192606).
- commit cf76bd0
- cifs: Deal with some warnings from W=1 (bsc#1192606).
- commit f6eec49
- cifs: fix a sign extension bug (bsc#1192606).
- commit c1600fb
- cifs: fix incorrect kernel doc comments (bsc#1192606).
- commit ae1bb97
- cifs: remove pathname for file from SPDX header (bsc#1192606).
- commit 7154307
- cifs: properly invalidate cached root handle when closing it
  (bsc#1192606).
- commit 90012c3
- cifs: move SMB FSCTL definitions to common code (bsc#1192606).
- commit f1d3f93
- cifs: rename cifs_common to smbfs_common (bsc#1192606).
- Add to supported.conf:
  fs/smbfs_common/cifs_arc4
  fs/smbfs_common/cifs_md4
- Update configs to add CONFIG_SMBFS_COMMON=m.
- commit 8eb0a93
- cifs: update FSCTL definitions (bsc#1192606).
- commit fe93d4e
- cifs: Do not leak EDEADLK to dgetents64 for
  STATUS_USER_SESSION_DELETED (bsc#1192606).
- commit 13a1d4e
- cifs: cifs_md4 convert to SPDX identifier (bsc#1192606).
- commit 0b7db2c
- cifs: create a MD4 module and switch cifs.ko to use it
  (bsc#1192606).
- commit 5c0b1ab
- cifs: fork arc4 and create a separate module for it for cifs
  and other users (bsc#1192606).
- commit 08b687d
- smb3: fix posix extensions mount option (bsc#1192606).
- commit 447f6db
- cifs: fix wrong release in sess_alloc_buffer() failed path
  (bsc#1192606).
- commit def0bcb
- cifs: create sd context must be a multiple of 8 (bsc#1192606).
- commit 096d6a1
- cifs: add missing parsing of backupuid (bsc#1192606).
- commit 36915d3
- smb3: rc uninitialized in one fallocate path (bsc#1192606).
- commit 81628e1
- SMB3: fix readpage for large swap cache (bsc#1192606).
- commit 50e1259
- cifs: fix fallocate when trying to allocate a hole
  (bsc#1192606).
- commit 39a73fc
- CIFS: Clarify SMB1 code for POSIX delete file (bsc#1192606).
- commit d18ffe8
- CIFS: Clarify SMB1 code for POSIX Create (bsc#1192606).
- commit 5b09e6b
- cifs: support share failover when remounting (bsc#1192606, jsc#SLE-20042).
- commit 870c80c
- cifs: only write 64kb at a time when fallocating a small region
  of a file (bsc#1192606).
- commit dfb364b
- cifs: do not share tcp sessions of dfs connections
  (bsc#1185902).
- commit 7ce02ee
- SMB3.1.1: fix mount failure to some servers when compression
  enabled (bsc#1192606).
- commit a8dda65
- cifs: added WARN_ON for all the count decrements (bsc#1192606).
- commit 4b0d839
- cifs: fix missing null session check in mount (bsc#1192606).
- commit 92a9403
- cifs: handle reconnect of tcon when there is no cached dfs
  referral (bsc#1192606).
- commit 4ce8b06
- cifs: fix the out of range assignment to bit fields in
  parse_server_interfaces (bsc#1192606).
- commit 42c8dc1
- cifs: Do not use the original cruid when following DFS links
  for multiuser mounts (bsc#1192606).
- commit 70bcc44
- cifs: use the expiry output of dns_query to schedule next
  resolution (bsc#1192606).
- commit ea7928e
- cifs: update internal version number (bsc#1192606).
- commit bf989a2
- cifs: prevent NULL deref in cifs_compose_mount_options()
  (bsc#1185902).
- commit ad0c70e
- SMB3.1.1: Add support for negotiating signing algorithm
  (bsc#1192606).
- commit f88f74e
- cifs: use helpers when parsing uid/gid mount options and
  validate them (bsc#1192606).
- commit 98e7d9d
- CIFS: Clarify SMB1 code for POSIX Lock (bsc#1192606).
- commit 44c5e82
- CIFS: Clarify SMB1 code for rename open file (bsc#1192606).
- commit 5a31de1
- CIFS: Clarify SMB1 code for delete (bsc#1192606).
- commit a09e98c
- CIFS: Clarify SMB1 code for SetFileSize (bsc#1192606).
- commit 7d84b0d
- smb3: fix typo in header file (bsc#1192606).
- commit eec60ea
- CIFS: Clarify SMB1 code for UnixSetPathInfo (bsc#1192606).
- commit 1df5f2f
- CIFS: Clarify SMB1 code for UnixCreateSymLink (bsc#1192606).
- commit 7f112a3
- cifs: clarify SMB1 code for UnixCreateHardLink (bsc#1192606).
- commit b93dd21
- cifs: make locking consistent around the server session status
  (bsc#1192606).
- commit 7dc9081
- smb3: prevent races updating CurrentMid (bsc#1192606).
- commit caed321
- cifs: fix missing spinlock around update to ses->status
  (bsc#1192606).
- commit fae1702
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- commit 72034e4
- smb3: fix possible access to uninitialized pointer to DACL
  (bsc#1192606).
- commit 29f7d0b
- cifs: missing null check for newinode pointer (bsc#1192606).
- commit d21103a
- cifs: remove two cases where rc is set unnecessarily in
  sid_to_id (bsc#1192606).
- commit 08acf32
- SMB3: Add new info level for query directory (bsc#1192606).
- commit 83500f7
- cifs: fix NULL dereference in smb2_check_message()
  (bsc#1192606).
- commit ee58187
- smbdirect: missing rc checks while waiting for rdma events
  (bsc#1192606).
- commit d6f86c9
- cifs: Avoid field over-reading memcpy() (bsc#1192606).
- commit befb9f9
- smb311: remove dead code for non compounded posix query info
  (bsc#1192606).
- commit eb8a15a
- cifs: fix SMB1 error path in cifs_get_file_info_unix
  (bsc#1192606).
- commit bdcf5b5
- smb3: fix uninitialized value for port in witness protocol move
  (bsc#1192606).
- commit b99ff72
- cifs: fix unneeded null check (bsc#1192606).
- commit 4e78f5e
- cifs: use SPDX-Licence-Identifier (bsc#1192606).
- commit fe025f6
- cifs: convert list_for_each to entry variant in cifs_debug.c
  (bsc#1192606).
- commit 8d27424
- cifs: convert list_for_each to entry variant in smb2misc.c
  (bsc#1192606).
- commit bf17685
- cifs: avoid extra calls in posix_info_parse (bsc#1192606).
- commit df5a926
- cifs: retry lookup and readdir when EAGAIN is returned
  (bsc#1192606).
- commit 503d9f4
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- commit 93ab561
- cifs: enable extended stats by default (bsc#1192606).
- commit 31058c0
- cifs: missed ref-counting smb session in find (bsc#1192606).
- commit 036df29
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- commit 06c9b3f
- cifs: set a minimum of 2 minutes for refreshing dfs cache
  (bsc#1185902).
- commit 89e70a9
- cifs: fix path comparison and hash calc (bsc#1185902).
- commit 1725c18
- cifs: handle different charsets in dfs cache (bsc#1185902).
- commit 7cb133a
- cifs: keep referral server sessions alive (bsc#1185902).
- commit 0f9891c
- cifs: get rid of @noreq param in __dfs_cache_find()
  (bsc#1185902).
- commit 8c17775
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- commit 5403cd0
- cifs: improve fallocate emulation (bsc#1192606).
- commit 69387e0
- cifs: fix doc warnings in cifs_dfs_ref.c (bsc#1192606).
- commit ed7aa17
- cifs: remove redundant initialization of variable rc
  (bsc#1192606).
- commit 1db8433
- cifs: Constify static struct genl_ops (bsc#1192606).
- commit 8c8e6b1
- cifs: Remove unused inline function is_sysvol_or_netlogon()
  (bsc#1185902).
- commit f81891f
- cifs: remove duplicated prototype (bsc#1192606).
- commit e27f304
- cifs: fix ipv6 formating in cifs_ses_add_channel (bsc#1192606).
- commit 231f6f1
- cifs: change format of CIFS_FULL_KEY_DUMP ioctl (bsc#1192606).
- commit 1e18e17
- cifs: fix string declarations and assignments in tracepoints
  (bsc#1192606).
- commit 5159f90
- cifs: set server->cipher_type to AES-128-CCM for SMB3.0
  (bsc#1192606).
- commit f561ad9
- cifs: Fix inconsistent indenting (bsc#1192606).
- commit c386cb1
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- commit 845634d
- smb3: if max_channels set to more than one channel request
  multichannel (bsc#1192606).
- commit 93e55f7
- smb3: do not attempt multichannel to server which does not
  support it (bsc#1192606).
- commit e1b5be8
- smb3: when mounting with multichannel include it in requested
  capabilities (bsc#1192606).
- commit b03c460
- cifs: fix regression when mounting shares with prefix paths
  (bsc#1192606).
- commit 59233de
- cifs: use echo_interval even when connection not ready
  (bsc#1192606).
- commit 15fd173
- cifs: detect dead connections only when echoes are enabled
  (bsc#1192606).
- commit 5c84eeb
- smb3.1.1: allow dumping keys for multiuser mounts (bsc#1192606).
- commit 79c8410
- smb3.1.1: allow dumping GCM256 keys to improve debugging of
  encrypted shares (bsc#1192606).
- commit b4fea5b
- smb3.1.1: enable negotiating stronger encryption by default
  (bsc#1192606).
- commit 9da00b7
- cifs: update internal version number (bsc#1192606).
- commit 13bc2c5
- smb3: add rasize mount parameter to improve readahead
  performance (bsc#1192606).
- commit 30ebb66
- smb3: limit noisy error (bsc#1192606).
- commit 91e0ede
- cifs: fix leak in cifs_smb3_do_mount() ctx (bsc#1192606).
- commit 8a2920f
- cifs: remove unnecessary copies of tcon->crfid.fid
  (bsc#1192606).
- commit 0b30781
- cifs: Return correct error code from smb2_get_enc_key
  (git-fixes).
- commit 846705c
- cifs: fix out-of-bound memory access when calling smb3_notify()
  at mount point (bsc#1192606).
- commit 0a3285f
- smb2: fix use-after-free in smb2_ioctl_query_info()
  (bsc#1192606).
- commit 63f6c5e
- cifs: export supported mount options via new mount_params
  /proc file (bsc#1192606).
- commit 2dd1c61
- cifs: log mount errors using cifs_errorf() (bsc#1192606).
- commit a2f6e3b
- cifs: add fs_context param to parsing helpers (bsc#1192606).
- commit a1c2b3d
- cifs: make fs_context error logging wrapper (bsc#1192606).
- commit 3b6af06
- cifs: add FALLOC_FL_INSERT_RANGE support (bsc#1192606).
- commit ef118dc
- cifs: add support for FALLOC_FL_COLLAPSE_RANGE (bsc#1192606).
- commit ece4ddb
- cifs: check the timestamp for the cached dirent when deciding
  on revalidate (bsc#1192606).
- commit aecc2fc
- cifs: pass the dentry instead of the inode down to the
  revalidation check functions (bsc#1192606).
- commit c93ddc7
- cifs: add a timestamp to track when the lease of the cached
  dir was taken (bsc#1192606).
- commit 3ac8e19
- cifs: add a function to get a cached dir based on its dentry
  (bsc#1192606).
- commit 24027a5
- cifs: Grab a reference for the dentry of the cached directory
  during the lifetime of the cache (bsc#1192606).
- commit 91b960b
- cifs: store a pointer to the root dentry in cifs_sb_info once
  we have completed mounting the share (bsc#1192606).
- commit 8a598fa
- cifs: rename the *_shroot* functions to *_cached_dir*
  (bsc#1192606).
- commit 2a8dae4
- cifs: pass a path to open_shroot and check if it is the root
  or not (bsc#1192606).
- commit 234424b
- cifs: move the check for nohandlecache into open_shroot
  (bsc#1192606).
- commit 99d7c2e
- cifs: switch build_path_from_dentry() to using dentry_path_raw()
  (bsc#1192606).
- commit fc6b596
- cifs: allocate buffer in the caller of build_path_from_dentry()
  (bsc#1192606).
- commit 97679cd
- cifs: make build_path_from_dentry() return const char *
  (bsc#1192606).
- commit ef657be
- cifs: constify pathname arguments in a bunch of helpers
  (bsc#1192606).
- commit b93cc52
- cifs: constify path argument of ->make_node() (bsc#1192606).
- commit 03fcdf4
- cifs: constify get_normalized_path() properly (bsc#1185902).
- commit 90470dc
- cifs: don't cargo-cult strndup() (bsc#1185902).
- commit ca5d72c
- SMB3: update structures for new compression protocol definitions
  (bsc#1192606).
- commit 4a8461d
- cifs: remove old dead code (bsc#1192606).
- commit 97b63df
- cifs: cifspdu.h: Replace one-element array with flexible-array
  member (bsc#1192606).
- commit 4c15bf6
- fs: cifs: Remove repeated struct declaration (bsc#1192606).
- commit 8e0ef67
- cifs: simplify SWN code with dummy funcs instead of ifdefs
  (bsc#1192606).
- commit 619dc86
- smb3: update protocol header definitions based to include new
  flags (bsc#1192606).
- commit 31de2ad
- cifs: correct comments explaining internal semaphore usage in
  the module (bsc#1192606).
- commit 8016b0d
- cifs: Remove useless variable (bsc#1192606).
- commit 4da0037
- cifs: Fix spelling of 'security' (bsc#1192606).
- commit 7f34541
- cifs: escape spaces in share names (bsc#1192606).
- commit f9411a4
- fs: cifs: Remove unnecessary struct declaration (bsc#1192606).
- commit c4877c5
- cifs: On cifs_reconnect, resolve the hostname again
  (bsc#1192606).
- commit 0f5ba1b
- smb3: fix cached file size problems in duplicate extents
  (reflink) (bsc#1192606).
- commit db5895f
- cifs: Silently ignore unknown oplock break handle (bsc#1192606).
- commit fa1d6ea
- cifs: revalidate mapping when we open files for SMB1 POSIX
  (bsc#1192606).
- Refresh
  patches.suse/cifs-have-cifs_fattr_to_inode-refuse-to-change-type-on-live-inode.patch.
- commit 2e4453d
- cifs: Fix chmod with modefromsid when an older ACE already
  exists (bsc#1192606).
- commit 589d547
- cifs: Adjust key sizes and key generation routines for AES256
  encryption (bsc#1192606).
- commit 5dbb25b
- cifs: fix allocation size on newly created files (bsc#1192606).
- commit 4d93c82
- cifs: warn and fail if trying to use rootfs without the config
  option (bsc#1192606).
- commit f552b34
- fs/cifs/: fix misspellings using codespell tool (bsc#1192606).
- commit 2ea6114
- cifs: Fix preauth hash corruption (git-fixes).
- commit 7416f5d
- cifs: update new ACE pointer after populate_new_aces
  (bsc#1192606).
- commit 0529102
- cifs: have cifs_fattr_to_inode() refuse to change type on live
  inode (bsc#1192606).
- commit b158f7d
- cifs: have ->mkdir() handle race with another client sanely
  (bsc#1192606).
- commit 6b82284
- do_cifs_create(): don't set ->i_mode of something we had not
  created (bsc#1192606).
- commit a0ecf85
- cifs: do not send close in compound create+close requests
  (bsc#1181507).
- commit 11e6f22
- cifs: return proper error code in statfs(2) (bsc#1181507).
- commit 4fc8874
- cifs: change noisy error message to FYI (bsc#1181507).
- commit 3406540
- cifs: print MIDs in decimal notation (bsc#1181507).
- commit c8f2cd7
- cifs: ask for more credit on async read/write code paths
  (bsc#1192606).
- commit 636078f
- cifs: fix credit accounting for extra channel (bsc#1192606).
- commit c477df8
- cifs: update internal version number (bsc#1192606).
- commit b82f71c
- cifs: use discard iterator to discard unneeded network data
  more efficiently (bsc#1192606).
- commit 34ea556
- cifs: introduce helper for finding referral server
  (bsc#1181710).
- commit 78e0bf2
- cifs: check all path components in resolved dfs target
  (bsc#1181710).
- commit daad3a2
- cifs: fix DFS failover (bsc#1192606).
- commit 9182fbd
- cifs: fix nodfs mount option (bsc#1181710).
- commit 415546c
- cifs: fix handling of escaped ',' in the password mount argument
  (bsc#1192606).
- commit f2b417d
- cifs: Add new parameter "/acregmax"/ for distinct file and
  directory metadata timeout (bsc#1192606).
- commit 958622c
- cifs: convert revalidate of directories to using directory
  metadata cache timeout (bsc#1192606).
- commit 1f13b2c
- cifs: Add new mount parameter "/acdirmax"/ to allow caching
  directory metadata (bsc#1192606).
- commit c620fbe
- cifs: If a corrupted DACL is returned by the server, bail out
  (bsc#1192606).
- commit 0f619ca
- cifs: minor simplification to smb2_is_network_name_deleted
  (bsc#1192606).
- commit 5c19466
- TCON Reconnect during STATUS_NETWORK_NAME_DELETED (bsc#1192606).
- commit 4148056
- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c
  (bsc#1192606).
- commit 473d37a
- cifs: Change SIDs in ACEs while transferring file ownership
  (bsc#1192606).
- commit 8bda691
- cifs: Retain old ACEs when converting between mode bits and ACL
  (bsc#1192606).
- commit 47d65ee
- cifs: Fix cifsacl ACE mask for group and others (bsc#1192606).
- commit 34f7d02
- cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData
  (bsc#1192606).
- commit 3c6d03e
- cifs: change confusing field serverName (to ip_addr)
  (bsc#1192606).
- commit ac396a8
- cifs: Fix inconsistent IS_ERR and PTR_ERR (bsc#1192606).
- commit b7f9076
- cifs: Reformat DebugData and index connections by conn_id
  (bsc#1192606).
- commit 4020fb6
- cifs: Identify a connection by a conn_id (bsc#1192606).
- commit 35d50c8
- cifs: Fix in error types returned for out-of-credit situations
  (bsc#1192606).
- commit 4143c6a
- cifs: New optype for session operations (bsc#1181507).
- commit 171fe4d
- cifs: fix trivial typo (bsc#1192606).
- commit ab49627
- smb3: negotiate current dialect (SMB3.1.1) when version 3 or
  greater requested (bsc#1192606).
- commit bda03f6
- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting
  cifs_sb->prepath (bsc#1192606).
- commit 61e03e7
- cifs: In the new mount api we get the full devname as source=
  (bsc#1192606).
- commit 280bd9e
- cifs: do not disable noperm if multiuser mount option is not
  provided (bsc#1192606).
- commit e136d3e
- cifs: fix dfs-links (bsc#1192606).
- commit 7cc0083
- cifs: report error instead of invalid when revalidating a
  dentry fails (bsc#1177440).
- commit ae9593c
- smb3: fix crediting for compounding when only one request in
  flight (bsc#1181507).
- commit ea94504
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540).
- commit fc2901f
- cifs: fix dfs domain referrals (bsc#1192606).
- commit 4f2e59b
- cifs: returning mount parm processing errors correctly
  (bsc#1192606).
- commit fc19610
- cifs: fix mounts to subdirectories of target (bsc#1192606).
- commit 9ca4904
- cifs: ignore auto and noauto options if given (bsc#1192606).
- commit a69545d
- cifs: do not fail __smb_send_rqst if non-fatal signals are
  pending (git-fixes).
- commit c375e6f
- fs/cifs: Simplify bool comparison (bsc#1192606).
- commit 4959fe1
- fs/cifs: Assign boolean values to a bool variable (bsc#1192606).
- commit 8043a9e
- cifs: style: replace one-element array with flexible-array
  (bsc#1192606).
- commit ddf3e41
- cifs: connect: style: Simplify bool comparison (bsc#1192606).
- commit 67852c0
- fs: cifs: remove unneeded variable in smb3_fs_context_dup
  (bsc#1192606).
- commit fb653f6
- cifs: fix interrupted close commands (git-fixes).
- commit f7a7f46
- cifs: check pointer before freeing (bsc#1183534).
- commit 29af08c
- Add SMB 2 support for getting and setting SACLs (bsc#1192606).
- commit dca2a26
- SMB3: Add support for getting and setting SACLs (bsc#1192606).
- commit e9596e1
- cifs: Avoid error pointer dereference (bsc#1192606).
- commit e31fad7
- cifs: Re-indent cifs_swn_reconnect() (bsc#1192606).
- commit 952b9c2
- cifs: Unlock on errors in cifs_swn_reconnect() (bsc#1192606).
- commit 3671d77
- cifs: Delete a stray unlock in cifs_swn_reconnect()
  (bsc#1192606).
- commit 81836d3
- cifs: update internal module version number (bsc#1192606).
- commit a3d9dc5
- cifs: Fix support for remount when not changing rsize/wsize
  (bsc#1192606).
- commit 6310efa
- cifs: handle "/guest"/ mount parameter (bsc#1192606).
- commit 041cbf9
- cifs: correct four aliased mount parms to allow use of previous
  names (bsc#1192606).
- commit 25edec0
- cifs: Tracepoints and logs for tracing credit changes
  (bsc#1181507).
- commit 9012fa5
- cifs: fix use after free in cifs_smb3_do_mount() (bsc#1192606).
- commit 36ab890
- cifs: fix rsize/wsize to be negotiated values (bsc#1192606).
- commit ef43e93
- cifs: Fix some error pointers handling detected by static
  checker (bsc#1192606).
- commit 53cb7da
- smb3: remind users that witness protocol is experimental
  (bsc#1192606).
- commit e734508
- cifs: update super_operations to show_devname (bsc#1192606).
- commit 24c46d7
- cifs: fix uninitialized variable in smb3_fs_context_parse_param
  (bsc#1192606).
- commit f9ee21b
- cifs: update mnt_cifs_flags during reconfigure (bsc#1192606).
- commit c3245ce
- cifs: move update of flags into a separate function
  (bsc#1192606).
- commit 0d92778
- cifs: remove ctx argument from cifs_setup_cifs_sb (bsc#1192606).
- commit b64f601
- cifs: do not allow changing posix_paths during remount
  (bsc#1192606).
- commit 9e6223d
- cifs: uncomplicate printing the iocharset parameter
  (bsc#1192606).
- commit e7f6359
- cifs: don't create a temp nls in cifs_setup_ipc (bsc#1192606).
- commit 5345972
- cifs: simplify handling of cifs_sb/ctx->local_nls (bsc#1192606).
- commit edc5b35
- cifs: we do not allow changing username/password/unc/... during
  remount (bsc#1192606).
- commit 5a0ec9d
- cifs: add initial reconfigure support (bsc#1192606).
- commit 1b949af
- cifs: move [brw]size from cifs_sb to cifs_sb->ctx (bsc#1192606).
- commit 60ffa4e
- cifs: move cifs_cleanup_volume_info[_content] to fs_context.c
  (bsc#1192606).
- commit 9c231c6
- cifs: Add missing sentinel to smb3_fs_parameters (bsc#1192606).
- commit 75497fa
- cifs: Handle witness client move notification (bsc#1192606).
- commit 472f96f
- cifs: remove actimeo from cifs_sb (bsc#1192606).
- commit bf63550
- cifs: remove [gu]id/backup[gu]id/file_mode/dir_mode from cifs_sb
  (bsc#1192606).
- commit fdf44d3
- cifs: remove some minor warnings pointed out by kernel test
  robot (bsc#1192606).
- commit 9008f06
- cifs: remove various function description warnings
  (bsc#1192606).
- commit d30d530
- cifs: Simplify reconnect code when dfs upcall is enabled
  (bsc#1192606).
- commit c156ee7
- cifs: Send witness register messages to userspace daemon in
  echo task (bsc#1192606).
- commit ac7fc2c
- cifs: Add witness information to debug data dump (bsc#1192606).
- commit 66d50bc
- cifs: Set witness notification handler for messages from
  userspace daemon (bsc#1192606).
- commit 302ad1a
- cifs: Send witness register and unregister commands to userspace
  daemon (bsc#1192606).
- commit b44003d
- cifs: minor updates to Kconfig (bsc#1192606).
- commit 5d17515
- cifs: add witness mount option and data structs (bsc#1192606).
- commit 501bdfb
- cifs: Register generic netlink family (bsc#1192606).
  Update configs with CONFIG_SWN_UPCALL unset.
- commit 163e9ea
- objtool: Support Clang non-section symbols in ORC generation
  (bsc#1169514).
- blacklist.conf updated (backported commit removed)
- commit 1709279
- elfcore: fix building with clang (bsc#1169514).
- commit 00fb734
- constraints: Build aarch64 on recent ARMv8.1 builders.
  Request asimdrdm feature which is available only on recent ARMv8.1 CPUs.
  This should prevent scheduling the kernel on an older slower builder.
- commit 60fc53f
- drm/nouveau: clean up all clients on device removal
  (CVE-2020-27820 bsc#1179599).
- drm/nouveau: Add a dedicated mutex for the clients list
  (CVE-2020-27820 bsc#1179599).
- drm/nouveau: use drm_dev_unplug() during device removal
  (CVE-2020-27820 bsc#1179599).
- commit 52c5fe2
- cifs: cleanup misc.c (bsc#1192606).
- commit d5aed73
- cifs: minor kernel style fixes for comments (bsc#1192606).
- commit 56d2f6d
- cifs: Make extract_sharename function public (bsc#1192606).
- commit 958ba69
- cifs: Make extract_hostname function public (bsc#1192606).
- commit 1e0579d
- cifs: get rid of cifs_sb->mountdata (bsc#1192606).
- commit d382da4
- cifs: add an smb3_fs_context to cifs_sb (bsc#1192606).
- commit ea2f54b
- cifs: remove the devname argument to cifs_compose_mount_options
  (bsc#1192606).
- commit 7690451
- cifs: switch to new mount api (bsc#1192606).
- commit 3a872f9
- cifs: move cifs_parse_devname to fs_context.c (bsc#1192606).
- commit 48f0a0e
- cifs: move the enum for cifs parameters into fs_context.h
  (bsc#1192606).
- commit 28a15fc
- cifs: rename dup_vol to smb3_fs_context_dup and move it into
  fs_context.c (bsc#1192606).
- commit 74c4d04
- cifs: rename smb_vol as smb3_fs_context and move it to
  fs_context.h (bsc#1192606).
- commit cfae22b
- SMB3.1.1: do not log warning message if server doesn't populate
  salt (bsc#1192606).
- commit 52317ed
- SMB3.1.1: update comments clarifying SPNEGO info in negprot
  response (bsc#1192606).
- commit 92662cf
- cifs: Enable sticky bit with cifsacl mount option (bsc#1192606).
- commit a44e471
- cifs: Fix unix perm bits to cifsacl conversion for "/other"/
  bits (bsc#1192606).
- commit c0e0d2e
- SMB3.1.1: remove confusing mount warning when no SPNEGO info
  on negprot rsp (bsc#1192606).
- commit 644e3af
- SMB3: avoid confusing warning message on mount to Azure
  (bsc#1192606).
- commit 255c5fa
- cifs: Fix fall-through warnings for Clang (bsc#1192606).
- commit 2f2540d
- cifs: refactor create_sd_buf() and and avoid corrupting the
  buffer (bsc#1192606).
- commit 5e73e71
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- commit b49338b
- smb3: set COMPOUND_FID to FileID field of subsequent compound
  request (bsc#1192606).
- commit f4b5ad9
- cifs: fix potential use-after-free in cifs_echo_request()
  (bsc#1139944).
- commit 98843ac
- cifs: allow syscalls to be restarted in __smb_send_rqst()
  (bsc#1176956).
- commit 1b00be4
- smb3: Handle error case during offload read path (bsc#1192606).
- commit 65b8bfd
- smb3: Avoid Mid pending list corruption (bsc#1192606).
- commit baea6c6
- smb3: Call cifs reconnect from demultiplex thread (bsc#1192606).
- commit a61a83b
- cifs: fix a memleak with modefromsid (bsc#1192606).
- commit a599e96
- cifs: update internal module version number (bsc#1192606).
- commit 72d7f82
- smb3: add some missing definitions from MS-FSCC (bsc#1192606).
- commit c3d6868
- smb3: remove two unused variables (bsc#1192606).
- commit def88ae
- smb3: add support for stat of WSL reparse points for special
  file types (bsc#1192606).
- commit 479bed9
- SMB3: add support for recognizing WSL reparse tags
  (bsc#1192606).
- commit a651550
- cifs: remove bogus debug code (bsc#1179427).
- commit a82be88
- smb3.1.1: fix typo in compression flag (bsc#1192606).
- commit 4a64be3
- cifs: move smb version mount options into fs_context.c
  (bsc#1192606).
- commit adb0785
- cifs: move cache mount options to fs_context.ch (bsc#1192606).
- commit 8c53b27
- cifs: move security mount options into fs_context.ch
  (bsc#1192606).
- commit a9ada64
- cifs: add files to host new mount api (bsc#1192606).
- commit a0ef4da
- linux/parser.h: add include guards (bsc#1192606).
- commit f3801c4
- smb3: do not try to cache root directory if dir leases not
  supported (bsc#1192606).
- commit 8218366
- smb3: fix stat when special device file and mounted with
  modefromsid (bsc#1192606).
- commit a8ab74d
- cifs: Print the address and port we are connecting to in
  generic_ip_connect() (bsc#1192606).
- commit 27567b1
- SMB3: Resolve data corruption of TCP server info fields
  (bsc#1192606).
- commit e9bf4a1
- cifs: make const array static, makes object smaller
  (bsc#1192606).
- commit b7f99c8
- SMB3.1.1: Fix ids returned in POSIX query dir (bsc#1192606).
- commit 330caf7
- smb3: add dynamic trace point to trace when credits obtained
  (bsc#1181507).
- commit 58e9f6b
- smb3.1.1: do not fail if no encryption required but server
  doesn't support it (bsc#1192606).
- commit c7bf6a1
- cifs: Return the error from crypt_message when enc/dec key
  not found (bsc#1179426).
- commit b1cdf8b
- smb3.1.1: set gcm256 when requested (bsc#1192606).
- commit e9b39d5
- smb3.1.1: rename nonces used for GCM and CCM encryption
  (bsc#1192606).
- commit 255717e
- smb3.1.1: print warning if server does not support requested
  encryption type (bsc#1192606).
- commit 1fe18d9
- smb3.1.1: add new module load parm enable_gcm_256 (bsc#1192606).
- commit 9039e9b
- smb3.1.1: add new module load parm require_gcm_256
  (bsc#1192606).
- commit 7a312a4
- cifs: map STATUS_ACCOUNT_LOCKED_OUT to -EACCES (bsc#1192606).
- commit 2c16fbc
- SMB3.1.1: add defines for new signing negotiate context
  (bsc#1192606).
- commit 4d3ef02
- cifs: handle -EINTR in cifs_setattr (bsc#1192606).
- commit 49f54f5
- Handle STATUS_IO_TIMEOUT gracefully (bsc#1192606).
- commit 6bbd363
- cifs: compute full_path already in cifs_readdir() (bsc#1192606).
- commit 6d2e8b4
- cifs: return cached_fid from open_shroot (bsc#1192606).
- commit e7b74da
- update structure definitions from updated protocol documentation
  (bsc#1192606).
- commit f34e9c8
- smb3: add defines for new crypto algorithms (bsc#1192606).
- commit c5a3bf6
- Convert trailing spaces and periods in path components
  (bsc#1179424).
- commit ac355fa
- cifs: Fix incomplete memory allocation on setxattr path
  (bsc#1179211).
- commit 239bcd9
- cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270).
- commit eacaaaa
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- commit d3716bf
- SMB3: Fix mkdir when idsfromsid configured on mount
  (bsc#1192606).
- commit 5bdbc43
- cifs: Convert to use the fallthrough macro (bsc#1192606).
- commit efd5364
- cifs: Fix an error pointer dereference in cifs_mount()
  (bsc#1178270).
- commit 7505e01
- cifs: document and cleanup dfs mount (bsc#1178270).
- commit 19e0536
- cifs: only update prefix path of DFS links in
  cifs_tree_connect() (bsc#1178270).
- commit a0c2fcb
- cifs: fix double free error on share and prefix (bsc#1178270).
- commit c41144c
- cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect
  (bsc#1178270).
- commit b9d9b79
- cifs: handle empty list of targets in cifs_reconnect()
  (bsc#1178270).
- commit d696d71
- cifs: rename reconn_inval_dfs_target() (bsc#1178270).
- commit 6d8fd3f
- cifs: reduce number of referral requests in DFS link lookups
  (bsc#1178270).
- commit 7c62723
- cifs: merge __{cifs,smb2}_reconnect[_tcon]() into
  cifs_tree_connect() (bsc#1178270).
- commit 6b8c9d8
- cifs: convert to use be32_add_cpu() (bsc#1192606).
- commit dd3314a
- cifs: delete duplicated words in header files (bsc#1192606).
- commit 8115708
- cifs: Remove the superfluous break (bsc#1192606).
- commit 9953c3c
- cifs: smb1: Try failing back to SetFileInfo if SetPathInfo fails
  (bsc#1192606).
- commit 851bcd7
- cifs`: handle ERRBaduid for SMB1 (bsc#1192606).
- commit 0b09946
- cifs: remove unused variable 'server' (bsc#1192606).
- commit 3c682cd
- smb3: warn on confusing error scenario with sec=krb5
  (bsc#1176548).
- commit 42a38ce
- cifs: Fix leak when handling lease break for cached root fid
  (bsc#1176242).
- commit 677fd80
- Revert "/cifs: Fix the target file was deleted when rename
  failed."/ (bsc#1192606).
- commit e18cfc5
- cifs: update internal module version number (bsc#1192606).
- commit d61ab33
- cifs: fix reference leak for tlink (bsc#1192606).
- commit 82e17a7
- smb3: fix unneeded error message on change notify (bsc#1192606).
- commit e66ce2d
- cifs: remove the retry in cifs_poxis_lock_set (bsc#1192606).
- commit 332eb71
- smb3: fix access denied on change notify request to some servers
  (bsc#1192606).
- commit fd93797
- Replace HTTP links with HTTPS ones: CIFS (bsc#1192606).
- commit 0d6db48
- cifs: prevent truncation from long to int in
  wait_for_free_credits (bsc#1192606).
- commit 9a0fb61
- cifs: Fix the target file was deleted when rename failed
  (bsc#1192606).
- commit db55866
- SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- commit 9a7a8a4
- SMB3: Honor 'handletimeout' flag for multiuser mounts
  (bsc#1176558).
- commit b1e041c
- SMB3: Honor lease disabling for multiuser mounts (git-fixes).
- commit 82468cf
- SMB3: Honor persistent/resilient handle flags for multiuser
  mounts (bsc#1176546).
- commit 22a7ca5
- SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
- commit a18cbde
- cifs: Display local UID details for SMB sessions in DebugData
  (bsc#1192606).
- commit 7f9fa20
- cifs: misc: Use array_size() in if-statement controlling
  expression (bsc#1192606).
- commit c02caf9
- cifs: update ctime and mtime during truncate (bsc#1192606).
- commit 694deaf
- cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
- commit 6c60807
- cifs/smb3: Fix data inconsistent when zero file range
  (bsc#1176536).
- commit 0f9acaa
- cifs: Fix double add page to memcg when cifs_readpages
  (bsc#1192606).
- commit 03bbe2c
- cifs: Fix cached_fid refcnt leak in open_shroot (bsc#1192606).
- commit 4b170cc
- smb3: Add debug message for new file creation with idsfromsid
  mount option (bsc#1192606).
- commit 348bed4
- cifs: fix chown and chgrp when idsfromsid mount option enabled
  (bsc#1192606).
- commit b7dd38c
- smb3: allow uid and gid owners to be set on create with
  idsfromsid mount option (bsc#1192606).
- commit e88def1
- smb311: Add tracepoints for new compound posix query info
  (bsc#1192606).
- commit 7f1ddf2
- smb311: add support for using info level for posix extensions
  query (bsc#1192606).
- commit 6cb7e86
- smb311: Add support for lookup with posix extensions query info
  (bsc#1192606).
- commit 93c3e0d
- smb311: Add support for SMB311 query info (non-compounded)
  (bsc#1192606).
- commit beec08d
- SMB311: Add support for query info using posix extensions
  (level 100) (bsc#1192606).
- commit e684a25
- smb3: add indatalen that can be a non-zero value to calculation
  of credit charge in smb2 ioctl (bsc#1192606).
- commit 7df3cc5
- smb3: fix typo in mount options displayed in /proc/mounts
  (bsc#1192606).
- commit a44953f
- cifs: Add get_security_type_str function to return sec type
  (bsc#1192606).
- commit 9a47f84
- smb3: extend fscache mount volume coherency check (bsc#1192606).
- commit 68aff9c
- cifs: update internal module version number (bsc#1192606).
- commit 9b30c03
- cifs: multichannel: try to rebind when reconnecting a channel
  (bsc#1192606).
- commit c678b8e
- cifs: multichannel: use pointer for binding channel
  (bsc#1192606).
- commit b739f0c
- smb3: remove static checker warning (bsc#1192606).
- commit 2f6dcf6
- cifs: multichannel: move channel selection above transport layer
  (bsc#1192606).
- commit 7fd3164
- cifs: multichannel: always zero struct cifs_io_parms
  (bsc#1192606).
- commit 33f2e0b
- cifs: dump Security Type info in DebugData (bsc#1192606).
- commit cf57493
- smb3: fix incorrect number of credits when ioctl
  MaxOutputResponse > 64K (bsc#1192606).
- commit f5551f2
- smb3: default to minimum of two channels when multichannel
  specified (bsc#1192606).
- commit 8393a97
- cifs: multichannel: move channel selection in function
  (bsc#1192606).
- commit 8a917e2
- cifs: fix minor typos in comments and log messages
  (bsc#1192606).
- commit 83af8a3
- smb3: minor update to compression header definitions
  (bsc#1192606).
- commit 8ac2325
- cifs: minor fix to two debug messages (bsc#1192606).
- commit fda6c8f
- cifs: Standardize logging output (bsc#1192606).
- commit 6ffb916
- smb3: Add new parm "/nodelete"/ (bsc#1192606).
- commit 48827ed
- cifs: move some variables off the stack in smb2_ioctl_query_info
  (bsc#1192606).
- commit 3f017a7
- cifs: reduce stack use in smb2_compound_op (bsc#1192606).
- commit 019bba7
- cifs: get rid of unused parameter in reconn_setup_dfs_targets()
  (bsc#1178270).
- commit 38ee91e
- cifs: handle hostnames that resolve to same ip in failover
  (bsc#1178270).
- commit 88fab96
- cifs: set up next DFS target before generic_ip_connect()
  (bsc#1178270).
- commit ce3313b
- cifs: remove redundant initialization of variable rc
  (bsc#1192606).
- commit a99ffdf
- cifs: handle "/nolease"/ option for vers=1.0 (bsc#1192606).
- commit c8cf7e4
- cifs: fix leaked reference on requeued write (bsc#1178270).
- commit 9bb24bb
- cifs: Fix null pointer check in cifs_read (bsc#1192606).
- commit ebcae90
- CIFS: Spelling s/EACCESS/EACCES/ (bsc#1192606).
- commit 6cdaae9
- cifs: fix uninitialised lease_key in open_shroot()
  (bsc#1178270).
- commit 3bdd1ac
- cifs: ensure correct super block for DFS reconnect
  (bsc#1178270).
- commit 96f5629
- cifs: do not share tcons with DFS (bsc#1178270).
- commit 6edb20b
- cifs: minor update to comments around the cifs_tcp_ses_lock
  mutex (bsc#1192606).
- commit 2eefc78
- cifs: protect updating server->dstaddr with a spinlock
  (bsc#1192606).
- commit db4e78a
- smb3: remove overly noisy debug line in signing errors
  (bsc#1192606).
- commit 96949dd
- cifs: improve read performance for page size 64KB & cache=strict
  & vers=2.1+ (bsc#1192606).
- commit 7ce6d90
- cifs: dump the session id and keys also for SMB2 sessions
  (bsc#1192606).
- commit 529d063
- smb3: enable swap on SMB3 mounts (bsc#1192606).
- commit 30375b2
- smb3: change noisy error message to FYI (bsc#1192606).
- commit 40ae9dd
- smb3: smbdirect support can be configured by default
  (bsc#1192606).
- commit d407091
- cifs: smbd: Do not schedule work to send immediate packet on
  every receive (bsc#1192606).
- commit 11e7325
- cifs: smbd: Properly process errors on ib_post_send
  (bsc#1192606).
- commit 6c30aa6
- cifs: Allocate crypto structures on the fly for calculating
  signatures of incoming packets (bsc#1192606).
- commit 7ebc087
- cifs: smbd: Update receive credits before sending and deal
  with credits roll back on failure before sending (bsc#1192606).
- commit 86c6e08
- cifs: smbd: Check send queue size before posting a send
  (bsc#1192606).
- commit 4855370
- cifs: smbd: Merge code to track pending packets (bsc#1192606).
- commit d555442
- cifs: ignore cached share root handle closing errors
  (bsc#1166780).
- commit 8f24623
- cifs: update internal module version number (bsc#1192606).
- commit 8e1f984
- cifs: Allocate encryption header through kmalloc (bsc#1192606).
- commit 653cd97
- cifs: smbd: Check and extend sender credits in interrupt context
  (bsc#1192606).
- commit 2815e1e
- cifs: smbd: Calculate the correct maximum packet size for
  segmented SMBDirect send/receive (bsc#1192606).
- commit a92a6da
- smb3: use SMB2_SIGNATURE_SIZE define (bsc#1192606).
- commit 5b1d684
- CIFS: Fix bug which the return value by asynchronous read is
  error (bsc#1192606).
- commit 7103595
- CIFS: check new file size when extending file by fallocate
  (bsc#1192606).
- commit 58a2d12
- SMB3: Minor cleanup of protocol definitions (bsc#1192606).
- commit 9179120
- SMB3: Additional compression structures (bsc#1192606).
- commit fe495f9
- SMB3: Add new compression flags (bsc#1192606).
- commit 5fd5331
- cifs: smb2pdu.h: Replace zero-length array with flexible-array
  member (bsc#1192606).
- commit f748972
- cifs: clear PF_MEMALLOC before exiting demultiplex thread
  (bsc#1192606).
- commit 33f8f3c
- cifs: cifspdu.h: Replace zero-length array with flexible-array
  member (bsc#1192606).
- commit 54c058d
- CIFS: Warn less noisily on default mount (bsc#1192606).
- commit a036f2e
- fs/cifs: fix gcc warning in sid_to_id (bsc#1192606).
- commit 9fe6f6a
- cifs: allow unlock flock and OFD lock across fork (bsc#1192606).
- commit 0278ba9
- cifs: do d_move in rename (bsc#1164565).
- commit ed82a5d
- cifs: add SMB2_open() arg to return POSIX data (bsc#1164565).
- commit 6b9d249
- cifs: plumb smb2 POSIX dir enumeration (bsc#1164565).
- commit 33c50f7
- cifs: add smb2 POSIX info level (bsc#1164565).
- commit cca3e07
- cifs: rename posix create rsp (bsc#1164565).
- commit a064158
- cifs: print warning mounting with vers=1.0 (bsc#1164565).
- commit 2ba6d1f
- smb3: fix performance regression with setting mtime
  (bsc#1164565).
- commit 3668670
- cifs: make use of cap_unix(ses) in cifs_reconnect_tcon()
  (bsc#1164565).
- commit 1a26833
- cifs: use mod_delayed_work() for &server->reconnect if already
  queued (bsc#1164565).
- commit 1ab6a0b
- cifs: call wake_up(&server->response_q) inside of
  cifs_reconnect() (bsc#1164565).
- commit 40269bd
- cifs: handle prefix paths in reconnect (bsc#1164565).
- commit 10c4f8a
- cifs: do not ignore the SYNC flags in getattr (bsc#1164565).
- commit 1cff7a8
- CIFS: fiemap: do not return EINVAL if get nothing (bsc#1192606).
- commit f71b1ad
- CIFS: Increment num_remote_opens stats counter even in case
  of smb2_query_dir_first (bsc#1192606).
- commit 16345c6
- cifs: potential unintitliazed error code in cifs_getattr()
  (bsc#1164565).
- commit 55c9aef
- cifs_atomic_open(): fix double-put on late allocation failure
  (bsc#1192606).
- commit 3d21ff7
- cifs: Use #define in cifs_dbg (bsc#1164565).
- commit da56dd2
- cifs: fix rename() by ensuring source handle opened with DELETE
  bit (bsc#1164565).
- commit 33621ff
- cifs: add missing mount option to /proc/mounts (bsc#1164565).
- commit 9180deb
- cifs: fix potential mismatch of UNC paths (bsc#1164565).
- commit 008b33b
- cifs: don't leak -EAGAIN for stat() during reconnect
  (bsc#1164565).
- commit bdfa052
- cifs: make sure we do not overflow the max EA buffer size
  (bsc#1164565).
- commit c57bd80
- cifs: enable change notification for SMB2.1 dialect
  (bsc#1164565).
- commit 9752774
- cifs: Fix mode output in debugging statements (bsc#1164565).
- commit 504f756
- cifs: fix mount option display for sec=krb5i (bsc#1161907).
- commit cb0115f
- smb3: Add defines for new information level, FileIdInformation
  (bsc#1164565).
- commit caf0941
-  smb3: print warning once if posix context returned on open
  (bsc#1164565).
- commit 4cfe779
- smb3: add one more dynamic tracepoint missing from strict
  fsync path (bsc#1164565).
- commit 88bc35f
- cifs: fix mode bits from dir listing when mounted with
  modefromsid (bsc#1164565).
- commit 7a45b49
- cifs: fix channel signing (bsc#1192606).
- commit 59b8e3d
- cifs: add SMB3 change notification support (bsc#1164565).
- commit 7130f9d
- cifs: make multichannel warning more visible (bsc#1192606).
- commit 5fb729d
- cifs: fix soft mounts hanging in the reconnect code
  (bsc#1164565).
- commit 1f74108
- cifs: Add tracepoints for errors on flush or fsync
  (bsc#1164565).
- commit fe49ca1
- cifs: log warning message (once) if out of disk space
  (bsc#1164565).
- commit 1d44a00
- cifs: fail i/o on soft mounts if sessionsetup errors out
  (bsc#1164565).
- commit 859352d
- smb3: fix problem with null cifs super block with previous patch
  (bsc#1164565).
- commit 8ccd7a6
- SMB3: Backup intent flag missing from some more ops
  (bsc#1164565).
- commit 169d11b
- cifs: update internal module version number (bsc#1192606).
- commit 2f1471a
- cifs: fix soft mounts hanging in the reconnect code
  (bsc#1164565).
- commit aa72889
- CIFS: Fix task struct use-after-free on reconnect (bsc#1164565).
- commit a434312
- cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1164565).
- commit e3ec0b0
- cifs: add support for fallocate mode 0 for non-sparse files
  (bsc#1164565).
- commit eb8cb0d
- cifs: fix NULL dereference in match_prepath (bsc#1164565).
- commit 6dce4a8
- smb3: fix default permissions on new files when mounting with
  modefromsid (bsc#1164565).
- commit d99904b
- CIFS: Add support for setting owner info, dos attributes,
  and create time (bsc#1164565).
- commit ba6078d
- cifs: remove set but not used variable 'server' (bsc#1164565).
- commit 70b1352
- cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()
  (bsc#1164565).
- commit 22830d8
- cifs: Fix mount options set in automount (bsc#1164565).
- commit 945658c
- cifs: fix unitialized variable poential problem with network
  I/O cache lock patch (bsc#1164565).
- commit 406db0c
- cifs: Fix return value in __update_cache_entry (bsc#1164565).
- commit 05ed047
- cifs: Avoid doing network I/O while holding cache lock
  (bsc#1164565).
- commit 543a9e2
- cifs: Fix potential deadlock when updating vol in
  cifs_reconnect() (bsc#1164565).
- commit a483c39
- cifs: Merge is_path_valid() into get_normalized_path()
  (bsc#1164565).
- commit 8a35879
- cifs: Introduce helpers for finding TCP connection
  (bsc#1164565).
- commit fa139d5
- cifs: Get rid of kstrdup_const()'d paths (bsc#1164565).
- commit 2f2f4a7
- cifs: Clean up DFS referral cache (bsc#1164565).
- commit 51716b8
- cifs: Don't use iov_iter::type directly (bsc#1192606).
- commit 99ff3cb
- cifs: set correct max-buffer-size for smb2_ioctl_init()
  (bsc#1164565).
- commit 36a4575
- cifs: use compounding for open and first query-dir for readdir()
  (bsc#1164565).
- commit 5aa504c
- cifs: create a helper function to parse the query-directory
  response buffer (bsc#1164565).
- commit d4a4c74
- cifs: prepare SMB2_query_directory to be used with compounding
  (bsc#1164565).
- commit c711000
- fs/cifs/cifssmb.c: use true,false for bool variable
  (bsc#1164565).
- commit b823a48
- fs/cifs/smb2ops.c: use true,false for bool variable
  (bsc#1164565).
- commit a954e48
- cifs: Optimize readdir on reparse points (bsc#1164565).
- commit 1fdbe42
- cifs: Adjust indentation in smb2_open_file (bsc#1164565).
- commit b69e620
- CIFS: Close cached root handle only if it has a lease
  (bsc#1164565).
- commit 205ef7d
- SMB3: Fix crash in SMB2_open_init due to uninitialized field
  in compounding path (bsc#1164565).
- commit b133190
- smb3: fix refcount underflow warning on unmount when no
  directory leases (bsc#1164565).
- commit 5f56751
- smb3: improve check for when we send the security descriptor
  context on create (bsc#1164565).
- commit 6279123
- smb3: fix mode passed in on create for modetosid mount option
  (bsc#1164565).
- commit 1e7da56
- cifs: fix possible uninitialized access and race on iface_list
  (bsc#1192606).
- commit 0ce4d56
- cifs: Fix lookup of SMB connections on multichannel
  (bsc#1192606).
- commit 1313fae
- smb3: query attributes on file close (bsc#1164565).
- commit fe40478
- smb3: remove unused flag passed into close functions
  (bsc#1164565).
- commit 1e514e4
- cifs: remove redundant assignment to pointer pneg_ctxt
  (bsc#1164565).
- commit d63715e
- fs: cifs: Fix atime update check vs mtime (bsc#1164565).
- commit ff2d5e0
- CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
  (bnc#1151927 5.3.16).
- commit 68282cc
- CIFS: fix a white space issue in cifs_get_inode_info()
  (bsc#1164565).
- commit a22deab
- cifs: update internal module version number (bsc#1192606).
- commit 58d90ea
- cifs: Always update signing key of first channel (bsc#1192606).
- commit 523db5e
- cifs: Fix retrieval of DFS referrals in cifs_mount()
  (bsc#1164565).
- commit bf98d60
- cifs: Fix potential softlockups while refreshing DFS cache
  (bsc#1164565).
- commit 496859d
- cifs: Fix lookup of root ses in DFS referral cache
  (bsc#1164565).
- commit c6ec1d6
- cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1164565).
- commit fe9df9f
- cifs: dump channel info in DebugData (bsc#1192606).
- commit 109f68a
- smb3: dump in_send and num_waiters stats counters by default
  (bsc#1164565).
- commit ec9651f
- cifs: try harder to open new channels (bsc#1192606).
- commit 8f7594a
- CIFS: Properly process SMB3 lease breaks (bsc#1164565).
- commit 5f1ee05
- cifs: move cifsFileInfo_put logic into a work-queue
  (bsc#1154355).
- commit 4b84358
- cifs: try opening channels after mounting (bsc#1192606).
- commit 7ecaefa
- CIFS: refactor cifs_get_inode_info() (bsc#1164565).
- commit 72479e8
- cifs: switch servers depending on binding state (bsc#1192606).
- commit 95bf7f5
- cifs: add server param (bsc#1192606).
- commit dcbb33e
- cifs: add multichannel mount options and data structs
  (bsc#1192606).
- commit ae40994
- cifs: sort interface list by speed (bsc#1192606).
- commit f0d024f
- CIFS: Fix SMB2 oplock break processing (bsc#1154355 bnc#1151927
  5.3.16).
- commit 654d9b1
- cifs: don't use 'pre:' for MODULE_SOFTDEP (bsc#1164565).
- commit e8d163b
- cifs: smbd: Return -EAGAIN when transport is reconnecting
  (bsc#1164565).
- commit 28c2c04
- cifs: smbd: Only queue work for error recovery on memory
  registration (bsc#1164565).
- commit 0b460af
- smb3: add debug messages for closing unmatched open
  (bsc#1164565).
- commit 2aad8aa
- CIFS: Do not miss cancelled OPEN responses (bsc#1164565).
- commit e35eb8b
- CIFS: Fix NULL pointer dereference in mid callback
  (bsc#1164565).
- commit 6a3a4b5
- CIFS: Close open handle after interrupted close (bsc#1164565).
- commit c8dcdd8
- CIFS: Respect O_SYNC and O_DIRECT flags during reconnect
  (bsc#1164565).
- commit 8009a80
- smb3: remove confusing dmesg when mounting with encryption
  ("/seal"/) (bsc#1164565).
- commit c585be8
- cifs: close the shared root handle on tree disconnect
  (bsc#1164565).
- commit bb6bb3e
- CIFS: Return directly after a failed build_path_from_dentry()
  in cifs_do_create() (bsc#1164565).
- commit 72b533b
- CIFS: Use common error handling code in smb2_ioctl_query_info()
  (bsc#1164565).
- commit 0b398b0
- CIFS: Use memdup_user() rather than duplicating its
  implementation (bsc#1164565).
- commit 8316a15
- cifs: smbd: Return -ECONNABORTED when trasnport is not in
  connected state (bsc#1164565).
- commit 5c1a956
- cifs: smbd: Add messages on RDMA session destroy and
  reconnection (bsc#1164565).
- commit ce32d46
- cifs: smbd: Return -EINVAL when the number of iovs exceeds
  SMBDIRECT_MAX_SGE (bsc#1164565).
- commit 8f155a8
- cifs: smbd: Invalidate and deregister memory registration on
  re-send for direct I/O (bsc#1164565).
- commit 234140e
- cifs: Don't display RDMA transport on reconnect (bsc#1164565).
- commit 79c3b5f
- CIFS: remove set but not used variables 'cinode' and 'netfid'
  (bsc#1164565).
- commit 49cc01f
- cifs: add support for flock (bsc#1164565).
- commit 4e82f42
- cifs: remove unused variable 'sid_user' (bsc#1164565).
- commit 127bb53
- cifs: rename a variable in SendReceive() (bsc#1164565).
- commit 1caac54
- Refresh patches.suse/new-helper-lookup_positive_unlocked.patch.
- commit 1ce8b59
- SMB3: Fix persistent handles reconnect (bnc#1151927 5.3.11).
- commit 4676d9a
- fix memory leak in large read decrypt offload (bsc#1164565).
- commit 9bed06e
- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
  (bnc#1151927 5.3.10).
- commit ac7c450
- CIFS: Fix use after free of file info structures (bnc#1151927
  5.3.8).
- commit d1e3c57
- CIFS: Fix retry mid list corruption on reconnects (bnc#1151927
  5.3.10).
- commit 78aed6f
- cifs: Fix missed free operations (bnc#1151927 5.3.8).
- commit 021eb3e
- CIFS: avoid using MID 0xFFFF (bnc#1151927 5.3.8).
- commit 89d7e6b
- CIFS: Force reval dentry if LOOKUP_REVAL flag is set
  (bnc#1151927 5.3.7).
- commit 0986381
- CIFS: Force revalidate inode when dentry is stale (bnc#1151927
  5.3.7).
- commit de4eccf
- smb3: Fix regression in time handling (bsc#1164565).
- commit af70e1f
- smb3: remove noisy debug message and minor cleanup
  (bsc#1164565).
- commit 44410f6
- CIFS: Gracefully handle QueryInfo errors during open
  (bnc#1151927 5.3.7).
- commit 8cf17da
- cifs: use cifsInodeInfo->open_file_lock while iterating to
  avoid a panic (bnc#1151927 5.3.7).
- commit 301cd11
- fs: cifs: mute -Wunused-const-variable message (bnc#1151927
  5.3.9).
- commit 5cc4a16
- smb3: cleanup some recent endian errors spotted by updated
  sparse (bsc#1164565).
- commit 5ac1698
- CIFS: Fix oplock handling for SMB 2.1+ protocols (bnc#1151927
  5.3.4).
- commit 54958fe
- smb3: missing ACL related flags (bsc#1164565).
- commit 123c8cb
- smb3: pass mode bits into create calls (bsc#1164565).
- commit 5e8a919
- smb3: Add missing reparse tags (bsc#1164565).
- commit 71d2662
- CIFS: fix max ea value size (bnc#1151927 5.3.4).
- commit 93132b5
- fs/cifs/sess.c: Remove set but not used variable 'capabilities'
  (bsc#1164565).
- commit 68a4d1f
- fs/cifs/smb2pdu.c: Make SMB2_notify_init static (bsc#1164565).
- commit e039394
- smb3: fix leak in "/open on server"/ perf counter (bnc#1151927
  5.3.4).
- commit 0a489c3
- smb3: allow decryption keys to be dumped by admin for debugging
  (bsc#1164565).
- commit 37fd44f
- cifs: update internal module version number (bsc#1192606).
- commit cb133a9
- cifs: modefromsid: make room for 4 ACE (bsc#1164565).
- commit 0bd807b
- smb3: fix potential null dereference in decrypt offload
  (bsc#1164565).
- commit 4d9d9ba
- smb3: fix unmount hang in open_shroot (bnc#1151927 5.3.4).
- commit ba484ab
- smb3: allow disabling requesting leases (bnc#1151927 5.3.4).
- commit be51a36
- smb3: improve handling of share deleted (and share recreated)
  (bsc#1154355).
- commit 4f3941c
- smb3: display max smb3 requests in flight at any one time
  (bsc#1164565).
- commit fa51523
- smb3: only offload decryption of read responses if multiple
  requests (bsc#1164565).
- commit de45f83
- cifs: add a helper to find an existing readable handle to a file
  (bsc#1154355).
- commit e6e9bae
- smb3: enable offload of decryption of large reads via mount
  option (bsc#1164565).
- commit 811e003
- smb3: allow parallelizing decryption of reads (bsc#1164565).
- commit acc6de4
- cifs: add a debug macro that prints /servershare for errors
  (bsc#1164565).
- commit 44608d8
- smb3: fix signing verification of large reads (bsc#1154355).
- commit 2edd1f7
- smb3: allow skipping signature verification for perf sensitive
  configurations (bsc#1164565).
- commit 77fb855
- smb3: add dynamic tracepoints for flush and close (bsc#1164565).
- commit 5855d7c
- smb3: log warning if CSC policy conflicts with cache mount
  option (bsc#1164565).
- commit e6c8d3b
- smb3: add mount option to allow RW caching of share accessed
  by only 1 client (bsc#1164565).
- commit 1a97c9d
- smb3: add some more descriptive messages about share when
  mounting cache=ro (bsc#1164565).
- commit a329bf6
- smb3: add mount option to allow forced caching of read only
  share (bsc#1164565).
- commit 570c245
- cifs: fix dereference on ses before it is null checked
  (bsc#1164565).
- commit e681ba1
- cifs: add new debugging macro cifs_server_dbg (bsc#1164565).
- commit f81d1da
- cifs: use existing handle for compound_op(OP_SET_INFO) when
  possible (bsc#1154355).
- commit 0670e76
- cifs: create a helper to find a writeable handle by path name
  (bsc#1154355).
- commit 3782e0b
- cifs: remove set but not used variables (bsc#1164565).
- commit d27b1f6
- smb3: Incorrect size for netname negotiate context
  (bsc#1154355).
- commit 32948a7
- cifs: remove unused variable (bsc#1164565).
- commit abf35ec
- cifs: remove redundant assignment to variable rc (bsc#1164565).
- commit 2cafd7e
- smb3: add missing flag definitions (bsc#1164565).
- commit dbb4ef0
- cifs: add passthrough for smb2 setinfo (bsc#1164565).
- commit 1d94923
- cifs: prepare SMB2_Flush to be usable in compounds
  (bsc#1154355).
- commit d232426
- cifs: allow chmod to set mode bits using special sid
  (bsc#1164565).
- commit 6fac0bf
- cifs: get mode bits from special sid on stat (bsc#1164565).
- commit e5063fd
- fs: cifs: cifsssmb: remove redundant assignment to variable ret
  (bsc#1164565).
- commit 83c42b2
- cifs: fix a comment for the timeouts when sending echos
  (bsc#1164565).
- commit cad02ec
- fs: cifs: Initialize filesystem timestamp ranges (bsc#1164565).
- commit ef56e2e
- Delete patches that are going to be re-backported (bsc#1192606)
  Some of the patches being deleted by this commit might be too
  different and/or change too much context for the upcoming backports.
- commit a49f5dc
- nfsd: don't alloc under spinlock in rpc_parse_scope_id
  (git-fixes).
- NFSv4: Fix a regression in nfs_set_open_stateid_locked()
  (git-fixes).
- NFS: Fix up commit deadlocks (git-fixes).
- NFS: Fix deadlocks in nfs_scan_commit_list() (git-fixes).
- pnfs/flexfiles: Fix misplaced barrier in
  nfs4_ff_layout_prepare_ds (git-fixes).
- NFS: Don't set NFS_INO_DATA_INVAL_DEFER and NFS_INO_INVALID_DATA
  (git-fixes).
- nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
  (git-fixes).
- nfsd: fix error handling of register_pernet_subsys() in
  init_nfsd() (git-fixes).
- md: fix a lock order reversal in md_alloc (git-fixes).
- commit 5402eef
- blacklist.conf: assorted updates
- commit f4e87cf
- ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus (git-fixes)
- commit 30d7221
- ARM: dts: renesas: Fix IOMMU device node names (git-fixes)
- commit 7a45d65
- ARM: OMAP2+: pm33xx-core: Make am43xx_get_rtc_base_addr static (git-fixes)
- commit 90f607e
- ARM: 8974/1: use SPARSMEM_STATIC when SPARSEMEM is enabled (git-fixes)
- commit b68047e
- ARM: dts: bcm: HR2: Fix PPI interrupt types (git-fixes)
- commit 4868ca3
- ARM: dts: bcm2835-rpi-zero-w: Fix led polarity (git-fixes)
- commit cadf9ee
- ARM: 8970/1: decompressor: increase tag size (git-fixes).
- commit 5432f4f
- ARM: dts: r8a7740: Add missing extal2 to CPG node (git-fixes)
- commit b947156
- ARM: dts: r7s9210: Remove bogus clock-names from OSTM nodes (git-fixes)
- commit 392503b
- ARM: dts: r8a73a4: Add missing CMT1 interrupts (git-fixes)
- commit f9adba4
- ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries (git-fixes)
- commit f034a63
- ARM: dts: imx6dl-yapp4: Fix Ursa board Ethernet connection (git-fixes)
- commit be4c8ea
- ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN (git-fixes)
- commit 9915cbc
- powerpc/watchdog: Fix wd_smp_last_reset_tb reporting
  (bsc#1187541 ltc#192129).
- powerpc/watchdog: read TB close to where it is used (bsc#1187541
  ltc#192129).
- powerpc/watchdog: Avoid holding wd_smp_lock over printk and
  smp_send_nmi_ipi (bsc#1187541 ltc#192129).
- powerpc/watchdog: tighten non-atomic read-modify-write access
  (bsc#1187541 ltc#192129).
- powerpc/watchdog: Fix missed watchdog reset due to memory
  ordering race (bsc#1187541 ltc#192129).
- commit 06565ea
- ARM: dts: imx7-colibri: fix muxing of usbc_det pin (git-fixes)
- commit 82fabab
- ARM: dts: imx7-colibri: prepare module device tree for FlexCAN (git-fixes)
- commit c0216c8
- ARM: dts: uniphier: Set SCSSI clock and reset IDs for each channel (git-fixes).
- commit 15a7e62
- ARM: dts: sunxi: Fix DE2 clocks register range (git-fixes)
- commit 183cef6
- ARM: at91: pm: use proper master clock register offset (git-fixes)
- commit 5d631c5
- ARM: dts: oxnas: Fix clear-mask property (git-fixes)
- commit a81f0cc
- ARM: dts: N900: fix onenand timings (git-fixes).
- commit 327315a
- ARM: dts: imx6: phycore-som: fix arm and soc minimum voltage (git-fixes)
- commit 2c192e1
- ARM: dts: sun8i: r40: Move AHCI device node based on address order (git-fixes)
- commit 6a2702e
- ARM: dts: sun8i-a83t-tbs-a711: Fix USB OTG mode detection (git-fixes)
- commit 6bbda66
- arm: dts: dra76x: Fix mmc3 max-frequency (git-fixes)
- commit 9bd08fd
- ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source (git-fixes)
- commit cdccd6b
- ARM: dts: am437x-idk-evm: Fix incorrect OPP node names (git-fixes)
- commit 1458ce0
- ARM: dts: imx7-colibri: Fix frequency for sd/mmc (git-fixes)
- commit 799550f
- ARM: dts: imx6dl-colibri-eval-v3: fix sram compatible properties (git-fixes).
- commit 6341187
- ARM: dts: ls1021a: Restore MDIO compatible to gianfar (git-fixes)
- commit 0c57682
- ARM: dts: imx7d: fix opp-supported-hw (git-fixes)
- commit fe91a98
- ARM: dts: imx7d: Correct speed grading fuse settings (git-fixes)
- commit bb0fd16
- ARM: dts: imx6: phycore-som: fix emmc supply (git-fixes)
- commit cef9cbd
- i40e: Fix display error code in dmesg (git-fixes).
- i40e: Fix creation of first queue by omitting it if is not
  power of two (git-fixes).
- i40e: Fix warning message and call stack during rmmod i40e
  driver (git-fixes).
- i40e: Fix changing previously set num_queue_pairs for PFs
  (git-fixes).
- i40e: Fix NULL ptr dereference on VSI filter sync (git-fixes).
- i40e: Fix correct max_pkt_size on VF RX queue (git-fixes).
- iavf: Fix for the false positive ASQ/ARQ errors while issuing
  VF reset (git-fixes).
- iavf: validate pointers (git-fixes).
- iavf: prevent accidental free of filter structure (git-fixes).
- iavf: Fix failure to exit out from last all-multicast mode
  (git-fixes).
- iavf: free q_vectors before queues in iavf_disable_vf
  (git-fixes).
- iavf: check for null in iavf_fix_features (git-fixes).
- bnxt_en: reject indirect blk offload when hw-tc-offload is off
  (jsc#SLE-8372 bsc#1153275).
- net: bnx2x: fix variable dereferenced before check (git-fixes).
- cxgb4: fix eeprom len when diagnostics not implemented
  (git-fixes).
- bonding: Fix a use-after-free problem when
  bond_sysfs_slave_add() failed (git-fixes).
- net: delete redundant function declaration (git-fixes).
- gve: Track RX buffer allocation failures (bsc#1176940).
- gve: Allow pageflips on larger pages (bsc#1176940).
- gve: Add netif_set_xps_queue call (bsc#1176940).
- gve: Do lazy cleanup in TX path (git-fixes).
- gve: Add rx buffer pagecnt bias (bsc#1176940).
- gve: Switch to use napi_complete_done (git-fixes).
- gve: DQO: avoid unused variable warnings (bsc#1176940).
- ice: Delete always true check of PF pointer (git-fixes).
- commit 9d613c4
- Delete patches.suse/Fix-breakage-of-swap-over-NFS.patch.
  A recent patch:
  patches.suse/NFS-move-generic_write_checks-call-from-nfs_file_dir.patch
  provides a better solution.
- commit 5504e09
- SUNRPC/xprt: async tasks mustn't block waiting for memory
  (bsc#1191876).
- SUNRPC: remove scheduling boost for "/SWAPPER"/ tasks
  (bsc#1191876).
- SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC
  (bsc#1191876).
- SUNRPC/call_alloc: async tasks mustn't block waiting for memory
  (bsc#1191876).
- SUNRPC/auth: async tasks mustn't block waiting for memory
  (bsc#1191876).
- NFS: move generic_write_checks() call from
  nfs_file_direct_write() to nfs_file_write() (bsc#1191876).
- NFS: do not take i_rwsem for swap IO (bsc#1191876).
- MM: reclaim mustn't enter FS for swap-over-NFS (bsc#1191876).
- commit 6bfb39b
- scsi: qla2xxx: Turn off target reset during issue_lip
  (git-fixes).
- scsi: qla2xxx: Fix gnl list corruption (git-fixes).
- scsi: qla2xxx: Relogin during fabric disturbance (git-fixes).
- commit 769bef9
- Mark commit as not needed (git-fixes)
- commit 50aa08a
- btrfs: fix fsync failure and transaction abort after writes
  to prealloc extents (bsc#1193002).
- btrfs: do not ignore error from btrfs_next_leaf() when inserting
  checksums (bsc#1193002).
- btrfs: make checksum item extension more efficient
  (bsc#1193002).
- commit 6b9cd09
- btrfs: fix lost inode on log replay after mix of fsync, rename
  and inode eviction (bsc#1192998).
- btrfs: fix race causing unnecessary inode logging during link
  and rename (bsc#1192998).
- commit 08101d8
- blacklist.conf: not necessary in our configurations
- commit f07d2c6
- net: hso: fix muxed tty registration (git-fixes).
- commit a80f2e2
- net: asix: fix uninit value bugs (git-fixes).
- commit 174a7de
- net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32
  (git-fixes).
- commit 2d685be
- net: pegasus: fix uninit-value in get_interrupt_interval
  (git-fixes).
- commit c9a9fec
- printk: Remove printk.h inclusion in percpu.h (bsc#1192987).
- commit 99b7e37
- net: hso: fix control-request directions (git-fixes).
- commit 8af2026
- kernel-source.spec: install-kernel-tools also required on 15.4
- commit 6cefb55
- Update kabi files.
- update from second November 2021 maintenance update submission (commit 9a413cc7eb56)
- commit 5dfdd88
- series.conf: cleanup
- move mainline backports from subsystem sections to sorted section
  - patches.suse/mm-fix-mremap-not-considering-huge-pmd-devmap.patch
  - patches.suse/block-floppy-fix-contended-case-in-floppy_queue_rq.patch
  - patches.suse/PCI-IOV-Mark-VFs-as-not-implementing-PCI_COMMAND_MEM.patch
  No effect on expanded tree.
- commit 32c4263
- fix patches metadata
- explicitly mark patches not intended for upstreaming
  - patches.kabi/libnvdimm-cover-up-nd_region-changes.patch
  - patches.suse/Input-Fix-memory-leak-in-psxpad_spi_probe.patch
  - patches.suse/Revert-nvme-allow-64-bit-results-in-passthru-command.patch
  - patches.suse/cdrom-turn-off-autoclose-by-default.patch
  - patches.suse/io_uring-ensure-req-submit-is-copied-when-req-is-def.patch
  - patches.suse/pstore_disable_efi_backend_by_default.patch
  - patches.suse/s390-export-symbols-for-crash-kmp.patch
  - patches.suse/supported-flag-modverdir
  - patches.suse/btrfs-btrfs-use-the-new-VFS-super_block_dev.patch
  - patches.suse/btrfs-fs-super.c-add-new-super-block-devices-super_block_d.patch
- commit 55eb2b8
- series.conf: whitespace and comment cleanup
  No effect on expanded tree.
- commit 1a56fa4
- series.conf: cleanup
- update upstream references and move into sorted section:
  - patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch
  - patches.suse/crypto_ccp-fix_resource_leaks_in_ccp_run_aes_gcm_cmd.patch
  - patches.suse/media-firewire-firedtv-avc-fix-a-buffer-overflow-in-.patch
  - patches.suse/scsi-ibmvfc-Fix-invalid-state-machine-BUG_ON.patch
- move "/never"/ patches into subsystem sections:
  - patches.suse/locking-rwsem-Disable-reader-optimistic-spinning.patch
  - patches.suse/sched-fair-Enable-SIS_AVG_CPU-by-default.patch
  No effect on expanded tree.
- commit b5c6c7d
- blacklist.conf: 70a9ac36ffd8 ("/f2fs: fix up f2fs_lookup tracepoints"/)
  CONFIG_F2FS_FS is not set anywhere.
- commit d108418
- tracing/histogram: Do not copy the fixed-size char array field
  over the field size (git-fixes).
- commit 824b1b8
- xen/privcmd: fix error handling in mmap-resource processing
  (git-fixes).
- commit 2fc8146
- crypto: pcrypt - Delay write to padata->info (git-fixes).
- commit 7c0ca4f
- blacklist.conf: 172f7ba9772c ("/ftrace: Make ftrace_profile_pages_init static"/)
  A cosmetic fix.
- commit eabceca
- tracing: use %ps format string to print symbols (git-fixes).
- commit a21f67c
- xen/x86: fix PV trap handling on secondary processors
  (git-fixes).
- commit 22a3e31
- swiotlb-xen: avoid double free (git-fixes).
- commit 04818d4
- r8152: limit the RX buffer size of RTL8153A for USB 2.0
  (git-fixes).
- commit 9e81786
- x86/Xen: swap NX determination and GDT setup on BSP (git-fixes).
- commit a899c9e
- blacklist.conf: add 40fdea0284bb208, which depends on 8480ed9c2bbd56
- commit b7c2958
- config: disable unprivileged BPF by default (jsc#SLE-22573)
  Backport of mainline commit 8a03e56b253e ("/bpf: Disallow unprivileged bpf
  by default"/) only changes kconfig default, used e.g. for "/make oldconfig"/
  when the config option is missing, but does not update our kernel configs
  used for build. Update also these to make sure unprivileged BPF is really
  disabled by default.
- commit 9a413cc
- Input: elantench - fix misreporting trackpoint coordinates
  (bsc#1192918).
- commit af3fd37
- mm/hugetlb: initialize hugetlb_usage in mm_init (bsc#1192906).
- commit 4bfee1a
- blacklist.conf: Add 04f8ef5643bc cgroup: Fix memory leak caused by missing cgroup_bpf_offline
- commit d046894
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
- commit 7ca7de6
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/scsi-core-Fix-spelling-in-a-source-code-comment
  - patches.suse/scsi-csiostor-Uninitialized-data-in-csio_ln_vnp_read_cbfn
  - patches.suse/scsi-dc395-Fix-error-case-unwinding
  - patches.suse/scsi-ufs-ufshcd-pltfrm-Fix-memory-leak-due-to-probe-defer
- commit 2c768e7
- btrfs: update comments for chunk allocation -ENOSPC cases
  (bsc#1192896).
- btrfs: fix deadlock between chunk allocation and chunk btree
  modifications (bsc#1192896).
- btrfs: block-group: Rework documentation of check_system_chunk
  function (bsc#1192896).
- commit 20b2047
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/ipv4-make-exception-cache-less-predictible.patch
  - patches.suse/ipv6-make-exception-cache-less-predictible.patch
  - patches.suse/qtnfmac-fix-potential-spectre-vulnerabilities.patch
- commit 5c2e4e8
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/edac-sb_edac-fix-top-of-high-memory-value-for-broadwell-haswell.patch
  - patches.suse/x86-sme-use-define-use_early_pgtable_l5-in-mem_encrypt_identity-c.patch
- commit fd7ddeb
- blacklist.conf: Add 8520e224f547 bpf, cgroups: Fix cgroup v2 fallback on v1/v2 mixed mode
- commit 04918fc
- btrfs: fix memory ordering between normal and ordered work functions (git-fixes).
- commit 2b13f6d
- Eradicate Patch-mainline: No
  The pre-commit check can reject this deprecated tag then.
- Refresh patches.suse/acpi_thinkpad_introduce_acpi_root_table_boot_param.patch.
- Refresh patches.suse/btrfs-provide-super_operations-get_inode_dev.
- commit e877505
- Update
  patches.suse/bpf-Remove-MTU-check-in-__bpf_skb_max_len.patch
  (bsc#1155518 bsc#1192045 CVE-2021-0941).
- commit 33fb6b6
- drm: prevent spectre issue in vmw_execbuf_ioctl (bsc#1192802).
- qtnfmac: fix potential Spectre vulnerabilities (bsc#1192802).
- commit 5952a38
- bpf: Disallow unprivileged bpf by default (jsc#SLE-22573).
- bpf: Add kconfig knob for disabling unpriv bpf
  by default (jsc#SLE-22573)
- Update config files: Add
  CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set
- commit cb7628d
- dm ioctl: fix out of bounds array access when no devices
  (CVE-2021-31916 bsc#1192781).
- commit 49351dc
- patches.suse/zram-replace-fsync_bdev-with-sync_blockdev.patch: (bsc#1170269).
- commit 75a41c2
- patches.suse/zram-avoid-race-between-zram_remove-and-disksize_sto.patch: (bsc#1170269).
- commit 406dc3d
- patches.suse/zram-don-t-fail-to-remove-zram-during-unloading-modu.patch: (bsc#1170269).
- commit cb34e92
- patches.suse/zram-fix-race-between-zram_reset_device-and-disksize.patch: (bsc#1170269).
- commit 09f1f4d
- blacklist.conf: printk/workqueue: very hard to hit; works well with lockless
  ringuffer; but it might cause wrong timestamps or even lost messages
  on 5.3 where using par-CPU buffers (bsc#1192750)
- commit 63c8c7f
- printk/console: Allow to disable console output by using
  console="/"/ or console=null (bsc#1192753).
- commit 4f99186
- printk: handle blank console arguments passed in (bsc#1192753).
- commit db08758
- net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
  skb (git-fixes).
- gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the
  code and avoid a leak (git-fixes).
- stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
  (git-fixes).
- net: dsa: felix: re-enable TX flow control in
  ocelot_port_flush() (git-fixes).
- net: mscc: ocelot: fix hardware timestamp dequeue logic.
- commit 4fdc3dd
- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and
  docker together (bsc#1192745).
- commit bc3e5c2
- blacklist.conf: add mscc driver fixes
- commit 109b7ec
- kernel-*-subpackage: Add dependency on kernel scriptlets (bsc#1192740).
- commit a133bf4
- blacklist.conf: changes device names, kABI massacre
- commit 68b0003
- fuse: fix page stealing (bsc#1192718).
- commit 5c46aef
- ipv4: make exception cache less predictible (bsc#1191790,
  CVE-2021-20322).
- ipv6: make exception cache less predictible (bsc#1191790,
  CVE-2021-20322).
- ipv4: use siphash instead of Jenkins in fnhe_hashfun()
  (bsc#1191790, CVE-2021-20322).
- ipv6: use siphash in rt6_exception_hash() (bsc#1191790,
  CVE-2021-20322).
- commit 191e9b3
- Revert "/x86/kvm: fix vcpu-id indexed array sizes"/ (git-fixes).
- commit 918d1fd
- Delete patches.kabi/kabi-fix-after-kvm-vcpu-id-array-fix.patch, as
  the patch causing its introduction is being reverted.
- commit 2e03b9d
- x86/xen: Mark cpu_bringup_and_idle() as dead_end_function
  (git-fixes).
- commit bb35029
- xen-pciback: Fix return in pm_ctrl_init() (git-fixes).
- commit 94628c1
- xen: Fix implicit type conversion (git-fixes).
- commit 89e345e
- x86/sme: Use #define USE_EARLY_PGTABLE_L5 in
  mem_encrypt_identity.c (bsc#1152489).
- commit 60c8f9c
- scsi: ufs: ufshcd-pltfrm: Fix memory leak due to probe defer
  (git-fixes).
- scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
  (git-fixes).
- scsi: core: Fix spelling in a source code comment (git-fixes).
- scsi: dc395: Fix error case unwinding (git-fixes).
- scsi: qla2xxx: Fix a memory leak in an error path of
  qla2x00_process_els() (git-fixes).
- scsi: csiostor: Add module softdep on cxgb4 (git-fixes).
- scsi: qedf: Fix error codes in qedf_alloc_global_queues()
  (git-fixes).
- scsi: qedi: Fix error codes in qedi_alloc_global_queues()
  (git-fixes).
- scsi: smartpqi: Fix an error code in pqi_get_raid_map()
  (git-fixes).
- scsi: fdomain: Fix error return code in fdomain_probe()
  (git-fixes).
- scsi: BusLogic: Fix missing pr_cont() use (git-fixes).
- scsi: iscsi: Fix iface sysfs attr detection (git-fixes).
- scsi: be2iscsi: Fix an error handling path in
  beiscsi_dev_probe() (git-fixes).
- scsi: mpt3sas: Fix error return value in _scsih_expander_add()
  (git-fixes).
- scsi: FlashPoint: Rename si_flags field (git-fixes).
- scsi: snic: Fix an error message (git-fixes).
- scsi: libsas: Use _safe() loop in sas_resume_port() (git-fixes).
- scsi: qedf: Add pointer checks in qedf_update_link_speed()
  (git-fixes).
- Revert "/scsi: ufs: fix a missing check of
  devm_reset_control_get"/ (git-fixes).
- scsi: ufs-pci: Add quirk for broken auto-hibernate for Intel
  EHL (git-fixes).
- scsi: qla2xxx: Make sure that aborted commands are freed
  (git-fixes).
- commit c10ecb2
- EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
  (bsc#1152489).
- commit e920f56
- s390/qeth: fix deadlock during failing recovery (git-fixes).
- s390/qeth: Fix deadlock in remove_discipline (git-fixes).
- s390/qeth: fix NULL deref in qeth_clear_working_pool_list()
  (git-fixes).
- commit 8d9df1e
- Fix problem with missing installkernel on Tumbleweed.
- commit 2ed6686
- Update patches.suse/NFS-Do-uncached-readdir-when-we-re-seeking-a-cookie-.patch
  (bsc#1191628 bsc#1192549).
  dir_cookie is a pointer to the cookie in older kernels,
  not the cookie itself.
- commit ee8ec20
- ibmvnic: Process crqs after enabling interrupts (bsc#1192273
  ltc#194629).
- ibmvnic: don't stop queue in xmit (bsc#1192273 ltc#194629).
- commit 99d6daa
- Revert "/ibmvnic: check failover_pending in login response"/
  (bsc#1190523 ltc#194510).
- ibmvnic: check failover_pending in login response (bsc#1190523
  ltc#194510).
- commit ac4c874
- Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
  (bsc#1191961 CVE-2021-34981).
- commit a4ff591
- Revert "/r8152: adjust the settings about MAC clock speed down
  for RTL8153"/ (git-fixes).
- commit 541bc3e
- r8152: don't enable U1U2 with USB_SPEED_HIGH for RTL8153B
  (git-fixes).
- commit e20d73d
- r8152: Disable PLA MCU clock speed down (git-fixes).
- Refresh patches.suse/r8152-disable-test-IO-for-RTL8153B.patch.
- commit 9b878a2
- r8152: disable U2P3 for RTL8153B (git-fixes).
- commit d6c58f7
- r8152: reset flow control patch when linking on for RTL8153B
  (git-fixes).
- commit 7f46ee2
- r8152: fix runtime resume for linking change (git-fixes).
- commit 0ff2979
- r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock
  Gen 2 (git-fixes).
- commit d73c455
- r8152: add a helper function about setting EEE (git-fixes).
- commit 5f95fd2
- r8152: divide the tx and rx bottom functions (git-fixes).
- Refresh
  patches.suse/r8152-Re-order-napi_disable-in-rtl8152_close.patch.
- Refresh
  patches.suse/r8152-avoid-to-call-napi_disable-twice.patch.
- commit 248b976
- r8152: saving the settings of EEE (git-fixes).
- commit 7c0dac3
- r8152: use alloc_pages for rx buffer (git-fixes).
- commit 3304002
- r8152: replace array with linking list for rx information
  (git-fixes).
- commit b5a7bd7
- r8152: separate the rx buffer size (git-fixes).
- commit 4176c6f
- rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM
  request (git-fixes).
- commit 3af49ca
- crypto: qat - disregard spurious PFVF interrupts (git-fixes).
- commit 11f64ca
- crypto: qat - detect PFVF collision after ACK (git-fixes).
- commit fa10b1f
- crypto: caam - disable pkc for non-E SoCs (git-fixes).
- commit 49a0bf8
- blacklist.conf: build warning only
- commit 389a467
- bpf: Fix potential race in tail call compatibility check
  (git-fixes).
- commit 6fdd9c7
- cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem (git-fixes).
- commit c3f4c78
- exfat: handle wrong stream entry size in exfat_readdir()
  (git-fixes).
- exfat: fix erroneous discard when clear cluster bit
  (git-fixes).
- commit 366e900
- exfat: truncate atimes to 2s granularity  (bsc#1192328).
- Refresh
  patches.suse/exfat-fix-use-of-uninitialized-spinlock-on-error-path.patch.
- exfat: properly set s_time_gran  (bsc#1192328).
- commit 832525a
- Drop two USB patches that are reverted by stable 5.4.158
  Deleted:
  patches.suse/usb-core-hcd-Add-support-for-deferring-roothub-regis.patch
  patches.suse/xhci-Set-HCD-flag-to-defer-primary-roothub-registrat.patch
  blacklist.conf: updated
- commit 10f1374
- serial: xilinx_uartps: Fix race condition causing stuck TX
  (git-fixes).
- serial: 8250_dw: Drop wrong use of ACPI_PTR() (git-fixes).
- staging: rtl8192u: fix control-message timeouts (git-fixes).
- USB: serial: keyspan: fix memleak on probe errors (git-fixes).
- USB: iowarrior: fix control-message timeouts (git-fixes).
- usb: musb: Balance list entry in musb_gadget_queue (git-fixes).
- usb: max-3421: Use driver data instead of maintaining a list
  of bound devices (git-fixes).
- usb: gadget: hid: fix error code in do_config() (git-fixes).
- commit b954450
- power: supply: bq27xxx: Fix kernel crash on IRQ handler register
  error (git-fixes).
- power: supply: max17042_battery: Prevent int underflow in
  set_soc_threshold (git-fixes).
- =?UTF-8?q?power:=20supply:=20rt5033=5Fbattery:=20Change?=
  =?UTF-8?q?=20voltage=20values=20to=20=C2=B5V?= (git-fixes).
- power: supply: max17042_battery: use VFSOC for capacity when
  no rsns (git-fixes).
- iio: dac: ad5446: Fix ad5622_write() return value (git-fixes).
- staging: r8712u: fix control-message timeout (git-fixes).
- Revert "/platform/x86: i2c-multi-instantiate: Don't create
  platform device for INT3515 ACPI nodes"/ (git-fixes).
- commit 0f3a4f1
- PCI: uniphier: Serialize INTx masking/unmasking and fix the
  bit operation (git-fixes).
- PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
  (git-fixes).
- PCI: aardvark: Fix return value of MSI domain .alloc() method
  (git-fixes).
- PCI: pci-bridge-emul: Fix emulation of W1C bits (git-fixes).
- HID: u2fzero: properly handle timeouts in usb_submit_urb
  (git-fixes).
- HID: u2fzero: clarify error check and length calculations
  (git-fixes).
- pinctrl: core: fix possible memory leak in pinctrl_enable()
  (git-fixes).
- video: fbdev: chipsfb: use memset_io() instead of memset()
  (git-fixes).
- ABI: sysfs-kernel-slab: Document some stats (git-fixes).
- commit 92991a1
- auxdisplay: ht16k33: Fix frame buffer device blanking
  (git-fixes).
- auxdisplay: ht16k33: Connect backlight to fbdev (git-fixes).
- auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty
  string (git-fixes).
- PCI: aardvark: Fix reporting Data Link Layer Link Active
  (git-fixes).
- PCI: aardvark: Fix checking for link up via LTSSM state
  (git-fixes).
- PCI: aardvark: Do not unmask unused interrupts (git-fixes).
- PCI: aardvark: Do not clear status bits of masked interrupts
  (git-fixes).
- PCI: aardvark: Don't spam about PIO Response Status (git-fixes).
- commit 3e5c258
- ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
  (git-fixes).
- ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
  (git-fixes).
- commit b23c22d
- ocfs2: do not zero pages beyond i_size (bsc#1190795).
- commit 5f3b3d8
- ocfs2: fix data corruption on truncate (bsc#1190795).
- commit 4b0d91a
- ftrace: Fix scripts/recordmcount.pl due to new binutils
  (bsc#1192267).
- commit f07ed1b
- PCI/ACPI: Check for _OSC support in acpi_pci_osc_control_set()
  (bsc#1169263).
- PCI/ACPI: Move _OSC query checks to separate function
  (bsc#1169263).
- PCI/ACPI: Move supported and control calculations to separate
  functions (bsc#1169263).
- PCI/ACPI: Remove OSC_PCI_SUPPORT_MASKS and OSC_PCI_CONTROL_MASKS
  (bsc#1169263).
- PCI/ACPI: Clarify message about _OSC failure (bsc#1169263).
- PCI/ACPI: Remove unnecessary osc_lock (bsc#1169263).
- commit a38114a
- series.conf: refresh
- update upstream references and resort
  - patches.suse/scsi-lpfc-Adjust-bytes-received-vales-during-cmf-tim.patch
  - patches.suse/scsi-lpfc-Allow-PLOGI-retry-if-previous-PLOGI-was-ab.patch
  - patches.suse/scsi-lpfc-Allow-fabric-node-recovery-if-recovery-is-.patch
  - patches.suse/scsi-lpfc-Correct-sysfs-reporting-of-loop-support-af.patch
  - patches.suse/scsi-lpfc-Don-t-release-final-kref-on-Fport-node-whi.patch
  - patches.suse/scsi-lpfc-Don-t-remove-ndlp-on-PRLI-errors-in-P2P-mo.patch
  - patches.suse/scsi-lpfc-Fix-EEH-support-for-NVMe-I-O.patch
  - patches.suse/scsi-lpfc-Fix-FCP-I-O-flush-functionality-for-TMF-ro.patch
  - patches.suse/scsi-lpfc-Fix-I-O-block-after-enabling-managed-conge.patch
  - patches.suse/scsi-lpfc-Fix-NVMe-I-O-failover-to-non-optimized-pat.patch
  - patches.suse/scsi-lpfc-Fix-hang-on-unload-due-to-stuck-fport-node.patch
  - patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
  - patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
  - patches.suse/scsi-lpfc-Fix-premature-rpi-release-for-unsolicited-.patch
  - patches.suse/scsi-lpfc-Fix-rediscovery-of-tape-device-after-LIP.patch
  - patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
  - patches.suse/scsi-lpfc-Improve-PBDE-checks-during-SGL-processing.patch
  - patches.suse/scsi-lpfc-Revert-LOG_TRACE_EVENT-back-to-LOG_INIT-pr.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-14.0.0.2.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-14.0.0.3.patch
  - patches.suse/scsi-lpfc-Wait-for-successful-restart-of-SLI3-adapte.patch
  - patches.suse/scsi-lpfc-Zero-CGN-stats-only-during-initial-driver-.patch
  - patches.suse/scsi-qla2xxx-Add-support-for-mailbox-passthru.patch
  - patches.suse/scsi-qla2xxx-Call-process_response_queue-in-Tx-path.patch
  - patches.suse/scsi-qla2xxx-Check-for-firmware-capability-before-cr.patch
  - patches.suse/scsi-qla2xxx-Display-16G-only-as-supported-speeds-fo.patch
  - patches.suse/scsi-qla2xxx-Fix-crash-in-NVMe-abort-path.patch
  - patches.suse/scsi-qla2xxx-Fix-kernel-crash-when-accessing-port_sp.patch
  - patches.suse/scsi-qla2xxx-Fix-use-after-free-in-eh_abort-path.patch
  - patches.suse/scsi-qla2xxx-Move-heartbeat-handling-from-DPC-thread.patch
  - patches.suse/scsi-qla2xxx-Remove-redundant-initialization-of-poin.patch
  - patches.suse/scsi-qla2xxx-Update-version-to-10.02.07.100-k.patch
  - patches.suse/scsi-qla2xxx-edif-Use-link-event-to-wake-up-app.patch
  No effect on expanded tree.
- commit 69f2186
- Update patch reference for ISDN fix (CVE-2021-43389 bsc#1191958)
- commit b343e2f
- Update
  patches.suse/usb-hso-fix-error-handling-code-of-hso_create_net_de.patch
  (bsc#1188601 CVE-2021-37159).
  Added bsc and CVE numbers
- commit e17f2ff
- kABI: Fix kABI after 36950f2da1ea (bsc#1191851).
- commit 659ddc7
- memory: fsl_ifc: fix leak of irq and nand_irq in
  fsl_ifc_ctrl_probe (git-fixes).
- ASoC: dt-bindings: cs42l42: Correct description of ts-inv
  (git-fixes).
- ASoC: mediatek: mt8195: Remove unsued irqs_lock (git-fixes).
- ASoC: rockchip: Use generic dmaengine code (git-fixes).
- ASoC: cs42l42: Defer probe if request_threaded_irq() returns
  EPROBE_DEFER (git-fixes).
- ASoC: cs42l42: Don't set defaults for volatile registers
  (git-fixes).
- ASoC: cs42l42: Correct some register default values (git-fixes).
- ALSA: ua101: fix division by zero at probe (git-fixes).
- ALSA: hda: Reduce udelay() at SKL+ position reporting
  (git-fixes).
- platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
  (git-fixes).
- commit 7e1e84d
- regulator: dt-bindings: samsung,s5m8767: correct
  s5m8767,pmic-buck-default-dvs-idx property (git-fixes).
- regulator: s5m8767: do not use reset value as DVS voltage if
  GPIO DVS is disabled (git-fixes).
- mmc: mxs-mmc: disable regulator on error and in the remove
  function (git-fixes).
- memstick: jmb38x_ms: use appropriate free function in
  jmb38x_ms_alloc_host() (git-fixes).
- memstick: avoid out-of-range warning (git-fixes).
- mmc: sdhci-omap: Fix NULL pointer exception if regulator is
  not configured (git-fixes).
- media: ite-cir: IR receiver stop working after receive overflow
  (git-fixes).
- tpm: Check for integer overflow in tpm2_map_response_body()
  (git-fixes).
- commit d39cbe5
- media: dvb-frontends: mn88443x: Handle errors of
  clk_prepare_enable() (git-fixes).
- media: em28xx: Don't use ops->suspend if it is NULL (git-fixes).
- media: cedrus: Fix SUNXI tile size calculation (git-fixes).
- media: mxl111sf: change mutex_init() location (git-fixes).
- media: cx23885: Fix snd_card_free call on null card pointer
  (git-fixes).
- media: tm6000: Avoid card name truncation (git-fixes).
- media: si470x: Avoid card name truncation (git-fixes).
- media: radio-wl1273: Avoid card name truncation (git-fixes).
- media: i2c: ths8200 needs V4L2_ASYNC (git-fixes).
- media: mtk-vpu: Fix a resource leak in the error handling path
  of 'mtk_vpu_probe()' (git-fixes).
- commit db843c8
- hwrng: mtk - Force runtime pm ops for sleep ops (git-fixes).
- hwmon: (pmbus/lm25066) Let compiler determine outer dimension
  of lm25066_coeff (git-fixes).
- hwmon: (pmbus/lm25066) Add offset coefficients (git-fixes).
- media: TDA1997x: handle short reads of hdmi info frame
  (git-fixes).
- media: v4l2-ioctl: S_CTRL output the right value (git-fixes).
- media: v4l2-ioctl: Fix check_ext_ctrls (git-fixes).
- media: staging/intel-ipu3: css: Fix wrong size comparison
  imgu_css_fw_init (git-fixes).
- media: dvb-usb: fix ununit-value in az6027_rc_query (git-fixes).
- media: cxd2880-spi: Fix a null pointer dereference on error
  handling path (git-fixes).
- media: em28xx: add missing em28xx_close_extension (git-fixes).
- commit cc194ed
- virtio-gpu: fix possible memory allocation failure (git-fixes).
- rsi: fix control-message timeout (git-fixes).
- rtl8187: fix control-message timeouts (git-fixes).
- wcn36xx: add proper DMA memory barriers in rx path (git-fixes).
- wcn36xx: Fix HT40 capability for 2Ghz band (git-fixes).
- wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass
  two's complement (git-fixes).
- hwmon: Fix possible memleak in __hwmon_device_register()
  (git-fixes).
- firmware/psci: fix application of sizeof to pointer (git-fixes).
- usbnet: fix error return code in usbnet_probe() (git-fixes).
- usbnet: sanity check for maxpacket (git-fixes).
- commit 4c5043d
- mwifiex: fix division by zero in fw download path (git-fixes).
- libertas_tf: Fix possible memory leak in probe and disconnect
  (git-fixes).
- mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
  (git-fixes).
- mwifiex: Send DELBA requests according to spec (git-fixes).
- rsi: stop thread firstly in rsi_91x_init() error handling
  (git-fixes).
- rsi: Fix module dev_oper_mode parameter description (git-fixes).
- mmc: sdhci: Map more voltage level to SDHCI_POWER_330
  (git-fixes).
- commit e68a671
- drm/msm: Fix potential NULL dereference in DPU SSPP (git-fixes).
- drm/amdgpu: fix warning for overflow check (git-fixes).
- drm/v3d: fix wait for TMU write combiner flush (git-fixes).
- drm/sun4i: Fix macros in sun8i_csc.h (git-fixes).
- libertas: Fix possible memory leak in probe and disconnect
  (git-fixes).
- b43legacy: fix a lower bounds test (git-fixes).
- Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
  (git-fixes).
- Bluetooth: fix init and cleanup of sco_conn.timeout_work
  (git-fixes).
- commit 58db500
- ath6kl: fix division by zero in send path (git-fixes).
- ath10k: fix division by zero in send path (git-fixes).
- ath6kl: fix control-message timeout (git-fixes).
- ath10k: fix control-message timeout (git-fixes).
- ath10k: fix max antenna gain unit (git-fixes).
- ath9k: Fix potential interrupt storm on queue reset (git-fixes).
- b43: fix a lower bounds test (git-fixes).
- ath10k: Fix missing frame timestamp for beacon/probe-resp
  (git-fixes).
- ata: sata_mv: Fix the error handling of mv_chip_id()
  (git-fixes).
- commit 276cbd3
- Input: i8042 - Add quirk for Fujitsu Lifebook T725
  (bsc#1191980).
- commit 9545e5e
- x86/msi: Force affinity setup before startup (bsc#1152489).
- Refresh
  patches.suse/0002-x86-msi-Only-use-high-bits-of-MSI-address-for-DMAR-u.patch.
- commit a7cad27
- ibmvnic: delay complete() (bsc#1094840 ltc#167098 git-fixes).
- commit f2c4d71
- xfs: don't allow log writes if the data device is readonly
  (bsc#1192229).
- commit 67ee0ba
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/ibmvnic-Consolidate-code-in-replenish_rx_pool.patch
  - patches.suse/ibmvnic-Fix-up-some-comments-and-messages.patch
  - patches.suse/ibmvnic-Reuse-LTB-when-possible.patch
  - patches.suse/ibmvnic-Reuse-rx-pools-when-possible.patch
  - patches.suse/ibmvnic-Reuse-tx-pools-when-possible.patch
  - patches.suse/ibmvnic-Use-bitmap-for-LTB-map_ids.patch
  - patches.suse/ibmvnic-Use-rename-local-vars-in-init_rx_pools.patch
  - patches.suse/ibmvnic-Use-rename-local-vars-in-init_tx_pools.patch
  - patches.suse/ibmvnic-init_tx_pools-move-loop-invariant-code.patch
- commit 35d2ed0
- Update kabi files.
- update from November 2021 maintenance update submission (commit fb4a33cb1752)
- commit 24b46c0
- x86/ioapic: Force affinity setup before startup (bsc#1152489).
- commit 305e50a
- genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP (bsc#1152489).
- commit e709b2b
- nvme-pci: set min_align_mask (bsc#1191851).
- swiotlb: respect min_align_mask (bsc#1191851).
- swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
  (bsc#1191851).
- swiotlb: refactor swiotlb_tbl_map_single (bsc#1191851).
- swiotlb: clean up swiotlb_tbl_unmap_single (bsc#1191851).
- swiotlb: factor out a nr_slots helper (bsc#1191851).
- swiotlb: factor out an io_tlb_offset helper (bsc#1191851).
- swiotlb: add a IO_TLB_SIZE define (bsc#1191851).
- commit 63c0e38
- driver core: add a min_align_mask field to struct
  device_dma_parameters (bsc#1191851).
- commit cb95969
- KVM: s390: index kvm->arch.idle_mask by vcpu_idx (bsc#1133021).
- KVM: s390: VSIE: correctly handle MVPG when in VSIE
  (bsc#1133021).
- KVM: s390: extend kvm_s390_shadow_fault to return entry pointer
  (bsc#1133021).
- KVM: s390: split kvm_s390_logical_to_effective (bsc#1133021).
- commit ef66201
- blacklist.conf: ed65df63a39a ("/tracing: Have all levels of checks prevent recursion"/)
  It fixes a corner case, which should be rare. The patch changes a public
  header file and even if the API should not be used externally, there is
  always a risk.
- commit 80def7c
- x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
  (bsc#1152489).
- commit 96ee990
- netfilter: conntrack: collect all entries in one cycle
  (bsc#1173604).
- commit c4117de
- ipv6/netfilter: Discard first fragment not including all headers
  (bsc#1191241).
- IPv6: reply ICMP error if the first fragment don't include
  all headers (bsc#1191241).
- ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
  (bsc#1191241).
- net: ipv6: Discard next-hop MTU less than minimum link MTU
  (bsc#1191241).
- commit c74316d
- swiotlb: Split size parameter to map/unmap APIs (bsc#1191851).
- Refresh
  patches.suse/dma-direct-exclude-dma_direct_map_resource-from-the-min_low_pfn-check.patch.
- commit 0eae9b5
- KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
  changing registers (bsc#1156395).
- KVM: PPC: Fix clearing never mapped TCEs in realmode
  (bsc#1156395).
- KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0
  when guest SPRs are live (bsc#1156395).
- KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
  (bsc#1156395).
- KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395).
- commit 2ce76cc
- powerpc/xive: Discard disabled interrupts in get_irqchip_state()
  (fate#322438 bsc#1085030 git-fixes).
- commit 3106974
- x86/pat: Pass valid address to sanitize_phys() (bsc#1152489).
- commit 1702f6b
- KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path
  (bsc#1065729).
- commit 4a60f84
- sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772
  bsc#1190351).
- sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772
  bsc#1190351).
- sctp: add vtag check in sctp_sf_violation (CVE-2021-3772
  bsc#1190351).
- sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772
  bsc#1190351).
- sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772
  bsc#1190351).
- sctp: fix the processing for INIT chunk (CVE-2021-3772
  bsc#1190351).
- sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772
  bsc#1190351).
- sctp: check asoc peer.asconf_capable before processing asconf
  (bsc#1190351).
- commit c4ecd47
- mmc: vub300: fix control-message timeouts (git-fixes).
- mmc: dw_mmc: exynos: fix the finding clock sample value
  (git-fixes).
- commit 15296ab
- scsi: lpfc: Update lpfc version to 14.0.0.3 (bsc#1192145).
- scsi: lpfc: Allow fabric node recovery if recovery is in
  progress before devloss (bsc#1192145).
- scsi: lpfc: Fix link down processing to address NULL pointer
  dereference (bsc#1192145).
- scsi: lpfc: Allow PLOGI retry if previous PLOGI was aborted
  (bsc#1192145).
- scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine
  (bsc#1192145).
- scsi: lpfc: Correct sysfs reporting of loop support after SFP
  status change (bsc#1192145).
- scsi: lpfc: Wait for successful restart of SLI3 adapter during
  host sg_reset (bsc#1192145).
- scsi: lpfc: Revert LOG_TRACE_EVENT back to LOG_INIT prior to
  driver_resource_setup() (bsc#1192145).
- commit ea0ad63
- net: lan78xx: fix division by zero in send path (git-fixes).
- net: batman-adv: fix error handling (git-fixes).
- nfc: port100: fix using -ERRNO as command type mask (git-fixes).
- cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
  (git-fixes).
- regmap: Fix possible double-free in regcache_rbtree_exit()
  (git-fixes).
- commit 1fb45c2
- ice: Add missing E810 device ids (jsc#SLE-7966 bsc#1157177).
- net: hns3: fix vf reset workqueue cannot exit (bsc#1154353).
- mlxsw: thermal: Fix out-of-bounds memory accesses (git-fixes).
- net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
  (git-fixes).
- qed: Fix missing error code in qed_slowpath_start() (git-fixes).
- ionic: don't remove netdev->dev_addr when syncing uc list
  (bsc#1167773).
- iavf: fix double unlock of crit_lock (git-fixes).
- i40e: Fix freeing of uninitialized misc IRQ vector (git-fixes).
- i40e: fix endless loop under rtnl (git-fixes).
- gve: report 64bit tx_bytes counter from
  gve_handle_report_stats() (bsc#1176940).
- gve: fix gve_get_stats() (git-fixes).
- gve: Properly handle errors in gve_assign_qpl (bsc#1176940).
- gve: Avoid freeing NULL pointer (git-fixes).
- gve: Correct available tx qpl check (git-fixes).
- net: bridge: use nla_total_size_64bit() in
  br_get_linkxstats_size() (git-fixes).
- ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
  (git-fixes).
- net/mlx4_en: Don't allow aRFS for encapsulated packets
  (git-fixes).
- qed: rdma - don't wait for resources under hw error recovery
  flow (git-fixes).
- bnxt_en: Fix TX timeout when TX ring size is set to the smallest
  (git-fixes).
- net/mlx4_en: Resolve bad operstate value (git-fixes).
- qed: Handle management FW error (git-fixes).
- net/af_unix: fix a data-race in unix_dgram_poll (bsc#1154353).
- net/mlx5: FWTrace, cancel work on alloc pd error flow
  (git-fixes).
- net/mlx5: Fix unpublish devlink parameters (jsc#SLE-8464).
- i40e: Fix ATR queue selection (git-fixes).
- mlx5: count all link events (git-fixes).
- commit 64e7f77
- sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
  (CVE-2021-3655 bsc#1188563).
- sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655
  bsc#1188563).
- sctp: add size validation when walking chunks (CVE-2021-3655
  bsc#1188563).
- commit e419503
- powerpc/idle: Don't corrupt back chain when going idle
  (bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056).
- KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return
  0 if it went to guest (bko#206669 bsc#1174585 bsc#1192107
  CVE-2021-43056).
- KVM: PPC: Book3S HV: Fix stack handling in
  idle_kvm_start_guest() (bko#206669 bsc#1174585 bsc#1192107
  CVE-2021-43056).
- powerpc64/idle: Fix SP offsets when saving GPRs (bko#206669
  bsc#1174585 bsc#1192107 CVE-2021-43056).
- commit 90745c9
- Update patch reference for ISDN fix (CVE-2021-3896 bsc#1191958)
- commit b1524c3
- nvme-pci: fix error unwind in nvme_map_data (bsc#1191934).
- nvme-pci: refactor nvme_unmap_data (bsc#1191934).
- commit 3a9d8cd
- ASoC: DAPM: Fix missing kctl change notifications (git-fixes).
- ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
  (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes).
- Input: snvs_pwrkey - add clk handling (git-fixes).
- isdn: mISDN: Fix sleeping function called from invalid context
  (git-fixes).
- isdn: cpai: check ctr->cnr to avoid array index out of bound
  (git-fixes).
- ALSA: hda: avoid write to STATESTS if controller is in reset
  (git-fixes).
- platform/x86: intel_scu_ipc: Update timeout value in comment
  (git-fixes).
- commit 26182ff
- xfs: fix log intent recovery ENOSPC shutdowns when inactivating
  inodes (bsc#1190642).
- commit 4a5d10a
- e1000e: Fix packet loss on Tiger Lake and later (git-fixes).
- can: peak_usb: pcan_usb_fd_decode_status(): fix back to
  ERROR_ACTIVE state notification (git-fixes).
- can: peak_pci: peak_pci_remove(): fix UAF (git-fixes).
- can: rcar_can: fix suspend/resume (git-fixes).
- lan78xx: select CRC32 (git-fixes).
- ASoC: wm8960: Fix clock configuration on slave mode (git-fixes).
- audit: fix possible null-pointer dereference in
  audit_filter_rules (git-fixes).
- ata: ahci_platform: fix null-ptr-deref in
  ahci_platform_enable_regulators() (git-fixes).
- virtio: write back F_VERSION_1 before validate (git-fixes).
- mei: me: add Ice Lake-N device id (git-fixes).
- iio: adc: aspeed: set driver data when adc probe (git-fixes).
- usb: musb: dsps: Fix the probe error path (git-fixes).
- xhci: guard accesses to ep_state in xhci_endpoint_reset()
  (git-fixes).
- ALSA: usb-audio: Add quirk for VF0770 (git-fixes).
- ALSA: hda/realtek: Fix the mic type detection issue for ASUS
  G551JW (git-fixes).
- ALSA: hda/realtek - ALC236 headset MIC recording issue
  (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes).
- ALSA: hda/realtek: Complete partial device name to avoid
  ambiguity (git-fixes).
- watchdog: orion: use 0 for unset heartbeat (git-fixes).
- commit 2657409
- blacklist.conf: irrelevant
- commit 4c2a4eb
- USB: xhci: dbc: fix tty registration race (git-fixes).
- commit 8800f76
- xhci: guard accesses to ep_state in xhci_endpoint_reset()
  (git-fixes).
- commit 2947d1e
- nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760
  bsc#1190067).
- commit 9eabc0c
- Update patch reference for firewire fix (CVE-2021-42739 CVE-2021-3542 bsc#1184673)
- commit 2adc0e5
- cipso,calipso: resolve a number of problems with the DOI
  refcounts (CVE-2021-33033 bsc#1186109).
- commit 499c5a0
- ceph: fix handling of "/meta"/ errors (bsc#1192041).
- ceph: skip existing superblocks that are blocklisted or shut
  down when mounting (bsc#1192040).
- commit 329e544
- kabi: hide return value type change of sctp_af::from_addr_param
  (CVE-2021-3655 bsc#1188563).
- sctp: fix return value check in __sctp_rcv_asconf_lookup
  (CVE-2021-3655 bsc#1188563).
- sctp: validate from_addr_param return (CVE-2021-3655
  bsc#1188563).
- commit 9f59a3f
- Update
  patches.suse/net_sched-cls_route-remove-the-right-filter-from-has.patch
  references (add CVE-2021-3715 bsc#1190349).
- commit bd39990
- Revert "/sched/fair: Add ancestors of unthrottled undecayed cfs_rq"/
  The reverted commit is a followup of a7b359fc6a37 ("/sched/fair:
  Correctly insert cfs_rq's to list on unthrottle"/) which is going to be
  reverted as part of short-term solution of bsc#1191343.
  This reverts commit d8d828e03d4f1e436c3580616c7b53db38e38dcb.
- commit c6395e4
- blacklist.conf: 3a1255396b5a x86/alternatives: add missing insn.h include
- commit 9bccba9
- USB: serial: option: add Quectel EC200S-CN module support
  (git-fixes).
- commit e1df2bf
- USB: serial: qcserial: add EM9191 QDL support (git-fixes).
- commit b42181b
- USB: serial: option: add prod. id for Quectel EG91 (git-fixes).
- commit cff3cf9
- USB: serial: option: add Telit LE910Cx composition 0x1204
  (git-fixes).
- commit 3ccad62
- xhci: Enable trust tx length quirk for Fresco FL11 USB
  controller (git-fixes).
- commit 55acfbd
- xhci: Fix command ring pointer corruption while aborting a
  command (git-fixes).
- commit bf02a9c
- Input: xpad - add support for another USB ID of Nacon GC-100
  (git-fixes).
- commit eba25ff
- media: firewire: firedtv-avc: fix a buffer overflow in
  avc_ca_pmt() (CVE-2021-3542 bsc#1184673).
- commit fab3d4f
- net: mana: Fix error handling in mana_create_rxq() (git-fixes,
  bsc#1191800).
- commit 8c6d0b8
- ocfs2: fix data corruption after conversion from inline format
  (bsc#1190795).
- commit ac3ffc2
- blacklist.conf: 4758fd801f91 x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
- commit c40c7ae
- blacklist.conf: 225bac2dc5d1 x86/Kconfig: Correct reference to MWINCHIP3D
- commit eee3b41
- blacklist.conf: 711885906b5c x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
- commit da61791
- gpio: pca953x: Improve bias setting (git-fixes).
- spi: spi-nxp-fspi: don't depend on a specific node name erratum
  workaround (git-fixes).
- drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes).
- drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
  (git-fixes).
- drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
  (git-fixes).
- drm/msm: Fix null pointer dereference on pointer edp
  (git-fixes).
- mac80211: check return value of rhashtable_init (git-fixes).
- commit c393393
- iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes).
- iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes).
- iio: ssp_sensors: add more range checking in
  ssp_parse_dataframe() (git-fixes).
- iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
  (git-fixes).
- iio: adc128s052: Fix the error handling path of 'adc128_probe()'
  (git-fixes).
- iio: dac: ti-dac5571: fix an error code in probe() (git-fixes).
- drm/amdgpu: fix gart.bo pin_count leak (git-fixes).
- mac80211: Drop frames from invalid MAC address in ad-hoc mode
  (git-fixes).
- HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device
  IDs (git-fixes).
- HID: apple: Fix logical maximum and usage maximum of Magic
  Keyboard JIS (git-fixes).
- commit 372fd90
- pata_legacy: fix a couple uninitialized variable bugs
  (git-fixes).
- cb710: avoid NULL pointer subtraction (git-fixes).
- acpi/arm64: fix next_platform_timer() section mismatch error
  (git-fixes).
- ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
  (git-fixes).
- ACPI: fix NULL pointer dereference (git-fixes).
- ACPI: bgrt: Fix CFI violation (git-fixes).
- ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros (git-fixes).
- commit 1a13895
- rpm/kernel-obs-build.spec.in: move to zstd for the initrd
  Newer distros have capability to decompress zstd, which
  provides a 2-5% better compression ratio at very similar
  cpu overhead. Plus this tests the zstd codepaths now as well.
- commit 3d53a5b
- rpm/kernel-obs-build.spec.in: reduce initrd functionality
  For building in OBS, we always build inside a virtual machine
  that gets a new, freshly created scratch filesystem image. So
  we do not need to handle fscks because that ain't gonna happen,
  as well as not we do not need to handle microcode update in the
  initrd as these only can be run on the host system anyway. We
  can also strip and hardlink as an additional optimisation that
  should not significantly hurt.
- commit c72c6fc
- nvme-pci: Fix abort command id (git-fixes).
- nvme: add command id quirk for apple controllers (git-fixes).
- commit 210cebb
- xen: reset legacy rtc flag for PV domU (git-fixes).
- commit 2ae68ea
- xen: fix setting of max_pfn in shared_info (git-fixes).
- commit 2d2e1e0
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/NFS-Do-uncached-readdir-when-we-re-seeking-a-cookie-.patch
- commit b7dfcc7
- NFS: Do uncached readdir when we're seeking a cookie in an
  empty page cache (bsc#1191628).
- commit 5ca83d3
- NFC: digital: fix possible memory leak in
  digital_in_send_sdd_req() (git-fixes).
- NFC: digital: fix possible memory leak in
  digital_tg_listen_mdaa() (git-fixes).
- nfc: fix error handling of nfc_proto_register() (git-fixes).
- ALSA: seq: Fix a potential UAF by wrong private_free call order
  (git-fixes).
- commit aada78f
- nvme-fc: remove freeze/unfreeze around update_nr_hw_queues
  (bsc#1185762).
- nvme-fc: avoid race between time out and tear down
  (bsc#1185762).
- nvme-fc: update hardware queues before using them (bsc#1185762).
- commit 4afdc63
- scsi: lpfc: Fix memory overwrite during FC-GS I/O abort handling
  (bsc#1191349).
- commit c7eb218
- net: hso: fix NULL-deref on disconnect regression (git-fixes).
- commit 901c621
- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32()
  call (git-fixes).
- i2c: acpi: fix resource leak in reconfiguration device addition
  (git-fixes).
- mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
  (git-fixes).
- drm/nouveau/debugfs: fix file release memory leak (git-fixes).
- video: fbdev: gbefb: Only instantiate device when built for IP32
  (git-fixes).
- soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
  (git-fixes).
- ptp_pch: Load module automatically if ID matches (git-fixes).
- phy: mdio: fix memory leak (git-fixes).
- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870
  SSD (git-fixes).
- ptp_pch: Restore dependency on PCI (git-fixes).
- net: cdc_eem: fix tx fixup skb leak (git-fixes).
- net: hso: fix null-ptr-deref during tty device unregistration
  (git-fixes).
- net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes).
- net: usb: Fix uninit-was-stored issue in asix_read_phy_addr()
  (git-fixes).
- commit 4915e73
- pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
  (git-fixes).
- commit aaf0697
- scsi: qla2xxx: Remove redundant initialization of pointer req
  (bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.07.100-k (bsc#1190941).
- scsi: qla2xxx: Fix use after free in eh_abort path
  (bsc#1190941).
- scsi: qla2xxx: Move heartbeat handling from DPC thread to
  workqueue (bsc#1190941).
- scsi: qla2xxx: Call process_response_queue() in Tx path
  (bsc#1190941).
- scsi: qla2xxx: Fix kernel crash when accessing port_speed
  sysfs file (bsc#1190941).
- scsi: qla2xxx: edif: Use link event to wake up app
  (bsc#1190941).
- scsi: qla2xxx: Fix crash in NVMe abort path (bsc#1190941).
- scsi: qla2xxx: Check for firmware capability before creating
  QPair (bsc#1190941).
- scsi: qla2xxx: Display 16G only as supported speeds for 3830c
  card (bsc#1190941).
- scsi: qla2xxx: Add support for mailbox passthru (bsc#1190941).
- scsi: qla2xxx: Fix excessive messages during device logout
  (bsc#1190941).
- scsi: qla2xxx: Restore initiator in dual mode (bsc#1190941).
- scsi: qla2xxx: Open-code qla2xxx_eh_device_reset()
  (bsc#1190941).
- scsi: qla2xxx: Open-code qla2xxx_eh_target_reset()
  (bsc#1190941).
- scsi: qla2xxx: Do not call fc_block_scsi_eh() during bus reset
  (bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.06.200-k (bsc#1190941).
- scsi: qla2xxx: edif: Fix returnvar.cocci warnings (bsc#1190941).
- scsi: qla2xxx: Fix NVMe session down detection (bsc#1190941).
- scsi: qla2xxx: Fix NVMe retry (bsc#1190941).
- scsi: qla2xxx: Fix hang on NVMe command timeouts (bsc#1190941).
- scsi: qla2xxx: Fix NVMe | FCP personality change (bsc#1190941).
- scsi: qla2xxx: edif: Do secure PLOGI when auth app is present
  (bsc#1190941).
- scsi: qla2xxx: edif: Add N2N support for EDIF (bsc#1190941).
- scsi: qla2xxx: Fix hang during NVMe session tear down
  (bsc#1190941).
- scsi: qla2xxx: edif: Fix EDIF enable flag (bsc#1190941).
- scsi: qla2xxx: edif: Reject AUTH ELS on session down
  (bsc#1190941).
- scsi: qla2xxx: edif: Fix stale session (bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.06.100-k (bsc#1190941).
- scsi: qla2xxx: Sync queue idx with queue_pair_map idx
  (bsc#1190941).
- scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
  (bsc#1190941).
- scsi: qla2xxx: Changes to support kdump kernel (bsc#1190941).
- scsi: qla2xxx: Suppress unnecessary log messages during login
  (bsc#1190941).
- scsi: qla2xxx: Fix NPIV create erroneous error (bsc#1190941).
- scsi: qla2xxx: Fix unsafe removal from linked list
  (bsc#1190941).
- scsi: qla2xxx: Fix port type info (bsc#1190941).
- scsi: qla2xxx: Add debug print of 64G link speed (bsc#1190941).
- scsi: qla2xxx: Show OS name and version in FDMI-1 (bsc#1190941).
- scsi: qla2xxx: Changes to support FCP2 Target (bsc#1190941).
- scsi: qla2xxx: Adjust request/response queue size for 28xx
  (bsc#1190941).
- scsi: qla2xxx: Add host attribute to trigger MPI hang
  (bsc#1190941).
- scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
  (bsc#1190941).
- commit c17f95e
- kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229).
  The semantic changed in an incompatible way so invoking the macro now
  causes a build failure.
- commit 3e55f55
- powerpc/bpf: Emit stf barrier instruction sequences
  for BPF_NOSPEC (bsc#1188983 CVE-2021-34556 bsc#1188985
  CVE-2021-35477).
- powerpc/security: Add a helper to query stf_barrier type
  (bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- powerpc/bpf: Validate branch ranges (bsc#1188983 CVE-2021-34556
  bsc#1188985 CVE-2021-35477).
- powerpc/lib: Add helper to check if offset is within
  conditional branch range (bsc#1188983 CVE-2021-34556 bsc#1188985
  CVE-2021-35477).
- powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729).
- powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729).
- powerpc/bpf: Use bctrl for making function calls (bsc#1065729).
- powerpc/lib: Fix emulate_step() std test (bsc#1065729).
- commit 3f6738b
- bpf: Fix a typo of reuseport map in bpf.h (git-fixes).
- bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h
  (git-fixes).
- bpf: Fix up bpf_skb_adjust_room helper's skb csum setting
  (git-fixes).
- commit b5d0357
- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit
  from run_smbios_call (git-fixes).
- commit a539d65
- x86/resctrl: Free the ctrlval arrays when
  domain_setup_mon_state() fails (bsc#1152489).
- commit dba5675
- can: xilinx_can: handle failure cases of pm_runtime_get_sync
  (git-fixes).
- commit 82f6db6
- blacklist.conf: feature, not a fix
- commit fd65896
- net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
  (git-fixes).
- commit 5487063
- can: peak_usb: fix use after free bugs (git-fixes).
- commit 3ad9b4d
- can: dev: can_restart: fix use after free bug (git-fixes).
- commit 0943ca2
- can: ti_hecc: ti_hecc_probe(): add missed
  clk_disable_unprepare() in error path (git-fixes).
- commit 2fec0e3
- Update patch reference for soc fix (CVE-2021-42252 bsc#1190479)
- commit f05067d
- blacklist.conf: requires newer USB PD version than we have
- commit a8bbe8f
- blacklist.conf: needs newer USB PD than we have
- commit d0d6a50
- USB: cdc-acm: fix minor-number release (git-fixes).
- commit 477b833
- USB: cdc-acm: clean up probe error labels (git-fixes).
- commit 576c313
- blacklist.conf: 4758fd801f91 x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
- commit fab5572
- blacklist.conf: 225bac2dc5d1 x86/Kconfig: Correct reference to MWINCHIP3D
- commit 08dc820
- kabi: block: Fix kabi of blk_mq_sched_try_insert_merge()
  (bsc#1191456).
- commit 7832c25
- tpm: ibmvtpm: Avoid error message when process gets signal
  while waiting (bsc#1065729).
- commit 544cf01
- powerpc/pseries: Fix build error when NUMA=n (bsc#1190620
  ltc#194498 git-fixes).
- commit 6c29f54
- xfs: fix up non-directory creation in SGID directories
  (bsc#1190006 CVE-2018-13405).
- commit f5a61c4
- xfs: remove the icdinode di_uid/di_gid members (bsc#1190006).
- commit 7385144
- xfs: ensure that the inode uid/gid match values match the
  icdinode ones (bsc#1190006).
- commit 0ddcc0f
- xfs: merge the projid fields in struct xfs_icdinode
  (bsc#1190006).
- commit 3a30ff3
- Revert "/sched/fair: Correctly insert cfs_rq's to list on unthrottle
  (git-fixes)"/ (bsc#1191343, bsc#1191238)
  The commit a7b359fc6a37 ("/sched/fair: Correctly insert cfs_rq's to list
  on unthrottle"/) causes more severe problems than the problem it aims to
  solve (corrupting cfs_rq leaf list vs insufficient fairness). While both
  need to be solved eventually, revert the commit until non-breaking
  solution is found.
  Blacklist the commit as well, to prevent a regression via git-fixes.
  This reverts commit 1732b9ba91b4b7a0822e98bd910feefbcb5424dc.
- commit b8c1ddd
- Revert "/sched/fair: Ensure that the CFS parent is added after unthrottling (git-fixes)."/
  The reverted commit is a followup of a7b359fc6a37 ("/sched/fair:
  Correctly insert cfs_rq's to list on unthrottle"/) which is going to be
  reverted as part of short-term solution of bsc#1191343.
  This reverts commit f3a38fbebab3f88070c129511f99a896f5532f7e.
- commit 4f925fc
- fscrypt: add fscrypt_symlink_getattr() for computing st_size
  (bsc#1191449).
- commit 549a3d8
- blk: Fix lock inversion between ioc lock and bfqd lock
  (bsc#1191456).
- commit adb5e59
- bfq: Remove merged request already in bfq_requests_merged()
  (bsc#1191456).
- commit 0d474e5
- fs, mm: fix race in unlinking swapfile (bsc#1191455).
- commit cd60ce3
- blacklist.conf: Blacklist 889c05cc5834
- commit ea30b1a
- blacklist.conf: Blacklist 6961fed42014
- commit b6fb7af
- blktrace: Fix uaf in blk_trace access after removing by sysfs
  (bsc#1191452).
- commit a4f24d0
- block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451).
- commit 34735be
- ext4: fix reserved space counter leakage (bsc#1191450).
- commit 449ab75
- ext4: report correct st_size for encrypted symlinks
  (bsc#1191449).
- commit 3669a7f
- bpf: Fix integer overflow in prealloc_elems_and_freelist()
  (bsc#1191317, CVE-2021-41864).
- commit d4466f5
- Add cherry-picked commit id to the usb hso fix (git-fixes)
- commit a4c3be7
- drm/amd/display: Pass PCI deviceid into DC (git-fixes).
- e100: fix buffer overrun in e100_get_regs (git-fixes).
- e100: fix length calculation in e100_get_regs_len (git-fixes).
- HID: u2fzero: ignore incomplete packets without data
  (git-fixes).
- HID: betop: fix slab-out-of-bounds Write in betop_probe
  (git-fixes).
- net: hso: add failure handler for add_net_device (git-fixes).
- HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes).
- usb: hso: remove the bailout parameter (git-fixes).
- usb: hso: fix error handling code of hso_create_net_device
  (git-fixes).
- e100: handle eeprom as little endian (git-fixes).
- hso: fix bailout in error case of probe (git-fixes).
- PCI: Fix pci_host_bridge struct device release/free handling
  (git-fixes).
- commit 51aaf55
- Update kabi files.
- update from October 2021 maintenance update submission (commit c909dd500033)
- commit d500b18
- rpm: use _rpmmacrodir (boo#1191384)
- commit e350c14
- net: 6pack: fix slab-out-of-bounds in decode_data
  (CVE-2021-42008 bsc#1191315).
- commit b0db75a
- x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289).
- powercap: intel_rapl: add support for Sapphire Rapids
  (jsc#SLE-15289).
- commit 053c38b
- series.conf: cleanup
- move a kabi workaround into correct section:
  patches.kabi/ipvs-Fix-up-kabi-for-expire_nodest_conn_work-additio.patch
- commit bc02214
- sched/fair: Add ancestors of unthrottled undecayed cfs_rq
  (bsc#1191292).
- commit d8d828e
- blacklist.conf: Update for 51e1bb9eeaf7
- commit fe28675
- x86/alternatives: Teach text_poke_bp() to emulate instructions
  (bsc#1185302).
- Refresh
  patches.suse/x86-alternatives-sync-bp_patching-update-for-avoiding-null-pointer-exception.patch.
- commit ef191ae
- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).
- blk-mq: don't deactivate hctx if managed irq isn't used
  (bsc#1185762).
- blk-mq: mark if one queue map uses managed irq (bsc#1185762).
- genirq: add device_has_managed_msi_irq (bsc#1185762).
- commit 57a6cb7
- hwmon: (tmp421) fix rounding for negative values (git-fixes).
- hwmon: (tmp421) report /PVLD condition as fault (git-fixes).
- hwmon: (mlxreg-fan) Return non-zero value when fan current
  state is enforced from sysfs (git-fixes).
- commit 2560193
- ipc: remove memcg accounting for sops objects in do_semtimedop()
  (bsc#1190115).
- Delete
  patches.suse/ipc-remove-memcg-accounting-for-sops-objects.patch.
  Refreshing patch with upstream metadata.
- commit 2d6ef2e
- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).
- commit 628c3ee
- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).
- commit 466f31b
- powerpc/powernv: Fix machine check reporting of async store
  errors (bsc#1065729).
- commit 0b715ae
- powerpc/perf: Fix the check for SIAR value (bsc#1065729).
- powerpc/perf: Drop the case of returning 0 as instruction
  pointer (bsc#1065729).
- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).
- powerpc/perf: Fix crash in perf_instruction_pointer() when
  ppmu is not set (bsc#1065729).
- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).
- powerpc/perf: Use the address from SIAR register to set cpumode
  flags (bsc#1065729).
- commit f3110f1
- apparmor: remove duplicate macro list_entry_is_head()
  (git-fixes).
- commit 514b75b
- xhci: Set HCD flag to defer primary roothub registration
  (git-fixes).
- commit 8f4e75e
- USB: serial: option: add device id for Foxconn T99W265
  (git-fixes).
- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital
  Multimeter (git-fixes).
- USB: serial: option: add Telit LN920 compositions (git-fixes).
- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
  (git-fixes).
- usb: core: hcd: Add support for deferring roothub registration
  (git-fixes).
- commit 0a6378c
- mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes).
- mac80211-hwsim: fix late beacon hrtimer handling (git-fixes).
- mac80211: mesh: fix potentially unaligned access (git-fixes).
- mac80211: limit injected vht mcs/nss in
  ieee80211_parse_tx_radiotap (git-fixes).
- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk
  (git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes).
- spi: Fix tegra20 build with CONFIG_PM=n (git-fixes).
- tty: synclink_gt, drop unneeded forward declarations
  (git-fixes).
- commit dbd9f90
- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
  (git-fixes).
- ALSA: firewire-motu: fix truncated bytes in message tracepoints
  (git-fixes).
- ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes).
- ASoC: fsl_micfil: register platform component before registering
  cpu dai (git-fixes).
- ASoC: mediatek: common: handle NULL case in suspend/resume
  function (git-fixes).
- media: cedrus: Fix SUNXI tile size calculation (git-fixes).
- watchdog/sb_watchdog: fix compilation problem due to
  COMPILE_TEST (git-fixes).
- dmaengine: xilinx_dma: Set DMA mask for coherent APIs
  (git-fixes).
- dmaengine: ioat: depends on !UML (git-fixes).
- console: consume APC, DM, DCS (git-fixes).
- commit 71b860e
- thermal/core: Potential buffer overflow in
  thermal_build_list_of_policies() (git-fixes).
- rtc: rx8010: select REGMAP_I2C (git-fixes).
- pwm: stm32-lp: Don't modify HW state in .remove() callback
  (git-fixes).
- pwm: rockchip: Don't modify HW state in .remove() callback
  (git-fixes).
- pwm: img: Don't modify HW state in .remove() callback
  (git-fixes).
- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
  (git-fixes).
- PCI: pci-bridge-emul: Fix array overruns, improve safety
  (git-fixes).
- PCI: pci-bridge-emul: Fix big-endian support (git-fixes).
- commit a8d4022
- fpga: machxo2-spi: Fix missing error code in
  machxo2_write_complete() (git-fixes).
- fpga: machxo2-spi: Return an error on failure (git-fixes).
- serial: mvebu-uart: fix driver's tx_empty callback (git-fixes).
- USB: serial: option: remove duplicate USB device ID (git-fixes).
- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
  (git-fixes).
- usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes).
- gpio: uniphier: Fix void functions to remove return value
  (git-fixes).
- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
  (git-fixes).
- ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes).
- commit 79aec8d
- clk: at91: clk-generated: pass the id of changeable parent at
  registration (git-fixes).
- Refresh
  patches.suse/clk-at91-clk-generated-Limit-the-requested-rate-to-o.patch.
- commit 39cefdd
- drm/amd/amdgpu: Update debugfs link_settings output link_rate
  field in hex (git-fixes).
- drm: avoid blocking in drm_clients_info's rcu section
  (git-fixes).
- drm/gma500: Fix end of loop tests for list_for_each_entry
  (git-fixes).
- drm/amdgpu: Fix BUG_ON assert (git-fixes).
- staging: board: Fix uninitialized spinlock when attaching genpd
  (git-fixes).
- ath9k: fix sleeping in atomic context (git-fixes).
- ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes).
- Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes).
- include/linux/list.h: add a macro to test if entry is pointing
  to the head (git-fixes).
- commit 60017cf
- drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes).
- gpu: drm: amd: amdgpu: amdgpu_i2c: fix
  possible uninitialized-variable access in
  amdgpu_i2c_router_select_ddc_port() (git-fixes).
- drm/amd/display: Fix timer_per_pixel unit error (git-fixes).
- media: TDA1997x: fix tda1997x_query_dv_timings() return value
  (git-fixes).
- media: v4l2-dv-timings.c: fix wrong condition in two for-loops
  (git-fixes).
- media: imx258: Limit the max analogue gain to 480 (git-fixes).
- iio: dac: ad5624r: Fix incorrect handling of an optional
  regulator (git-fixes).
- staging: ks7010: Fix the initialization of the 'sleep_status'
  structure (git-fixes).
- iwlwifi: mvm: fix a memory leak in
  iwl_mvm_mac_ctxt_beacon_changed (git-fixes).
- drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object
  to 0 in amdgpu_dm_update_backlight_caps (git-fixes).
- commit 4c6f48f
- PCI: Add AMD GPU multi-function power dependencies (git-fixes).
- mfd: Don't use irq_create_mapping() to resolve a mapping
  (git-fixes).
- media: imx258: Rectify mismatch of VTS value (git-fixes).
- media: rc-loopback: return number of emitters rather than error
  (git-fixes).
- media: uvc: don't do DMA on stack (git-fixes).
- media: dib8000: rewrite the init prbs logic (git-fixes).
- parport: remove non-zero check on count (git-fixes).
- mmc: core: Return correct emmc response in case of ioctl error
  (git-fixes).
- mmc: rtsx_pci: Fix long reads when clock is prescaled
  (git-fixes).
- mmc: sdhci-of-arasan: Check return value of non-void funtions
  (git-fixes).
- commit 9209c5a
- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
  (git-fixes).
- PCI: aardvark: Increase polling delay to 1.5s while waiting
  for PIO response (git-fixes).
- PCI: aardvark: Fix checking for PIO status (git-fixes).
- PM: base: power: don't try to use non-existing RTC for storing
  data (git-fixes).
- PCI: Add ACS quirks for Cavium multi-function devices
  (git-fixes).
- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
  (git-fixes).
- PCI: ibmphp: Fix double unmap of io_mem (git-fixes).
- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
  (git-fixes).
- PCI: Use pci_update_current_state() in pci_enable_device_flags()
  (git-fixes).
- commit 61f24a4
- rtc: tps65910: Correct driver module alias (git-fixes).
- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
  (git-fixes).
- usb: gadget: u_ether: fix a potential null pointer dereference
  (git-fixes).
- usb: host: fotg210: fix the actual_length of an iso packet
  (git-fixes).
- serial: sh-sci: fix break handling for sysrq (git-fixes).
- serial: 8250_pci: make setup_port() parameters explicitly
  unsigned (git-fixes).
- serial: 8250: Define RX trigger levels for OxSemi 950 devices
  (git-fixes).
- tty: serial: jsm: hold port lock when reporting modem line
  changes (git-fixes).
- staging: rts5208: Fix get_ms_information() heap buffer size
  (git-fixes).
- commit f3797b6
- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes).
- video: fbdev: riva: Error out if 'pixclock' equals zero
  (git-fixes).
- video: fbdev: kyro: Error out if 'pixclock' equals zero
  (git-fixes).
- video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
  (git-fixes).
- video: fbdev: kyro: fix a DoS bug by restricting user input
  (git-fixes).
- usbip:vhci_hcd USB port can get stuck in the disabled state
  (git-fixes).
- usbip: give back URBs for unsent unlink requests during cleanup
  (git-fixes).
- usb: musb: musb_dsps: request_irq() after initializing musb
  (git-fixes).
- usb: host: fotg210: fix the endpoint's transactional
  opportunities calculation (git-fixes).
- commit f1407f0
- kabi/severities: skip kABI check for ath9k-local symbols (CVE-2020-3702 bsc#1191193)
  ath9k modules have some exported symbols for the common helpers
  and the recent fixes broke kABI of those.  They are specific to
  ath9k's own usages, so safe to ignore.
- commit 7579b4b
- kABI compatibility for ath_key_delete() changes (CVE-2020-3702
  bsc#1191193).
- commit bc02804
- ath9k: Postpone key cache entry deletion for TXQ frames
  reference it (CVE-2020-3702 bsc#1191193).
- ath: Modify ath_key_delete() to not need full key entry
  (CVE-2020-3702 bsc#1191193).
- ath: Export ath_hw_keysetmac() (CVE-2020-3702 bsc#1191193).
- commit 5fe383f
- Update patches.kabi/NFS-pass-cred-explicitly-for-access-tests.patch
  (bsc#1190746 bsc#1191172).
  cache.group_info (aka cache.cred) was not properly initialized when
  - >access() was called.
- commit 9ff84db
- ipc: replace costly bailout check in sysvipc_find_ipc()
  (bsc#1159886 bsc#1188986 CVE-2021-3669).
- ipc/util.c: use binary search for max_idx (bsc#1159886).
- commit af97833
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/net-mana-Fix-a-memory-leak-in-an-error-handling-path.patch
- commit 12cbf84
- series.conf: cleanup
- move submitted patches to "/almost mainline"/ section:
  - patches.suse/NFS-change-nfs_access_get_cached-to-only-report-the-.patch
  - patches.suse/NFS-pass-cred-explicitly-for-access-tests.patch
  - patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch
- commit a3b4285
- btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626).
- commit b88ab2e
- blacklist.conf: too intrusive, gone in through SP3
- commit a81e8d3
- blacklist.conf: too intrusive, gone in through SP3
- commit 4bedee6
- blacklist.conf: too intrusive, gone in through SP3
- commit 0474866
- blacklist.conf: kABI
- commit e8337cf
- x86/mm: Fix kern_addr_valid() to cope with existing but not
  present entries (bsc#1152489).
- commit 1efaf04
- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185726).
- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185726).
- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726).
- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726).
- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726).
- hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185726).
- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185726).
- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185726).
- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185726).
- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726).
- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185726).
- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185726).
- commit 44e26ca
- nvme: avoid race in shutdown namespace removal (bsc#1188067).
- commit bac299d
- nvme: fix refcounting imbalance when all paths are down
  (bsc#1188067).
- Refresh
  patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch.
- commit 44b2d54
- series: Update meta data and resort
  Refresh the metad data and sort into correct position:
  patches.suse/scsi-lpfc-Fix-CPU-to-from-endian-warnings-introduced.patch
  patches.suse/scsi-lpfc-Fix-compilation-errors-on-kernels-with-no-.patch
  patches.suse/scsi-lpfc-Fix-gcc-Wstringop-overread-warning-again.patch
  patches.suse/scsi-lpfc-Fix-sprintf-overflow-in-lpfc_display_fpin_.patch
  patches.suse/scsi-lpfc-Remove-unneeded-variable.patch
  patches.suse/scsi-lpfc-Use-correct-scnprintf-limit.patch
- commit 12f1564
- Update
  patches.suse/Bluetooth-check-for-zapped-sk-before-connecting.patch
  (CVE-2021-3752 bsc#1190023).
- commit 65458cc
- Restore kabi after NFS: pass cred explicitly for access tests
  (bsc#1190746).
- NFS: don't store 'struct cred *' in struct nfs_access_entry
  (bsc#1190746).
- NFS: pass cred explicitly for access tests (bsc#1190746).
- NFS: change nfs_access_get_cached to only report the mask
  (bsc#1190746).
- commit 907996a
- usb: musb: tusb6010: uninitialized data in
  tusb_fifo_write_unaligned() (git-fixes).
- commit 11a541f
- erofs: fix up erofs_lookup tracepoint (git-fixes).
- commit 3009743
- EDAC/synopsys: Fix wrong value type assignment for edac_mode
  (bsc#1152489).
- commit 15eb225
- kernel-binary.spec: Do not sign kernel when no key provided
  (bsc#1187167 bsc#1191240 ltc#194716).
- kernel-binary.spec: Do not sign kernel when no key provided
  (bsc#1187167).
- commit c909dd5
- powerpc: fix function annotations to avoid section mismatch
  warnings with gcc-10 (bsc#1148868).
- commit 9e9276f
- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543
  ltc#194523).
- Refresh patches.suse/pseries-drmem-update-LMBs-after-LPM.patch
- commit e17894e
- Revert "/rpm: Abolish scritplet templating (bsc#1189841)."/ (bsc#1190598)
  This reverts commit e98096d5cf85dbe90f74a930eb1f0e3fe4a70c7f.
  These changes depend on a suse-module-tools update which has not reached
  SLE15-SP2/3 and Leap 15.2/3 yet, causing both build failures and
  unsatisfiable dependency of resulting binary packages.
  Revert the commit temporarily until suse-module-tools is updated.
- commit 7d43568
- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).
- commit 9763078
- powerpc/pseries: Prevent free CPU ids being reused on another
  node (bsc#1190620 ltc#194498).
- commit 7097b6c
- net: sched: sch_teql: fix null-pointer dereference
  (bsc#1190717).
- commit 0a89f09
- kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as
  well.
  Fixes: e98096d5cf85 ("/rpm: Abolish scritplet templating (bsc#1189841)."/)
- commit e082fbf
- mm/swap: consider max pages in iomap_swapfile_add_extent
  (bsc#1190785).
- commit afb626e
- iomap: Fix negative assignment to unsigned sis->pages in
  iomap_swapfile_activate (bsc#1190784).
- commit 7126cba
- scsi: lpfc: Fix gcc -Wstringop-overread warning, again
  (bsc#1190576).
- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).
- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn()
  (bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).
- scsi: lpfc: Improve PBDE checks during SGL processing
  (bsc#1190576).
- scsi: lpfc: Zero CGN stats only during initial driver load
  and stat reset (bsc#1190576).
- scsi: lpfc: Fix I/O block after enabling managed congestion mode
  (bsc#1190576).
- scsi: lpfc: Adjust bytes received vales during cmf timer
  interval (bsc#1190576).
- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).
- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines
  (bsc#1190576).
- scsi: lpfc: Fix NVMe I/O failover to non-optimized path
  (bsc#1190576).
- scsi: lpfc: Don't remove ndlp on PRLI errors in P2P mode
  (bsc#1190576).
- scsi: lpfc: Fix rediscovery of tape device after LIP
  (bsc#1190576).
- scsi: lpfc: Fix hang on unload due to stuck fport node
  (bsc#1190576).
- scsi: lpfc: Fix premature rpi release for unsolicited TPLS
  and LS_RJT (bsc#1190576).
- scsi: lpfc: Don't release final kref on Fport node while ABTS
  outstanding (bsc#1190576).
- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
  (bsc#1190576).
- scsi: lpfc: Remove unneeded variable (bsc#1190576).
- scsi: lpfc: Fix compilation errors on kernels with no
  CONFIG_DEBUG_FS (bsc#1190576).
- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS
  processing (bsc#1190576).
- commit 1435c13
- blacklist.conf: kABI
- commit 3cb18d9
- blacklist.conf: kABI
- commit dcb25ee
- blacklist.conf: kABI
- commit d400b4c
- docs: Fix infiniband uverbs minor number (git-fixes).
- commit 0fb9cd2
- usb: dwc2: Avoid leaving the error_debugfs label unused
  (git-fixes).
- commit fb08350
- ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943).
- ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943).
- ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758
  ltc#191943).
- ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758
  ltc#191943).
- ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758
  ltc#191943).
- ibmvnic: Fix up some comments and messages (bsc#1190758
  ltc#191943).
- ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758
  ltc#191943).
- commit dea5bd2
- x86/resctrl: Fix a maybe-uninitialized build warning treated
  as error (bsc#1152489).
- x86/resctrl: Fix default monitoring groups reporting
  (bsc#1152489).
- commit 450cdb2
- vmxnet3: update to version 6 (bsc#1190406).
- commit 8d3dc67
- vmxnet3: increase maximum configurable mtu to 9190
  (bsc#1190406).
- commit bd5109d
- vmxnet3: set correct hash type based on rss information
  (bsc#1190406).
- commit e1e474b
- vmxnet3: add support for ESP IPv6 RSS (bsc#1190406).
- commit 1687646
- vmxnet3: remove power of 2 limitation on the queues
  (bsc#1190406).
- commit f3834f6
- vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406).
- commit fbdf2fe
- vmxnet3: prepare for version 6 changes (bsc#1190406).
- commit 7e0fe82
- fuse: truncate pagecache on atomic_o_trunc (bsc#1190705).
- commit 73351a3
- xfs: sync lazy sb accounting on quiesce of read-only mounts
  (bsc#1190679).
- commit 668fdef
- blacklist.conf: 3bff147b187d x86/mce: Defer processing of early errors
- commit 7e0dc1d
- s390/unwind: use current_frame_address() to unwind current task
  (bsc#1185677).
- commit 92c31e7
- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI
  (bsc#1190576).
- scsi: lpfc: Copyright updates for 14.0.0.1 patches
  (bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).
- scsi: lpfc: Add bsg support for retrieving adapter cmf data
  (bsc#1190576).
- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).
- scsi: lpfc: Add debugfs support for cm framework buffers
  (bsc#1190576).
- scsi: lpfc: Add support for maintaining the cm statistics buffer
  (bsc#1190576).
- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).
- scsi: lpfc: Add support for the CM framework (bsc#1190576).
- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).
- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).
- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).
- scsi: lpfc: Add EDC ELS support (bsc#1190576).
- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).
- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).
- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info
  to firmware (bsc#1190576).
- scsi: fc: Add EDC ELS definition (bsc#1190576).
  Refresh and update:
  - patches.kabi/scsi-fc-kABI-fixes-for-new-ELS_RDP-definition.patch
- scsi: core: Add helper to return number of logical blocks in
  a request (bsc#1190576).
- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
  (bsc#1190576).
- scsi: core: Introduce the scsi_cmd_to_rq() function
  (bsc#1190576).
- scsi: fc: Update formal FPIN descriptor definitions
  (bsc#1190576).
- commit e13d431
- Refresh patches.suse/msft-hv-2119-irqdomain-treewide-Keep-firmware-node-unconditionall.patch.
  Add else braces.
- commit f230c58
- series.conf: cleanup
- update upstream reference and resort:
  - patches.suse/ibmvnic-check-failover_pending-in-login-response.patch
- commit 2b5f056
- kernel-binary.spec: Check for no kernel signing certificates.
  Also remove unused variable.
- commit bdc323e
- Revert "/rpm/kernel-binary.spec: Use only non-empty certificates."/
  This reverts commit 30360abfb58aec2c9ee7b6a27edebe875c90029d.
- commit 413e05b
- fuse: flush extending writes (bsc#1190595).
- cuse: fix broken release (bsc#1190596).
- commit 232b4ea
- rpm/kernel-binary.spec: Use only non-empty certificates.
- commit 30360ab
- ipvs: Fix up kabi for expire_nodest_conn_work addition
  (bsc#1190467).
- ipvs: queue delayed work to expire no destination connections
  if expire_nodest_conn=1 (bsc#1190467).
- ipvs: allow connection reuse for unconfirmed conntrack
  (bsc#1190467).
- ipvs: avoid expiring many connections from timer (bsc#1190467).
- commit e0da213
- ext4: fix race writing to an inline_data file while its xattrs
  are changing (bsc#1190159 CVE-2021-40490).
- commit 4fadd7d
- crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
  (bsc#1189884 CVE-2021-3744 bsc#1190534 CVE-2021-3764).
- commit 4ee91a7
- xfs: allow mount/remount when stripe width alignment is zero
  (bsc#1188651).
- commit e701c22
- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
  (git-fixes).
- debugfs: Return error during {full/open}_proxy_open() on rmmod
  (bsc#1173746).
- devlink: Break parameter notification sequence to be
  before/after unload/load driver (bsc#1154353).
- net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes).
- ionic: cleanly release devlink instance (bsc#1167773).
- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).
- cxgb4: dont touch blocked freelist bitmap after free
  (git-fixes).
- e1000e: Do not take care about recovery NVM checksum
  (jsc#SLE-8100).
- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).
- xgene-v2: Fix a resource leak in the error handling path of
  'xge_probe()' (git-fixes).
- RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init()
  (bsc#1170774).
- iavf: Fix ping is lost after untrusted VF had tried to change
  MAC (jsc#SLE-7940).
- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
  (git-fixes).
- bnxt_en: Add missing DMA memory barriers (git-fixes).
- bnxt_en: Disable aRFS if running on 212 firmware (git-fixes).
- bnxt: count Tx drops (git-fixes).
- bnxt: make sure xmit_more + errors does not miss doorbells
  (git-fixes).
- bnxt: disable napi before canceling DIM (git-fixes).
- bnxt: don't lock the tx queue from napi poll (git-fixes).
- net/mlx5: Fix return value from tracer initialization
  (git-fixes).
- net/mlx5e: Avoid creating tunnel headers for local route
  (git-fixes).
- iavf: Set RSS LUT and key in reset handle path (git-fixes).
- ice: Prevent probing virtual functions (git-fixes).
- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).
- nfp: update ethtool reporting of pauseframe control (git-fixes).
- net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).
- net/mlx5: Unload device upon firmware fatal error (git-fixes).
- net/mlx5: E-Switch, handle devcom events only for ports on
  the same device (git-fixes).
- net/mlx5: Fix flow table chaining (git-fixes).
- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).
- ionic: count csum_none when offload enabled (bsc#1167773).
- i40e: Fix log TC creation failure when max num of queues is
  exceeded (git-fixes).
- i40e: Fix queue-to-TC mapping on Tx (git-fixes).
- i40e: Add additional info to PHY type error (git-fixes).
- i40e: Fix firmware LLDP agent related warning (git-fixes).
- i40e: Fix logic of disabling queues (git-fixes).
- bnxt_en: Do not enable legacy TX push on older firmware
  (git-fixes).
- bnxt_en: Store the running firmware version code (git-fixes).
- commit f97144d
- fbmem: don't allow too huge resolutions (git-fixes).
- backlight: pwm_bl: Improve bootloader/kernel device handover
  (git-fixes).
- media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
  (git-fixes).
- tty: Fix data race between tiocsti() and flush_to_ldisc()
  (git-fixes).
- PM: EM: Increase energy calculation precision (git-fixes).
- libata: fix ata_host_start() (git-fixes).
- power: supply: max17042_battery: fix typo in MAx17042_TOFF
  (git-fixes).
- power: supply: axp288_fuel_gauge: Report register-address on
  readb / writeb errors (git-fixes).
- regmap: fix the offset of register error log (git-fixes).
- regmap: fix page selection for noinc writes (git-fixes).
- regmap: fix page selection for noinc reads (git-fixes).
- commit 0c36126
- time: Handle negative seconds correctly in timespec64_to_ns()
  (git-fixes).
- mm: always have io_remap_pfn_range() set pgprot_decrypted()
  (git-fixes).
- commit b2d42ef
- ibmvnic: check failover_pending in login response (bsc#1190523
  ltc#194510).
- commit 9f9cec0
- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).
- Refresh
  patches.suse/0002-x86-msi-Only-use-high-bits-of-MSI-address-for-DMAR-u.patch.
- Refresh
  patches.suse/0004-x86-apic-Support-15-bits-of-APIC-ID-in-IOAPIC-MSI-wh.patch.
- Refresh
  patches.suse/msft-hv-2119-irqdomain-treewide-Keep-firmware-node-unconditionall.patch.
- commit a89813f
- EDAC/i10nm: Fix NVDIMM detection (bsc#1152489).
- commit 9def092
- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
  (bsc#1189297).
- commit 913942c
- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT
  state (bsc#1190062).
- commit e5272e8
- clk: at91: clk-generated: Limit the requested rate to our range
  (git-fixes).
- commit c432b6b
- blacklist.conf: add efa non backportable patch
- commit ebbcbd1
- usb: dwc2: Add missing cleanups when usb_add_gadget_udc()
  fails (git-fixes).
- commit bc5a062
- ipc: remove memcg accounting for sops objects in do_semtimedop()
  (bsc#1190115).
- commit 561fbd8
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
  - patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
  - patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit ebb6bcb
- fixup "/rpm: support gz and zst compression methods"/ once more
  (bsc#1190428, bsc#1190358)
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
  Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 165378a
- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
- PCI: iproc: Fix BCMA probe resource handling (git-fixes).
- usb: dwc2: Fix error path in gadget registration (git-fixes).
- commit 59e7328
- thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
  (git-fixes).
- drm/panfrost: Simplify lock_region calculation (git-fixes).
- dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
  (git-fixes).
- mfd: lpc_sch: Rename GPIOBASE to prevent build error
  (git-fixes).
- mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
  (git-fixes).
- mfd: axp20x: Update AXP288 volatile ranges (git-fixes).
- gpio: mpc8xxx: Fix a resources leak in the error handling path
  of 'mpc8xxx_probe()' (git-fixes).
- commit 75d69a6
- pwm: lpc32xx: Don't modify HW state in .probe() after the PWM
  chip was registered (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 800
  (git-fixes).
- PCI: Fix pci_dev_str_match_path() alloc while atomic bug
  (git-fixes).
- PCI/portdrv: Enable Bandwidth Notification only if port supports
  it (git-fixes).
- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
  (git-fixes).
- PCI: Call Max Payload Size-related fixup quirks early
  (git-fixes).
- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
  ROG Strix G17 (git-fixes).
- reset: reset-zynqmp: Fixed the argument data type (git-fixes).
- gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for
  (semi)planar U/V formats (git-fixes).
- commit f395ad9
- Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412)
  Deleted and blacklisted:
  patches.suse/platform-x86-intel_int0002_vgpio-Only-call-enable_ir.patch
  patches.suse/platform-x86-intel_int0002_vgpio-Pass-irqchip-when-a.patch
- commit bebba41
- fixup "/rpm: support gz and zst compression methods"/ once more
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
  Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 34e68f4
- fixup "/rpm: support gz and zst compression methods"/
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
- commit 23510fc
- kernel-cert-subpackage: Fix certificate location in scriptlets
  (bsc#1189841).
  Fixes: d9a1357edd73 ("/rpm: Define $certs as rpm macro (bsc#1189841)."/)
- commit 8684de8
- kernel-binary.spec.in Stop templating the scriptlets for subpackages
  (bsc#1190358).
  The script part for base package case is completely separate from the
  part for subpackages. Remove the part for subpackages from the base
  package script and use the KMP scripts for subpackages instead.
- commit 5d1f677
- kernel-binary.spec: Do not fail silently when KMP is empty
  (bsc#1190358).
  Copy the code from kernel-module-subpackage that deals with empty KMPs.
- commit d7d2e6e
- mm/vmscan: fix infinite loop in drop_slab_node (VM
  Functionality, bsc#1189301).
- commit 016e8e0
- blacklist.conf: blacklist an unwanted commit
- commit 910824e
- SUNRPC: Simplify socket shutdown when not reusing TCP ports
  (git-fixes).
- SUNRPC: Fix potential memory corruption (git-fixes).
- NFSv4/pNFS: Fix a layoutget livelock loop (git-fixes).
- nfsd4: Fix forced-expiry locking (git-fixes).
- lockd: Fix invalid lockowner cast after vfs_test_lock
  (git-fixes).
- commit 59642ba
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
- commit a70a19d
- Sort nvme patches into linux-block.
- commit 090f7ef
- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481).
- Delete
  patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch.
- commit bfb1107
- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1135481).
- commit 9722825
- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481).
- commit 350aa4f
- btrfs: rip out may_commit_transaction (bsc#1135481).
- commit 4606638
- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1135481).
- commit 631f16e
- btrfs: adjust the flush trace point to include the source (bsc#1135481).
- commit e32ea57
- btrfs: implement space clamping for preemptive flushing (bsc#1135481).
- commit ca710c1
- btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481).
- commit 4b02073
- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481).
- commit 7205c9f
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481).
- Refresh
  patches.suse/btrfs-account-ticket-size-at-add-delete-time.patch.
- commit bcb2da5
- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481).
- commit fba4763
- btrfs: rename need_do_async_reclaim (bsc#1135481).
- commit f764126
- btrfs: improve preemptive background space flushing (bsc#1135481).
- commit 874aca2
- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481).
- commit 7ec1638
- btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481).
- commit c78869d
- btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc#1135481).
- commit c805821
- btrfs: add a trace point for reserve tickets (bsc#1135481).
- commit ed22c30
- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1135481).
- commit f6a0397
- SUNRPC: improve error response to over-size gss credential
  (bsc#1190022).
- commit 0678bd3
- scsi: sg: add sg_remove_request in sg_write (bsc#1171420
  CVE2020-12770).
- commit 59a4a94
- Bluetooth: schedule SCO timeouts with delayed_work
  (CVE-2021-3640 bsc#1188172).
- Refresh
  patches.suse/Bluetooth-fix-repeated-calls-to-sco_sock_kill.patch.
- Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch.
- commit 69c5b94
- sched/fair: Ensure that the CFS parent is added after unthrottling (git-fixes).
- commit f3a38fb
- rpm/kernel-source.spec.in: do some more for vanilla_only
  Make sure:
  * sources are NOT executable
  * env is not used as interpreter
  * timestamps are correct
  We do all this for normal kernel builds, but not for vanilla_only
  kernels (linux-next and vanilla).
- commit b41e4fd
- Revert "/memcg: enable accounting for file lock caches (bsc#1190115)."/
  This reverts commit 78b761616bfb31a0d54806624e7c8db23fbeda9c.
  It's effectively upstream commit
  3754707bcc3e190e5dadc978d172b61e809cb3bd applied to kernel-source (to
  avoid proliferation of patches). Make a note in blacklist.conf too.
- commit eba498f
- Update kabi files.
- update from September 2021 maintenance update submission (commit 21030bc7f9be)
- commit 63b67d5
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/mm-vmscan-guarantee-drop_slab_node-termination.patch
- commit bddec27
- blacklist.conf: kABI
- commit 2b1e710
- mm, vmscan: guarantee drop_slab_node() termination (VM
  Functionality, bsc#1189301).
- commit 56cc71b
- blacklist.conf: cosmetic fix
- commit c872ce5
- blacklist.conf: 33cba859220b ("/fscache: Fix fscache_cookie_put() to not deref after dec"/)
  Needs prerequisites to backport which could be problematic.
- commit 648a5e5
- usb: dwc3: core: Properly default unspecified speed (git-fixes).
- commit 714137e
- libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
  (git-fixes).
- commit 5a2ecd2
- kABI: revert change in struct bpf_insn_aux_data (bsc#1188983,
  bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit 425bbd2
- memcg: enable accounting of ipc resources (bsc#1190115
  CVE-2021-3759).
- memcg: enable accounting for file lock caches (bsc#1190115).
- commit 925e30c
- Refresh
  patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch.
- commit f3cba28
- series.conf: cleanup
- update upstream references and resort:
  - patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch
- commit 0d42678
- update nvme patch references and move them out of sorted section
  Within a few days, nvme repository was not only rebased again but the
  patches has been also reordered. To avoid further spurious git-sort errors,
  move the nvme patches out of sorted section until they reach mainline or
  some better behaving subsystem repository.
- update Git-commit and move out of sorted section:
  - patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
  - patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
  - patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit 95e9f8b
- rpm: Fold kernel-devel and kernel-source scriptlets into spec files
  (bsc#1189841).
  These are unchanged since 2011 when they were introduced. No need to
  track them separately.
- commit 692d38b
- rpm: Abolish image suffix (bsc#1189841).
  This is used only with vanilla kernel which is not supported in any way.
  The only effect is has is that the image and initrd symlinks are created
  with this suffix.
  These symlinks are not used except on s390 where the unsuffixed symlinks
  are used by zipl.
  There is no reason why a vanilla kernel could not be used with zipl as
  well as it's quite unexpected to not be able to boot when only a vanilla
  kernel is installed.
  Finally we now have a backup zipl kernel so if the vanilla kernel is
  indeed unsuitable the backup kernel can be used.
- commit e2f37db
- kernel-binary.spec: Define $image as rpm macro (bsc#1189841).
- commit e602b0f
- rpm: Define $certs as rpm macro (bsc#1189841).
  Also pass around only the shortened hash rather than full filename.
  As has been discussed in bsc#1124431 comment 51
  https://bugzilla.suse.com/show_bug.cgi?id=1124431#c51 the placement of
  the certificates is an API which cannot be changed unless we can ensure
  that no two kernels that use different certificate location can be built
  with the same certificate.
- commit d9a1357
- HID: input: do not report stylus battery state as "/full"/
  (git-fixes).
- HID: i2c-hid: Fix Elan touchpad regression (git-fixes).
- pinctrl: samsung: Fix pinctrl bank pin count (git-fixes).
- pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
  (git-fixes).
- pinctrl: single: Fix error return code in
  pcs_parse_bits_in_pinctrl_entry() (git-fixes).
- clk: kirkwood: Fix a clocking boot regression (git-fixes).
- mailbox: sti: quieten kernel-doc warnings (git-fixes).
- overflow: Correct check_shl_overflow() comment (git-fixes).
- commit 835ad7d
- mtd: rawnand: cafe: Fix a resource leak in the error handling
  path of 'cafe_nand_probe()' (git-fixes).
- USB: serial: option: add new VID/PID to support Fibocom FG150
  (git-fixes).
- drm/nouveau/disp: power down unused DP links during init
  (git-fixes).
- drm: Copy drm_wait_vblank to user before returning (git-fixes).
- virtio_pci: Support surprise removal of virtio pci device
  (git-fixes).
- commit ce46f13
- ocfs2: ocfs2_downconvert_lock failure results in deadlock
  (bsc#1188439).
- commit d85d8fa
- cgroup1: fix leaked context root causing sporadic NULL deref
  in LTP (bsc#1190181).
- commit d57aed6
- Refresh patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch.
- commit aec8493
- series.conf: cleanup
- update upstream references and resort:
  - patches.suse/scsi-core-Add-scsi_prot_ref_tag-helper.patch
  - patches.suse/scsi-ibmvfc-Do-not-wait-for-initial-device-scan.patch
  - patches.suse/scsi-lpfc-Add-256-Gb-link-speed-support.patch
  - patches.suse/scsi-lpfc-Add-PCI-ID-support-for-LPe37000-LPe38000-s.patch
  - patches.suse/scsi-lpfc-Call-discovery-state-machine-when-handling.patch
  - patches.suse/scsi-lpfc-Clear-outstanding-active-mailbox-during-PC.patch
  - patches.suse/scsi-lpfc-Copyright-updates-for-12.8.0.11-patches.patch
  - patches.suse/scsi-lpfc-Copyright-updates-for-14.0.0.0-patches.patch
  - patches.suse/scsi-lpfc-Delay-unregistering-from-transport-until-G.patch
  - patches.suse/scsi-lpfc-Discovery-state-machine-fixes-for-LOGO-han.patch
  - patches.suse/scsi-lpfc-Enable-adisc-discovery-after-RSCN-by-defau.patch
  - patches.suse/scsi-lpfc-Fix-KASAN-slab-out-of-bounds-in-lpfc_unreg.patch
  - patches.suse/scsi-lpfc-Fix-NULL-ptr-dereference-with-NPIV-ports-f.patch
  - patches.suse/scsi-lpfc-Fix-NVMe-support-reporting-in-log-message.patch
  - patches.suse/scsi-lpfc-Fix-cq_id-truncation-in-rq-create.patch
  - patches.suse/scsi-lpfc-Fix-function-description-comments-for-vmid.patch
  - patches.suse/scsi-lpfc-Fix-memory-leaks-in-error-paths-while-issu.patch
  - patches.suse/scsi-lpfc-Fix-possible-ABBA-deadlock-in-nvmet_xri_ab.patch
  - patches.suse/scsi-lpfc-Fix-target-reset-handler-from-falsely-retu.patch
  - patches.suse/scsi-lpfc-Improve-firmware-download-logging.patch
  - patches.suse/scsi-lpfc-Keep-NDLP-reference-until-after-freeing-th.patch
  - patches.suse/scsi-lpfc-Remove-REG_LOGIN-check-requirement-to-issu.patch
  - patches.suse/scsi-lpfc-Remove-redundant-assignment-to-pointer-pcm.patch
  - patches.suse/scsi-lpfc-Remove-use-of-kmalloc-in-trace-event-loggi.patch
  - patches.suse/scsi-lpfc-Revise-Topology-and-RAS-support-checks-for.patch
  - patches.suse/scsi-lpfc-Skip-issuing-ADISC-when-node-is-in-NPR-sta.patch
  - patches.suse/scsi-lpfc-Skip-reg_vpi-when-link-is-down-for-SLI3-in.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.11.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-14.0.0.0.patch
  - patches.suse/scsi-lpfc-Use-PBDE-feature-enabled-bit-to-determine-.patch
  - patches.suse/scsi-qla2xxx-Fix-spelling-mistakes-allloc-alloc.patch
  - patches.suse/scsi-qla2xxx-Fix-use-after-free-in-debug-code.patch
  - patches.suse/scsi-qla2xxx-Remove-redundant-continue-statement-in-.patch
  - patches.suse/scsi-qla2xxx-Remove-redundant-initialization-of-vari.patch
  - patches.suse/scsi-qla2xxx-Remove-unused-variable-status.patch
  - patches.suse/scsi-qla2xxx-Update-version-to-10.02.00.107-k.patch
  - patches.suse/scsi-qla2xxx-Use-the-proper-SCSI-midlayer-interfaces.patch
  - patches.suse/scsi-qla2xxx-edif-Add-authentication-pass-fail-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Add-detection-of-secure-device.patch
  - patches.suse/scsi-qla2xxx-edif-Add-doorbell-notification-for-app.patch
  - patches.suse/scsi-qla2xxx-edif-Add-encryption-to-I-O-path.patch
  - patches.suse/scsi-qla2xxx-edif-Add-extraction-of-auth_els-from-th.patch
  - patches.suse/scsi-qla2xxx-edif-Add-getfcinfo-and-statistic-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Add-key-update.patch
  - patches.suse/scsi-qla2xxx-edif-Add-send-receive-and-accept-for-au.patch
  - patches.suse/scsi-qla2xxx-edif-Add-start-stop-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Increment-command-and-completion-c.patch
- commit 9a3c219
- update patches metadata
  Once again, the nvme repository branch has been rebased so that patches
  from it must have their Git-commit tags updated to avoid git-sort errors.
- commit cca729c
- fix patch metadata
- fix Patch-mainline:
  patches.suse/NFS-Correct-size-calculation-for-create-reply-length.patch
- commit fbde034
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/nvme-code-command_id-with-a-genctr-for-use-after-fre.patch
  - patches.suse/nvme-pci-limit-maximum-queue-depth-to-4095.patch
  - patches.suse/nvme-tcp-don-t-check-blk_mq_tag_to_rq-when-receiving.patch
  - patches.suse/params-lift-param_set_uint_minmax-to-common-code.patch
- commit 5b98a5d
- cgroup: verify that source is a string (bsc#1190131).
- commit b8204f1
- blacklist.conf: Add 2ca11b0e043b cgroup: Fix kernel-doc
- commit 0b9195b
- Update patch reference for virtio_console fix (CVE-2021-38160 bsc#1190117)
- commit c8baed7
- scsi: libfc: Fix array index out of bound exception
  (bsc#1188616).
- commit de260d1
- nvme-tcp: Do not reset transport on data digest errors
  (bsc#1188418).
- nvme: only call synchronize_srcu when clearing current path
  (bsc#1188067).
- commit bbe789f
- VMCI: fix NULL pointer dereference when unmapping queue pair
  (git-fixes).
- commit 45162f9
- usb: host: xhci-rcar: Don't reload firmware after the completion
  (git-fixes).
- usb: bdc: Fix an error handling path in 'bdc_probe()' when no
  suitable DMA config is available (git-fixes).
- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
  (git-fixes).
- usb: gadget: mv_u3d: request_irq() after initializing UDC
  (git-fixes).
- usb: phy: tahvo: add IRQ check (git-fixes).
- usb: host: ohci-tmio: add IRQ check (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
  (git-fixes).
- usb: mtu3: fix the wrong HS mult value (git-fixes).
- usb: mtu3: use @mult for HS isoc or intr (git-fixes).
- usb: phy: twl6030: add IRQ checks (git-fixes).
- commit 2b2a9dc
- soc: qcom: smsm: Fix missed interrupts if state changes while
  masked (git-fixes).
- soc: qcom: rpmhpd: Use corner in power_off (git-fixes).
- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes).
- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes).
- usb: phy: fsl-usb: add IRQ check (git-fixes).
- usb: gadget: udc: at91: add IRQ check (git-fixes).
- usb: dwc3: meson-g12a: add IRQ check (git-fixes).
- tty: serial: fsl_lpuart: fix the wrong mapbase value
  (git-fixes).
- staging: rtl8192u: Fix bitwise vs logical operator in
  TranslateRxSignalStuff819xUsb() (git-fixes).
- commit 7e7cd62
- media: venus: venc: Fix potential null pointer dereference on
  pointer fmt (git-fixes).
- media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
  (git-fixes).
- media: stkwebcam: fix memory leak in stk_camera_probe
  (git-fixes).
- media: go7007: remove redundant initialization (git-fixes).
- media: go7007: fix memory leak in go7007_usb_probe (git-fixes).
- media: dvb-usb: Fix error handling in dvb_usb_i2c_init
  (git-fixes).
- media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
  (git-fixes).
- media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
  (git-fixes).
- media: cxd2880-spi: Fix an error handling path (git-fixes).
- commit c67010c
- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes).
- drm/msm/dsi: Fix some reference counted resource leaks
  (git-fixes).
- drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear
  necessary LMs (git-fixes).
- drm/amdgpu/acp: Make PM domain really work (git-fixes).
- drm/panfrost: Fix missing clk_disable_unprepare() on error in
  panfrost_clk_init() (git-fixes).
- media: TDA1997x: enable EDID support (git-fixes).
- fpga: zynqmp-fpga: Address warning about unused variable
  (git-fixes).
- fpga: xiilnx-spi: Address warning about unused variable
  (git-fixes).
- fpga: altera-freeze-bridge: Address warning about unused
  variable (git-fixes).
- commit 6aaa769
- dmaengine: imx-sdma: remove duplicated sdma_load_context
  (git-fixes).
- Revert "/dmaengine: imx-sdma: refine to load context only once"/
  (git-fixes).
- ASoC: wcd9335: Disable irq on slave ports in the remove function
  (git-fixes).
- ASoC: wcd9335: Fix a memory leak in the error handling path
  of the probe function (git-fixes).
- ASoC: wcd9335: Fix a double irq free in the remove function
  (git-fixes).
- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
  (git-fixes).
- ASoC: ti: delete some dead code in omap_abe_probe() (git-fixes).
- ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes).
- ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
  (git-fixes).
- commit bdcb5b3
- xprtrdma: Pad optimization, revisited (bsc#1189760).
- commit 0acbfd0
- Refresh
  patches.suse/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch.
- commit 2264bac
- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
  (CVE-2021-3640 bsc#1188172).
- commit a21f4da
- Move upstreamed BT fixes into sorted section
- commit 0de160e
- brcmfmac: pcie: fix oops on failure to resume and reprobe
  (git-fixes).
- bcma: Fix memory leak for internally-handled cores (git-fixes).
- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
  (git-fixes).
- rsi: fix an error code in rsi_probe() (git-fixes).
- rsi: fix error code in rsi_load_9116_firmware() (git-fixes).
- mac80211: Fix insufficient headroom issue for AMSDU (git-fixes).
- Bluetooth: add timeout sanity check to hci_inquiry (git-fixes).
- Bluetooth: fix repeated calls to sco_sock_kill (git-fixes).
- Bluetooth: increase BTNAMSIZ to 21 chars to fix potential
  buffer overflow (git-fixes).
- Bluetooth: sco: prevent information leak in
  sco_conn_defer_accept() (git-fixes).
- leds: trigger: audio: Add an activate callback to ensure the
  initial brightness is set (git-fixes).
- i2c: mt65xx: fix IRQ check (git-fixes).
- i2c: s3c2410: fix IRQ check (git-fixes).
- i2c: iop3xx: fix deferred probing (git-fixes).
- i2c: highlander: add IRQ check (git-fixes).
- mmc: moxart: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- PCI: PM: Enable PME if it can be signaled from D3cold
  (git-fixes).
- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
  (git-fixes).
- commit 9a711f4
- Add alt-commit for a BT fix patch (git-fixes)
- commit 3dbcbb3
- nvme-multipath: revalidate paths during rescan (bsc#1187211)
- commit b61f128
- usb: dwc3: Add support for DWC_usb32 IP (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Enable-suspend-events.patch.
- commit 8846c72
- vt_kdsetmode: extend console locking (bsc#1190025
  CVE-2021-3753).
- commit 025c5d0
- nbd: Aovid double completion of a request (git-fixes).
- commit 7a1bece
- nbd: Fix NULL pointer in flush_workqueue (git-fixes).
- dm rq: fix double free of blk_mq_tag_set in dev remove after
  table load fails (git-fixes).
- dm integrity: fix missing goto in bitmap_flush_interval error
  handling (git-fixes).
- drivers/block/null_blk/main: Fix a double free in null_init
  (git-fixes).
- dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes).
- nbd: don't update block size after device is started
  (git-fixes).
- commit 6df7d5d
- blacklist.conf: add following commit IDs,
- 27ba3e8ff3ab86449e63d38a8d623053591e65fa
- 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23
- 854f32648b8a5e424d682953b1a9f3b7c3322701
- a4c8dd9c2d0987cf542a2a0c42684c9c6d78a04e
- 24f6b6036c9eec21191646930ad42808e6180510
- 5b0fab508992c2e120971da658ce80027acbc405
- commit eb9efeb
- rpm: Abolish scritplet templating (bsc#1189841).
  Outsource kernel-binary and KMP scriptlets to suse-module-tools.
  This allows fixing bugs in the scriptlets as well as defining initrd
  regeneration policy independent of the kernel packages.
- commit 940cfb4
- usb: dwc2: Postponed gadget registration to the udc class driver
  (git-fixes).
- commit e55ae9a
- rpm/kernel-binary.spec.in: Use kmod-zstd provide.
  This makes it possible to use kmod with ZSTD support on non-Tumbleweed.
- commit 357f09a
- crypto: qat - use proper type for vf_mask (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- power: supply: max17042: handle fails of reading status register
  (git-fixes).
- spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes).
- spi: spi-pic32: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- regulator: vctrl: Avoid lockdep warning in enable/disable ops
  (git-fixes).
- regulator: vctrl: Use locked regulator_get_voltage in probe path
  (git-fixes).
- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
- commit d2a4523
- mm: swap: properly update readahead statistics in
  unuse_pte_range() (bsc#1187619).
- commit 6ceb471
- NFS: Correct size calculation for create reply length
  (bsc#1189870).
- commit 7843408
- sched/rt: Fix RT utilization tracking during policy change (git-fixes)
- commit 8fc8b7f
- sched/fair: Correctly insert cfs_rq's to list on unthrottle (git-fixes)
- commit 1732b9b
- rpm/kernel-binary.spec.in: avoid conflicting suse-release
  suse-release has arbitrary values in staging, we can't use it for
  dependencies. The filesystem one has to be enough (boo#1184804).
- commit 56f2cba
- kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes).
- commit 53f17d6
- usb: dwc3: gadget: Stop EP0 transfers during pullup disable
  (git-fixes).
- usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes).
- Revert "/USB: serial: ch341: fix character loss at high transfer
  rates"/ (git-fixes).
- can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange
  of the CAN RX and TX error counters (git-fixes).
- dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if
  controller is not yet available (git-fixes).
- dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
  (git-fixes).
- usb: dwc3: gadget: Properly track pending and queued SG
  (git-fixes).
- ath9k: Clear key cache explicitly on disabling hardware
  (git-fixes).
- ath: Use safer key clearing with key cache entries (git-fixes).
- Bluetooth: hidp: use correct wait queue when removing ctrl_wait
  (git-fixes).
- commit 6ee1085
- Revert "/mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN
  on BCM2711"/ (git-fixes).
- PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes).
- mmc: dw_mmc: Fix hang on data CRC error (git-fixes).
- dmaengine: xilinx_dma: Fix read-after-free bug when terminating
  transfers (git-fixes).
- USB: core: Avoid WARNings for 0-length descriptor requests
  (git-fixes).
- media: drivers/media/usb: fix memory leak in zr364xx_probe
  (git-fixes).
- media: zr364xx: fix memory leaks in probe() (git-fixes).
- media: zr364xx: propagate errors from zr364xx_start_readpipe()
  (git-fixes).
- commit de359d6
- cpuidle: Consolidate disabled state checks (bsc#1175543)
  patches.suse/cpuidle-Poll-for-a-minimum-of-30ns-and-poll-for-a-tick-if-lower-c-states-are-disabled.patch
  was refreshed as well by this patch for code adjustment.
- commit 486ca9f
- cpuidle: cpuidle_state kABI fix (bsc#1175543)
  The patch bsc1175543-cpuidle-Drop-disabled-field-from-struct-cpuidle_stat.patch
  Dropped the 'disabled' field in struct cpuidle_state because no drivers
  use it, They use the state flag instead.
  Fix kABI to avoid offset changes.
- commit aa615e8
- intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc#1180347, bsc#1180141)
- commit da07134
- intel_idle: Fix max_cstate for processor models without C-state tables (bsc#1175543)
- commit 81641db
- intel_idle: Ignore _CST if control cannot be taken from the platform (bsc#1175543)
- commit b93fbf1
- cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543)
- commit d669a61
- cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc#1175543)
- commit 8d2d96f
- intel_idle: Customize IceLake server support (bsc#1175543)
- commit 25d205d
- intel_idle: Annotate init time data structures (bsc#1175543)
  The patches.suse/intel_idle-Customize-IceLake-server-support.patch was
  refreshed as well by this patch for code adjustment.
- commit 2ed77d7
- Documentation: admin-guide: PM: Add intel_idle document (bsc#1175543)
- commit 65d3c96
- intel_idle: Use ACPI _CST on server systems (bsc#1175543)
  Below 2 patches were refreshed as well by this patch for code
  adjustment:
  patches.suse/intel_idle-convert-to-new-x86-cpu-match-macros.patch
  patches.suse/intel_idle-Customize-IceLake-server-support.patch
- commit f10f8c4
- intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc#1175543)
- commit 79ec477
- intel_idle: Allow ACPI _CST to be used for selected known processors (bsc#1175543)
- commit ecacb28
- cpuidle: Allow idle states to be disabled by default (bsc#1175543)
- commit 48a3541
- intel_idle: Use ACPI _CST for processor models without C-state tables (bsc#1175543)
- commit 9dbf3f1
- intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543)
- commit 462302a
- ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543)
- commit 70c6258
- ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc#1175543)
- commit c99fda3
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543)
- commit 9eb9d8c
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543)
- commit c0d7249
- ACPI: processor: Export function to claim _CST control (bsc#1175543)
- commit 66eadb0
- cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543)
- commit c479621
- net: qrtr: fix another OOB Read in qrtr_endpoint_post
  (CVE-2021-3743 bsc#1189883).
- net: qrtr: fix OOB Read in qrtr_endpoint_post (CVE-2021-3743
  bsc#1189883).
- commit 78ff8ba
- rpm: fix kmp install path
- commit 22ec560
- x86/kvm: fix vcpu-id indexed array sizes (git-fixes).
- commit 3288077
- btrfs: fix NULL pointer dereference when deleting device by
  invalid id (bsc#1189832 CVE-2021-3739).
- commit 6bfce07
- xen/events: Fix race in set_evtchn_to_irq (git-fixes).
- commit cfb3b9b
- nvme: code command_id with a genctr for use-after-free
  validation (bsc#1181972).
- nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
  (bsc#1181972).
- nvme-pci: limit maximum queue depth to 4095 (bsc#1181972).
- params: lift param_set_uint_minmax to common code (bsc#1181972).
- nvme: avoid possible double fetch in handling CQE (bsc#1181972).
- nvme-pci: fix NULL req in completion handler (bsc#1181972).
- nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth
  (bsc#1181972).
- nvme-pci: use unsigned for io queue depth (bsc#1181972).
- commit 01de302
- post.sh: detect /usr mountpoint too
- commit c7b3d74
- md/raid10: properly indicate failure when ending a failed
  write request (git-fixes).
- Refresh for the above change,
  patches.suse/md-display-timeout-error.patch.
- commit 2088aff
- kernel, fs: Introduce and use set_restart_fn() and
  arch_set_restart_data() (bsc#1189153).
- commit 8bf2f14
- kABI fix of usb_dcd_config_params (git-fixes).
- commit 8726268
- x86/fpu: Limit xstate copy size in xstateregs_set()
  (bsc#1152489).
- commit 33182b7
- blacklist.conf: 9625895011d1 x86/fpu: Fix copy_xstate_to_kernel() gap handling
- commit 50f6bfa
- scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650).
- commit 41aa06c
- usb: gadget: Export recommended BESL values (git-fixes).
- commit 96bbeda
- ovl: prevent private clone if bind mount is not allowed
  (bsc#1189706, CVE-2021-3732).
- commit d40514b
- blacklist.conf: 6c34df6f350d ("/tracing: Apply trace filters on all output channels"/)
  Requires at least commit 8cfcf15503f6 ("/tracing: kprobes: Output kprobe
  event to printk buffer"/) too. Let's wait if there is an actual problem
  for someone.
- commit ef40598
- kernel-binary.spec.in: make sure zstd is supported by kmod if used
- commit f36412b
- kernel-binary.spec.in: add zstd to BuildRequires if used
- commit aa61dba
- tracing / histogram: Fix NULL pointer dereference on strcmp()
  on NULL event name (git-fixes).
- commit bf4be33
- x86/signal: Detect and prevent an alternate signal stack
  overflow (bsc#1152489).
- commit 72c8a0d
- slimbus: ngd: reset dma setup during runtime pm (git-fixes).
- slimbus: messaging: check for valid transaction id (git-fixes).
- slimbus: messaging: start transaction ids from 1 instead of zero
  (git-fixes).
- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
  BCM2711 (git-fixes).
- mmc: sdhci-iproc: Cap min clock frequency on BCM2711
  (git-fixes).
- commit cc02968
- Fix breakage of swap over NFS (bsc#1188924).
- commit 9f3f2ef
- ASoC: intel: atom: Fix breakage for PCM buffer address setup
  (git-fixes).
- commit 0bed191
- rpm: support gz and zst compression methods
  Extend commit 18fcdff43a00 ("/rpm: support compressed modules"/) for
  compression methods other than xz.
- commit 3b8c4d9
- SUNRPC: 'Directory with parent 'rpc_clnt' already
  present!' (bsc#1168202 bsc#1188924).
- SUNRPC: fix use-after-free in rpc_free_client_work()
  (bsc#1168202 bsc#1188924).
- kabi fix for SUNRPC: defer slow parts of rpc_free_client()
  to a workqueue (bsc#1168202 bsc#1188924).
- SUNRPC: defer slow parts of rpc_free_client() to a workqueue
  (bsc#1168202 bsc#1188924).
- commit a690151
- PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes).
- PCI/MSI: Correct misleading comments (git-fixes).
- PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes).
- PCI/MSI: Enforce that MSI-X table entry is masked for update
  (git-fixes).
- PCI/MSI: Mask all unused MSI-X entries (git-fixes).
- i2c: dev: zero out array used for i2c reads from userspace
  (git-fixes).
- commit 4d62c8f
- ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
  (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15
  9510 laptop (git-fixes).
- ALSA: hda - fix the 'Capture Switch' value change notifications
  (git-fixes).
- commit bb87ddf
- s390/boot: fix use of expolines in the DMA code (bsc#1188878
  ltc#193771).
- commit 46381a6
- series.conf: cleanup
- move mainline backports to sorted section:
  - patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch
  - patches.suse/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested.patch
- commit 30636ef
- Fix kabi of prepare_to_wait_exclusive() (bsc#1189575).
- commit da7e3ca
- ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
  (bsc#1189587).
- commit ae93a20
- ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
  (bsc#1189586).
- commit 50b39b2
- ubifs: Only check replay with inode type to judge if inode
  linked (bsc#1187455).
- commit 3cfd5e7
- ubifs: Fix error return code in alloc_wbufs() (bsc#1189585).
- blacklist.conf:
- commit d0fe9df
- ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583).
- commit abd23d2
- ocfs2: issue zeroout to EOF blocks (bsc#1189582).
- commit 7960ad8
- ocfs2: fix snprintf() checking (bsc#1189581).
- commit ca894bd
- ocfs2: fix zero out valid data (bsc#1189579).
- commit 42e68bc
- writeback: fix obtain a reference to a freeing memcg css
  (bsc#1189577).
- commit b318f10
- ext4: fix potential htree corruption when growing large_dir
  directories (bsc#1189576).
- commit 13d68f1
- rq-qos: fix missed wake-ups in rq_qos_throttle try two
  (bsc#1189575).
- commit edbcd21
- fanotify: fix copy_event_to_user() fid error clean up
  (bsc#1189574).
- commit a8937b5
- bdi: Do not use freezable workqueue (bsc#1189573).
- commit 60e4174
- mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
  (bsc#1189569).
- commit 1b1dfcf
- ext4: cleanup in-core orphan list if ext4_truncate() failed
  to get a transaction handle (bsc#1189568).
- commit 0ace36d
- ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567).
- commit 4329025
- ext4: fix avefreec in find_group_orlov (bsc#1189566).
- commit d7bfbbd
- ext4: remove check for zero nr_to_scan in ext4_es_scan()
  (bsc#1189565).
- commit 3ca5f18
- ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
  (bsc#1189564).
- commit cd60859
- ext4: return error code when ext4_fill_flex_info() fails
  (bsc#1189563).
- commit 200d004
- ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562).
- commit fd9a225
- scsi: lpfc: Move initialization of phba->poll_list earlier to
  avoid crash (git-fixes).
- commit 92c63a5
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
  (bsc#1189399, CVE-2021-3653).
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
  (bsc#1189400, CVE-2021-3656).
- KVM: X86: MMU: Use the correct inherited permissions to get
  shadow page (CVE-2021-38198 bsc#1189262).
- commit 7902615
- usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes).
- commit 2a94579
- Revert "/xfrm: policy: Read seqcount outside of rcu-read side
  in xfrm_policy_lookup_bytype"/ (bsc#1185675).
  This revert was initially applied to SLE15-SP2-RT (70e4d04b75f). Since
  the reverted commit went into SLE15-SP2 (96f285dfa8b), the revert needs
  to move from SLE15-SP2-RT to SLE15-SP2.
- commit f32a28c
- Update
  patches.suse/ibmvnic-Allow-device-probe-if-the-device-is-not-read.patch
  (bsc#1167032 ltc#184087 bsc#1184114 ltc#192237).
- commit 8a87839
- blacklist.conf: add an entry for the reverted iTCO_wdt
- commit 4c97ae2
- usb: dwc3: gadget: Fix handling ZLP (git-fixes).
- commit 5e0eec9
- tracing: Reject string operand in the histogram expression
  (git-fixes).
- commit edab067
- tracing / histogram: Give calculation hist_fields a size
  (git-fixes).
- commit 49985ee
- blacklist.conf: 1e3bac71c505 ("/tracing/histogram: Rename "/cpu"/ to "/common_cpu"/"/)
  Better not to backport the commit as it changes the semantics of an
  existing field.
- commit 00d0183
- blacklist.conf: 6c881ca0b304 ("/afs: Fix tracepoint string placement with built-in AFS"/)
  CONFIG_AFS_FS is not set on SLE15-SP2. It is on SLE15-SP3 but only as a
  module, not built-in. No need to backport the commit.
- commit 43483b1
- bpf: Fix leakage due to insufficient speculative store
  bypass mitigation (bsc#1188983, bsc#1188985, CVE-2021-34556,
  CVE-2021-35477).
- bpf: Introduce BPF nospec instruction for mitigating Spectre v4
  (bsc#1188983, bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit f87c7ce
- blk-iolatency: error out if blk_get_queue() failed in
  iolatency_set_limit() (bsc#1189507).
- commit b15ef07
- blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling
  (bsc#1189506).
- commit 7fe32f7
- block: fix trace completion for chained bio (bsc#1189505).
- commit 47344da
- blk-wbt: make sure throttle is enabled properly (bsc#1189504).
- commit 7b07185
- blk-wbt: introduce a new disable state to prevent false positive
  by rwb_enabled() (bsc#1189503).
- commit 798c57a
- misc: rtsx: do not setting OC_POWER_DOWN reg in
  rtsx_pci_init_ocp() (git-fixes).
- misc: atmel-ssc: lock with mutex instead of spinlock
  (git-fixes).
- commit 55d9570
- gpio: eic-sprd: break loop when getting NULL device resource
  (git-fixes).
- Revert "/gpio: eic-sprd: Use devm_platform_ioremap_resource()"/
  (git-fixes).
- commit 990b695
- Revert a BT patch that was reverted on stable trees (git-fixes)
  Delete patches.suse/Bluetooth-Shutdown-controller-after-workqueues-are-f.patch
- commit 127d54b
- mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
  (git-fixes).
- commit 0a223c6
- x86/fpu: Make init_fpstate correct with optimized XSAVE
  (bsc#1152489).
- commit 603fc19
- kernel-binary.spec: Require dwarves for kernel-binary-devel when BTF is
  enabled (jsc#SLE-17288).
  About the pahole version: v1.18 should be bare mnimum, v1.22 should be
  fully functional, for now we ship git snapshot with fixes on top of
  v1.21.
- commit 8ba3382
- x86/fpu: Reset state for all signal restore failures
  (bsc#1152489).
- commit f42aa15
- blacklist.conf: blacklist davicom legacy ethernet driver
- commit 78e9c10
- usb: dwc3: gadget: Check MPS of the request length (git-fixes).
- commit 0d1e1fe
- Drop watchdog iTCO_wdt patch that causes incompatible behavior (bsc#1189449)
  Also blacklisted
- commit e5dd4ab
- s390/ap: Fix hanging ioctl caused by wrong msg counter
  (bsc#1188982 LTC#193817).
- commit 7e146ac
- Bluetooth: switch to lock_sock in SCO (CVE-2021-3640
  bsc#1188172).
- Bluetooth: avoid circular locks in sco_sock_connect
  (CVE-2021-3640 bsc#1188172).
- commit f2d375d
- Update patch reference for a BT fix (CVE-2021-3640 bsc#1188172)
- commit 98aa089
- powerpc/pseries: Fix update of LPAR security flavor after LPM
  (bsc#1188885 ltc#193722 git-fixes).
- commit fbccd6a
- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep
  disable (git-fixes).
- commit 5733c23
- usb: dwc3: gadget: Disable gadget IRQ during pullup disable
  (git-fixes).
- usb: dwc3: gadget: Prevent EP queuing while stopping transfers
  (git-fixes).
- commit 124c915
- PCI/MSI: Do not set invalid bits in MSI mask (git-fixes).
- PCI/MSI: Enable and mask MSI-X early (git-fixes).
- ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes).
- iio: adc: Fix incorrect exit of for-loop (git-fixes).
- iio: humidity: hdc100x: Add margin to the conversion time
  (git-fixes).
- iio: adc: ti-ads7950: Ensure CS is deasserted after reading
  channels (git-fixes).
- USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes).
- usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup
  (git-fixes).
- usb: dwc3: Stop active transfers before halting the controller
  (git-fixes).
- commit 627b67a
- config: refresh
- commit a299bb8
- ceph: take snap_empty_lock atomically with snaprealm refcount
  change (bsc#1189427).
- ceph: reduce contention in ceph_check_delayed_caps()
  (bsc#1187468).
- commit 93c7440
- blacklist.conf: Add 'fix poly1305_core_setkey() declaration'
  Commit 8d195e7a8ada ("/crypto: poly1305 - fix poly1305_core_setkey()
  declaration"/) is a cleanup which breaks kABI.
- commit 37e4183
- scsi: blkcg: Fix application ID config options (bsc#1189385
  jsc#SLE-18970).
- Update config files.
- commit 1317caa
- crypto: x86/curve25519 - fix cpu feature checking logic in
  mod_exit (git-fixes).
- wireguard: allowedips: free empty intermediate nodes when
  removing single node (git-fixes).
- wireguard: allowedips: allocate nodes in kmem_cache (git-fixes).
- wireguard: allowedips: remove nodes in O(1) (git-fixes).
- commit 6aa0bda
- USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
  (git-fixes).
- USB: serial: option: add Telit FD980 composition 0x1056
  (git-fixes).
- USB: serial: ch341: fix character loss at high transfer rates
  (git-fixes).
- usb: gadget: f_hid: idle uses the highest byte for duration
  (git-fixes).
- usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
  (git-fixes).
- usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes).
- commit f089244
- ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes).
- ASoC: xilinx: Fix reference to PCM buffer address (git-fixes).
- ASoC: intel: atom: Fix reference to PCM buffer address
  (git-fixes).
- ASoC: tlv320aic31xx: Fix jack detection after suspend
  (git-fixes).
- spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes).
- virt_wifi: fix error on connect (git-fixes).
- commit 690710b
- staging: rtl8712: get rid of flush_scheduled_work (git-fixes).
- staging: rtl8723bs: Fix a resource leak in sd_int_dpc
  (git-fixes).
- serial: 8250_mtk: fix uart corruption issue when rx power off
  (git-fixes).
- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
- soc: ixp4xx: fix printing resources (git-fixes).
- spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
  (git-fixes).
- spi: meson-spicc: fix memory leak in meson_spicc_remove
  (git-fixes).
- pcmcia: i82092: fix a null pointer dereference bug (git-fixes).
- libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes).
- spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
  (git-fixes).
- commit 24af025
- ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes).
- ASoC: cs42l42: Remove duplicate control for WNF filter frequency
  (git-fixes).
- ASoC: cs42l42: Fix inversion of ADC Notch Switch control
  (git-fixes).
- ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J (git-fixes).
- ASoC: cs42l42: Correct definition of ADC Volume control
  (git-fixes).
- firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
  fw_load_sysfs_fallback (git-fixes).
- Revert "/ACPICA: Fix memory leak caused by _CID repair function"/
  (git-fixes).
- dmaengine: imx-dma: configure the generic DMA type to make it
  work (git-fixes).
- ALSA: usb-audio: fix incorrect clock source setting (git-fixes).
- commit 20c4d69
- scsi: qla2xxx: Remove redundant initialization of variable
  num_cnt (bsc#1189392).
- scsi: qla2xxx: Fix use after free in debug code (bsc#1189392).
- scsi: qla2xxx: Fix spelling mistakes "/allloc"/ -> "/alloc"/
  (bsc#1189392).
- scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392).
- scsi: qla2xxx: edif: Increment command and completion counts
  (bsc#1189392).
- scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392).
- scsi: qla2xxx: edif: Add doorbell notification for app
  (bsc#1189392).
- scsi: qla2xxx: edif: Add detection of secure device
  (bsc#1189392).
- scsi: qla2xxx: edif: Add authentication pass + fail bsgs
  (bsc#1189392).
- scsi: qla2xxx: edif: Add key update (bsc#1189392).
- scsi: qla2xxx: edif: Add extraction of auth_els from the wire
  (bsc#1189392).
- scsi: qla2xxx: edif: Add send, receive, and accept for auth_els
  (bsc#1189392).
- scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs
  (bsc#1189392).
- scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392).
- scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392).
- scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI
  (bsc#1189392).
- scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392).
- scsi: qla2xxx: Remove redundant continue statement in a for-loop
  (bsc#1189392).
- scsi: qla2xxx: Add heartbeat check (bsc#1189392).
- scsi: qla2xxx: Use list_move_tail() instead of
  list_del()/list_add_tail() (bsc#1189392).
- scsi: qla2xxx: Remove duplicate declarations (bsc#1189392).
- scsi: qla2xxx: Log PCI address in
  qla_nvme_unregister_remote_port() (bsc#1189392).
- scsi: qla2xxx: Remove redundant assignment to rval
  (bsc#1189392).
- scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
  (bsc#1189392).
- scsi: qla2xxx: Fix error return code in
  qla82xx_write_flash_dword() (bsc#1189392).
- commit 4f97d8a
- scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted()
  (bsc#1189385).
- scsi: lpfc: Remove redundant assignment to pointer pcmd
  (bsc#1189385).
- scsi: lpfc: Copyright updates for 14.0.0.0 patches
  (bsc#1189385).
- scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385).
- scsi: lpfc: Add 256 Gb link speed support (bsc#1189385).
- scsi: lpfc: Revise Topology and RAS support checks for new
  adapters (bsc#1189385).
- scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385).
- scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series
  adapters (bsc#1189385).
- scsi: lpfc: Copyright updates for 12.8.0.11 patches
  (bsc#1189385).
- scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385).
- scsi: lpfc: Skip issuing ADISC when node is in NPR state
  (bsc#1189385).
- scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC
  cmpl path (bsc#1189385).
- scsi: lpfc: Call discovery state machine when handling
  PLOGI/ADISC completions (bsc#1189385).
- scsi: lpfc: Delay unregistering from transport until GIDFT or
  ADISC completes (bsc#1189385).
- scsi: lpfc: Enable adisc discovery after RSCN by default
  (bsc#1189385).
- scsi: lpfc: Use PBDE feature enabled bit to determine PBDE
  support (bsc#1189385).
- scsi: lpfc: Clear outstanding active mailbox during PCI function
  reset (bsc#1189385).
- scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi()
  routine (bsc#1189385).
- scsi: lpfc: Remove REG_LOGIN check requirement to issue an
  ELS RDF (bsc#1189385).
- scsi: lpfc: Fix memory leaks in error paths while issuing ELS
  RDF/SCR request (bsc#1189385).
- scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF
  handling (bsc#1189385).
- scsi: lpfc: Keep NDLP reference until after freeing the IOCB
  after ELS handling (bsc#1189385).
- scsi: lpfc: Fix target reset handler from falsely returning
  FAILURE (bsc#1189385).
- scsi: lpfc: Discovery state machine fixes for LOGO handling
  (bsc#1189385).
- scsi: lpfc: Fix function description comments for vmid routines
  (bsc#1189385).
- scsi: lpfc: Improve firmware download logging (bsc#1189385).
- scsi: lpfc: Remove use of kmalloc() in trace event logging
  (bsc#1189385).
- scsi: lpfc: Fix NVMe support reporting in log message
  (bsc#1189385).
- scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385).
- scsi: lpfc: Use list_move_tail() instead of
  list_del()/list_add_tail() (bsc#1189385).
- scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker
  thread (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Append the VMID to the wqe before sending
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement ELS commands for appid
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add support for VMID in mailbox command
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc
  (bsc#1189385 jsc#SLE-18970).
- scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc#SLE-18970).
- Update config files
  Add kABI fixup patch
- patches.kabi/blk-cgroup-kABI-fixes-for-new-fc_app_id-definition.patch
- scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: Remove redundant assignment to pointer temp_hdr
  (bsc#1189385).
- commit e47f569
- nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384).
- commit da8a2b6
- README: Modernize build instructions.
- commit 8cc5c28
- ovl: allow upperdir inside lowerdir (bsc#1189323).
- ovl: fix missing revert_creds() on error path (bsc#1189323).
- ovl: skip getxattr of security labels (bsc#1189323).
- ovl: perform vfs_getxattr() with mounter creds (bsc#1189323).
- ovl: expand warning in ovl_d_real() (bsc#1189323).
- commit d2a0c13
- rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305)
- commit 7f9ade7
- platform/x86: pcengines-apuv2: Add missing terminating entries
  to gpio-lookup tables (git-fixes).
- commit e6925d8
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/NFSv4-Initialise-connection-to-the-server-in-nfs4_al.patch
  - patches.suse/NFSv4-pNFS-Don-t-call-_nfs4_pnfs_v3_ds_connect-multi.patch
  - patches.suse/SUNRPC-Fix-the-batch-tasks-count-wraparound.patch
  - patches.suse/SUNRPC-Should-wake-up-the-privileged-task-firstly.patch
  - patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
- commit bd541fa
- net: ll_temac: Fix TX BD buffer overwrite (CVE-2021-38207
  bsc#1189298).
- commit 64dedf9
- scsi: zfcp: Report port fc_security as unknown early during
  remote cable pull (git-fixes).
- commit 071c9e5
- net: xilinx_emaclite: Do not print real IOMEM pointer
  (CVE-2021-38205 bsc#1189292).
- commit 1e538f8
- Update patch reference for a USB max3421 HCD fix (CVE-2021-38204 bsc#1189291)
- commit 68d7672
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
  state (bsc#1184180).
- commit 435d2bf
- usb: dwc3: gadget: Don't setup more than requested (git-fixes).
- commit d278880
- usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init
  (git-fixes).
- commit bc358f9
- ocfs2: initialize ip_next_orphan (bsc#1186731).
- commit fd80e8c
- NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
  (git-fixes).
- SUNRPC: Should wake up the privileged task firstly (git-fixes).
- SUNRPC: Fix the batch tasks count wraparound (git-fixes).
- nfs: fix acl memory leak of posix_acl_create() (git-fixes).
- commit 1bdda2d
- NFSv4: Initialise connection to the server in
  nfs4_alloc_client() (bsc#1040364).
- Delete
  patches.suse/0001-NFSv4-don-t-let-hanging-mounts-block-other-mounts.patch.
  Upstream now has a fix for this bug, so use their version instead of ours.
- commit 350271e
- usb: dwc3: gadget: Give back staled requests (git-fixes).
- commit c4cb23f
- usb: dwc3: support continuous runtime PM with dual role
  (git-fixes).
- commit f340e0b
- iommu/vt-d: Global devTLB flush when present context entry
  changed (bsc#1189220).
- iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229).
- iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214).
- iommu/amd: Fix extended features logging (bsc#1189213).
- iommu/vt-d: Define counter explicitly as unsigned int
  (bsc#1189216).
- iommu/arm-smmu-v3: Decrease the queue size of evtq and priq
  (bsc#1189210).
- crypto: ccp - Annotate SEV Firmware file names (bsc#1189212).
- iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218).
- iommu/vt-d: Check for allocation failure in aux_detach_device()
  (bsc#1189215).
- iommu/vt-d: Force to flush iotlb before creating superpage
  (bsc#1189219).
- iommu/vt-d: Invalidate PASID cache when root/context entry
  changed (bsc#1189221).
- iommu/vt-d: Don't set then clear private data in
  prq_event_thread() (bsc#1189217).
- iommu/vt-d: Reject unsupported page request modes (bsc#1189222).
- iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
  (bsc#1189209).
- commit f116a8f
- blacklist.conf: Add two IOMMU fixes
  b9abb19fa5fd iommu: Check dev->iommu in iommu_dev_xxx functions
  474dd1c65064 iommu/vt-d: Fix clearing real DMA device's scalable-mode context entries
- commit 2db8dfc
- powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats
  unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769
  git-fixes).
- commit c109f3e
- Fix filesystem requirement and suse-release requires
  Reduce filesystem conflict to anything less than 16 to allow pulling the
  change into the next major stable version.
  Don't require suse-release as that's not technically required. Conflict
  with a too old one instead.
- commit 913f755
- iwlwifi: rs-fw: don't support stbc for HE 160 (git-fixes).
- commit 981ddc7
- blacklist.conf: obsoleted by 8d396bb0a5b62b326f6be7594d8bd46b088296bd
- commit d9ae913
- USB: usbtmc: Fix RCU stall warning (git-fixes).
- commit 8c8f7df
- powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148
  ltc#190702 git-fixes).
- commit 8c2e999
- powerpc/pseries: Fix regression while building external modules
  (bsc#1160010 ltc#183046 git-fixes).
  This changes a GPL symbol to general symbol which is kABI change but not
  kABI break.
- commit 5db0ce9
- powerpc/papr_scm: Reduce error severity if nvdimm stats
  inaccessible (bsc#1189197 ltc#193906).
- commit 9021659
- firmware_loader: fix use-after-free in firmware_fallback_sysfs
  (git-fixes).
- serial: tegra: Only print FIFO error message when an error
  occurs (git-fixes).
- serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes).
- spi: mediatek: Fix fifo transfer (git-fixes).
- ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits
  (git-fixes).
- spi: stm32h7: fix full duplex irq handler handling (git-fixes).
- regulator: rt5033: Fix n_voltages settings for BUCK and LDO
  (git-fixes).
- commit 8f575e8
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/ALSA-hda-realtek-Fix-headset-mic-for-Acer-SWIFT-SF31.patch
  - patches.suse/ALSA-hda-realtek-add-mic-quirk-for-Acer-SF314-42.patch
  - patches.suse/ALSA-seq-Fix-racy-deletion-of-subscriber.patch
  - patches.suse/ALSA-usb-audio-Add-registration-quirk-for-JBL-Quantu-4b0556b96e1f.patch
  - patches.suse/ALSA-usb-audio-Fix-superfluous-autosuspend-recovery.patch
- commit 486a747
- ALSA: seq: Fix racy deletion of subscriber (git-fixes).
- ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 600
  (git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56
  (ALC256) (git-fixes).
- ALSA: usb-audio: Fix superfluous autosuspend recovery
  (git-fixes).
- commit 57d9208
- net: dsa: mv88e6xxx: also read STU state in
  mv88e6250_g1_vtu_getnext (git-fixes).
- commit 4d3a9e0
- Bluetooth: defer cleanup of resources in hci_unregister_dev()
  (git-fixes).
- commit 38ad73f
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/NFSv4.1-Don-t-rebind-to-the-same-source-port-when-re.patch
  - patches.suse/SUNRPC-prevent-port-reuse-on-transports-which-don-t-.patch
- commit 5e54e89
- blacklist.conf: kABI changes due to kvm_mmu_rule struct.
- commit f3e0e69
- Refresh patches.suse/Input-ili210x-add-missing-negation-for-touch-indicat.patch
  Fix missing parentheses in the input backport patch.
- commit 0913716
- rpm/kernel-source.rpmlintrc: ignore new include/config files
  In 5.13, since 0e0345b77ac4, config files have no longer .h suffix.
  Adapt the zero-length check.
  Based on Martin Liska's change.
- commit b6f021b
- gpio: tqmx86: really make IRQ optional (git-fixes).
- media: videobuf2-core: dequeue if start_streaming fails
  (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes).
- clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
  (git-fixes).
- cfg80211: Fix possible memory leak in function
  cfg80211_bss_update (git-fixes).
- commit 7dd3f8c
- SUNRPC: prevent port reuse on transports which don't request it
  (bnc#1186264 bnc#1189021).
- commit a89b568
- kabi fix for NFSv4.1: Don't rebind to the same source port when
  reconnecting to the server
  (bnc#1186264 bnc#1189021)
- commit 844eb4c
- NFSv4.1: Don't rebind to the same source port when
  (bnc#1186264 bnc#1189021)
- commit 4b89a40
- btrfs: rework chunk allocation to avoid exhaustion of the
  system chunk array (bsc#1189077).
- btrfs: fix deadlock with concurrent chunk allocations involving
  system chunks (bsc#1189077).
- btrfs: move the chunk_mutex in btrfs_read_chunk_tree
  (bsc#1189077).
- btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk
  (bsc#1189077).
- btrfs: parameterize dev_extent_min for chunk allocation
  (bsc#1189077).
- btrfs: factor out create_chunk() (bsc#1189077).
- btrfs: factor out decide_stripe_size() (bsc#1189077).
- btrfs: factor out gather_device_info() (bsc#1189077).
- btrfs: factor out init_alloc_chunk_ctl (bsc#1189077).
- btrfs: introduce alloc_chunk_ctl (bsc#1189077).
- btrfs: refactor find_free_dev_extent_start() (bsc#1189077).
- btrfs: introduce chunk allocation policy (bsc#1189077).
- btrfs: handle invalid profile in chunk allocation (bsc#1189077).
- commit 707ed65
- tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop
  (CVE-2021-3679 bsc#1189057).
- commit 49b5ebf
- net/mlx5: Properly convey driver version to firmware
  (git-fixes).
- commit 44d8f42
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- commit ac61742
- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
- commit 75096f3
- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
- commit 524d35f
- Update kabi files.
- update from August 2021 maintenance update submission (commit a13100d5f167)
- commit 75dc981
- blacklist.conf: add macsonic driver
- commit 688a554
- cifs: do not share tcp sessions of dfs connections
  (bsc#1185902).
- commit 78eb685
- cifs: prevent NULL deref in cifs_compose_mount_options()
  (bsc#1185902).
- commit a798607
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- commit 17b0494
- cifs: fix check of dfs interlinks (bsc#1185902).
- commit 1db4f4d
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- commit 064a32d
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- commit 65332c5
- cifs: set a minimum of 2 minutes for refreshing dfs cache
  (bsc#1185902).
- commit 1a16c86
- cifs: fix path comparison and hash calc (bsc#1185902).
- commit 9ae40ff
- cifs: handle different charsets in dfs cache (bsc#1185902).
- commit 7b185cd
- cifs: keep referral server sessions alive (bsc#1185902).
- commit a6fba08
- workqueue: fix UAF in pwq_unbound_release_workfn()
  (bsc#1188973).
- commit b02980f
- can: esd_usb2: fix memory leak (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma
  initialization (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- nfc: nfcsim: fix use after free during module unload
  (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
  (git-fixes).
- Revert "/ACPI: resources: Add checks for ACPI IRQ override"/
  (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of
  pending messages (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer
  overflow (git-fixes).
- commit 7ff2c84
- fix patch metadata
- fix Patch-mainline:
  patches.suse/xfrm-xfrm_state_mtu-should-return-at-least-1280-for-.patch
- commit e52bdda
- ixgbe: Fix packet corruption due to missing DMA sync
  (git-fixes).
- bnxt_en: Check abort error state in bnxt_half_open_nic()
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in
  bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: don't disable an already disabled PCI device
  (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Check if num of q_vectors is smaller than max before
  array access (git-fixes).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()'
  (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- ixgbe: Fix an error handling path in 'ixgbe_probe()'
  (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- virtio_net: move tx vq operation under tx queue lock
  (git-fixes).
- Revert "/be2net: disable bh with spin_lock in be_process_mcc"/
  (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce()
  (git-fixes).
- mvpp2: suppress warning (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe()
  (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel
  (git-fixes).
- commit 3de5d62
- powerpc/security: Fix link stack flush instruction (bsc#1188885
  ltc#193722).
- commit 6d617e8
- cifs: get rid of @noreq param in __dfs_cache_find()
  (bsc#1185902).
- commit 7f4ff26
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- commit 96ce669
- cifs: Remove unused inline function is_sysvol_or_netlogon()
  (bsc#1185902).
- commit 7d7b6d5
- powerpc/64s: Move branch cache flushing bcctr variant to
  ppc-ops.h (bsc#1188885 ltc#193722).
- commit 837e7fa
- powerpc/security: Allow for processors that flush the link
  stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code
  patching (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more
  consistent (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush
  type enum (bsc#1188885 ltc#193722).
- Delete patches.suse/powerpc-add-link-stack-flush-mitigation-in-debugfs.patch
- replaced with upstream security mitigation cleanup
- powerpc/security: re-name count cache flush to branch cache
  flush (bsc#1188885 ltc#193722).
- commit e35bcce
- powerpc/pesries: Get STF barrier requirement from
  H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier
  (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits
  from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg
  (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to
  _setup_security_mitigations (bsc#1188885 ltc#193722).
- Refresh patches.suse/powerpc-pseries-mobility-notify-network-peers-after-.patch.
- powerpc/pseries: add new branch prediction security bits for
  link stack (bsc#1188885 ltc#193722).
- commit 3f019e2
- Update patch-mainline and git-commit tags
  Refresh:
  - patches.suse/0001-netfilter-conntrack-add-new-sysctl-to-disable-RST-ch.patch
  - patches.suse/0001-netfilter-conntrack-improve-RST-handling-when-tuple-.patch
- commit 758ec5c
- Move upstreamed patches to sorted section
- commit e174d5e
- net: mac802154: Fix general protection fault (CVE-2021-3659
  bsc#1188876).
- commit 61caeac
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
  (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family
  (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
  (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency
  is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL)
  calculations (git-fixes).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- spi: imx: add a check for speed_hz before calculating the clock
  (git-fixes).
- commit cbaa23f
- firmware/efi: Tell memblock about EFI iomem reservations
  (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
  (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api
  val argument (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- commit 4603b01
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6
  (bsc#1185377).
- commit c3c4cb5
- use 3.0 SPDX identifier in rpm License tags
  As requested by Maintenance, change rpm License tags from "/GPL-2.0"/
  (SPDX 2.0) to "/GPL-2.0-only"/ (SPDX 3.0) so that their scripts do not have
  to adjust the tags with each maintenance update submission.
- commit f888e0b
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake()
  when using s2idle (git-fixes).
- commit 28541e7
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
  (git-fixes).
- commit ffedcc6
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage
  after platform_get_irq() (git-fixes).
- commit 4131c57
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding
  gpiochip (git-fixes).
- commit 88a6182
- KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (bsc#1188838
  CVE-2021-37576).
- commit 0162dcd
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup
  (git-fixes).
- commit 017d588
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version
  command (git-fixes).
- commit a8f01e1
- Input: ili210x - add missing negation for touch indication on
  ili210x (git-fixes).
- commit 0575cf5
- KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790).
- commit 81b4c99
- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit
  RSB path (bsc#1188788).
- commit f2e225f
- KVM: VMX: Enable machine check support for 32bit targets
  (bsc#1188787).
- commit 388d3fb
- KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
  (bsc#1188786).
- commit c5de014
- KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check
  in !64-bit (bsc#1188784).
- commit 08b2951
- KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
  (bsc#1188783).
- commit 5f8f317
- KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
  (bsc#1188782).
- commit ef7bd2d
- KVM: nVMX: Reset the segment cache when stuffing guest segs
  (bsc#1188781).
- commit 8984ecb
- KVM: nVMX: Really make emulated nested preemption timer pinned
  (bsc#1188780).
- commit 597c5f3
- KVM: nVMX: Preserve exception priority irrespective of exiting
  behavior (bsc#1188777).
- commit 9024fbf
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
  (bsc#1188774).
- commit 7334e84
- KVM: nVMX: Consult only the "/basic"/ exit reason when routing
  nested exit (bsc#1188773).
- commit f7ab15a
- kvm: LAPIC: Restore guard to prevent illegal APIC register
  access (bsc#1188772).
- commit 8a9a1d5
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic
  is hw disabled (bsc#1188771).
- commit 7610884
- kvm: i8254: remove redundant assignment to pointer s
  (bsc#1188770).
- commit f768a8a
- ceph: don't WARN if we're still opening a session to an MDS
  (bsc#1188748).
- rbd: don't hold lock_rwsem while running_list is being drained
  (bsc#1188747).
- rbd: always kick acquire on "/acquired"/ and "/released"/
  notifications (bsc#1188746).
- commit 5813020
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- commit aaa3cb6
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom
  (git-fixes).
- commit 43e0b14
- mt76: mt7615: increase MCU command timeout (git-fixes).
- commit 1ca559f
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- commit 606bd07
- ibmvnic: retry reset if there are no other resets (bsc#1184350
  ltc#191533).
- commit fccec64
- cifs: do not fail __smb_send_rqst if non-fatal signals are
  pending (git-fixes).
- commit 80eef04
- cifs: fix interrupted close commands (git-fixes).
- commit 9eae08a
- cifs: Fix preauth hash corruption (git-fixes).
- commit a2ac7b0
- cifs: Return correct error code from smb2_get_enc_key
  (git-fixes).
- commit ffe15e7
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- commit f974156
- uuid: Add inline helpers to import / export UUIDs (FATE#326628,
  bsc#1113295, git-fixes).
- commit 5ef7dcb
- Drop media rtl28xxu fix patch (bsc#1188683)
  The recent backport of
  patches.suse/media-rtl28xxu-fix-zero-length-control-request.patch
  caused a regression on Astrometa DVB-T2.
  Revert and blacklist it for now.
- commit 1ae8d64
- series.conf: cleanup
- update upstream references and move into sorted section:
  - patches.suse/r8152-Fix-a-deadlock-by-doubly-PM-resume.patch
  - patches.suse/r8152-Fix-potential-PM-refcount-imbalance.patch
- commit 425c935
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- commit fb8c7fc
- ceph: clean up and optimize ceph_check_delayed_caps()
  (bsc#1187468).
- commit 33a74a3
- sfp: Fix error handing in sfp_probe() (git-fixes).
- commit 3f0aed6
- cadence: force nonlinear buffers to be cloned (git-fixes).
- commit 4b76907
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- commit 6e609d3
- ravb: Fix bit fields checking in ravb_hwtstamp_get()
  (git-fixes).
- commit ed39fda
- net: hns3: Clear the CMDQ registers before unmapping BAR region
  (git-fixes).
- commit 57704e2
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- commit 23af1ba
- net: wilc1000: clean up resource in error path of init mon
  interface (git-fixes).
- commit aa75b92
- Update patches.suse/ibmvnic-account-for-bufs-already-saved-in-indir_buf.patch
  (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290 bsc#1188620
  ltc#192221).
- Update patches.suse/ibmvnic-free-tx_pool-if-tso_pool-alloc-fails.patch
  (bsc#1085224 ltc#164363 bsc#1188620 ltc#192221).
- Update patches.suse/ibmvnic-parenthesize-a-check.patch
  (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes
  bsc#1188620 ltc#192221).
- Update patches.suse/ibmvnic-set-ltb-buff-to-NULL-after-freeing.patch
  (bsc#1094840 ltc#167098 bsc#1188620 ltc#192221).
- commit 8147958
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- commit 8bf9d02
- blacklist.conf: kABI
- commit 7c940a5
- blacklist.conf: cosmetic cleanup
- commit 29705c7
- blacklist.conf: kABI
- commit 839f900
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type
  (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- thermal/core: Correct function name
  thermal_zone_device_unregister() (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- commit c39f899
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- Revert "/USB: quirks: ignore remote wake-up on Fibocom L850-GL
  LTE modem"/ (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode
  (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after
  usb_pkt_pop() (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- commit c637f14
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- commit 2c19bb5
- scsi: fc: Add 256GBit speed setting to SCSI FC transport
  (bsc#1188101).
- commit 62c8708
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- commit 539ea44
- drm/panel: raspberrypi-touchscreen: Prevent double-free
  (git-fixes).
- media: ngene: Fix out-of-bounds bug in
  ngene_command_config_free_buf() (git-fixes).
- liquidio: Fix unintentional sign extension issue on left shift
  of u16 (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again
  (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- commit 44fe76d
- bcache: avoid oversized read request in cache missing code path
  (bsc#1184631).
- bcache: remove bcache device self-defined readahead
  (bsc#1184631).
- commit aaf8eb0
- KVM: do not allow mapping valid but non-reference-counted pages
  (bsc#1186482, CVE-2021-22543).
- KVM: Use kvm_pfn_t for local PFN variable in
  hva_to_pfn_remapped() (bsc#1186482, CVE-2021-22543).
- KVM: do not assume PTE is writable after follow_pfn
  (bsc#1186482, CVE-2021-22543).
- commit 3795669
- xen/events: reset active flag for lateeoi events later
  (git-fixes).
- Refresh patches.suse/xen-events-fix-setting-irq-affinity.patch.
- commit e51ccb0
- RDMA/cma: Fix incorrect Packet Lifetime calculation
  (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- bpf: Fix integer overflow in argument calculation for
  bpf_map_area_alloc (bsc#1154353).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for
  efficiency (jsc#SLE-7926).
- commit 94fef56
- series.conf: cleanup
- update upstream reference and move into sorted section:
  - patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- commit 07df461
- Update
  patches.suse/ARM-ensure-the-signal-page-contains-defined-contents.patch
  (CVE-2021-21781 bsc#1188445).
- commit 47f3aa1
- watchdog: iTCO_wdt: Account for rebooting on second timeout
  (git-fixes).
- watchdog: Fix possible use-after-free by calling
  del_timer_sync() (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in
  wdt_turnoff() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup()
  (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- commit 0fe04be
- virtio_console: Assure used length from device is limited
  (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Don't disable clocks at device remove time
  (git-fixes).
- pwm: spear: Don't modify HW state in .remove callback
  (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE
  (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind()
  (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors
  (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error
  handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division
  or modulo by zero (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device
  (git-fixes).
- commit 966e79d
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
  (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
  (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt
  trigger type (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE
  (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE
  (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind
  (git-fixes).
- commit 74628f5
- iio: magn: bmc150: Balance runtime pm + use
  pm_runtime_resume_and_get() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use
  pm_runtime_resume_and_get() (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
  (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one
  (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
  (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
  (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around
  initrds (git-fixes).
- commit 14f42b7
- backlight: lm3630a: Fix return code of .update_status() callback
  (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value
  (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync
  (git-fixes).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below
  20 characters (git-fixes).
- ASoC: soc-core: Fix the error return code in
  snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe()
  (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
  (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return
  values (git-fixes).
- commit 006f207
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
  (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe()
  (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements
  (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove()
  (git-fixes).
- ALSA: usx2y: Don't call free_pages_exact() with NULL address
  (git-fixes).
- commit eaa8acd
- config: refresh
- drop GVE on arm64 and s390x (no longer available due to dependency update)
- commit d6ed2bf
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13
  (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient
  (git-fixes).
- crypto: virtio: Fix dest length calculation in
  __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in
  __virtio_crypto_skcipher_do_req() (git-fixes).
- commit 2b4c8a1
- blacklist.conf: add 4c9c26f1e67648f41f
- commit db6c764
- powerpc/papr_scm: Properly handle UUID types and API
  (FATE#326628, bsc#1113295, git-fixes).
- commit 9bcaa28
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- commit 01547d1
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- commit b063178
- powerpc/stacktrace: Fix spurious "/stale"/ traces in
  raise_backtrace_ipi() (bsc#1156395).
- commit f074894
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- Refresh
  patches.suse/gve-Fix-an-error-handling-path-in-gve_probe.patch.
- commit fc90ec1
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API
  (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset
  (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- gve: Add support for raw addressing in the tx path
  (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Add support for raw addressing to the rx path
  (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Replace zero-length array with flexible-array member
  (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Use link status register to report link status
  (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues
  (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags
  (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- commit ffc7e3d
- cpu/hotplug: Cure the cpusets trainwreck (git fixes
  (sched/hotplug)).
- commit ea5f05d
- blacklist.conf: duplication
- commit eff56f7
- kprobes: Fix to check probe enabled before
  disarm_kprobe_ftrace() (git-fixes).
- commit 9aba4a6
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE
  (git-fixes).
- commit a579f68
- kABI workaround for pci/quirks.c (git-fixes).
- commit 04fb196
- Add a cherry-picked ID for AMDGPU fix patch
- commit ba73832
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan
  (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
  (git-fixes).
- commit e3971fc
- PCI: iproc: Support multi-MSI only on uniprocessor kernel
  (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation
  (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of
  VEND_ID (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
  (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler
  (git-fixes).
- pinctrl/amd: Add device HID for new AMD GPIO controller
  (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user
  enables ASPM (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
  (git-fixes).
- commit 0ca454f
- PCI: aardvark: Fix checking for PIO Non-posted Request
  (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or
  standby (git-fixes).
- media, bpf: Do not copy more entries than user space requested
  (git-fixes).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: mvm: don't change band on bound PHY contexts
  (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
  (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if
  supported (git-fixes).
- commit f7d13b4
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in
  radeon_user_framebuffer_create() (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in
  amdgpu_dm_atomic_check (git-fixes).
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init()
  (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer()
  (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats
  (git-fixes).
- commit d72cf42
- drm/amd/amdgpu/sriov disable all ip hw status by default
  (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins()
  (git-fixes).
- drm/zte: Don't select DRM_KMS_FB_HELPER (git-fixes).
- drm/mxsfb: Don't select DRM_KMS_FB_HELPER (git-fixes).
- drm/tegra: Don't set allow_fb_modifiers explicitly (git-fixes).
- commit b02b3f8
- ASoC: tegra: Set driver_name=tegra for all machine drivers
  (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly
  (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue
  for qca btsoc (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed
  or cancelled (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table
  (git-fixes).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek
  Chip (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer
  workaround (git-fixes).
- commit c7cdd5b
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- commit a1eecda
- kprobes: fix kill kprobe which has been marked as gone
  (git-fixes).
- commit ee1820f
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
  (git-fixes).
- commit 865421f
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG
  (git-fixes).
- commit e2cb2ae
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- commit 4278aab
- net/mlx5: Don't fail driver on failure to create debugfs (git-fixes).
- commit c19d4f7
- net: marvell: Fix OF_MDIO config check (git-fixes).
- commit f372318
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- commit c2ac3ff
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- commit 0997bfc
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- commit 2e479b6
- PCI: quirks: fix false kABI positive (git-fixes).
- commit a2a8059
- tpm: efi: Use local variable for calculating final log size
  (git-fixes).
- commit 69be865
- tracing: Do not reference char * as a string in histograms
  (git-fixes).
- commit 5ff7921
- PCI: iproc: Fix multi-MSI base vector number allocation
  (git-fixes).
- commit 9e70011
- PCI: aardvark: Implement workaround for the readback value of
  VEND_ID (git-fixes).
- commit 4bfb1fd
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
  (git-fixes).
- commit dbaa5b3
- PCI: Leave Apple Thunderbolt controllers on for s2idle or
  standby (git-fixes).
- commit 900ca03
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch
  (bsc#1065729 bsc#1188405 ltc#193509 bsc#1187476 ltc#193646).
- commit f55c672
- fix patch metadata
- fix Patch-mainline, drop Git-repo:
  patches.suse/bpftool-Properly-close-va_list-ap-by-va_end-on-error.patch
- commit ec7585c
- Update kabi files.
- update from second July 2021 maintenance update submission (commit 44308a6ad508)
- commit ee121a0
- fbmem: Do not delete the mode that is still in use (git-fixes).
- dma-buf/sync_file: Don't leak fences on merge failure
  (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- commit 1116a4b
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch
  (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch
  (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- commit 5fcaf8a
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap
  (boo#1184804).
- commit 5b51131
- bpftool: Properly close va_list 'ap' by va_end() on error
  (bsc#1155518).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- commit a14bd1d
- blacklist.conf: add "/block: blk-mq.c: fix @at_head kernel-doc warning"/
  Also removed a remnant of a merge conflict.
- commit ebd24f1
- netfilter: x_tables: fix compat match/target pad out-of-bound
  write (CVE-2021-22555 bsc#1188116).
- commit 5d3d4da
- vmxnet3: fix cksum offload issues for tunnels with non-default
  udp ports (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: gadget: eem: fix echo command packet response issue
  (git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- [xarray] iov_iter_fault_in_readable() should do nothing in
  xarray case (git-fixes).
- ssb: sdio: Don't overwrite const buffer if block_write fails
  (git-fixes).
- commit 76c3ff9
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem
  (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init
  (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
  (git-fixes).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in
  pch_spi_process_messages() (git-fixes).
- spi: Make of_register_spi_device also set the fwnode
  (git-fixes).
- regulator: da9052: Ensure enough delay time for
  .set_voltage_time_sel (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE
  (git-fixes).
- commit a2b1a60
- platform/x86: toshiba_acpi: Fix missing error code in
  toshiba_acpi_setup_keyboard() (git-fixes).
- random32: Fix implicit truncation warning in
  prandom_seed_state() (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source
  (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference
  (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- commit 0eb2f6b
- media: st-hva: Fix potential NULL pointer dereferences
  (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe
  (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
  (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct
  (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event
  counters (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count
  (git-fixes).
- commit ba1b2bc
- iio: adc: at91-sama5d2: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue
  (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf
  (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count
  (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
  (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in
  regmap_bulk_read calls (git-fixes).
- commit 74c2c06
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()'
  (git-fixes).
- HID: do not use down_interruptible() when unbinding devices
  (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status
  bits (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops
  (git-fixes).
- crypto: nitrox - fix unchecked variable in
  nitrox_register_interrupts (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles
  (git-fixes).
- commit ac66984
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
  (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during
  ath_reset_internal() (git-fixes).
- clocksource: Retry clock read if long delays detected
  (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg()
  (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path
  (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final()
  (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- commit fcdd7a0
- ALSA: hda/realtek: Add another ALC236 variant support
  (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path
  (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered
  (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function
  (git-fixes).
- commit 930000b
- Blacklist already cherry-picked ASoC commits
- commit 5cc6c21
- usb: gadget: f_fs: Fix setting of device and driver data
  cross-references (git-fixes).
- commit 8174fed
- vfs: Convert functionfs to use the new mount API (git -fixes).
- commit bc4a6d0
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes
  (kernel/futex)).
- commit b5af159
- usb: typec: fusb302: fix "/op-sink-microwatt"/ default that was
  in mW (git-fixes).
- commit dcf2645
- fuse: reject internal errno (bsc#1188269).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- commit ad3c8af
- kABI: restore struct tcpc_config definition (git-fixes).
- commit af96f3e
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- commit a677fa5
- tracing/histograms: Fix parsing of "/sym-offset"/ modifier
  (git-fixes).
- commit e43cdf6
- usb: typec: fusb302: Always provide fwnode for the port
  (git-fixes).
- commit 23df3ab
- math: Export mul_u64_u64_div_u64 (git-fixes).
- commit 3708119
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe
  error path (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations
  (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init()
  (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure
  (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
  (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe()
  (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration
  (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement
  (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe()
  (git-fixes).
- commit 8a2377b
- memory: fsl_ifc: fix leak of private memory on probe failure
  (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
  (git-fixes).
- commit b522bcb
- Refresh patches.suse/rtc-pcf2127-handle-timestamp-interrupts.patch.
  Switched to queued version.
- commit 1b185ef
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- refresh patches.suse/0001-kvm-Reintroduce-nopvspin-kernel-parameter.patch
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown
  (bsc#1185308).
- commit 80699a1
- fix patches metadata
- fix Patch-mainline:
  patches.suse/tracepoint-Add-tracepoint_probe_register_may_exist-for-BPF-tracing.patch
  patches.suse/tracing-Resize-tgid_map-to-pid_max-not-PID_MAX_DEFAULT.patch
  patches.suse/tracing-Simplify-fix-saved_tgids-logic.patch
- commit fa5e842
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec
  (bsc#1188176).
- commit ec1bcd7
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation
  (git-fixes).
- commit d17e17c
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- commit 586c229
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- commit 85a9fc2
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- commit 7f97df2
- seq_file: Disallow extremely large seq buffer allocations (bsc#1188062, CVE-2021-33909).
- commit eb7ef76
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
  (git-fixes).
- commit dfc48c9
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- commit c530730
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF
  tracing (git-fixes).
- commit 1ab86c5
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- commit e620ef1
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- commit 8290109
- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch
- commit d9e6471
- scsi: qedf: Do not put host in qedf_vport_create()
  unconditionally (bsc#1170511).
- commit 8665594
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- commit d718cd9
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- commit 6ccb8a5
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- commit a286451
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- commit 79058fa
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data
  (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than
  4 in set_protocol() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe()
  (git-fixes).
- commit 6b8c8e1
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx()
  (git-fixes).
- staging: gdm724x: check for buffer overflow in
  gdm_lte_multi_sdu_pkt() (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable
  (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init
  (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call
  (git-fixes).
- commit b12d968
- iio: adc: mxs-lradc: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion
  (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
  (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1}
  and PS_DATA as volatile, too (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 2299862
- iio: magn: bmc150: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 66bbafb
- serial: mvebu-uart: correctly calculate minimal possible
  baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk
  is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor
  (git-fixes).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
  (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
  (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers
  (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400
  mode (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect()
  (git-fixes).
- Input: usbtouchscreen - fix control-request directions
  (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare()
  on error in marvell_nfc_resume() (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node
  (git-fixes).
- commit a219c27
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in
  typec_register_altmode() (git-fixes).
- usb: dwc2: Don't reset the core after setting turnaround time
  (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
  (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function
  (git-fixes).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- visorbus: fix error return code in visorchipset_init()
  (git-fixes).
- commit e666eaf
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node()
  (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in
  'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same
  time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
  (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time
  (git-fixes).
- Revert "/ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"/
  (git-fixes).
- commit ea3fb69
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error
  in hi6210_i2s_startup() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- lib/decompressors: remove set but not used variabled 'level'
  (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents
  (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500
  SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC
  (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC
  (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- commit b4df049
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments
  (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init()
  (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call
  (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to
  bind() (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare()
  on error in cdn_dp_grf_write() (git-fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- commit fc44520
- can: peak_pciefd: pucan_handle_status(): fix a potential
  starvation issue in TX path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry
  (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated
  event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
  (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe()
  (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported
  (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling
  path (git-fixes).
- brcmfmac: correctly report average RSSI in station info
  (git-fixes).
- brcmfmac: fix setting of station info chains bitmask
  (git-fixes).
- commit d8b0fc2
- can: hi311x: hi3110_can_probe(): silence clang warning
  (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB
  (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in
  prep_dma (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still
  current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler
  (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
  (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in
  zynqmp_dma_alloc_chan_resourc() (git-fixes).
- commit 8be348d
- gve: Fix swapped vars when fetching max queues (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of
  null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta
  NDP tx (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx
  (git-fixes).
- extcon: extcon-max8997: Fix IRQ freeing at error path
  (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- commit c400726
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
  (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings
  (git-fixes).
- rsi: Assign beacon rate settings to the correct rate_info
  descriptor field (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case
  (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode
  (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with
  description_show() (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- commit 4b20cc3
- media: siano: Fix out-of-bounds warnings in
  smscore_load_firmware_family2() (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
  (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: gspca/sunplus: fix zero-length control requests
  (git-fixes).
- media: gspca/gl860: fix zero-length control requests
  (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12
  (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs
  (git-fixes).
- commit 655a2af
- media: zr364xx: fix memory leak in zr364xx_start_readpipe
  (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of()
  (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release
  (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: I2C: change 'RST' to "/RSET"/ to fix multiple build errors
  (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe()
  (git-fixes).
- commit 0231cde
- spi: stm32-qspi: Remove unused qspi field of struct
  stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data
  (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank
  (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- commit c37129c
- can: bcm: delay release of struct bcm_op after synchronize_rcu()
  (CVE-2021-3609 bsc#1187215).
- commit a57ee2f
- Input: joydev - prevent use of not validated data in
  JSIOCSBTNMAP ioctl (CVE-2021-3612 bsc#1187585).
- commit 64519f9
- blacklist.conf: Append 'drm/vc4: hdmi: Move the HSM clock enable to runtime_pm'
- commit 23b3543
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
  Backporting changes:
  * context changes
  * vc4_hdmi -> vc4->hdmi
- commit 84c924f
- drm/amdgpu: Don't query CE and UE errors (bsc#1152472)
  Backporting changes:
  * unsigned long -> uint32_t
- commit 1637ecb
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
  Backporting changes:
  * context changes
- commit f40c83c
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
  Backporting changes:
  * context changes
  * GEM_WARN_ON() -> WARN_ON()
- commit f02a5b9
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
  Backporting changes:
  * context changes
- commit fee040e
- blacklist.conf: Append 'drm/vc4: hdmi: Restore cec physical address on reconnect'
- commit b32f423
- Update patch reference for patches.suse/module-limit-enabling-module.sig_enforce.patch
  (git-fixes, CVE-2021-35039, bsc#1188080).
- commit 8d3fd9b
- blacklist.conf: Append 'drm/vc4: crtc: Reduce PV fifo threshold on hvs4'
- commit 3780e05
- tpm, tpm_tis: Reserve locality in tpm_tis_resume()
  (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in
  tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with
  request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with
  request_locality() (bsc#1188036).
- commit 2c323b1
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
  Backporting changes:
  * context changes
- commit b16ae28
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
  Backporting changes:
  * only panel-samsung-s6d16d0.c exists
- commit 83514d0
- drm/stm: Fix bus_flags handling (bsc#1152472)
- commit eaa7b7a
- usb: typec: tcpm: Move
  mod_delayed_work(&port->vdm_state_machine) call into
  tcpm_queue_vdm() (git-fixes).
- Refresh
  patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request-payl.patch.
- Refresh
  patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request.patch.
- commit 25ab009
- usb: typec: tcpm: Error handling for
  tcpm_register_partner_altmodes (git-fixes).
- commit d172a56
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for
  DRP (git-fixes).
- commit 44e186b
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- commit d27b294
- usb: typec: tcpm: Remove tcpc_config configuration mechanism
  (git-fixes).
- commit 20564c3
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX()
  (git-fixes).
- commit 69ab721
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- commit b4b2308
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload
  handling (git-fixes).
- commit 9417ed4
- usb: typec: ucsi: Put fwnode in any case during ->probe()
  (git-fixes).
- commit ec4c8d0
- usb: typec: ucsi: Hold con->lock for the entire duration of
  ucsi_register_port() (git-fixes).
- commit 9f0dcac
- usb: typec: tcpm: update power supply once partner accepts
  (git-fixes).
- commit 54348d7
- docs: admin-guide: update description for kernel.hotplug sysctl
  (git-fixes).
- blacklist.conf: we do ship the kernel sources and the documentation.
  They may just as well be up to date.
- commit 7d1b971
- series.conf: cleanup
- update upstream references and resort:
  patches.suse/scsi-ibmvfc-Avoid-move-login-if-fast-fail-is-enabled.patch
  patches.suse/scsi-ibmvfc-Handle-move-login-failure.patch
  patches.suse/scsi-ibmvfc-Reinit-target-retries.patch
  patches.suse/scsi-lpfc-Add-a-option-to-enable-interlocked-ABTS-be.patch
  patches.suse/scsi-lpfc-Add-ndlp-kref-accounting-for-resume-RPI-pa.patch
  patches.suse/scsi-lpfc-Fix-Node-recovery-when-driver-is-handling-.patch
  patches.suse/scsi-lpfc-Fix-Unexpected-timeout-error-in-direct-att.patch
  patches.suse/scsi-lpfc-Fix-crash-when-lpfc_sli4_hba_setup-fails-t.patch
  patches.suse/scsi-lpfc-Fix-node-handling-for-Fabric-Controller-an.patch
  patches.suse/scsi-lpfc-Fix-non-optimized-ERSP-handling.patch
  patches.suse/scsi-lpfc-Fix-unreleased-RPIs-when-NPIV-ports-are-cr.patch
  patches.suse/scsi-lpfc-Ignore-GID-FT-response-that-may-be-receive.patch
  patches.suse/scsi-lpfc-Reregister-FPIN-types-if-ELS_RDF-is-receiv.patch
  patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.10.patch
  patches.suse/scsi-scsi_dh_alua-Retry-RTPG-on-a-different-path-aft.patch
- commit 9a3a833
- fix patch metadata
- fix Patch-mainline and move to "/almost mainline"/ section:
  patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch
- commit 81935f9
- blacklist.conf: 1e886090cefe docs: admin-guide: update description for kernel.hotplug sysctl
- commit 1332420
- blacklist.conf: 89f5f8fb5bf4 EDAC/thunderx: Remove irrelevant variable from error messages
- commit 7c3f543
- blacklist.conf: d8778e393afa x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
- commit 07e7bbd
- x86/pkru: Write hardware init value to PKRU when xstate is init
  (bsc#1152489).
- commit 05b202a
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- commit bc82289
- cgroup1: don't allow 'n' in renaming (bsc#1187972).
- commit 31d330a
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470
  bsc#1185486).
- commit 8249f86
- x86/process: Check PF_KTHREAD and not current->mm for kernel
  threads (bsc#1152489).
- commit f14058e
- kernel-binary.spec: Remove obsolete and wrong comment
  mkmakefile is repleced by echo on newer kernel
- commit d9209e7
- ceph: must hold snap_rwsem when filling inode for async create
  (bsc#1187927).
- commit 288e232
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114
  ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114
  ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr
  (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114
  ltc#192237).
- ibmvnic: Allow device probe if the device is not ready at boot
  (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c
  (bsc#1184114 ltc#192237).
- commit 6f12df4
- series.conf: cleanup
- update upstream reference and resort:
  patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch
- commit dc51831
- ibmvnic: account for bufs already saved in indir_buf
  (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset
  (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- commit 4925dab
- fix patch metadata
- fix upstream reference:
  patches.suse/bpfilter-Specify-the-log-level-for-the-kmsg-message.patch
- commit 4e6fe72
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224
  ltc#164363).
- commit badd4e0
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237
  bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840
  ltc#167098).
- Revert "/ibmvnic: remove duplicate napi_schedule call in open
  function"/ (bsc#1065729).
- commit e5fa23c
- series.conf: cleanup
- update upstream references and resort:
  patches.suse/0001-ipmi-watchdog-Stop-watchdog-timer-when-the-current-a.patch
  patches.suse/block-return-the-correct-bvec-when-checking-for-gaps.patch
  patches.suse/ibmvnic-remove-default-label-from-to_string-switch.patch
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit fc2830a
- bpfilter: Specify the log level for the kmsg message
  (bsc#1155518).
- commit a6b5aff
- Blacklisted SCSI ufs core patch: way out of context.
- commit 33b89f4
- FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
- scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration
  (bsc#1187886).
- commit bf3226e
- Blacklisted libsas new gfp variant patches
- commit 7d45a44
- scsi: core: Fix race between handling STS_RESOURCE and
  completion (bsc#1187883).
- Refresh
  patches.suse/scsi_dh_alua-return-BLK_STS_AGAIN-for-ALUA-transitio.patch.
- commit 1a66f28
- Blacklisted scsi commit that should be skipped.
- commit 6c0722b
- kthread: prevent deadlock when kthread_mod_delayed_work()
  races with kthread_cancel_delayed_work_sync() (bsc#1187867).
- commit 4323f85
- kthread_worker: split code for canceling the delayed work timer
  (bsc#1187867).
- commit f950430
- dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
- commit fa16d18
- Revert "/ibmvnic: simplify reset_long_term_buff function"/
  (bsc#1186206 ltc#191041).
- commit ae5a395
- SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
- scsi: ufs: Fix imprecise load calculation in devfreq window
  (bsc#1187795).
- commit 51e8b33
- Blacklisted commit already removed, to keep it away
- commit 2ac8cfe
- s390/stack: fix possible register corruption with stack switch
  helper (bsc#1185677).
- commit d57c991
- Revert "/video: imsttfb: fix potential NULL pointer dereferences"/ (bsc#1152489)
- commit cb44bac
- kernel: kexec_file: fix error return code of
  kexec_calculate_store_digests() (git-fixes).
- commit c886494
- blacklist.conf: Add amdgpu entries that have been reverted (git-fixes)
- commit 41610da
- mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
  (git-fixes).
- commit c1d2306
- Removed patch that was incorrectly added to SLE15-SP2 (bsc#1186949)
  This patch was suggested as a git-fix for SLE15-SP2, but the
  commits it fixes are not present there.
- commit fc1818c
- bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix TQM fastpath ring backing store computation
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Rediscover PHY capabilities after firmware reset
  (jsc#SLE-8371 bsc#1153274).
- cxgb4: fix wrong shift (git-fixes).
- be2net: Fix an error handling path in 'be_probe()' (git-fixes).
- netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
  (git-fixes).
- qlcnic: Fix an error handling path in 'qlcnic_probe()'
  (git-fixes).
- net/mlx5e: Block offload of outer header csum for UDP tunnels
  (git-fixes).
- net/mlx5: Consider RoCE cap before init RDMA resources
  (git-fixes).
- net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
- net/mlx5e: Remove dependency in IPsec initialization flows
  (git-fixes).
- ice: add ndo_bpf callback for safe mode netdev ops
  (jsc#SLE-7926).
- net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
- vrf: fix maximum MTU (git-fixes).
- net/mlx5: Fix PBMC register mapping (git-fixes).
- net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
- net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa
  (git-fixes).
- commit 060a647
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- commit ce71c77
- PCI: aardvark: Don't rely on jiffies while holding spinlock
  (git-fixes).
- commit 1bd7ff7
- spi: spi-nxp-fspi: move the register operation after the clock
  enable (git-fixes).
- Revert "/PCI: PM: Do not read power state in
  pci_enable_device_flags()"/ (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
- spi: stm32-qspi: Always wait BUSY bit to be cleared in
  stm32_qspi_wait_cmd() (git-fixes).
- regulator: bd70528: Fix off-by-one for buck123 .n_voltages
  setting (git-fixes).
- commit 8ac9ce3
- cfg80211: make certificate generation more robust (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum
  (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- ASoC: rt5659: Fix the lost powers for the HDA header
  (git-fixes).
- hwmon: (scpi-hwmon) shows the negative temperature properly
  (git-fixes).
- commit ed194e5
- fix patches metadata
- fix Patch-mainline:
  patches.suse/NFS-Fix-a-potential-NULL-dereference-in-nfs_get_clie.patch
  patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
  patches.suse/NFSv4-Fix-deadlock-between-nfs4_evict_inode-and-nfs4.patch
  patches.suse/SUNRPC-Handle-major-timeout-in-xprt_adjust_timeout.patch
- commit e5e0666
- series.conf: cleanup
- update upstream reference and resort:
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit cafffbc
- video: hgafb: correctly handle card detect failure during probe
  (git-fixes).
- commit 55f7ec7
- Bluetooth: use correct lock to prevent UAF of hdev object
  (git-fixes).
- video: hgafb: fix potential NULL pointer dereference
  (git-fixes).
- Revert "/video: hgafb: fix potential NULL pointer dereference"/
  (git-fixes).
- commit 83627e7
- module: limit enabling module.sig_enforce (git-fixes).
- commit 7f30f5d
- Bluetooth: use correct lock to prevent UAF of hdev object
  (bsc#1186666 CVE-2021-3573).
- commit 6781ea8
- blacklist.conf: Add unwanted commits
- commit 1da6dbc
- NFSv4: Fix deadlock between nfs4_evict_inode() and
  nfs4_opendata_get_inode() (git-fixes).
- NFS: Fix a potential NULL dereference in nfs_get_client()
  (git-fixes).
- NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
- commit 3478e99
- blk-mq: Rerun dispatching in the case of budget contention
  (bsc#1180092).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() "/no budget"/ is a reason
  to kick (bsc#1180092).
- commit e31a7fc
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no
  budget (bsc#1180092).
- commit ccd1ac3
- blk-mq: insert flush request to the front of dispatch queue
  (bsc#1180092).
- commit acc744b
- blk-mq: insert passthrough request into hctx->dispatch directly
  (bsc#1180092).
- Refresh
  patches.suse/blk-mq-call-commit_rqs-while-list-empty-but-error-ha.patch.
- Refresh
  patches.suse/blk-mq-insert-request-not-through-queue_rq-into-sw-s.patch.
- commit 4ba4b0f
- lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
  Reduce delta to mainline
  Refresh patches.suse/lib-vdso-Prepare-for-time-namespace-support.patch.
- commit 7b06299
- Update patch reference for net keys fix (CVE-2021-0605 bsc#1187601)
- commit 7bb3e99
- Update patch reference for HID security fix (CVE-2021-0512 bsc#1187595)
- commit 0506954
- bpf: Fix leakage under speculation on mispredicted branches
  (bsc#1187554,CVE-2021-33624).
- commit 7949a37
- patches.suse/0001-x86-sched-Treat-Intel-SNC-topology-as-default-COD-as.patch:
  (bsc#1187263).
- commit 349dc99
- tracing: Do no increment trace_clock_global() by one
  (git-fixes).
- commit 17da93e
- tracing: Do not stop recording comms if the trace file is
  being read (git-fixes).
- commit 7d357b1
- tracing: Do not stop recording cmdlines when tracing is off
  (git-fixes).
- commit 3306bfd
- HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
  (git-fixes).
- commit c5019d9
- dt-bindings: reset: meson8b: fix duplicate reset IDs
  (git-fixes).
- commit cfc2db2
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- commit 35719e0
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- commit 9306e13
- SUNRPC: Handle major timeout in xprt_adjust_timeout()
  (git-fixes).
- commit 87fe1f5
- series.conf: cleanup
- update upstream references and move into sorted section:
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit 3bedaae
- usb: core: hub: Disable autosuspend for Cypress CY7C65632
  (git-fixes).
- net/x25: Return the correct errno code (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- commit be65fa1
- cfg80211: avoid double free of PMSR request (git-fixes).
- can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
- alx: Fix an error handling path in 'alx_probe()' (git-fixes).
- batman-adv: Avoid WARN_ON timing related checks (git-fixes).
- drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
- drm/amd/display: Allow bandwidth validation for 0 streams
  (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure
  (git-fixes).
- HID: hid-input: add mapping for emoji picker key (git-fixes).
- HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
  (git-fixes).
- commit c7889a3
- can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693
  bsc#1187452).
- commit 02583ee
- net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
- commit 9bd57ed
- blacklist.conf: the driver has not been converted to new error codes
- commit 5e49259
- UsrMerge the kernel (boo#1184804)
- Move files in /boot to modules dir
  The file names in /boot are included as %ghost links. The %post script
  creates symlinks for the kernel, sysctl.conf and System.map in
  /boot for compatibility. Some tools require adjustments before we
  can drop those links. If boot is a separate partition, a copy is
  used instead of a link.
  The logic for /boot/vmlinuz and /boot/initrd doesn't change with
  this patch.
- Use /usr/lib/modules as module dir when usermerge is active in the
  target distro.
- commit 6f5ed04
- usb: gadget: eem: fix wrong eem header operation (git-fixes).
- commit 88ac26b
- usb: fix various gadget panics on 10gbps cabling (git-fixes).
- commit 43c2b75
- usb: f_ncm: only first packet of aggregate needs to start timer
  (git-fixes).
- commit 6960da4
- usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
  (git-fixes).
- commit 4b0a18c
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID
  (git-fixes).
- commit a61b441
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus
  (git-fixes).
- commit f1cf5e2
- usb: dwc3: ep0: fix NULL pointer exception (git-fixes).
- usb: gadget: eem: fix wrong eem header operation (git-fixes).
- usb: fix various gadget panics on 10gbps cabling (git-fixes).
- usb: f_ncm: only first packet of aggregate needs to start timer
  (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID
  (git-fixes).
- commit 6edf7f4
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus
  (git-fixes).
- usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
  (git-fixes).
- drm: Lock pointer access in drm_master_release() (git-fixes).
- isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
- net/nfc/rawsock.c: fix a permission check bug (git-fixes).
- spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
- commit 623c00b
- dmaengine: stedma40: add missing iounmap() on error in
  d40_probe() (git-fixes).
- dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
- dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
- dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
  (git-fixes).
- drm: Fix use-after-free read in drm_getunique() (git-fixes).
- ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830
  tablet (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L
  tablet (git-fixes).
- ASoC: max98088: fix ni clock divider calculation (git-fixes).
- commit 2b181d0
- media: mtk-mdp: Fix a refcounting bug on error in init
  (git-fixes).
- commit 1d82c71
- media: mtk-mdp: Check return value of of_clk_get (git-fixes).
- commit f37fbe9
- media: s5p-g2d: Fix a memory leak in an error handling path in
  'g2d_probe()' (git-fixes).
- commit 08513d7
- usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
  (git-fixes).
- commit 08559a5
- dax: Add a wakeup mode parameter to put_unlocked_entry()
  (bsc#1187411).
- commit 31da646
- dax: Add an enum for specifying dax wakup mode (bsc#1187411).
- commit 1d4c2a3
- tracing: Correct the length check which causes memory corruption
  (git-fixes).
- commit 0072a4b
- tracing: Restructure trace_clock_global() to never block
  (git-fixes).
- commit 6d6d42d
- ftrace: Free the trampoline when ftrace_startup() fails
  (git-fixes).
- commit 533e192
- blacklist.conf: 75d3e7f4769d ("/s390/test_unwind: fix possible memleak in test_unwind()"/)
  We build test_unwind kernel module out of tree.
- commit abf9977
- ftrace: Do not blindly read the ip address in ftrace_bug()
  (git-fixes).
- commit 31cd567
- Revert "/ecryptfs: replace BUG_ON with error handling code"/
  (bsc#1187413).
- commit 7387ee5
- ocfs2: fix data corruption by fallocate (bsc#1187412).
- commit 684ec92
- dax: Wake up all waiters after invalidating dax entry
  (bsc#1187411).
- commit 42391aa
- fs: fix reporting supported extra file attributes for statx()
  (bsc#1187410).
- commit 36f6f1f
- ext4: fix memory leak in ext4_fill_super (bsc#1187409).
- commit d8152b1
- ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at
  failed (bsc#1187408).
- commit 41eb311
- ext4: fix error code in ext4_commit_super (bsc#1187407).
- commit 350d1b1
- ext4: fix check to prevent false positive report of incorrect
  used inodes (bsc#1187404).
- commit 57c9a0a
- kyber: fix out of bounds access when preempted (bsc#1187403).
- commit 491df1f
- block: Discard page cache of zone reset target range
  (bsc#1187402).
- commit 74c08d5
- kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
- commit 6b30fe5
- xfrm: policy: Read seqcount outside of rcu-read side in xfrm_policy_lookup_bytype (bsc#1185675).
- commit 96f285d
- cifs: constify get_normalized_path() properly (bsc#1185902).
- commit f4ccabe
- cifs: don't cargo-cult strndup() (bsc#1185902).
- commit 2296da2
- Updated patch-mainline tags.
  Also moved the affected patches into the sorted section.
  Change in patch order moved devm_rpi_firmware_put but it aligns with
  mainline.
- commit 000116c
- fuse: BUG_ON correction in fuse_dev_splice_write()
  (bsc#1187356).
- commit d2e5d40
- sched/debug: Fix cgroup_path[] serialization (git-fixes)
- commit 24c7edf
- blacklist.conf: We don't support uclamp
- commit 0b70e65
- blacklist.conf: We have CONFIG_JUMP_LABEL
- commit 093a643
- series.conf: cleanup
- update upstream references and move into sorted section:
  patches.suse/mac80211-add-fragment-cache-to-sta_info.patch
  patches.suse/mac80211-assure-all-fragments-are-encrypted.patch
  patches.suse/mac80211-check-defrag-PN-against-current-frame.patch
  patches.suse/mac80211-do-not-accept-forward-invalid-EAPOL-frames.patch
  patches.suse/mac80211-drop-A-MSDUs-on-old-ciphers.patch
  patches.suse/mac80211-extend-protection-against-mixed-key-and-fra.patch
  patches.suse/mac80211-prevent-attacks-on-TKIP-WEP-as-well.patch
  patches.suse/mac80211-prevent-mixed-key-and-fragment-cache-attack.patch
  patches.suse/mac80211-properly-handle-A-MSDUs-that-start-with-an-.patch
  No effect on expanded tree.
- commit 9fdca2b
- series.conf: cleanup
  Move a SUSE specific patch ("/Patch-mainline: Never..."/) to corresponding
  per-subsystem section.
- commit 811dc9a
- fix patch metadata
- fix Patch-mainline:
  patches.suse/RDMA-ucma-Rework-ucma_migrate_id-to-avoid-races-with.patch
- commit c80eef0
- series.conf: cleanup
  Move a queued patch to "/almost mainline"/ section.
- commit a847492
- blacklist: add commit 4f06dd92b5d0 ("/fuse: fix write deadlock"/)
  This is an ancient bug (from v2.6.26) which require extra backports.  Not
  worth the risk introducing new regressions.
- commit f0ede60
- rpm/kernel-binary.spec.in: Fix handling of +arch marker (bsc#1186672)
  The previous commit made a module wrongly into Module.optional.
  Although it didn't influence on the end result, better to fix it.
  Also, add a comment to explain the markers briefly.
- commit 8f79742
- block: return the correct bvec when checking for gaps
  (bsc#1187144).
- commit 22678f9
- Update patches.suse/scsi-qla2xxx-Reserve-extra-IRQ-vectors.patch
  (bsc#1184436 bsc#1186286).
- commit 3b95648
- sched/fair: Make sure to update tg contrib for blocked load (git-fixes)
- commit 9eeb58b
- sched/fair: Keep load_avg and load_sum synced (git-fixes)
- commit 8888330
- USB: serial: cp210x: fix alternate function for CP2102N QFN20
  (git-fixes).
- usb: typec: mux: Fix copy-paste mistake in typec_mux_match
  (git-fixes).
- usb: typec: ucsi: Clear PPM capability data in ucsi_init()
  error path (git-fixes).
- usb: typec: wcove: Use LE to CPU conversion when accessing
  msg->header (git-fixes).
- usb: fix various gadgets null ptr deref on 10gbps cabling
  (git-fixes).
- USB: f_ncm: ncm_bitrate (speed) is unsigned (git-fixes).
- USB: serial: quatech2: fix control-request directions
  (git-fixes).
- usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms (git-fixes).
- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
- staging: rtl8723bs: Fix uninitialized variables (git-fixes).
- commit b524f7e
- Add arch-dependent support markers in supported.conf (bsc#1186672)
  We may need to put some modules as supported only on specific archs.
  This extends the supported.conf syntax to allow to put +arch additionally
  after the unsupported marker, then it'll be conditionally supported on
  that arch.
- commit 8cbdb41
- Create Symbols.list and ipa-clones.list determistically
  without this patch, filesystem readdir order would influence
  order of entries in these files.
  This patch was done while working on reproducible builds for SLE.
- commit a898b6d
- RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy (bsc#1187050, CVE-2020-36385)
- commit d630126
- Update
  patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
  (bsc#1186463 CVE-2021-0129 CVE-2020-26558).
- commit 3b40194
- Bluetooth: fix the erroneous flush_work() order (git-fixes).
- ALSA: timer: Fix master timer notification (git-fixes).
- ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx
  (git-fixes).
- drm/amdgpu: make sure we unpin the UVD BO (git-fixes).
- vfio/platform: fix module_put call in error flow (git-fixes).
- vfio/pci: zap_vma_ptes() needs MMU (git-fixes).
- vfio/pci: Fix error return code in vfio_ecap_init() (git-fixes).
- HID: multitouch: require Finger field to mark Win8 reports as MT
  (git-fixes).
- commit 64bd478
- scsi: scsi_dh_alua: Retry RTPG on a different path after failure
  (bsc#1174978 bsc#1185701).
- commit 36cc9f2
- kernel-binary.spec.in: Add Supplements: for -extra package on Leap
  kernel-$flavor-extra should supplement kernel-$flavor on Leap, like
  it does on SLED, and like the kernel-$flavor-optional package does.
- commit c60d87f
- perf/x86/intel/uncore: Remove uncore extra PCI dev
  HSWEP_PCI_PCU_3 (bsc#1184685).
- commit 1c4876a
- block: return the correct bvec when checking for gaps
  (bsc#1187143).
- commit 1a99a11
- series: Resort and update metadata
  Resort series.conf and update meta data:
  patches.suse/scsi-lpfc-Add-a-option-to-enable-interlocked-ABTS-be.patch
  patches.suse/scsi-lpfc-Add-ndlp-kref-accounting-for-resume-RPI-pa.patch
  patches.suse/scsi-lpfc-Fix-Node-recovery-when-driver-is-handling-.patch
  patches.suse/scsi-lpfc-Fix-Unexpected-timeout-error-in-direct-att.patch
  patches.suse/scsi-lpfc-Fix-crash-when-lpfc_sli4_hba_setup-fails-t.patch
  patches.suse/scsi-lpfc-Fix-node-handling-for-Fabric-Controller-an.patch
  patches.suse/scsi-lpfc-Fix-non-optimized-ERSP-handling.patch
  patches.suse/scsi-lpfc-Fix-unreleased-RPIs-when-NPIV-ports-are-cr.patch
  patches.suse/scsi-lpfc-Ignore-GID-FT-response-that-may-be-receive.patch
  patches.suse/scsi-lpfc-Reregister-FPIN-types-if-ELS_RDF-is-receiv.patch
  patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.10.patch
- commit f894385
- btrfs: track ordered bytes instead of just dio ordered bytes (bsc#1135481).
- commit 9c3cf71
- btrfs: account for new extents being deleted in total_bytes_pinned (bsc#1135481).
- commit fed2922
- btrfs: handle space_info::total_bytes_pinned inside the delayed ref itself (bsc#1135481).
- commit 5426822
- btrfs: shrink delalloc pages instead of full inodes (bsc#1135481).
- commit 5e89cd2
- btrfs: fix possible infinite loop in data async reclaim (bsc#1135481).
- commit f95f181
- btrfs: add a comment explaining the data flush steps (bsc#1135481).
- commit a308556
- btrfs: do async reclaim for data reservations (bsc#1135481).
- commit deae828
- btrfs: flush delayed refs when trying to reserve data space (bsc#1135481).
- commit d82c207
- btrfs: run delayed iputs before committing the transaction for data (bsc#1135481).
- commit 6af13e4
- btrfs: don't force commit if we are data (bsc#1135481).
- commit 3380b09
- btrfs: drop the commit_cycles stuff for data reservations (bsc#1135481).
- commit c6ed5f3
- btrfs: use the same helper for data and metadata reservations (bsc#1135481).
- commit 188e042
- btrfs: serialize data reservations if we are flushing (bsc#1135481).
- commit 9a68295
- btrfs: use ticketing for data space reservations (bsc#1135481).
- commit 0cad012
- btrfs: add btrfs_reserve_data_bytes and use it (bsc#1135481).
- commit 7c494a4
- btrfs: add the data transaction commit logic into may_commit_transaction (bsc#1135481).
- commit 9327930
- btrfs: add flushing states for handling data reservations (bsc#1135481).
- commit ee0a32c
- btrfs: check tickets after waiting on ordered extents (bsc#1135481).
- commit e9723f6
- btrfs: use btrfs_start_delalloc_roots in shrink_delalloc (bsc#1135481).
- commit 08a821e
- btrfs: use the btrfs_space_info_free_bytes_may_use helper for delalloc (bsc#1135481).
- commit e18060c
- btrfs: call btrfs_try_granting_tickets when reserving space (bsc#1135481).
- commit e684a31
- btrfs: call btrfs_try_granting_tickets when unpinning anything (bsc#1135481).
- commit df0d484
- btrfs: call btrfs_try_granting_tickets when freeing reserved bytes (bsc#1135481).
- commit 4167827
- btrfs: make ALLOC_CHUNK use the space info flags (bsc#1135481).
- commit 6287797
- btrfs: make shrink_delalloc take space_info as an arg (bsc#1135481).
- commit 1eb212c
- btrfs: handle U64_MAX for shrink_delalloc (bsc#1135481).
- commit acedfaf
- btrfs: remove orig from shrink_delalloc (bsc#1135481).
- commit 02659bb
- btrfs: change nr to u64 in btrfs_start_delalloc_roots (bsc#1135481).
- commit 5b57ee8
- cxgb4: avoid link re-train during TC-MQPRIO configuration
  (jsc#SLE-8389).
- ice: Allow all LLDP packets from PF to Tx (jsc#SLE-7926).
- ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared
  (git-fixes).
- net/mlx5: DR, Create multi-destination flow table with level
  less than 64 (jsc#SLE-8464).
- ixgbe: fix large MTU request from VF (git-fixes).
- cxgb4: avoid accessing registers when clearing filters
  (git-fixes).
- net/mlx5e: Fix multipath lag activation (git-fixes).
- net/mlx5e: Fix nullptr in add_vlan_push_action() (git-fixes).
- net: hns3: put off calling register_netdev() until client
  initialize complete (bsc#1154353).
- gve: Correct SKB queue index validation (git-fixes).
- gve: Upgrade memory barrier in poll routine (git-fixes).
- gve: Add NULL pointer checks when freeing irqs (git-fixes).
- gve: Update mgmt_msix_idx if num_ntfy changes (git-fixes).
- net: bnx2: Fix error return code in bnx2_init_board()
  (git-fixes).
- net/mlx4: Fix EEPROM dump support (git-fixes).
- Revert "/net: liquidio: fix a NULL pointer dereference"/
  (git-fixes).
- Revert "/qlcnic: Avoid potential NULL pointer dereference"/
  (git-fixes).
- net: hns3: Limiting the scope of vector_ring_chain variable
  (git-fixes).
- commit 4451268
- btrfs: open device without device_list_mutex  (bsc#1176771).
- commit c922550
- vmlinux.lds.h: Avoid orphan section with !SMP (git-fixes).
- commit 50e12e5
- regulator: max77620: Use device_set_of_node_from_dev()
  (git-fixes).
- regulator: core: resolve supply for boot-on/always-on regulators
  (git-fixes).
- commit a6466ca
- scsi: libsas: Reset num_scatter if libata marks qc as NODATA
  (bsc#1187068).
- scsi: be2iscsi: Revert "/Fix a theoretical leak in
  beiscsi_create_eqs()"/ (bsc#1187067).
- scsi: ufs: Make ufshcd_print_trs() consider
  UFSHCD_QUIRK_PRDT_BYTE_GRAN (bsc#1187069).
- scsi: aacraid: Fix an oops in error handling (bsc#1187072).
- commit a34cc53
- Update patch reference for a BT fix (CVE-2020-36386 bsc#1187038)
- commit 673eac4
- locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to
  signal (git-fixes).
- commit 12081a6
- scsi: ufs: core: Narrow down fast path in system suspend path
  (bsc#1186996).
- scsi: sni_53c710: Add IRQ check (bsc#1186990).
- scsi: sun3x_esp: Add IRQ check (bsc#1186991).
- scsi: jazz_esp: Add IRQ check (bsc#1186965).
- scsi: hisi_sas: Fix IRQ checks (bsc#1186963).
- scsi: ufs: ufshcd-pltfrm: Fix deferred probing (bsc#1187003).
- scsi: mpt3sas: Fix error return code of mpt3sas_base_attach()
  (bsc#1186978).
- scsi: qedi: Fix error return code of qedi_alloc_global_queues()
  (bsc#1186984).
- scsi: mpt3sas: Do not use GFP_KERNEL in atomic context
  (bsc#1186977).
- scsi: myrs: Fix a double free in myrs_cleanup() (bsc#1186980).
- scsi: sd: Fix Opal support (bsc#1186989).
- scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
  (bsc#1186955).
- scsi: lpfc: Fix ancient double free (bsc#1186969).
- scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
  (bsc#1186973).
- scsi: cxgb4i: Fix TLS dependency (bsc#1186960).
- scsi: fnic: Fix error return code in fnic_probe() (bsc#1186962).
- scsi: pm80xx: Fix error return in pm8001_pci_probe()
  (bsc#1186981).
- scsi: qedi: Fix missing destroy_workqueue() on error in
  __qedi_probe (bsc#1186985).
- scsi: qla4xxx: Remove in_interrupt() (bsc#1186987).
- scsi: hisi_sas: Remove preemptible() (bsc#1186964).
- scsi: megaraid_sas: Check user-provided offsets (bsc#1186970).
- scsi: libfc: Fix enum-conversion warning (bsc#1186966).
- scsi: bnx2i: Requires MMU (bsc#1186956).
- scsi: mpt3sas: Fix ioctl timeout (bsc#1186979).
- scsi: ufs: Fix race between shutdown and runtime resume flow
  (bsc#1186998).
- scsi: bfa: Fix error return in bfad_pci_init() (bsc#1186954).
- scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
  (bsc#1186953).
- scsi: aacraid: Remove erroneous fallthrough annotation
  (bsc#1186950).
- scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
  (bsc#1186957).
- scsi: qla4xxx: Fix an error handling path in
  'qla4xxx_get_host_stats()' (bsc#1186986).
- scsi: ufs: Properly release resources if a task is aborted
  successfully (bsc#1187001).
- scsi: libsas: Fix error path in sas_notify_lldd_dev_found()
  (bsc#1186967).
- scsi: megaraid_sas: Don't call disable_irq from process IRQ poll
  (bsc#1186972).
- scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as
  NODATA (bsc#1186968).
- scsi: mesh: Fix panic after host or bus reset (bsc#1186976).
- scsi: megaraid_sas: Clear affinity hint (bsc#1186971).
- scsi: scsi_debug: Add check for sdebug_max_queue during module
  init (bsc#1186988).
- scsi: eesox: Fix different dev_id between request_irq() and
  free_irq() (bsc#1186961).
- scsi: powertec: Fix different dev_id between request_irq()
  and free_irq() (bsc#1186982).
- scsi: cumana_2: Fix different dev_id between request_irq()
  and free_irq() (bsc#1186958).
- scsi: ufs: Add quirk to fix abnormal ocs fatal error
  (bsc#1186994).
- scsi: ufs: Introduce UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk
  (bsc#1187000).
- scsi: ufs: Add quirk to enable host controller without hce
  (bsc#1186993).
- scsi: ufs: Add quirk to disallow reset of interrupt aggregation
  (bsc#1186992).
- scsi: ufs: Add quirk to fix mishandling utrlclr/utmrlclr
  (bsc#1186995).
- scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
  (bsc#1186974).
- scsi: acornscsi: Fix an error handling path in acornscsi_probe()
  (bsc#1186952).
- scsi: ufs: Don't update urgent bkops level when toggling auto
  bkops (bsc#1186997).
- scsi: cxgb3i: Fix some leaks in init_act_open() (bsc#1186959).
- scsi: ufs-qcom: Fix scheduling while atomic issue (bsc#1187002).
- scsi: aacraid: Use memdup_user() as a cleanup (bsc#1186951).
- scsi: qedi: Check for buffer overflow in qedi_set_path()
  (bsc#1186983).
- Revert "/scsi: core: run queue if SCSI device queue isn't ready
  and queue is idle"/ (bsc#1186949).
- scsi: ufshcd: use an enum for quirks (bsc#1186999).
- commit 063da01
- scsi: lpfc: Fix failure to transmit ABTS on FC link (git-fixes).
- scsi: qla2xxx: Prevent PRLI in target mode (git-fixes).
- commit df14b8a
- blacklist: Add not necessary git-fixes
- commit 203b357
- wireguard: allowedips: initialize list head in selftest
  (git-fixes).
- wireguard: peer: allocate in kmem_cache (git-fixes).
- wireguard: use synchronize_net rather than synchronize_rcu
  (git-fixes).
- wireguard: do not use -O3 (git-fixes).
- wireguard: selftests: make sure rp_filter is disabled on vethc
  (git-fixes).
- wireguard: selftests: remove old conntrack kconfig value
  (git-fixes).
- wireguard: queueing: get rid of per-peer ring buffers
  (git-fixes).
- wireguard: peer: put frequently used members above cache lines
  (git-fixes).
- commit f17f786
- pid: take a reference when initializing `cad_pid` (bsc#1152489).
- commit 7fbca02
- x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
  (bsc#1152489).
- commit 76a898b
- NFC: SUSE specific brutal fix for runtime PM (bsc#1185589).
- commit c32c592
- x86/fault: Don't send SIGSEGV twice on SEGV_PKUERR
  (bsc#1152489).
- commit e986350
- config: refresh
- drop PCIE_BW (removed by a backported patch)
- commit 8a54d2d
- fix patches metadata
- fix Patch-mainline:
  patches.suse/NFS-Deal-correctly-with-attribute-generation-counter.patch
  patches.suse/NFS-Don-t-corrupt-the-value-of-pg_bytes_written-in-n.patch
  patches.suse/NFS-Don-t-discard-pNFS-layout-segments-that-are-mark.patch
  patches.suse/NFS-Don-t-gratuitously-clear-the-inode-cache-when-lo.patch
  patches.suse/NFS-Don-t-revalidate-the-directory-permissions-on-a-.patch
  patches.suse/NFS-Fix-an-Oopsable-condition-in-__nfs_pageio_add_re.patch
  patches.suse/NFS-fix-an-incorrect-limit-in-filelayout_decode_layo.patch
  patches.suse/NFSD-Repair-misuse-of-sv_lock-in-5.10.16-rt30.patch
  patches.suse/NFSv4-Don-t-discard-segments-marked-for-return-in-_p.patch
  patches.suse/NFSv4-Fix-a-NULL-pointer-dereference-in-pnfs_mark_ma.patch
  patches.suse/NFSv4-Fix-v4.0-v4.1-SEEK_DATA-return-ENOTSUPP-when-s.patch
  patches.suse/NFSv4.2-Always-flush-out-writes-in-nfs42_proc_falloc.patch
  patches.suse/NFSv4.2-fix-handling-of-sr_eof-in-SEEK-s-reply.patch
  patches.suse/NFSv4.2-fix-return-value-of-_nfs4_get_security_label.patch
  patches.suse/NFSv42-Copy-offload-should-update-the-file-size-when.patch
  patches.suse/SUNRPC-Move-fault-injection-call-sites.patch
  patches.suse/SUNRPC-Set-memalloc_nofs_save-for-sync-tasks.patch
  patches.suse/fs-nfs-Use-fatal_signal_pending-instead-of-signal_pe.patch
  patches.suse/md-Fix-missing-unused-status-line-of-proc-mdstat.patch
  patches.suse/nfsd-register-pernet-ops-last-unregister-first.patch
  patches.suse/pNFS-NFSv4-Fix-a-layout-segment-leak-in-pnfs_layout_.patch
  patches.suse/pNFS-flexfiles-fix-incorrect-size-check-in-decode_nf.patch
  patches.suse/sunrpc-fix-refcount-leak-for-rpc-auth-modules.patch
  patches.suse/svcrdma-disable-timeouts-on-rdma-backchannel.patch
  patches.suse/x86-fix-seq_file-iteration-for-pat-memtype.c.patch
  patches.suse/xprtrdma-Avoid-Receive-Queue-wrapping.patch
  patches.suse/xprtrdma-rpcrdma_mr_pop-already-does-list_del_init.patch
- commit 08c81db
- fix patch metadata
- fix Patch-mainline:
  patches.suse/pm-sleep-add-pm_debug_messages-kernel-command-line-option.patch
- commit 9d4ad2b
- kABI workaround for struct lis3lv02d change (git-fixes).
- commit b20df4c
- bus: ti-sysc: Fix flakey idling of uarts and stop using
  swsup_sidle_act (git-fixes).
- i2c: qcom-geni: Suspend and resume the bus during
  SYSTEM_SLEEP_PM ops (git-fixes).
- nfc: fix NULL ptr dereference in llcp_sock_getname() after
  failed connect (git-fixes).
- ALSA: hda/cirrus: Set Initial DMIC volume to -26 dB (git-fixes).
- commit 957e0af
- thermal/drivers/intel: Initialize RW trip to
  THERMAL_TEMP_INVALID (git-fixes).
- serial: rp2: use 'request_firmware' instead of
  'request_firmware_nowait' (git-fixes).
- USB: serial: pl2303: add device id for ADLINK ND-6530 GC
  (git-fixes).
- USB: serial: ti_usb_3410_5052: add startech.com device id
  (git-fixes).
- USB: serial: option: add Telit LE910-S1 compositions 0x7010,
  0x7011 (git-fixes).
- USB: serial: ftdi_sio: add IDs for IDS GmbH Products
  (git-fixes).
- USB: usbfs: Don't WARN about excessively large memory
  allocations (git-fixes).
- serial: max310x: unregister uart driver in case of failure
  and abort (git-fixes).
- Revert "/serial: max310x: pass return value of
  spi_register_driver"/ (git-fixes).
- usb: core: reduce power-on-good delay time of root hub
  (git-fixes).
- commit 5cd70a0
- mei: request autosuspend after sending rx flow control
  (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad
  7.0 W700 tablet (git-fixes).
- platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for
  ACPI (git-fixes).
- platform/x86: hp-wireless: add AMD's hardware id to the
  supported list (git-fixes).
- platform/x86: hp_accel: Avoid invoking _INI to speed up resume
  (git-fixes).
- media: gspca: properly check for errors in po1030_probe()
  (git-fixes).
- Revert "/media: gspca: Check the return value of write_bridge
  for timeout"/ (git-fixes).
- media: gspca: mt9m111: Check write_bridge for timeout
  (git-fixes).
- Revert "/media: gspca: mt9m111: Check write_bridge for timeout"/
  (git-fixes).
- media: dvb: Add check on sp8870_readreg return (git-fixes).
- commit c7b5e47
- gpio: cadence: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert "/media: dvb: Add check on sp8870_readreg"/ (git-fixes).
- libertas: register sysfs groups properly (git-fixes).
- Revert "/libertas: add checks for the return value of
  sysfs_create_group"/ (git-fixes).
- isdn: mISDN: correctly handle ph_info allocation failure in
  hfcsusb_ph_info (git-fixes).
- Revert "/isdn: mISDN: Fix potential NULL pointer dereference
  of kzalloc"/ (git-fixes).
- isdn: mISDNinfineon: check/cleanup ioremap failure correctly
  in setup_io (git-fixes).
- Revert "/isdn: mISDNinfineon: fix potential NULL pointer
  dereference"/ (git-fixes).
- Revert "/media: usb: gspca: add a missed check for
  goto_low_power"/ (git-fixes).
- commit 337d971
- cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588
  bsc#1185861).
- drm/amd/amdgpu: fix a potential deadlock in gpu reset
  (git-fixes).
- drm/amdgpu: Fix a use-after-free (git-fixes).
- drm/amd/amdgpu: fix refcount leak (git-fixes).
- drm/amd/display: Disconnect non-DP with no EDID (git-fixes).
- dmaengine: qcom_hidma: comment platform_driver_register call
  (git-fixes).
- Revert "/dmaengine: qcom_hidma: Check for driver register
  failure"/ (git-fixes).
- char: hpet: add checks after calling ioremap (git-fixes).
- Revert "/char: hpet: fix a missing check of ioremap"/ (git-fixes).
- commit 17141be
- efi: cper: fix snprintf() use in cper_dimm_err_location()
  (git-fixes).
- efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
  (git-fixes).
- ACPICA: Clean up context mutex during object deletion
  (git-fixes).
- hwmon: (dell-smm-hwmon) Fix index values (git-fixes).
- brcmfmac: properly check for bus register errors (git-fixes).
- Revert "/brcmfmac: add a check for the status of usb_register"/
  (git-fixes).
- ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
  (git-fixes).
- Revert "/ath6kl: return error code in
  ath6kl_wmi_set_roam_lrssi_cmd()"/ (git-fixes).
- commit d3cc1eb
- Revert "/char: hpet: fix a missing check of ioremap"/ (git-fixes).
- ttyprintk: Add TTY hangup callback (git-fixes).
- commit dac98b4
- kernel-binary.spec.in: build-id check requires elfutils.
- commit 01569b3
- NFSv4: Fix a NULL pointer dereference in
  pnfs_mark_matching_lsegs_return() (git-fixes).
- commit 33829e2
- NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set
  NFS_V4_2 config (git-fixes).
- NFS: Don't corrupt the value of pg_bytes_written in
  nfs_do_recoalesce() (git-fixes).
- NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
  (git-fixes).
- NFS: fix an incorrect limit in filelayout_decode_layout()
  (git-fixes).
- fs/nfs: Use fatal_signal_pending instead of signal_pending
  (git-fixes).
- xprtrdma: rpcrdma_mr_pop() already does list_del_init()
  (git-fixes).
- xprtrdma: Avoid Receive Queue wrapping (git-fixes).
- NFSv4: Don't discard segments marked for return in
  _pnfs_return_layout() (git-fixes).
- NFS: Don't discard pNFS layout segments that are marked for
  return (git-fixes).
- NFSv42: Copy offload should update the file size when
  appropriate (git-fixes).
- SUNRPC: Move fault injection call sites (git-fixes).
- NFSv4.2 fix handling of sr_eof in SEEK's reply (git-fixes).
- pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
  (git-fixes).
- NFS: Deal correctly with attribute generation counter overflow
  (git-fixes).
- NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
  (git-fixes).
- md: Fix missing unused status line of /proc/mdstat (git-fixes).
- sunrpc: fix refcount leak for rpc auth modules (git-fixes).
- NFSD: Repair misuse of sv_lock in 5.10.16-rt30 (git-fixes).
- svcrdma: disable timeouts on rdma backchannel (git-fixes).
- NFSv4.2: fix return value of _nfs4_get_security_label()
  (git-fixes).
- NFS: Don't gratuitously clear the inode cache when lookup failed
  (git-fixes).
- NFS: Don't revalidate the directory permissions on a lookup
  failure (git-fixes).
- SUNRPC: Set memalloc_nofs_save() for sync tasks (git-fixes).
- x86: fix seq_file iteration for pat.c (git-fixes).
- nfsd: register pernet ops last, unregister first (git-fixes).
- net: fix iteration for sctp transport seq_files (git-fixes).
- pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
  (git-fixes).
- commit 60296fb
- kernel-binary.spec: Only use mkmakefile when it exists
  Linux 5.13 no longer has a mkmakefile script
- commit b453c7b
- PM: sleep: Add pm_debug_messages kernel command line option
  (bsc#1186752).
- commit 735920b
- media: dvb: Add check on sp8870_readreg return (git-fixes).
- commit 2133cbd
- blacklist.conf: cosmetic fix
- commit ce72d5a
- media: gspca: properly check for errors in po1030_probe()
  (git-fixes).
- commit 1750a2e
- Revert "/media: gspca: Check the return value of write_bridge
  for timeout"/ (git-fixes).
- commit b97e22b
- media: gspca: mt9m111: Check write_bridge for timeout
  (git-fixes).
- commit 7f3a7f1
- Revert "/media: gspca: mt9m111: Check write_bridge for timeout"/
  (git-fixes).
- commit d087481
- blacklist.conf: depends on PD 3.0 which we don't have and cannot be
  backported
- commit a396f2f
- Update kabi files.
- update from June 2021 maitenance update submission (commit f0fe006fa3e1)
- commit 3b5c05b
- HID: magicmouse: fix NULL-deref on disconnect (git-fixes).
- HID: i2c-hid: fix format string mismatch (git-fixes).
- HID: pidff: fix error return code in hid_pidff_init()
  (git-fixes).
- HID: i2c-hid: Skip ELAN power-on command after reset
  (git-fixes).
- tpm: fix error return code in tpm2_get_cc_attrs_tbl()
  (git-fixes).
- vsock/vmci: log once the failed queue pair allocation
  (git-fixes).
- commit e5695e4
- Revert "/media: dvb: Add check on sp8870_readreg"/ (git-fixes).
- commit 3655f21
- usb: typec: tcpm: Use LE to CPU conversion when accessing
  msg->header (git-fixes).
- commit f61bf4c
- xen-pciback: redo VF placement in the virtual topology
  (git-fixes).
- commit 323098d
- usb: typec: mux: Fix matching with typec_altmode_desc
  (git-fixes).
- commit 2c2aed2
- xen-pciback: reconfigure also from backend watch handler
  (git-fixes).
- commit 5795686
- xen-blkback: fix compatibility bug with single page rings
  (git-fixes).
- commit c1a440a
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- commit 085f359
- Enable CONFIG_PCI_PF_STUB for Nvidia Ampere vGPU support (jsc#SLE-17882
  jsc#ECO-3691)
  Nvidia switched its vGPU mechanism from mdev to SRIOV since Ampere
  architecutre. For the SRIOV implementation, they used pci-pf-stub
  module. We only need to enable CONFIG_PCI_PF_STUB here,
  other dependencies have been enabled already.
- commit 8ab8eb0
- blk-settings: align max_sectors on "/logical_block_size"/ boundary
  (bsc#1185195).
- commit e302bd9
- usb: dwc3: core: don't do suspend for device mode if already
  suspended (git-fixes).
- commit 82b18d4
- usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set
  (git-fixes).
- commit 072728a
- usb: dwc3: gadget: Set link state to RX_Detect on disconnect
  (git-fixes).
- commit 6a1e8b7
- usb: dwc3: gadget: Don't send unintended link state change
  (git-fixes).
- commit acdee65
- usb: dwc3: of-simple: add a shutdown (git-fixes).
- commit 15b84b1
- usb: dwc3: debug: Remove newline printout (git-fixes).
- commit 5104cc5
- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
- commit a403162
- usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes).
- commit e16e74a
- usb: dwc3: gadget: Set BESL config parameter (git-fixes).
- commit b02b13d
- usb: dwc3: Separate field holding multiple properties
  (git-fixes).
- commit 1087836
- usb: dwc3: st: Add of_dev_put() in probe function (git-fixes).
- commit b4290b9
- usb: dwc3: st: Add of_node_put() before return in probe function
  (git-fixes).
- commit a5796ab
- usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes).
- commit 638e28a
- usb: dwc3: Use devres to get clocks (git-fixes).
- commit e717ac7
- Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731).
- commit f037781
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it
  (bsc#1184114 ltc#192237).
- commit 52ca26e
- PCI/LINK: Remove bandwidth notification (bsc#1183712).
- commit 56c94c5
- rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796)
  The product string was changed from openSUSE to Leap.
- commit 3cb7943
- rpm/split-modules: Avoid errors even if Module.* are not present
- commit 752fbc6
- Add the support for kernel-FLAVOR-optional subpackage (jsc#SLE-11796)
  This change allows to create kernel-*-optional subpackage containing
  the modules that are not shipped on SLE but only on Leap.  Those
  modules are marked in the new "/-!optional"/ marker in supported.conf.
  Flip split_optional definition in kernel-binaries.spec.in for the
  branch that needs the splitting.
- commit 1fa25f8
keyutils
- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)
- update to 1.6.3:
  * Revert the change notifications that were using /dev/watch_queue.
  * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
  * Allow "/keyctl supports"/ to retrieve raw capability data.
  * Allow "/keyctl id"/ to turn a symbolic key ID into a numeric ID.
  * Allow "/keyctl new_session"/ to name the keyring.
  * Allow "/keyctl add/padd/etc."/ to take hex-encoded data.
  * Add "/keyctl watch*"/ to expose kernel change notifications on keys.
  * Add caps for namespacing and notifications.
  * Set a default TTL on keys that upcall for name resolution.
  * Explicitly clear memory after it's held sensitive information.
  * Various manual page fixes.
  * Fix C++-related errors.
  * Add support for keyctl_move().
  * Add support for keyctl_capabilities().
  * Make key=val list optional for various public-key ops.
  * Fix system call signature for KEYCTL_PKEY_QUERY.
  * Fix 'keyctl pkey_query' argument passing.
  * Use keyctl_read_alloc() in dump_key_tree_aux().
  * Various manual page fixes.
- spec-cleaner run (fixup failing homepage url)
- prepare usrmerge (boo#1029961)
- updated to 1.6
  - Apply various specfile cleanups from Fedora.
  - request-key: Provide a command line option to suppress helper execution.
  - request-key: Find least-wildcard match rather than first match.
  - Remove the dependency on MIT Kerberos.
  - Fix some error messages
  - keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
  - Fix doc and comment typos.
  - Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
  - Add pkg-config support for finding libkeyutils.
- upstream isn't offering PGP signatures for the source tarballs anymore
- Replace krb5-devel BuildRequires with pkgconfig(krb5): Allow OBS
  to shortcut the ring0 bootstrap cycle by also using krb5-mini.
- add upstream signing key and verify source signature
- updated to 1.5.11 (bsc#1113013)
  - Add keyring restriction support.
  - Add KDF support to the Diffie-Helman function.
  - DNS: Add support for AFS config files and SRV records
kmod
- Remove enum padding constants, add enum.patch (boo#1097869).
krb5
- Fix KDC null pointer dereference via a FAST inner body that
  lacks a server field; (CVE-2021-37750); (bsc#1189929);
- Added patches:
  * 0012-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
- Fix KDC null deref on bad encrypted challenge; (CVE-2021-36222);
  (bsc#1188571);
- Added patches:
  * 0011-Fix-KDC-null-deref-on-bad-encrypted-challenge.patch
less
- Add missing runtime dependency on which, which is used by lessopen.sh.
  Fix bsc#1190552.
libcroco
- Add libcroco-CVE-2020-12825.patch: limit recursion in block and
  any productions (boo#1171685 CVE-2020-12825).
libesmtp
- Add libesmtp-fix-cve-2019-19977.patch: Fix stack-based buffer
  over-read in ntlm/ntlmstruct.c (bsc#1160462 bsc#1189097).
libgcrypt
- FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480]
  * gcry_mpi_sub_ui: fix subtracting from negative value
  * Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch
- Security fix: [bsc#1187212, CVE-2021-33560]
  * Libgcrypt mishandles ElGamal encryption because it lacks exponent
    blinding to address a side-channel attack against mpi_powm
- Add patches:
  * libgcrypt-CVE-2021-33560-ElGamal-exponent-blinding.patch
  * libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch
libnettle
- Security fix: [CVE-2021-3580, bsc#1187060]
  * Remote crash in RSA decryption via manipulated ciphertext
- Add patches:
  * libnettle-CVE-2021-3580-rsa_sec.patch
  * libnettle-CVE-2021-3580-rsa_decrypt.patch
libqt5-qtsvg
- Add patches from upstream 5.12 branch (bsc#1184783, QTBUG-91507,
  CVE-2021-3481):
  * 0001-Handle-empty-rects.patch
  * 0002-Use-QRect-isEmpty-instead-of-QRect-isNull.patch
  * 0003-Fix-oom-in-QSvgTinyDocument-load.patch
  * 0004-Fix-stack-overflow-in-QSvgHandler-resolveGradients.patch
  * 0005-Add-error-handling-to-color-parsing.patch
  * 0006-Fix-stack-overflow-in-dtor-of-QSvgTinyDocument.patch
  * 0007-Don-t-divide-by-zero.patch
  * 0008-Return-nullptr-instead-of-0.patch
  * 0009-Avoid-endless-recursion-when-inflating-gzip.patch
  * 0010-Avoid-endless-recursion-in-SvgStructureNode-bounds.patch
  * 0011-Don-t-divide-by-zero.patch
  * 0012-Use-qFuzzyIsNull-instead-of-isEmpty-on-QRectF.patch
  * 0013-Fix-check-against-division-by-zero.patch
  * 0014-Don-t-return-partially-inflated-QByteArray.patch
  * 0015-Implement-basic-format-check-also-for-compressed-svg.patch
  * 0016-Avoid-recursion-when-inflating-compressed-svgs.patch
  * 0017-Change-classification-of-XSVG-License.patch
  * 0018-Reject-corrupt-svgs-with-invalid-size.patch
  * 0019-Allow-loading-SVG-files-with-a-doctype-declaration.patch
  * 0020-Improve-handling-of-malformed-numeric-values-in-svg-.patch
  * 0021-Clamp-parsed-doubles-to-float-representable-values.patch
libsolv
- fix misparsing of '&' in attributes with libxml2
- choice rules: treat orphaned packages as newest [bsc#1190465]
- fix compatibility with Python 3.10
- new SOLVER_EXCLUDEFROMWEAK job type
- support for environments in comps parser
- bump version to 0.7.20
- Disable python2 usage on suse_version >= 1550 by default (still
  possible to use osc build --with=python).
libstorage-ng
- prefer file system over empty MS-DOS partition table (bsc#1186823)
- 4.2.78
- remove double mount options (see bsc#1186298)
- 4.2.77
libvirt
- CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults
  23b51d7b-libxl-disable-death-event.patch,
  a4e6fba0-libxl-rename-threadinfo-struct.patch,
  b9a5faea-libxl-handle-death-thread.patch,
  5c5df531-libxl-search-domid-in-thread.patch,
  a7a03324-libxl-protect-logger-access.patch
  bsc#1191668, bsc#1192017, bsc#1193981, bsc#1194041
- CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF
  1ac703a7-CVE-2021-3975.patch
  bsc#1192876
- virtlockd, virtlogd: Fix exec-restart
  c363f03e-virnetdaemon-intro-virNetDaemonQuitExecRestart.patch,
  ccc6dd8f-fix-exec-restart.patch
  bsc#1183411
- Add upstream debug patch to the libxl driver to aid in future
  debugging
  27e1779f-libxl-debug.patch
- Include collection of active VM config files in the
  supportconfig plugin
- supportconfig: Use systemctl command 'is-active' instead of
  'is-enabled' when checking if libvirtd is active
- spec: Fix hangs during package update
  bsc#1177902, bsc#1190693
- spec: Don't add --timeout arg to /etc/sysconfig/libvirtd when
  running in traditional mode without socket activation
  bsc#1190695
- libxl: Fix driver reload
  65fab900-libxl-fix-driver-reload.patch,
  51eb680b-libxl-dont-autostart-on-reload.patch
  bsc#1190420
- qemu: Set label on vhostuser net device when hotplugging
  2e8ebfe3-label-vhostuser-port.patch
  bsc#1186398
- supportconfig: When checking for installed hypervisor drivers,
  use the libvirtr-daemon-driver-<hypervisor> package instead of
  libvirt-daemon-<hypervisor>. The latter are not required packages
  for a functioning hypervisor driver.
- storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath
  CVE-2021-3667
  447f69de-CVE-2021-3667.patch
  bsc#1188843
- spec: Don't forcibly remove '--listen' arg from
  /etc/sysconfig/libvirtd. Add '--timeout 120' if '--listen' is
  not specified.
  bsc#1188232
- virtlockd: Don't report error if lockspace exists
  de1e0ae0-lockd-no-error-if-lockspace.patch
  bsc#1184253
- CVE-2021-3631: fix SELinux label generation logic
  15073504-CVE-2021-3631.patch
  bsc#1187871
libyui-ncurses-pkg
- Fixed crash in NCurses online update when retracted packages
  are present (bsc#1191130)
- 2.50.8
libzypp
- Disable logger in the child after fork (bsc#1192436)
- version 17.28.8 (22)
- Check log writer before accessing it (fixes #355, bsc#1192337)
- Save locks: Update an existing locks changed comment string.
- Allow uname-r format in purge kernels keepspec (fixes
  openSUSE/zypper#418)
- version 17.28.7 (22)
- Zypper should keep cached files if transaction is aborted
  (bsc#1190356)
  Singletrans mode currently does not keep files around if the
  transaction is aborted. This patch fixes the problem.
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Use procfs to detect nr of open fd's if rlimit is too high
  (bsc#1191324)
  Especially in a VM iterating over all possible fd's to close open
  ones right before a exec() slows down zypper unnecessarily. This
  patch uses /proc/self/fd to iterate over open fd's in case rlimit
  is above 1024.
- po: Fix some lost '%' signs in positional args (bsc#1191370)
- RepoManager: Don't probe for plaindir repo if URL schema is
  plugin: (bsc#1191286)
- version 17.28.6 (22)
- Downloader does not respect checkExistsOnly flag (bsc#1190712)
  A missing check causes zyppng::Downloader to always download full
  files even if the checkExistsOnly flag is set. This patch adds
  the missing logic.
- Fix kernel-*-livepatch removal in purge-kernels (bsc#1190815)
  The kernel-*-livepatch packages are supposed to serve as a stable
  handle for the ephemeral kernel livepatch packages. See
  FATE#320268 for details. As part of the kernel live patching
  ecosystem, kernel-*-livepatch packages should not block the
  purge-kernels step.
- version 17.28.5 (22)
- Make sure to keep states alives while transitioning
  (bsc#1190199)
- May set techpreview variables for testing in /etc/zypp/zypp.conf.
  If environment variables are unhandy one may enable the desired
  techpreview in zypp.conf as well:
    [main]
    techpreview.ZYPP_SINGLE_RPMTRANS=1
    techpreview.ZYPP_MEDIANETWORK=1
- version 17.28.4 (22)
- CMake/spec: Add option to force SINGLE_RPMTRANS as default for
  zypper (fixes #340)
- Make sure singleTrans is zypper-only for now.
- Do not double check signatures and keys (bsc#1190059)
- version 17.28.3 (22)
- Workaround Bug 1189788: Don't allow ZYPP_SINGLE_RPMTRANS=1 on a
  not UsrMerged Tumbleweed system.
- version 17.28.2 (22)
- Fix crashes in logging code when shutting down (bsc#1189031)
- version 17.28.1 (22)
- Rephrase vendor conflict message in case 2 packages are
  involved (bsc#1187760)
  This covers the case where not the packages itself would change
  its vendor, but replaces a package from a different vendor.
- Fix solver jobs for PTFs (bsc#1186503)
- spec: switch to pkgconfig(openssl)
- Show key fpr from signature when signature check fails
  (bsc#1187224)
  Rpm by default only shows the short key ID when checking the
  signature of a package fails. This patch reads the signatures
  from the RPM headers and replaces she short IDs with the key
  fingerprints fetched from the signatures.
- Implement alternative single transaction commit strategy.
  This patch adds a experimental commit strategy that runs all
  operations in a single rpm transaction, speeding up the execution
  a lot.
- Use ZYPP_MEDIANETWORK=1 to enable the experimental new media
  backend.
- Implement zchunk download, refactor Downloader backend.
- Fix purge-kernels fails with kernels from Kernel:HEAD
  (bsc#1187738)
  There recently was a change in the kernel package naming scheme
  in regards to rc kernels. Since kernel upstream uses characters
  in the version that are not allowed in rpm versions a "/-rc"/ was
  previously replaced with "/.rc"/ which broke sorting by version, to
  fix this issue it was replaced with "/~rc"/, which unfortunately
  broke the purge-kernels logic. This patch makes sure purge-kernel
  does apply the same conversion.
- version 17.28.0 (22)
- Enhance XML output of repo GPG options (fixes openSUSE/zypper#390)
  In addition to the effective values, add optional attributes
  showing the raw values actually present in the .repo file.
  (raw_gpgcheck, raw_repo_gpgcheck, raw_pkg_gpgcheck)
- Link all executables with -pie (bsc#1186447)
- Ship an empty /etc/zypp/needreboot per default (fixes #311, jsc#PM-2645)
  If packages want to trigger the reboot-needed hiint upon installation
  they may provide 'installhint(reboot-needed)'.
  Builtin packages triggering the hint without the provides are
  only kernel and kernel-firmware related.
- Add Solvable::isBlacklisted as superset of retracted and ptf
  packages (bsc#1186503)
- Fix segv if ZYPP_FULLOG is set (fixes #317)
- version 17.27.0 (22)
lua53
- Sync with Factory (5.3.6), includes fixes for
  - Long brackets with a huge number of '=' overflow some
    internal buffer arithmetic.
  - bsc#1123043 CVE-2019-6706 Fix free-after-use bug in
    lua_upvaluejoin function of lapi.c
- Remove upstreamed patches:
  - CVE-2019-6706-use-after-free-lua_upvaluejoin.patch
- Update to version 5.3.6:
  * Fixes bugs found in Lua 5.3.5 and Lua 5.4.0
  * Lua 5.3 is now EOL
- Removed upstream-bugs.patch: new release (no bugs found yet)
- Removed upstream-bugs-backport-lua54.patch: new release (no bugs found yet)
- Added upstream-bugs.patch: upstream bug patches
  * Patches 2,3,4
- Added upstream-bugs-backport-lua54.patch: bugs discovered in lua54
  * Patch 10: CVE-2020-24371, boo#1175449
  * Patch 11: CVE-2020-24370, boo#1175448
  * Patch 13
- Add RISC-V to list of 64-bit architectures
- Use FAT LTO objects in order to provide proper static library.
- Update to 5.3.5:
  (it is really problematic to find ANY documentation of changes
  between minor versions; the best we have is
  https://www.lua.org/bugs.html)
  - Long brackets with a huge number of '=' overflow some
    internal buffer arithmetic.
  - Small build tweaks.
lvm2
- starting with 12SP4 lvconvert no longer takes stripes option (bsc#1183905)
  + bug-1183905_lvconvert-allow-stripes-stripesize-in-mirror-convers.patch
- LVM vgimportclone on hardware snapshot does not work (bsc#1193181)
  + bug-1193181_vgimportclone_on_hardware_snapshot_does_not_work.patch
- vgextend crash when extending VG with missing PV (bsc#1191019)
  + bug-1191019_vgextend-check-missing-device-during-block-size-chec.patch
- Link test as position independent executable (bsc#1184124).
  + bug-1184124-link-tests-as-PIE.patch
mailx
- Add patch mailx-12.5-systemd.patch to add description how to avoid
  bugs like bsc#1192916 -- mailx does not send mails unless run via
  strace or in verbose mode
- fix-sendmail-name.patch: fix name argument when calling
  /usr/sbin/sendmail [bsc#1180355].
- Updates to mailx-12.5-openssl-1.1.0f.patch
  * If the openssl RNG is already
  seeded (on linux it always is) skip snake-oil reeseeding from
  file. Update man page accordingly.
  * Update man page with information that ssl2 and ssl3 are
    not only deprecated but currently unavailable and that
    tls1 forces TLS 1.0 but not later versions.
  * RAND_EGD is also unavailable, not just unused.
  * set SSL_OP_NO_TICKET, many servers accept session
    tickets, but almost never rotate them properly, TLS 1.3
    session tickets are not affected by this flag.
  * When using client certificates, check if the cert and key
    match each other.
- Remove redundant %clean section.
- Replace old $RPM_* shell vars by macros.
man-pages
- install kernel_lockdown.7 man page [bsc#1185534]
- added sources
  + kernel_lockdown.7
mozilla-nspr
- update to version 4.32:
  * implement new socket option PR_SockOpt_DontFrag
  * support larger DNS records by increasing the default buffer
    size for DNS queries
- update to version 4.31:
  * Lock access to PRCallOnceType members in PR_CallOnce* for
    thread safety bmo#1686138
- update to version 4.30
  * support longer thread names on macOS
  * fix a build failure on OpenBSD
- update to version 4.29
  * Remove macOS Code Fragment Manager support code
  * Remove XP_MACOSX and OS_TARGET=MacOSX
  * Refresh config.guess and config.sub
  * Remove NSPR's patch to config.sub
  * Add support for e2k target (64-bit Elbrus 2000)
- update to version 4.28
  * Fix a compiler warning
  * Add rule for cross-compiling with cygwin
- update to version 4.27
  * the macOS platform code for shared library loading was
  * An include statement for a Windows system library header
    was added
- update to version 4.26
  * PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
    information about the operating system build version.
  * Better support parallel building on Windows.
  * The internal release automatic script requires python 3.
mozilla-nss
- Mozilla NSS 3.68.2 (bsc#1193845)
  * mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
    (bmo#966856)
- Mozilla NSS 3.68.1
  MFSA 2021-51 (bsc#1193170)
  * CVE-2021-43527 (bmo#1737470)
    Memory corruption via DER-encoded DSA and RSA-PSS signatures
- Remove now obsolete patch nss-bsc1193170.patch
- Add patch to fix CVE-2021-43527 (bsc#1193170):
  nss-bsc1193170.patch
- Removed nss-fips-kdf-self-tests.patch.  This was made
  obsolete by upstream changes. (bmo#1660304)
- Rebase nss-fips-stricter-dh.patch needed due to upstream changes.
- Update nss-fips-constructor-self-tests.patch to fix crashes
  reported by upstream. This was likely affecting WebRTC calls.
- update to NSS 3.68
  * bmo#1713562 - Fix test leak.
  * bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
  * bmo#1693206 - Implement PKCS8 export of ECDSA keys.
  * bmo#1712883 - DTLS 1.3 draft-43.
  * bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
  * bmo#1713562 - Validate ECH public names.
  * bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
- update to NSS 3.67
  * bmo#1683710 - Add a means to disable ALPN.
  * bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
  * bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
  * bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
  * bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
- update to NSS 3.66
  * bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
  * bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
  * bmo#1708307 - Remove Trustis FPS Root CA from NSS.
  * bmo#1707097 - Add Certum Trusted Root CA to NSS.
  * bmo#1707097 - Add Certum EC-384 CA to NSS.
  * bmo#1703942 - Add ANF Secure Server Root CA to NSS.
  * bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
  * bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
  * bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
  * bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
  * bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
  * bmo#1709291 - Add VerifyCodeSigningCertificateChain.
  * Use GNU tar for the release helper script.
- update to NSS 3.65
  * bmo#1709654 - Update for NetBSD configuration.
  * bmo#1709750 - Disable HPKE test when fuzzing.
  * bmo#1566124 - Optimize AES-GCM for ppc64le.
  * bmo#1699021 - Add AES-256-GCM to HPKE.
  * bmo#1698419 - ECH -10 updates.
  * bmo#1692930 - Update HPKE to final version.
  * bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
  * bmo#1703936 - New coverity/cpp scanner errors.
  * bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
  * bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
  * bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
- refreshed patches
- Firefox 90.0 requires NSS 3.66
- update to NSS 3.64
  * bmo#1705286 - Properly detect mips64.
  * bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
    disable_crypto_vsx.
  * bmo#1698320 - replace __builtin_cpu_supports("/vsx"/) with
    ppc_crypto_support() for clang.
  * bmo#1613235 - Add POWER ChaCha20 stream cipher vector
    acceleration.
- update to NSS 3.63.1
  * no upstream release notes for 3.63.1 (yet)
  Fixed in 3.63
  * bmo#1697380 - Make a clang-format run on top of helpful contributions.
  * bmo#1683520 - ECCKiila P384, change syntax of nested structs
    initialization to prevent build isses with GCC 4.8.
  * bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
    scalar multiplication.
  * bmo#1683520 - ECCKiila P521, change syntax of nested structs
    initialization to prevent build isses with GCC 4.8.
  * bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
    scalar multiplication.
  * bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
  * bmo#1694214 - tstclnt can't enable middlebox compat mode.
  * bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
    profiles.
  * bmo#1685880 - Minor fix to prevent unused variable on early return.
  * bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
    with nss build.
  * bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
    of root CA changes, CA list version 2.48.
  * bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
    'Chambers of Commerce' and 'Global Chambersign' roots.
  * bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
  * bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
  * bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
  * bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
    from NSS.
  * bmo#1687822 - Turn off Websites trust bit for the “Staat der
    Nederlanden Root CA - G3” root cert in NSS.
  * bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
    Root - 2008' and 'Global Chambersign Root - 2008’.
  * bmo#1694291 - Tracing fixes for ECH.
- required for Firefox 88
- update to NSS 3.62
  * bmo#1688374 - Fix parallel build NSS-3.61 with make
  * bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
    can corrupt "/cachedCertTable"/
  * bmo#1690583 - Fix CH padding extension size calculation
  * bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
  * bmo#1690421 - Install packaged libabigail in docker-builds image
  * bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
  * bmo#1674819 - Fixup a51fae403328, enum type may be signed
  * bmo#1681585 - Add ECH support to selfserv
  * bmo#1681585 - Update ECH to Draft-09
  * bmo#1678398 - Add Export/Import functions for HPKE context
  * bmo#1678398 - Update HPKE to draft-07
- required for Firefox 87
- Add nss-btrfs-sqlite.patch to address bmo#1690232
- update to NSS 3.61
  * required for Firefox 86
  * bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
    values under certain conditions.
  * bmo#1684300 - Fix default PBE iteration count when NSS is compiled
    with NSS_DISABLE_DBM.
  * bmo#1651411 - Improve constant-timeness in RSA operations.
  * bmo#1677207 - Upgrade Google Test version to latest release.
  * bmo#1654332 - Add aarch64-make target to nss-try.
- update to NSS 3.60.1
  Notable changes in NSS 3.60:
  * TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
    has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
    implementation. See bmo#1654332 for more information.
  * December 2020 batch of Root CA changes, builtins library updated
    to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
    for more information.
- removed obsolete ppc-old-abi-v3.patch
- update to NSS 3.59.1
  * bmo#1679290 - Fix potential deadlock with certain third-party
    PKCS11 modules
- update to NSS 3.59
  Notable changes
  * Exported two existing functions from libnss:
    CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
  Bugfixes
  * bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
  * bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
  * bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
  * bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
  * bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
    root certs when SHA1 signatures are disabled.
  * bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
    solve some test intermittents
  * bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
    our CVE-2020-25648 fix that broke purple-discord
    (boo#1179382)
  * bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
  * bmo#1667989 - Fix gyp linking on Solaris
  * bmo#1668123 - Export CERT_AddCertToListHeadWithData and
    CERT_AddCertToListTailWithData from libnss
  * bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
  * bmo#1663091 - Remove unnecessary assertions in the streaming
    ASN.1 decoder that affected decoding certain PKCS8
    private keys when using NSS debug builds
  * bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
- update to NSS 3.58
  Bugs fixed:
  * bmo#1641480 (CVE-2020-25648)
    Tighten CCS handling for middlebox compatibility mode.
  * bmo#1631890 - Add support for Hybrid Public Key Encryption
    (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
    (draft-ietf-tls-esni).
  * bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
    extensions.
  * bmo#1668328 - Handle spaces in the Python path name when using
    gyp on Windows.
  * bmo#1667153 - Add PK11_ImportDataKey for data object import.
  * bmo#1665715 - Pass the embedded SCT list extension (if present)
    to TrustDomain::CheckRevocation instead of the notBefore value.
- install libraries in %{_libdir} (boo#1029961)
- Fix build with RPM 4.16: error: bare words are no longer
  supported, please use "/..."/:  lib64 == lib64.
- update to NSS 3.57
  * The following CA certificates were Added:
    bmo#1663049 - CN=Trustwave Global Certification Authority
    SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
    bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
    SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
    bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
    SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
  * The following CA certificates were Removed:
    bmo#1651211 - CN=EE Certification Centre Root CA
    SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
    bmo#1656077 - O=Government Root Certification Authority; C=TW
    SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
  * Trust settings for the following CA certificates were Modified:
    bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
    Websites (server authentication) trust bit removed.
  * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
- requires NSPR 4.29
- removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256)
- introduced _constraints due to high memory requirements especially
  for LTO on Tumbleweed
- Add patch to fix build on aarch64 - boo#1176934:
  * nss-freebl-fix-aarch64.patch
- Update nss-fips-approved-crypto-non-ec.patch to match RC2 code
  being moved to deprecated/.
- Remove nss-fix-dh-pkcs-derive-inverted-logic.patch. This was made
  obsolete by upstream changes.
- update to NSS 3.56
  Notable changes
  * bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
  * bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
  * bmo#1654142 - Add CPU feature detection for Intel SHA extension.
  * bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
  * bmo#1656986 - Properly detect arm64 during GYP build architecture
    detection.
  * bmo#1652729 - Add build flag to disable RC2 and relocate to
    lib/freebl/deprecated.
  * bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
  * bmo#1588941 - Send empty certificate message when scheme selection
    fails.
  * bmo#1652032 - Fix failure to build in Windows arm64 makefile
    cross-compilation.
  * bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
  * bmo#1653975 - Fix 3.53 regression by setting "/all"/ as the default
    makefile target.
  * bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
  * bmo#1659814 - Fix interop.sh failures with newer tls-interop
    commit and dependencies.
  * bmo#1656519 - NSPR dependency updated to 4.28
- do not hard require mozilla-nss-certs-32bit via baselibs
  (boo#1176206)
- update to NSS 3.55
  Notable changes
  * P384 and P521 elliptic curve implementations are replaced with
    verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
  * PK11_FindCertInSlot is added. With this function, a given slot
    can be queried with a DER-Encoded certificate, providing performance
    and usability improvements over other mechanisms. (bmo#1649633)
  * DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
  Relevant Bugfixes
  * bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
    P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
  * bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
  * bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
  * bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
    ChaCha20 (which was not functioning correctly) and more strictly
    enforce tag length.
  * bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1653202 - Fix initialization bug in blapitest when compiled
    with NSS_DISABLE_DEPRECATED_SEED.
  * bmo#1646594 - Fix AVX2 detection in makefile builds.
  * bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
    for a DER-encoded certificate.
  * bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
  * bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
  * bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
  * bmo#1649226 - Add Wycheproof ECDSA tests.
  * bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
  * bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
    RSA_CheckSignRecover.
  * bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
    signature_algorithms extension.
- update to NSS 3.54
  Notable changes
  * Support for TLS 1.3 external pre-shared keys (bmo#1603042).
  * Use ARM Cryptography Extension for SHA256, when available
    (bmo#1528113)
  * The following CA certificates were Added:
    bmo#1645186 - certSIGN Root CA G2.
    bmo#1645174 - e-Szigno Root CA 2017.
    bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
    bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
  * The following CA certificates were Removed:
    bmo#1645199 - AddTrust Class 1 CA Root.
    bmo#1645199 - AddTrust External CA Root.
    bmo#1641718 - LuxTrust Global Root 2.
    bmo#1639987 - Staat der Nederlanden Root CA - G2.
    bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
    bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
    bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
  * A number of certificates had their Email trust bit disabled.
    See bmo#1618402 for a complete list.
  Bugs fixed
  * bmo#1528113 - Use ARM Cryptography Extension for SHA256.
  * bmo#1603042 - Add TLS 1.3 external PSK support.
  * bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
  * bmo#1645186 - Add "/certSIGN Root CA G2"/ root certificate.
  * bmo#1645174 - Add Microsec's "/e-Szigno Root CA 2017"/ root certificate.
  * bmo#1641716 - Add Microsoft's non-EV root certificates.
  * bmo1621151 - Disable email trust bit for "/O=Government
    Root Certification Authority; C=TW"/ root.
  * bmo#1645199 - Remove AddTrust root certificates.
  * bmo#1641718 - Remove "/LuxTrust Global Root 2"/ root certificate.
  * bmo#1639987 - Remove "/Staat der Nederlanden Root CA - G2"/ root
    certificate.
  * bmo#1618402 - Remove Symantec root certificates and disable email trust
    bit.
  * bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
  * bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
  * bmo#1642153 - Fix infinite recursion building NSS.
  * bmo#1642638 - Fix fuzzing assertion crash.
  * bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
  * bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
  * bmo#1643557 - Fix numerous compile warnings in NSS.
  * bmo#1644774 - SSL gtests to use ClearServerCache when resetting
    self-encrypt keys.
  * bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
  * bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
ncurses
- Add patch bsc1190793-63ca9e06.patch to fix bsc#1190793 for
  CVE-2021-39537: ncurses: heap-based buffer overflow in
  _nc_captoinfo in captoinfo.c
net-snmp
- Fix LFH violation during v3 user creation (bsc#1181591).
  Add net-snmp-5.7.3-fix-create-v3-user-outfile.patch
- Fix hrStorage autofs objects timeout problems (bsc#1179699, bsc#1145864).
  Add net-snmp-5.7.3-host-mib-skip-autofs-entries.patch
  Add net-snmp-5.7.3-fix-missing-mib-hrStorage-indexes.patch
- Fix NSS mounted volumes in hrStorageDescr (bsc#1100146).
  Add net-snmp-5.7.3-recognize-nss-pools-and-nss-volumes-oes.patch
- Fix subagent crash at save_set_var() (bsc#1178021).
  Add net-snmp-5.7.3-subagent-set-response.patch
- Fix subagent data corruption (bsc#1178351, bsc#1179009).
  Add net-snmp-5.7.3-fix-subagent-data-corruption.patch
- Fix output for high memTotalReal RAM values (bsc#1152968).
  Add net-snmp-5.7.3-ucd-snmp-mib-add-64-bit-mem-obj.patch
- Make extended MIB read-only (bsc#1174961, CVE-2020-15862).
  Add net-snmp-5.7.3-make-extended-mib-read-only.patch
- Add Lustre filesystem support (bsc#1140341, jsc#SLE-6120).
  Add net-snmp-5.7.3-add-lustre-fs-support.patch
- Add info about the original agent which triggered the trap.
  When the trap is forwarded there was no info about the original
  agent (bsc#1116807).
  Add net-snmp-5.7.3-snmptrapd-add-forwarder-info.patch
- Fix missing sysconfig files creation (bsc#1108471).
- Fix remote DoS in agent/helpers/table.c (bsc#1111122, CVE-2018-18065)
  Add net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch
- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
  Add net-snmp-5.7.3-swintst_rpm-Protect-against-unspecified-Group-name.patch
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)
  Add net-snmp-fix-agentx-freezing-on-timeout.patch
netcfg
- add submissions port number [bsc#1189683]
- modified patches
  % services-suse.diff
ocfs2-tools
- Rollback when dir_index creation fails (bsc#1192103)
  + libocfs2-roll-back-when-dir_index-creation-fails.patch
- Fix mounted.ocfs2 output when some devices are not ready (bsc#1191810)
  + fixed-mounted.ocfs2-output-when-some-devices-are-Not.patch
  + update-mounted.ocfs2-mounted.c.patch
openldap2
- bsc#1187210 - Resolve bug in the idle / connection TTL timeout
  implementation in OpenLDAP.
  * 0231-ITS-9468-Added-test-case-for-proxy-re-binding-anonym.patch
  * 0232-ITS-9468-back-ldap-Return-disconect-if-rebind-cannot.patch
  * 0233-ITS-9468-removed-accidental-unicode-characters.patch
  * 0234-ITS-9468-documented-that-re-connecting-does-not-happ.patch
  * 0235-ITS-9468-summarize-discussion-about-rebind-as-user.patch
  * 0236-ITS-9468-fixed-typos.patch
  * 0237-ITS-9468-always-init-lc_time-and-lc_create_time.patch
  * 0238-ITS-9468-do-not-arm-expire-timer-for-connections-tha.patch
openssl-1_1
- Add RSA_get0_pss_params() accessor that is used by nodejs16
  and provide openssl-has-RSA_get0_pss_params, fixes bsc#1192489.
  * Add patch rsa-pss.patch, provided by Adam Majer, amajer@suse.com
- Other OpenSSL functions that print ASN.1 data have been found to assume that
  the ASN1_STRING byte array will be NUL terminated, even though this is not
  guaranteed for strings that have been directly constructed. Where an application
  requests an ASN.1 structure to be printed, and where that ASN.1 structure
  contains ASN1_STRINGs that have been directly constructed by the application
  without NUL terminating the "/data"/ field, then a read buffer overrun can occur.
  * CVE-2021-3712 continued
  * bsc#1189521
  * Add CVE-2021-3712-other-ASN1_STRING-issues.patch
  * Sourced from openssl-CVE-2021-3712.tar.bz2 posted on bsc-1189521
    2021-08-24 00:47 PDT by Marcus Meissner
- A bug in the implementation of the SM2 decryption code means that the
  calculation of the buffer size required to hold the plaintext returned by the
  first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
  the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
  called by the application a second time with a buffer that is too small.
  * CVE-2021-3711
  * bsc#1189520
  * Add:
    CVE-2021-3711-1-Correctly-calculate-the-length-of-SM2-plaintext-give.patch
    CVE-2021-3711-2-Extend-tests-for-SM2-decryption.patch
    CVE-2021-3711-3-Check-the-plaintext-buffer-is-large-enough-when-decr.patch
- The function X509_aux_print() has a bug which may cause a read buffer overrun
  when printing certificate details. A malicious actor could construct a
  certificate to deliberately hit this bug, which may result in a crash of the
  application (causing a Denial of Service attack).
  * CVE-2021-3712
  * bsc#1189521
  * Add CVE-2021-3712-Fix-read-buffer-overrun-in-X509_aux_print.patch
- Previously added patch interferes with FIPS validation.
  * Removed openssl-1.1.1-fips_list_ciphers.patch
p11-kit
- 0001-common-Use-reallocarray-instead-of-realloc-as-approp.patch
  0001-Check-for-arithmetic-overflows-before-allocating.patch
  0001-Follow-up-to-arithmetic-overflow-fix.patch:
  Fixed multiple integer overflows in rpc code (bsc#1180064
  CVE-2020-29361)
- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993,
  0001-trust-Support-CKA_NSS_-SERVER-EMAIL-_DISTRUST_AFTER.patch)
- add bcond to spec file to enable debug easily
pacemaker
- controller: ensure newly joining node learns the node names of non-DCs (bsc#1180618)
  * bsc#1180618-0002-Fix-controller-ensure-newly-joining-node-learns-the-.patch
- scheduler: add test for probe of unmanaged resource on pending node (bsc#1188653)
  * bsc#1188653-0003-Test-scheduler-add-test-for-probe-of-unmanaged-resou.patch
- scheduler: update existing tests for probe scheduling change (bsc#1188653)
  * bsc#1188653-0002-Test-scheduler-update-existing-tests-for-probe-sched.patch
- scheduler: don't schedule probes of unmanaged resources on pending nodes (bsc#1188653)
  * bsc#1188653-0001-Fix-scheduler-don-t-schedule-probes-of-unmanaged-res.patch
- libcrmcommon: Correctly handle case-sensitive ids of xml objects when changing a value. (bsc#1187414)
  * bsc#1187414-0001-Fix-libcrmcommon-Correctly-handle-case-sensitive-ids.patch
- controld: purge attrd attributes when the remote node is up to ensure sync with CIB (bsc#1186693)
  * bsc#1186693-clean-attrd-attributes-when-remote-node-is-up.patch
- fenced: Remove relayed stonith operation.(Fix:CLBZ#5401) (bsc#1181744)
- controld-fencing: add notice-log for successful fencer-connect (bsc#1181744)
- st_client: make safe to remove notifications from notifications (bsc#1181744)
- fence-history: resync fence-history after fenced crash (bsc#1181744)
- fence-history: add notification upon history-synced (bsc#1181744)
- controld-fencing: remove-notifications upon connection-destroy (bsc#1181744)
- fence-history: fail leftover pending-actions after fenced-restart (bsc#1181744)
- libpe_status: handle pending migrations correctly (bsc#1177212)
pam
- Corrected a bad directive file which resulted in
  the "/securetty"/ file to be installed as "/macros.pam"/.
  [pam.spec]
- Added tmpfiles for pam to set up directory for pam_faillock.
  [pam.conf]
- Corrected macros.pam entry for %_pam_moduledir
  Cleanup in pam.spec:
  * Replaced all references to ${_lib}/security in pam.spec by
  %{_pam_moduledir}
  * Removed definition of (unused) "/amdir"/.
- Added new file macros.pam on request of systemd.
  [bsc#1190052, macros.pam]
- Added pam_faillock to the set of modules.
  [jsc#sle-20638, pam-sle20638-add-pam_faillock.patch]
pam-config
- Add "/revoke"/ to the option list for pam_keyinit
  (Remove some leftover debugs while we're at it)
  [pam-config-fix-pam_keyinit-options.patch]
- prior to writing an service-specific config file, the main function
  calls access() on the destination file in /etc/pam.d.
  This will fail and no config file will be written when the original
  config file was installed in /usr/etc/pam.d.
  A similar problem exists when creating the new service file:
  create_service_file() wants to give the new service file the same
  user, group and mode as the old one, but the old one may not exist.
  In that case, set these to 0(root), 0(root), and 0644.
  [pam-config-remove-bad-access-call.patch, bsc#1187091]
patterns-base
- Use the same icon in the fips pattern as the previous pattern had
  (bsc#1189550)
- Fix bug in create_32bit-patterns_file.pl leading to bogus
  "/Recommends: pattern()-32bit"/
- Ignore boolean deps in create_32bit-patterns_file.pl for now
- Run pre_checkin.sh, was overdue
- Make the fips pattern supersede "/patterns-server-enterprise-fips"/,
  take missing pieces and obsolete it
- Add pattern to install necessary packages for FIPS (bsc#1183154)
patterns-server-enterprise
- Move the FIPS pattern to patterns-base-fips (bsc#1183154)
- Run pre_checkin.sh, was overdue
pcre
- pcre 8.45 (the final release)
  * Fixed a small (*MARK) bug in the interpreter (Bugzilla #2771).
- pcre 8.44
  * Small patch to pcreposix.c to set the erroroffset field to -1 immediately
  after a successful compile, instead of at the start of matching to avoid a
  sanitizer complaint (regexec is supposed to be thread safe).
  * Check the size of the number after (?C as it is read, in order to avoid
  integer overflow. (bsc#1172974, CVE-2020-14155)
  * Tidy up left shifts to avoid sanitize warnings; also fix one NULL deference
  in pcretest.
- pcre 8.43
  * In a pattern such as /[^x{100}-x{ffff}]*[x80-xff]/ which has a repeated
  negative class with no characters less than 0x100 followed by a positive class
  with only characters less than 0x100, the first class was incorrectly being
  auto-possessified, causing incorrect match failures.
  * If the only branch in a conditional subpattern was anchored, the whole
  subpattern was treated as anchored, when it should not have been, since the
  assumed empty second branch cannot be anchored. Demonstrated by test patterns
  such as /(?(1)^())b/ or /(?(?=^))b/.
  * Fix subject buffer overread in JIT when UTF is disabled and X or R has
  a greater than 1 fixed quantifier. This issue was found by Yunho Kim.
  (bsc#1172973 CVE-2019-20838)
  * If a pattern started with a subroutine call that had a quantifier with a
  minimum of zero, an incorrect "/match must start with this character"/ could be
  recorded. Example: /(?&xxx)*ABC(?<xxx>XYZ)/ would (incorrectly) expect 'A' to
  be the first character of a match.
- pcre 8.42
  * If a backreference with a minimum repeat count of zero was first in a
  pattern, apart from assertions, an incorrect first matching character could be
  recorded. For example, for the pattern /(?=(a))1?b/, "/b"/ was incorrectly set
  as the first character of a match.
  * Fix out-of-bounds read for partial matching of /./ against an empty string
  when the newline type is CRLF.
  * When matching using the the REG_STARTEND feature of the POSIX API with a
  non-zero starting offset, unset capturing groups with lower numbers than a
  group that did capture something were not being correctly returned as "/unset"/
  (that is, with offset values of -1).
  * Matching the pattern /(*UTF)C[^v]+x80/ against an 8-bit string
  containing multi-code-unit characters caused bad behaviour and possibly a
  crash. This issue was fixed for other kinds of repeat in release 8.37 by change
  38, but repeating character classes were overlooked.
- Do not run profiling 'check' in parallel
  to make package build reproducible (boo#1040589)
pcre2
- Added 0001-Fixed-atomic-group-backtracking-bug.patch
  * bsc#1187937
  * PHP 7.6.4 on s390x returns different results for preg_match
    function as compared to older PHP versions and x86
  * Sourced from upstream subversion commit:
    $ svn log -r965 svn://vcs.pcre.org/pcre2/code/trunk
permissions
  * setuid bit for cockpit session binary (bsc#1169614)
- Update to version 20181225:
  * drop ping capabilities in favor of ICMP_PROTO sockets (bsc#1174504)
- Update to version 20181225:
pixman

      
polkit
- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568)
  added CVE-2021-4034-pkexec-fix.patch
psmisc
  * Fix bsc#1185208 to make private mount namespaces work as well
    as to distinguish NFS mounts from same remote device share.
- Change patch 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch
python-Babel
- Add CVE-2021-42771-rel-path-traversal.patch fixing
  CVE-2021-42771 by cleaning locale identifiers before loading
  from file (bsc#1185768).
python-base
- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
  (CVE-2019-20907, bpo#39017) avoiding possible infinite loop
  in specifically crafted tarball.
  Add recursion.tar as a testing tarball for the patch.
- Provide the newest setuptools wheel (bsc#1176262,
  CVE-2019-20916) in their correct form (bsc#1180686).
- Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211
  (CVE-2020-26116, bpo#39603) no longer allowing special characters in
  the method parameter of HTTPConnection.putrequest in httplib, stopping
  injection of headers. Such characters now raise ValueError.
- Renamed patch for assigned CVE:
  * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
    CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
    (boo#1189241, CVE-2021-3737)
- Renamed patch for assigned CVE:
  * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
    (boo#1189287, CVE-2021-3733)
- Fix python-doc build (bpo#35293):
  * sphinx-update-removed-function.patch
- Update documentation formatting for Sphinx 3.0 (bpo#40204).
- Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in
  request (bpo#43075, boo#1189287).
- Add missing security announcement to
  bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch.
- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
  which fixes http client infinite line reading (DoS) after a http
  100 (bpo#44022, boo#1189241).
- Modify Lib/ensurepip/__init__.py to contain the same version
  numbers as are in reality the ones in the bundled wheels
  (bsc#1187668).
- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
  bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
  _ctypes/callproc.c, which may lead to remote code execution.
- (bsc#1180125) We really don't Require python-rpm-macros package.
  Unnecessary dependency.
- Add patch configure_PYTHON_FOR_REGEN.patch which makes
  configure.ac to consider the correct version of
  PYTHON_FO_REGEN (bsc#1078326).
- Use python3-Sphinx on anything more recent than SLE-15 (inclusive).
  - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
    Caller.
  - bsc#1155094 (CVE-2019-18348) Disallow control characters in
    hostnames in http.client. Such potentially malicious header
  - Fixed possible leak in `PyArg_Parse` and similar
    `PY_SSIZE_T_CLEAN` is not defined.
  - python-2.7.14-CVE-2017-1000158.patch
  - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
  - CVE-2018-1061-DOS-via-regexp-difflib.patch
  - CVE-2019-10160-netloc-port-regression.patch
  - CVE-2019-16056-email-parse-addr.patch
- bsc#1109847 (CVE-2018-14647): add
  CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing
  bpo-34623.
  fixing bpo-35746 (CVE-2019-5010).
python-boto3
- Disables Py 2 build for SLE 15
  + Py 2 is considered legacy with limited support. Should not have been
    built or released for Py 2. This was a mistake.
- Update to version 1.18.7 (bsc#1189649)
  * api-change:``s3control``: [``botocore``] S3 Access Point aliases can be used
    anywhere you use S3 bucket names to access data in S3
  * api-change:``textract``: [``botocore``] Adds support for AnalyzeExpense, a new
    API to extract relevant data such as contact information, items purchased, and
    vendor name, from almost any invoice or receipt without the need for any templates
    or configuration.
  * api-change:``proton``: [``botocore``] Documentation-only update links
  * api-change:``identitystore``: [``botocore``] Documentation updates for SSO API Ref.
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``synthetics``: [``botocore``] CloudWatch Synthetics now supports visual
    testing in its canaries.
- from version 1.18.6
  * api-change:``securityhub``: [``botocore``] Added product name, company name, and Region
    fields for security findings. Added details objects for RDS event subscriptions and AWS
    ECS services. Added fields to the details for AWS Elasticsearch domains.
  * api-change:``imagebuilder``: [``botocore``] Update to documentation to reapply missing
    change to SSM uninstall switch default value and improve description.
  * api-change:``s3outposts``: [``botocore``] Add on-premise access type support for endpoints
- from version 1.18.5
  * api-change:``medialive``: [``botocore``] MediaLive now supports passing through style data
    on WebVTT caption outputs.
  * api-change:``databrew``: [``botocore``] This SDK release adds two new features: 1) Output
    to Native JDBC destinations and 2) Adding configurations to profile jobs
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``s3control``: [``botocore``] Documentation updates for Amazon S3-control
  * api-change:``ec2``: [``botocore``] This release allows customers to assign prefixes to their
    elastic network interface and to reserve IP blocks in their subnet CIDRs. These reserved blocks
    can be used to assign prefixes to elastic network interfaces or be excluded from auto-assignment.
  * api-change:``qldb``: [``botocore``] Amazon QLDB now supports ledgers encrypted with customer
    managed KMS keys. Changes in CreateLedger, UpdateLedger and DescribeLedger APIs to support the
    changes.
- from version 1.18.4
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for
    Amazon WorkDocs.
    For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-workdocs.html
  * api-change:``proton``: [``botocore``] Documentation updates for AWS Proton
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``rds``: [``botocore``] Adds the OriginalSnapshotCreateTime field to the DBSnapshot
    response object. This field timestamps the underlying data of a snapshot and doesn't change when
    the snapshot is copied.
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``lambda``: [``botocore``] New ResourceConflictException error code for
    PutFunctionEventInvokeConfig, UpdateFunctionEventInvokeConfig, and DeleteFunctionEventInvokeConfig
    operations.
  * api-change:``codebuild``: [``botocore``] AWS CodeBuild now allows you to set the access permissions
    for build artifacts, project artifacts, and log files that are uploaded to an Amazon S3 bucket that
    is owned by another account.
  * api-change:``personalize``: [``botocore``] My AWS Service (placeholder) - Making minProvisionedTPS
    an optional parameter when creating a campaign. If not provided, it defaults to 1.
  * api-change:``emr``: [``botocore``] Update emr client to latest version
- from version 1.18.3
  * api-change:``compute-optimizer``: [``botocore``] Documentation updates for Compute Optimizer
  * api-change:``ec2``: [``botocore``] Added idempotency to the CreateVolume API using the ClientToken
    request parameter
- from version 1.18.2
  * api-change:``imagebuilder``: [``botocore``] Documentation updates for reversal of default value for
    additional instance configuration SSM switch, plus improved descriptions for semantic versioning.
  * api-change:``directconnect``: [``botocore``] Documentation updates for directconnect
  * api-change:``health``: [``botocore``] In the Health API, the maximum number of entities for the
    EventFilter and EntityFilter data types has changed from 100 to 99. This change is related to an
    internal optimization of the AWS Health service.
  * api-change:``robomaker``: [``botocore``] This release allows customers to create a new version of
    WorldTemplates with support for Doors.
  * api-change:``location``: [``botocore``] Add five new API operations: UpdateGeofenceCollection,
    UpdateMap, UpdatePlaceIndex, UpdateRouteCalculator, UpdateTracker.
  * api-change:``emr-containers``: [``botocore``] Updated DescribeManagedEndpoint and ListManagedEndpoints
    to return failureReason and stateDetails in API response.
- from version 1.18.1
  * api-change:``appintegrations``: [``botocore``] Documentation update for AppIntegrations Service
  * api-change:``chime``: [``botocore``] This SDK release adds Account Status as one of the attributes
    in Account API response
  * api-change:``auditmanager``: [``botocore``] This release relaxes the S3 URL character restrictions
    in AWS Audit Manager. Regex patterns have been updated for the following attributes: s3RelativePath,
    destination, and s3ResourcePath. 'AWS' terms have also been replaced with entities to align with
    China Rebrand documentation efforts.
- from version 1.18.0
  * api-change:``ec2``: [``botocore``] This feature enables customers  to specify weekly recurring time
    window(s) for scheduled events that reboot, stop or terminate EC2 instances.
  * api-change:``cognito-idp``: [``botocore``] Documentation updates for cognito-idp
  * api-change:``ecs``: [``botocore``] Documentation updates for support of awsvpc mode on Windows.
  * api-change:``lex-models``: [``botocore``] Lex now supports the en-IN locale
  * api-change:``iotsitewise``: [``botocore``] Update the default endpoint for the APIs used to manage
    asset models, assets, gateways, tags, and account configurations. If you have firewalls with strict
    egress rules, configure the rules to grant you access to api.iotsitewise.[region].amazonaws.com or
    api.iotsitewise.[cn-region].amazonaws.com.cn.
  * feature:Python: Drop support for Python 2.7
  * feature:Python: [``botocore``] Dropped support for Python 2.7
- Disable Python2 builds for all SUSE distributions
- Remove Python2 build dependencies from spec file
- Update to version 1.17.112
  * api-change:``dms``: [``botocore``] Release of feature needed for ECA-Endpoint settings.
    This allows customer to delete a field in endpoint settings by using --exact-settings
    flag in modify-endpoint api. This also displays default values for certain required fields
    of endpoint settings in describe-endpoint-settings api.
  * api-change:``glue``: [``botocore``] Add support for Event Driven Workflows
  * api-change:``acm``: [``botocore``] Added support for RSA 3072 SSL certificate import
  * api-change:``healthlake``: [``botocore``] General availability for Amazon HealthLake.
    StartFHIRImportJob and StartFHIRExportJob APIs now require AWS KMS parameter. For more
    information, see the Amazon HealthLake Documentation
    https://docs.aws.amazon.com/healthlake/index.html.
  * api-change:``wellarchitected``: [``botocore``] This update provides support for Well-
    Architected API users to mark answer choices as not applicable.
  * api-change:``lightsail``: [``botocore``] This release adds support for the Amazon Lightsail
    object storage service, which allows you to create buckets and store objects.
- from version 1.17.111
  * api-change:``amplifybackend``: [``botocore``] Added Sign in with Apple OAuth provider.
  * api-change:``redshift``: [``botocore``] Release new APIs to support new Redshift
    feature - Authentication Profile
  * api-change:``ssm``: [``botocore``] Changes to OpsCenter APIs to support a new feature,
    operational insights.
  * api-change:``lex-models``: [``botocore``] Customers can now migrate bots built with
    Lex V1 APIs to V2 APIs. This release adds APIs to initiate and manage the migration
    of a bot.
  * api-change:``directconnect``: [``botocore``] This release adds a new filed named
    awsLogicalDeviceId that it displays the AWS Direct Connect endpoint which terminates
    a physical connection's BGP Sessions.
  * api-change:``pricing``: [``botocore``] Documentation updates for api.pricing
- from version 1.17.110
  * api-change:``eks``: [``botocore``] Documentation updates for Wesley to support
    the parallel node upgrade feature.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports Principal Store
- from version 1.17.109
  * api-change:``sagemaker``: [``botocore``] Releasing new APIs related to Tuning
    steps in model building pipelines.
  * api-change:``frauddetector``: [``botocore``] This release adds support for ML Explainability
    to display model variable importance value in Amazon Fraud Detector.
  * api-change:``mediaconvert``: [``botocore``] MediaConvert now supports color, style and position
    information passthrough from 608 and Teletext to SRT and WebVTT subtitles. MediaConvert now
    also supports Automatic QVBR quality levels for QVBR RateControlMode.
- from version 1.17.108
  * api-change:``eks``: [``botocore``] Added waiters for EKS FargateProfiles.
  * api-change:``outposts``: [``botocore``] Added property filters for listOutposts
  * api-change:``fms``: [``botocore``] AWS Firewall Manager now supports route table monitoring,
    and provides remediation action recommendations to security administrators for AWS Network
    Firewall policies with misconfigured routes.
  * api-change:``mediatailor``: [``botocore``] Add ListAlerts for Channel, Program, Source Location,
    and VOD Source to return alerts for resources.
  * api-change:``devops-guru``: [``botocore``] Add AnomalyReportedTimeRange field to include
    open and close time of anomalies.
  * api-change:``ssm-contacts``: [``botocore``] Updated description for CreateContactChannel contactId.
- from version 1.17.107
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
  * api-change:``mq``: [``botocore``] adds support for modifying the maintenance window for brokers.
  * api-change:``cloudfront``: [``botocore``] Amazon CloudFront now provides two new APIs,
    ListConflictingAliases and AssociateAlias, that help locate and move Alternate Domain Names (CNAMEs)
    if you encounter the CNAMEAlreadyExists error code.
  * api-change:``chime``: [``botocore``] Releasing new APIs for AWS Chime MediaCapturePipeline
  * api-change:``iotsitewise``: [``botocore``] This release add storage configuration APIs for AWS IoT SiteWise.
  * api-change:``storagegateway``: [``botocore``] Adding support for oplocks for SMB file shares,
    S3 Access Point and S3 Private Link for all file shares and IP address support for file system associations
  * api-change:``ec2``: [``botocore``] This release adds resource ids and tagging support for
    VPC security group rules.
- from version 1.17.106
  * api-change:``lambda``: [``botocore``] Added support for AmazonMQRabbitMQ as an event source.
    Added support for VIRTUAL_HOST as SourceAccessType for streams event source mappings.
  * api-change:``imagebuilder``: [``botocore``] Adds support for specifying parameters to customize components
    for recipes. Expands configuration of the Amazon EC2 instances that are used for building and testing images,
    including the ability to specify commands to run on launch, and more control over installation and removal
    of the SSM agent.
  * api-change:``mgn``: [``botocore``] Bug fix: Remove not supported EBS encryption type "/NONE"/
  * api-change:``eks``: [``botocore``] Adding new error code UnsupportedAddonModification for Addons in EKS
  * api-change:``macie2``: [``botocore``] Sensitive data findings in Amazon Macie now include enhanced location
    data for JSON and JSON Lines files
  * api-change:``sns``: [``botocore``] Documentation updates for Amazon SNS.
- from version 1.17.105
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``ec2``: [``botocore``] This release removes network-insights-boundary
- from version 1.17.104
  * api-change:``sagemaker``: [``botocore``] SageMaker model registry now supports up to 5 containers
    and associated environment variables.
  * api-change:``sqs``: [``botocore``] Documentation updates for Amazon SQS.
  * api-change:``ec2``: [``botocore``] Adding a new reserved field to support future infrastructure
    improvements for Amazon EC2 Fleet.
- from version 1.17.103
  * api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling infrastructure improvements and optimizations.
  * api-change:``kendra``: [``botocore``] Amazon Kendra Enterprise Edition now offered in smaller more granular
    units to enable customers with smaller workloads. Virtual Storage Capacity units now offer scaling in increments
    of 100,000 documents (up to 30GB) per unit and Virtual Query Units offer scaling increments of 8,000 queries per day.
  * api-change:``mediapackage-vod``: [``botocore``] Add support for Widevine DRM on CMAF packaging configurations.
    Both Widevine and FairPlay DRMs can now be used simultaneously, with CBCS encryption.
  * api-change:``ssm-contacts``: [``botocore``] Fixes the tag key length range to 128 chars,  tag value length to 256 chars;
    Adds support for UTF-8 chars for contact and channel names, Allows users to unset name in UpdateContact API; Adds
    throttling exception to StopEngagement API, validation exception to APIs UntagResource, ListTagsForResource
  * api-change:``databrew``: [``botocore``] Adds support for the output of job results to the AWS Glue Data Catalog.
  * api-change:``servicediscovery``: [``botocore``] AWS Cloud Map now allows configuring the TTL of the SOA record for a
    hosted zone to control the negative caching for new services.
- from version 1.17.102
  * api-change:``sagemaker``: [``botocore``] Sagemaker Neo now supports running compilation jobs using customer's Amazon VPC
  * api-change:``glue``: [``botocore``] Add JSON Support for Glue Schema Registry
  * api-change:``redshift``: [``botocore``] Added InvalidClusterStateFault to the DisableLogging API, thrown when calling the
    API on a non available cluster.
  * api-change:``mediaconvert``: [``botocore``] MediaConvert adds support for HDR10+, ProRes 4444,  and XAVC outputs, ADM/DAMF
    support for Dolby Atmos ingest, and alternative audio and WebVTT caption ingest via HLS inputs. MediaConvert also now
    supports creating trickplay outputs for Roku devices for HLS, CMAF, and DASH output groups.
- from version 1.17.101
  * api-change:``proton``: [``botocore``] Added waiters for template registration, service operations, and environment deployments.
  * api-change:``amplifybackend``: [``botocore``] Imports an existing backend authentication resource.
  * api-change:``snowball``: [``botocore``] AWS Snow Family customers can remotely monitor and operate their connected AWS
    Snowcone devices. AWS Snowball Edge Storage Optimized customers can now import and export their data using NFS.
- from version 1.17.100
  * api-change:``chime``: [``botocore``] Adds EventIngestionUrl field to MediaPlacement
  * api-change:``cloud9``: [``botocore``] Minor update to AWS Cloud9 documentation to allow correct parsing of outputted text
  * api-change:``connect``: [``botocore``] Released Amazon Connect quick connects management API for general availability (GA).
    For more information, see https://docs.aws.amazon.com/connect/latest/APIReference/Welcome.html
  * api-change:``dax``: [``botocore``] Add support for encryption in transit to DAX clusters.
  * api-change:``wafv2``: [``botocore``] Added support for 15 new text transformation.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports SharePoint 2013 and SharePoint 2016
    when using a SharePoint data source.
  * api-change:``securityhub``: [``botocore``] Added new resource details for ECS clusters and ECS task definitions.
    Added additional information for S3 buckets, Elasticsearch domains, and API Gateway V2 stages.
  * api-change:``transfer``: [``botocore``] Customers can successfully use legacy clients with Transfer Family
    endpoints enabled for FTPS and FTP behind routers, firewalls, and load balancers by providing a Custom IP
    address used for data channel communication.
  * api-change:``codebuild``: [``botocore``] BucketOwnerAccess is currently not supported
- from version 1.17.99
  * api-change:``docdb``: [``botocore``] DocumentDB documentation-only edits
  * api-change:``cloud9``: [``botocore``] Updated documentation for CreateEnvironmentEC2 to explain that because Amazon
    Linux AMI has ended standard support as of December 31, 2020, we recommend you choose Amazon Linux 2--which includes
    long term support through 2023--for new AWS Cloud9 environments.
  * api-change:``quicksight``: [``botocore``] Releasing new APIs for AWS QuickSight Folders
  * api-change:``mediatailor``: [``botocore``] Update GetChannelSchedule to return information on ad breaks.
  * api-change:``cloudfront``: [``botocore``] Amazon CloudFront adds support for a new security policy, TLSv1.2_2021.
  * api-change:``license-manager``: [``botocore``] AWS License Manager now allows license administrators and end users
    to communicate to each other by setting custom status reasons when updating the status on a granted license.
  * api-change:``ec2``: [``botocore``] This release adds support for provisioning your own IP (BYOIP) range in multiple
    regions. This feature is in limited Preview for this release. Contact your account manager if you are interested in
    this feature.
  * api-change:``events``: [``botocore``] Added the following parameters to ECS targets: CapacityProviderStrategy,
    EnableECSManagedTags, EnableExecuteCommand, PlacementConstraints, PlacementStrategy, PropagateTags, ReferenceId,
    and Tags
  * api-change:``cloudsearch``: [``botocore``] This release replaces previous generation CloudSearch instances with
    equivalent new instances that provide better stability at the same price.
  * api-change:``codeguru-reviewer``: [``botocore``] Adds support for S3 based full repository analysis
    and changed lines scan.
- from version 1.17.98
  * api-change:``cloudformation``: [``botocore``] CloudFormation registry service now supports 3rd party public type sharing
- from version 1.17.97
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports the indexing of web documents for search through the web crawler.
  * api-change:``sagemaker``: [``botocore``] Enable ml.g4dn instance types for SageMaker Batch Transform and SageMaker Processing
  * api-change:``rds``: [``botocore``] This release enables Database Activity Streams for RDS Oracle
  * api-change:``chime``: [``botocore``] This release adds a new API UpdateSipMediaApplicationCall, to update an in-progress
    call for SipMediaApplication.
- from version 1.17.96
  * api-change:``kms``: [``botocore``] Adds support for multi-Region keys
  * api-change:``ec2``: [``botocore``] This release adds support for VLAN-tagged network traffic over an
    Elastic Network Interface (ENI). This feature is in limited Preview for this release. Contact your account manager
    if you are interested in this feature.
  * api-change:``rds``: [``botocore``] This release enables fast cloning in Aurora Serverless. You can now clone between
    Aurora Serverless clusters and Aurora Provisioned clusters.
  * api-change:``mediatailor``: [``botocore``] Adds AWS Secrets Manager Access Token Authentication for Source Locations
- from version 1.17.95
  * api-change:``redshift-data``: [``botocore``] Redshift Data API service now supports SQL parameterization.
  * api-change:``connect``: [``botocore``] This release adds new sets of APIs: AssociateBot, DisassociateBot, and ListBots.
    You can use it to programmatically add an Amazon Lex bot or Amazon Lex V2 bot on the specified Amazon Connect instance
  * api-change:``ec2``: [``botocore``] EC2 M5n, M5dn, R5n, R5dn metal instances with 100 Gbps network performance and
    Elastic Fabric Adapter (EFA) for ultra low latency
  * api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
- from version 1.17.94
  * api-change:``lookoutmetrics``: [``botocore``] Added "/LEARNING"/ status for anomaly detector and updated description for
    "/Offset"/ parameter in MetricSet APIs.
  * api-change:``iotanalytics``: [``botocore``] Adds support for data store partitions.
  * api-change:``greengrassv2``: [``botocore``] We have verified the APIs being released here and are ready to release
- from version 1.17.93
  * api-change:``ec2``: [``botocore``] Amazon EC2 adds new AMI property to flag outdated AMIs
  * api-change:``medialive``: [``botocore``] AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27
    image-based source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
  * api-change:``mediaconnect``: [``botocore``] When you enable source failover, you can now designate one of two sources
    as the primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge
    combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
- from version 1.17.92
  * api-change:``sagemaker``: [``botocore``] Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing,
    maintaining, and deploying models to your devices. You can now create deployable IoT Greengrass components during edge
    packaging jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
  * api-change:``appmesh``: [``botocore``] AppMesh now supports additional routing capabilities in match and rewrites for
    Gateway Routes and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
  * api-change:``redshift``: [``botocore``] Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when
    calling the API on a non available cluster.
  * api-change:``chime``: [``botocore``] This SDK release adds support for UpdateAccount API to allow users to update their
    default license on Chime account.
  * api-change:``ec2``: [``botocore``] This release adds a new optional parameter connectivityType (public, private) for the
    CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC and can be
    used for communication with other VPCs and on-premise networks.
  * api-change:``ram``: [``botocore``] AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in
    ListPermissions and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter
    by permission attached
  * api-change:``sagemaker-featurestore-runtime``: [``botocore``] Release BatchGetRecord API for AWS SageMaker
    Feature Store Runtime.
  * api-change:``cognito-idp``: [``botocore``] Amazon Cognito now supports targeted sign out through refresh token revocation
  * api-change:``appflow``: [``botocore``] Adding MAP_ALL task type support.
  * api-change:``managedblockchain``: [``botocore``] This release supports KMS customer-managed Customer Master Keys (CMKs)
    on member-specific Hyperledger Fabric resources.
- from version 1.17.91
  * api-change:``transfer``: [``botocore``] Documentation updates for the AWS Transfer Family service.
  * api-change:``personalize-events``: [``botocore``] Support for unstructured text inputs in the items dataset to to
    automatically extract key information from product/content description as an input when creating solution versions.
  * api-change:``proton``: [``botocore``] This is the initial SDK release for AWS Proton
  * api-change:``kendra``: [``botocore``] AWS Kendra now supports checking document status.
- from version 1.17.90
  * api-change:``fsx``: [``botocore``] This release adds support for auditing end-user access to files, folders, and file
    shares using Windows event logs, enabling customers to meet their security and compliance needs.
  * api-change:``servicecatalog``: [``botocore``] increase max pagesize for List/Search apis
  * api-change:``macie2``: [``botocore``] This release of the Amazon Macie API introduces stricter validation of S3 object
    criteria for classification jobs.
  * api-change:``cognito-idp``: [``botocore``] Documentation updates for cognito-idp
- from version 1.17.89
  * api-change:``sagemaker``: [``botocore``] AWS SageMaker - Releasing new APIs related to Callback steps in model building
    pipelines. Adds experiment integration to model building pipelines.
  * api-change:``glue``: [``botocore``] Add SampleSize variable to S3Target to enable s3-sampling feature through API.
  * api-change:``personalize``: [``botocore``] Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
  * api-change:``eks``: [``botocore``] Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
- from version 1.17.88
  * api-change:``rds``: [``botocore``] Documentation updates for RDS: fixing an outdated link to the RDS
    documentation in DBInstance$DBInstanceStatus
  * api-change:``pi``: [``botocore``] The new GetDimensionKeyDetails action retrieves the attributes of the specified
    dimension group for a DB instance or data source.
  * api-change:``cloudtrail``: [``botocore``] AWS CloudTrail supports data events on new service resources, including
    Amazon DynamoDB tables and S3 Object Lambda access points.
  * api-change:``medialive``: [``botocore``] Add support for automatically setting the H.264 adaptive quantization
    and GOP B-frame fields.
  * api-change:``autoscaling``: [``botocore``] Documentation updates for Amazon EC2 Auto Scaling
  * api-change:``qldb``: [``botocore``] Documentation updates for Amazon QLDB
- from version 1.17.87
  * api-change:``s3``: [``botocore``] S3 Inventory now supports Bucket Key Status
  * api-change:``s3control``: [``botocore``] Amazon S3 Batch Operations now supports S3 Bucket Keys.
  * api-change:``route53resolver``: [``botocore``] Documentation updates for Route 53 Resolver
  * api-change:``ssm``: [``botocore``] Documentation updates for ssm to fix customer reported issue
  * api-change:``forecast``: [``botocore``] Added optional field AutoMLOverrideStrategy to CreatePredictor API
    that allows users to customize AutoML strategy. If provided in CreatePredictor request, this field is visible
    in DescribePredictor and GetAccuracyMetrics responses.
- Update BuildRequires and Requires from setup.py
- Enable python2 builds for SLE-15
- Update to version 1.17.86
  * api-change:``autoscaling``: [``botocore``] You can now launch EC2 instances with
    GP3 volumes when using Auto Scaling groups with Launch Configurations
  * api-change:``lightsail``: [``botocore``] Documentation updates for Lightsail
  * api-change:``ecs``: [``botocore``] Documentation updates for Amazon ECS.
  * api-change:``docdb``: [``botocore``] This SDK release adds support for DocDB global clusters.
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``braket``: [``botocore``] Introduction of a RETIRED status for devices.
- from version 1.17.85
  * api-change:``sns``: [``botocore``] This release adds SMS sandbox in Amazon SNS and the ability to
    view all configured origination numbers. The SMS sandbox provides a safe environment for sending
    SMS messages, without risking your reputation as an SMS sender.
  * api-change:``polly``: [``botocore``] Amazon Polly adds new Canadian French voice - Gabrielle.
    Gabrielle is available as Neural voice only.
  * api-change:``ec2``: [``botocore``] Added idempotency to CreateNetworkInterface using the ClientToken parameter.
  * api-change:``iotwireless``: [``botocore``] Added six new public customer logging APIs to allow customers
    to set/get/reset log levels at resource type and resource id level. The log level set from the APIs will
    be used to filter log messages that can be emitted to CloudWatch in customer accounts.
  * api-change:``servicediscovery``: [``botocore``] Bugfixes - The DiscoverInstances API operation now provides
    an option to return all instances for health-checked services when there are no healthy instances available.
- from version 1.17.84
  * api-change:``lookoutmetrics``: [``botocore``] Allowing dot(.) character in table name for RDS
    and Redshift as source connector.
  * api-change:``location``: [``botocore``] Adds support for calculation of routes, resource tagging and
    customer provided KMS keys.
  * api-change:``datasync``: [``botocore``] Added SecurityDescriptorCopyFlags option that allows for control
    of which components of SMB security descriptors are copied from source to destination objects.
- from version 1.17.83
  * api-change:``iotevents-data``: [``botocore``] Releasing new APIs for AWS IoT Events Alarms
  * api-change:``devicefarm``: [``botocore``] Introduces support for using our desktop testing service
    with applications hosted within your Virtual Private Cloud (VPC).
  * api-change:``kendra``: [``botocore``] Amazon Kendra now suggests popular queries in order to help
    guide query typing and help overall accuracy.
  * api-change:``iotsitewise``: [``botocore``] IoT SiteWise Monitor Portal API updates to add alarms
    feature configuration.
  * api-change:``resource-groups``: [``botocore``] Documentation updates for Resource Groups.
  * api-change:``lightsail``: [``botocore``] Documentation updates for Lightsail
  * api-change:``iotevents``: [``botocore``] Releasing new APIs for AWS IoT Events Alarms
  * api-change:``fsx``: [``botocore``] This release adds LZ4 data compression support to FSx for Lustre to
    reduce storage consumption of both file system storage and file system backups.
  * api-change:``sqs``: [``botocore``] Documentation updates for Amazon SQS for General Availability
    of high throughput for FIFO queues.
- from version 1.17.82
  * api-change:``ec2``: [``botocore``] This release removes resource ids and tagging support
    for VPC security group rules.
- from version 1.17.81
  * api-change:``qldb``: [``botocore``] Support STANDARD permissions mode in CreateLedger and DescribeLedger.
    Add UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
  * api-change:``cloudfront``: [``botocore``] Documentation fix for CloudFront
  * api-change:``outposts``: [``botocore``] Add ConflictException to DeleteOutpost, CreateOutpost
  * api-change:``mwaa``: [``botocore``] Adds scheduler count selection for Environments using
    Airflow version 2.0.2 or later.
  * api-change:``ec2``: [``botocore``] This release adds resource ids and tagging support
    for VPC security group rules.
  * api-change:``ecs``: [``botocore``] The release adds support for registering External instances
    to your Amazon ECS clusters.
  * api-change:``acm-pca``: [``botocore``] This release enables customers to store CRLs in S3 buckets with
    Block Public Access enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority
    and UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
- from version 1.17.80
  * api-change:``transfer``: [``botocore``] AWS Transfer Family customers can now use AWS Managed Active
    Directory or AD Connector to authenticate their end users, enabling seamless migration of file transfer
    workflows that rely on AD authentication, without changing end users' credentials or needing a custom
    authorizer.
  * api-change:``iot``: [``botocore``] This release includes support for a new feature: Job templates for
    AWS IoT Device Management Jobs. The release includes job templates as a new resource and APIs for
    managing job templates.
  * api-change:``workspaces``: [``botocore``] Adds support for Linux device types in WorkspaceAccessProperties
- from version 1.17.79
  * api-change:``quicksight``: [``botocore``] Add new parameters on RegisterUser and UpdateUser APIs to assign
    or update external ID associated to QuickSight users federated through web identity.
  * api-change:``ce``: [``botocore``] Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization
    and NetworkResourceUtilization to GetRightsizingRecommendation action
  * api-change:``compute-optimizer``: [``botocore``] Adds support for 1) additional instance types, 2) additional
    instance metrics, 3) finding reasons for instance recommendations, and 4) platform differences between a current
    instance and a recommended instance type.
  * api-change:``ec2``: [``botocore``] This release adds support for creating and managing EC2 On-Demand
    Capacity Reservations on Outposts.
  * api-change:``logs``: [``botocore``] This release provides dimensions and unit support for metric filters.
- from version 1.17.78
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
  * api-change:``forecast``: [``botocore``] Updated attribute statistics in DescribeDatasetImportJob
    response to support Long values
  * api-change:``opsworkscm``: [``botocore``] New PUPPET_API_CRL attribute returned by DescribeServers API;
    new EngineVersion of 2019 available for Puppet Enterprise servers.
- from version 1.17.77
  * api-change:``personalize``: [``botocore``] Added new API to stop a solution version creation that is
    pending or in progress for Amazon Personalize
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``quicksight``: [``botocore``] Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
- from version 1.17.76
  * api-change:``kinesisanalyticsv2``: [``botocore``] Kinesis Data Analytics now allows rapid iteration on Apache
    Flink stream processing through the Kinesis Data Analytics Studio feature.
  * api-change:``rekognition``: [``botocore``] Amazon Rekognition Custom Labels adds support for customer managed
    encryption, using AWS Key Management Service, of image files copied into the service and files written back
    to the customer.
  * api-change:``iam``: [``botocore``] Add pagination to ListUserTags operation
  * api-change:``eks``: [``botocore``] Update the EKS AddonActive waiter.
  * api-change:``autoscaling``: [``botocore``] With this release, customers can easily use Predictive Scaling as a
    policy directly through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead
    of predicted demand.
  * api-change:``lightsail``: [``botocore``] Documentation updates for Amazon Lightsail.
- Update BuildRequires and Requires from setup.py
- Update to version 1.17.75
  * api-change:support: [botocore] Documentation updates for
    support
  * api-change:apprunner: [botocore] AWS App Runner is a service
    that provides a fast, simple, and cost-effective way to deploy
    from source code or a container image directly to a scalable
    and secure web application in the AWS Cloud.
  * api-change:compute-optimizer: [botocore] This release enables
    compute optimizer to support exporting recommendations to
    Amazon S3 for EBS volumes and Lambda Functions.
  * api-change:personalize: [botocore] Amazon Personalize now
    supports the ability to optimize a solution for a custom
    objective in addition to maximizing relevance.
  * api-change:license-manager: [botocore] AWS License Manager
    now supports periodic report generation.
  * api-change:iotsitewise: [botocore] Documentation updates for
    AWS IoT SiteWise.
  * api-change:lexv2-models: [botocore] Update lexv2-models client
    to latest version
- from version 1.17.74
  * api-change:mediaconnect: [botocore] MediaConnect now supports
    JPEG XS for AWS Cloud Digital Interface (AWS CDI) uncompressed
    workflows, allowing you to establish a bridge between your
    on-premises live video network and the AWS Cloud.
  * api-change:sagemaker-a2i-runtime: [botocore] Documentation
    updates for Amazon A2I Runtime model
  * api-change:applicationcostprofiler: [botocore] APIs for AWS
    Application Cost Profiler.
  * api-change:neptune: [botocore] Neptune support for
    CopyTagsToSnapshots
  * api-change:iotdeviceadvisor: [botocore] AWS IoT Core Device
    Advisor is fully managed test capability for IoT devices.
    Device manufacturers can use Device Advisor to test their IoT
    devices for reliable and secure connectivity with AWS IoT.
  * api-change:elasticache: [botocore] Documentation updates for
    elasticache
- from version 1.17.73
  * api-change:events: [botocore] Update InputTransformer variable
    limit from 10 to 100 variables.
  * enhancement:s3: [botocore] Block endpoint resolution of clients
    configured with S3 pseudo-regions (e.g. aws-global,
    s3-external-1) that will never resolve to a correct access
    point endpoint.
  * api-change:macie2: [botocore] This release of the Amazon Macie
    API adds support for defining run-time, S3 bucket criteria for
    classification jobs. It also adds resources for querying data
    about AWS resources that Macie monitors.
  * api-change:es: [botocore] Adds support for cold storage.
  * api-change:securityhub: [botocore] Updated descriptions to add
    notes on array lengths.
  * api-change:detective: [botocore] Updated descriptions of array
    parameters to add the restrictions on the array and value
    lengths.
  * api-change:transcribe: [botocore] Transcribe Medical now
    supports identification of PHI entities within transcripts
  * api-change:imagebuilder: [botocore] Text-only updates for
    bundled documentation feedback tickets - spring 2021.
  * enhancement:FIPS: [botocore] Add validation to only attempt to
    connect to FIPS endpoints with a FIPS pseudo-region if the
    pseudo-region is explicitly known to the SDK.
- from version 1.17.72
  * api-change:ec2: [botocore] High Memory virtual instances are
    powered by Intel Sky Lake CPUs and offer up to 12TB of memory.
- from version 1.17.71
  * api-change:ssm-incidents: [botocore] AWS Systems Manager
    Incident Manager enables faster resolution of critical
    application availability and performance issues, management of
    contacts and post-incident analysis
  * api-change:ssm-contacts: [botocore] AWS Systems Manager
    Incident Manager enables faster resolution of critical
    application availability and performance issues, management of
    contacts and post incident analysis
  * api-change:s3control: [botocore] Documentation updates for
    Amazon S3-control
- from version 1.17.70
  * api-change:mediaconvert: [botocore] AWS Elemental MediaConvert
    SDK has added support for Kantar SNAP File Audio Watermarking
    with a Kantar Watermarking account, and Display Definition
    Segment(DDS) segment data controls for DVB-Sub caption outputs.
  * api-change:ecs: [botocore] This release contains updates for
    Amazon ECS.
  * api-change:codeartifact: [botocore] Documentation updates for
    CodeArtifact
  * api-change:eks: [botocore] This release updates
    create-nodegroup and update-nodegroup-config APIs for
    adding/updating taints on managed nodegroups.
  * api-change:iotwireless: [botocore] Add three new optional
    fields to support filtering and configurable sub-band in
    WirelessGateway APIs. The filtering is for all the RF region
    supported. The sub-band configuration is only applicable to
    LoRa gateways of US915 or AU915 RF region.
  * api-change:ssm: [botocore] This release adds new APIs to
    associate, disassociate and list related items in SSM
    OpsCenter; and this release adds DisplayName as a version-level
    attribute for SSM Documents and introduces two new document
    types: ProblemAnalysis, ProblemAnalysisTemplate.
  * api-change:kinesisanalyticsv2: [botocore] Amazon Kinesis
    Analytics now supports ListApplicationVersions and
    DescribeApplicationVersion API for Apache Flink applications
  * api-change:config: [botocore] Adds paginator to multiple APIs:
    By default, the paginator allows user to iterate over the
    results and allows the CLI to return up to 1000 results.
- from version 1.17.69
  * api-change:lakeformation: [botocore] This release adds Tag
    Based Access Control to AWS Lake Formation service
  * api-change:lookoutmetrics: [botocore] Enforcing UUID style for
    parameters that are already in UUID format today. Documentation
    specifying eventual consistency of lookoutmetrics resources.
  * api-change:connect: [botocore] Adds tagging support for Connect
    APIs CreateIntegrationAssociation and CreateUseCase.
- from version 1.17.68
  * api-change:servicediscovery: [botocore] Bugfix: Improved input
    validation for RegisterInstance action, InstanceId field
  * api-change:kafka: [botocore] IAM Access Control for Amazon MSK
    enables you to create clusters that use IAM to authenticate
    clients and to allow or deny Apache Kafka actions for those
    clients.
  * api-change:ssm: [botocore] SSM feature release - ChangeCalendar
    integration with StateManager.
  * api-change:snowball: [botocore] AWS Snow Family adds APIs for
    ordering and managing Snow jobs with long term pricing
- from version 1.17.67
  * api-change:auditmanager: [botocore] This release updates the
    CreateAssessmentFrameworkControlSet and
    UpdateAssessmentFrameworkControlSet API data types. For both of
    these data types, the control set name is now a required
    attribute.
  * api-change:nimble: [botocore] Documentation Updates for Amazon
    Nimble Studio.
  * api-change:kinesisanalyticsv2: [botocore] Amazon Kinesis
    Analytics now supports RollbackApplication for Apache Flink
    applications to revert the application to the previous running
    version
  * api-change:sagemaker: [botocore] Amazon SageMaker Autopilot now
    provides the ability to automatically deploy the best model to
    an endpoint
- from version 1.17.66
  * api-change:finspace: [botocore] Documentation updates for
    FinSpace API.
  * api-change:finspace-data: [botocore] Documentation updates for
    FinSpaceData API.
- from version 1.17.65
  * api-change:devops-guru: [botocore] Added GetCostEstimation and
    StartCostEstimation to get the monthly resource usage cost and
    added ability to view resource health by AWS service name and
    to search insights be AWS service name.
  * api-change:acm-pca: [botocore] This release adds the
    KeyStorageSecurityStandard parameter to the
    CreateCertificateAuthority API to allow customers to mandate a
    security standard to which the CA key will be stored within.
  * api-change:health: [botocore] Documentation updates for health
  * api-change:chime: [botocore] This release adds the ability to
    search for and order international phone numbers for Amazon
    Chime SIP media applications.
  * api-change:sagemaker: [botocore] Enable retrying Training and
    Tuning Jobs that fail with InternalServerError by setting
    RetryStrategy.
- from version 1.17.64
  * api-change:finspace-data: [botocore] Update FinSpace Data
    serviceAbbreviation
- from version 1.17.63
  * api-change:finspace-data: [botocore] This is the initial SDK
    release for the data APIs for Amazon FinSpace. Amazon FinSpace
    is a data management and analytics application for the
    financial services industry (FSI).
  * api-change:mturk: [botocore] Update mturk client to latest
    version
  * api-change:chime: [botocore] Added new
    BatchCreateChannelMembership API to support multiple membership
    creation for channels
  * api-change:finspace: [botocore] This is the initial SDK release
    for the management APIs for Amazon FinSpace. Amazon FinSpace is
    a data management and analytics service for the financial
    services industry (FSI).
  * api-change:securityhub: [botocore] Updated ASFF to add the
    following new resource details objects: AwsEc2NetworkAcl,
    AwsEc2Subnet, and AwsElasticBeanstalkEnvironment.
- from version 1.17.62
  * api-change:personalize: [botocore] Update URL for dataset
    export job documentation.
  * api-change:marketplace-catalog: [botocore] Allows user defined
    names for Changes in a ChangeSet. Users can use ChangeNames to
    reference properties in another Change within a ChangeSet. This
    feature allows users to make changes to an entity when the
    entity identifier is not yet available while constructing the
    StartChangeSet request.
  * api-change:forecast: [botocore] Added new DeleteResourceTree
    operation that helps in deleting all the child resources of a
    given resource including the given resource.
  * api-change:robomaker: [botocore] Adds ROS2 Foxy as a supported
    Robot Software Suite Version and Gazebo 11 as a supported
    Simulation Software Suite Version
  * api-change:cloudfront: [botocore] CloudFront now supports
    CloudFront Functions, a native feature of CloudFront that
    enables you to write lightweight functions in JavaScript for
    high-scale, latency-sensitive CDN customizations.
  * api-change:customer-profiles: [botocore] This release
    introduces GetMatches and MergeProfiles APIs to fetch and
    merge duplicate profiles
- from version 1.17.61
  * api-change:macie2: [botocore] The Amazon Macie API now provides
    S3 bucket metadata that indicates whether a bucket policy
    requires server-side encryption of objects when objects are
    uploaded to the bucket.
  * api-change:organizations: [botocore] Minor text updates for AWS
    Organizations API Reference
  * api-change:ecs: [botocore] Add support for EphemeralStorage on
    TaskDefinition and TaskOverride
  * api-change:chime: [botocore] Increase AppInstanceUserId length
    to 64 characters
- from version 1.17.60
  * api-change:connect: [botocore] Updated max number of tags that
    can be attached from 200 to 50. MaxContacts is now an optional
    parameter for the UpdateQueueMaxContact API.
  * api-change:mediapackage-vod: [botocore] MediaPackage now offers
    the option to place your Sequence Parameter Set (SPS), Picture
    Parameter Set (PPS), and Video Parameter Set (VPS) encoder
    metadata in every video segment instead of in the init fragment
    for DASH and CMAF endpoints.
  * api-change:nimble: [botocore] Amazon Nimble Studio is a virtual
    studio service that empowers visual effects, animation, and
    interactive content teams to create content securely within a
    scalable, private cloud service.
  * api-change:iotsitewise: [botocore] AWS IoT SiteWise
    interpolation API will get interpolated values for an asset
    property per specified time interval during a period of time.
  * api-change:cloudformation: [botocore] Add CallAs parameter to
    GetTemplateSummary to enable use with StackSets delegated
    administrator integration
- from version 1.17.59
  * api-change:auditmanager: [botocore] This release restricts
    using backslashes in control, assessment, and framework names.
    The controlSetName field of the
    UpdateAssessmentFrameworkControlSet API now allows strings
    without backslashes.
- from version 1.17.58
  * api-change:ec2: [botocore] Adding support for Red Hat
    Enterprise Linux with HA for Reserved Instances.
  * api-change:iotwireless: [botocore] Add a new optional field
    MessageType to support Sidewalk devices in
    SendDataToWirelessDevice API
  * api-change:kinesisanalyticsv2: [botocore] Amazon Kinesis Data
    Analytics now supports custom application maintenance
    configuration using UpdateApplicationMaintenanceConfiguration
    API for Apache Flink applications. Customers will have
    visibility when their application is under maintenance status
    using 'MAINTENANCE' application status.
  * api-change:personalize: [botocore] Added support for exporting
    data imported into an Amazon Personalize dataset to a specified
    data source (Amazon S3 bucket).
  * api-change:mediaconvert: [botocore] Documentation updates for
    mediaconvert
  * api-change:codeguru-reviewer: [botocore] Include KMS Key
    Details in Repository Association APIs to enable usage of
    customer managed KMS Keys.
  * api-change:glue: [botocore] Adding Kafka Client Auth Related
    Parameters
  * api-change:eks: [botocore] This release updates existing
    Amazon EKS input validation so customers will see an
    InvalidParameterException instead of a ParamValidationError
    when they enter 0 for minSize and/or desiredSize. It also adds
    LaunchTemplate information to update responses and a new
    "/CUSTOM"/ value for AMIType.
- from version 1.17.57
  * api-change:mediapackage: [botocore] Add support for Widevine
    DRM on CMAF origin endpoints. Both Widevine and FairPlay DRMs
    can now be used simultaneously, with CBCS encryption.
  * api-change:sns: [botocore] Amazon SNS adds two new attributes,
    TemplateId and EntityId, for using sender IDs to send SMS
    messages to destinations in India.
- from version 1.17.56
  * api-change:forecast: [botocore] This release adds
    EstimatedTimeRemaining minutes field to the
    DescribeDatasetImportJob, DescribePredictor, DescribeForecast
    API response which denotes the time remaining to complete the
    job IN_PROGRESS.
  * api-change:securityhub: [botocore] Replaced the term "/master"/
    with "/administrator"/. Added new actions to replace
    AcceptInvitation, GetMasterAccount, and
    DisassociateFromMasterAccount. In Member, replaced MasterId
    with AdministratorId.
  * api-change:cognito-idp: [botocore] Documentation updates for
    cognito-idp
  * api-change:elasticache: [botocore] This release introduces log
    delivery of Redis slow log from Amazon ElastiCache.
- from version 1.17.55
  * api-change:detective: [botocore] Added parameters to track the
    data volume in bytes for a member account. Deprecated the
    existing parameters that tracked the volume as a percentage of
    the allowed volume for a behavior graph. Changes reflected in
    MemberDetails object.
  * api-change:redshift: [botocore] Add operations: AddPartner,
    DescribePartners, DeletePartner, and UpdatePartnerStatus to
    support tracking integration status with data partners.
  * api-change:groundstation: [botocore] Support new S3 Recording
    Config allowing customers to write downlink data directly to
    S3.
  * api-change:kendra: [botocore] Amazon Kendra now enables users
    to override index-level boosting configurations for each query.
  * api-change:cloudformation: [botocore] Added support for
    creating and updating stack sets with self-managed permissions
    from templates that reference macros.
- from version 1.17.54
  * api-change:savingsplans: [botocore] Added support for Amazon
    SageMaker in Machine Learning Savings Plans
  * api-change:ce: [botocore] Adding support for Sagemaker savings
    plans in GetSavingsPlansPurchaseRecommendation API
- from version 1.17.53
  * api-change:sts: [botocore] STS now supports assume role with
    Web Identity using JWT token length upto 20000 characters
  * api-change:dms: [botocore] AWS DMS added support of TLS for
    Kafka endpoint. Added Describe endpoint setting API for DMS
    endpoints.
- from version 1.17.52
  * api-change:mediaconnect: [botocore] For flows that use Listener
    protocols, you can now easily locate an output's outbound IP
    address for a private internet. Additionally, MediaConnect now
    supports the Waiters feature that makes it easier to poll for
    the status of a flow until it reaches its desired state.
  * api-change:config: [botocore] Add exception for
    DeleteRemediationConfiguration and
    DescribeRemediationExecutionStatus
  * api-change:route53: [botocore] Documentation updates for
    route53
  * api-change:codestar-connections: [botocore] This release adds
    tagging support for CodeStar Connections Host resources
- from version 1.17.51
  * api-change:lightsail: [botocore] Documentation updates for
    Amazon Lightsail.
  * api-change:sts: [botocore] This release adds the SourceIdentity
    parameter that can be set when assuming a role.
  * api-change:comprehendmedical: [botocore] The InferICD10CM API
    now returns TIME_EXPRESSION entities that refer to medical
    conditions.
  * api-change:rds: [botocore] Clarify that enabling or disabling
    automated backups causes a brief downtime, not an outage.
  * api-change:redshift: [botocore] Added support to enable AQUA in
    Amazon Redshift clusters.
- Update to version 1.17.50
  * api-change:``fsx``: [``botocore``] Support for cross-region and
    cross-account backup copies
  * api-change:``codebuild``: [``botocore``] AWS CodeBuild now allows you to
    set the access permissions for build artifacts, project artifacts, and log
    files that are uploaded to an Amazon S3 bucket that is owned by another account.
- from version 1.17.49
  * api-change:``redshift``: [``botocore``] Add support for case sensitive table level restore
  * api-change:``ec2``: [``botocore``] Add paginator support to DescribeStoreImageTasks
    and update documentation.
  * api-change:``shield``: [``botocore``] CreateProtection now throws InvalidParameterException
    instead of InternalErrorException when system tags (tag with keys prefixed with "/aws:"/)
    are passed in.
- from version 1.17.48
  * api-change:``lookoutequipment``: [``botocore``] This release introduces support for
    Amazon Lookout for Equipment.
  * api-change:``kinesis-video-archived-media``: [``botocore``] Documentation updates
    for archived.kinesisvideo
  * api-change:``robomaker``: [``botocore``] This release allows RoboMaker customers to
    specify custom tools to run with their simulation job
  * api-change:``appstream``: [``botocore``] This release provides support for image updates
  * api-change:``ram``: [``botocore``] Documentation updates for AWS RAM resource sharing
  * api-change:``customer-profiles``: [``botocore``] Documentation updates for Put-Integration API
  * api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling announces Warm Pools
    that help applications to scale out faster by pre-initializing EC2 instances and save
    money by requiring fewer continuously running instances
- from version 1.17.47
  * api-change:``storagegateway``: [``botocore``] File Gateway APIs now support FSx
    for Windows as a cloud storage.
  * api-change:``accessanalyzer``: [``botocore``] IAM Access Analyzer now analyzes your
    CloudTrail events to identify actions and services that have been used by an IAM
    entity (user or role) and generates an IAM policy that is based on that activity.
  * api-change:``elasticache``: [``botocore``] This release adds tagging support for all
    AWS ElastiCache resources except Global Replication Groups.
  * api-change:``ivs``: [``botocore``] This release adds support for the Auto-Record to S3
    feature. Amazon IVS now enables you to save your live video to Amazon S3.
  * api-change:``mgn``: [``botocore``] Add new service - Application Migration Service.
- from version 1.17.46
  * api-change:``ssm``: [``botocore``] Supports removing a label or labels from a parameter,
    enables ScheduledEndTime and ChangeDetails for StartChangeRequestExecution API, supports
    critical/security/other noncompliant count for patch API.
  * api-change:``medialive``: [``botocore``] MediaLive VPC outputs update to include Availability
    Zones, Security groups, Elastic Network Interfaces, and Subnet Ids in channel response
  * api-change:``ec2``: [``botocore``] This release adds support for storing EBS-backed AMIs
    in S3 and restoring them from S3 to enable cross-partition copying of AMIs
  * api-change:``cloud9``: [``botocore``] Documentation updates for Cloud9
- from version 1.17.45
  * api-change:``auditmanager``: [``botocore``] AWS Audit Manager has updated the GetAssessment
    API operation to include a new response field called userRole. The userRole field indicates
    the role information and IAM ARN of the API caller.
  * api-change:``medialive``: [``botocore``] MediaLive now support HTML5 Motion Graphics overlay
  * api-change:``appflow``: [``botocore``] Added destination properties for Zendesk.
- from version 1.17.44
  * api-change:``mediapackage``: [``botocore``] SPEKE v2 is an upgrade to the existing SPEKE API
    to support multiple encryption keys, based on an encryption contract selected by the customer.
  * api-change:``imagebuilder``: [``botocore``] This release adds support for Block Device Mappings
    for container image builds, and adds distribution configuration support for EC2 launch templates
    in AMI builds.
- from version 1.17.43
  * api-change:``route53resolver``: [``botocore``] Route 53 Resolver DNS Firewall is a firewall service
    that allows you to filter and regulate outbound DNS traffic for your VPCs.
  * api-change:``mediaconvert``: [``botocore``] MediaConvert now supports HLS ingest, sidecar WebVTT
    ingest, Teletext color & style passthrough to TTML subtitles, TTML to WebVTT subtitle conversion
    with style, & DRC profiles in AC3 audio.
  * api-change:``lightsail``: [``botocore``] - This release adds support for state detail for
    Amazon Lightsail container services.
  * api-change:``kendra``: [``botocore``] AWS Kendra's ServiceNow data source now supports OAuth 2.0
    authentication and knowledge article filtering via a ServiceNow query.
  * api-change:``lex-models``: [``botocore``] Lex now supports the ja-JP locale
  * api-change:``lex-runtime``: [``botocore``] Update lex-runtime client to latest version
  * api-change:``fms``: [``botocore``] Added Firewall Manager policy support for
    AWS Route 53 Resolver DNS Firewall.
  * api-change:``ec2``: [``botocore``] VPC Flow Logs Service adds a new API, GetFlowLogsIntegrationTemplate,
    which generates CloudFormation templates for Athena.
    For more info, see https://docs.aws.amazon.com/console/vpc/flow-logs/athena
  * api-change:``wafv2``: [``botocore``] Added support for ScopeDownStatement for ManagedRuleGroups,
    Labels, LabelMatchStatement, and LoggingFilter. For more information on these features, see
    the AWS WAF Developer Guide.
- from version 1.17.42
  * api-change:``iot``: [``botocore``] Added ability to prefix search on attribute value for ListThings API.
  * api-change:``pricing``: [``botocore``] Minor documentation and link updates.
  * api-change:``transcribe``: [``botocore``] Amazon Transcribe now supports creating custom language models
    in the following languages: British English (en-GB), Australian English (en-AU), Indian Hindi (hi-IN),
    and US Spanish (es-US).
  * api-change:``cloudhsm``: [``botocore``] Minor documentation and link updates.
  * api-change:``comprehend``: [``botocore``] Support for customer managed KMS encryption
    of Comprehend custom models
  * api-change:``cognito-sync``: [``botocore``] Minor documentation updates and link updates.
  * api-change:``batch``: [``botocore``] AWS Batch adds support for Amazon EFS File System
  * api-change:``detective``: [``botocore``] Added the ability to assign
    tag values to Detective behavior graphs.
    Tag values can be used for attribute-based access control, and for cost allocation for billing.
  * api-change:``iotwireless``: [``botocore``] Add Sidewalk support to APIs: GetWirelessDevice, ListWirelessDevices,
    GetWirelessDeviceStatistics. Add Gateway connection status in GetWirelessGatewayStatistics API.
  * api-change:``cloudformation``: [``botocore``] 1. Added a new parameter RegionConcurrencyType in
    OperationPreferences. 2. Changed the name of AccountUrl to AccountsUrl in DeploymentTargets parameter.
  * api-change:``cloud9``: [``botocore``] Add ImageId input parameter to CreateEnvironmentEC2 endpoint.
    New parameter enables creation of environments with different AMIs.
  * api-change:``directconnect``: [``botocore``] This release adds MACsec support to AWS Direct Connect
  * api-change:``redshift``: [``botocore``] Enable customers to share access to their Redshift
    clusters from other VPCs (including VPCs from other accounts).
  * api-change:``workmail``: [``botocore``] This release adds support for mobile device
    access rules management in Amazon WorkMail.
  * api-change:``datapipeline``: [``botocore``] Minor documentation updates and link updates.
  * api-change:``machinelearning``: [``botocore``] Minor documentation updates and link updates.
- from version 1.17.41
  * api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot now supports 1) feature
    importance reports for AutoML jobs and 2) PartialFailures for AutoML jobs
  * api-change:``ec2-instance-connect``: [``botocore``] Adding support to push SSH keys to the
    EC2 serial console in order to allow an SSH connection to your Amazon EC2 instance's serial port.
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``databrew``: [``botocore``] This SDK release adds two new dataset features:
    1) support for specifying a database connection as a dataset input
    2) support for dynamic datasets that accept configurable parameters in S3 path.
  * api-change:``frauddetector``: [``botocore``] This release adds support for
    Batch Predictions in Amazon Fraud Detector.
  * api-change:``ec2``: [``botocore``] ReplaceRootVolume feature enables customers to replace
    the EBS root volume of a running instance to a previously known state. Add support to grant
    account-level access to the EC2 serial console
  * api-change:``config``: [``botocore``] Adding new APIs to support ConformancePack
    Compliance CI in Aggregators
  * api-change:``pinpoint``: [``botocore``] Added support for journey pause/resume,
    journey updatable import segment and journey quiet time wait.
- from version 1.17.40
  * api-change:``wafv2``: [``botocore``] Added custom request handling and custom response support
    in rule actions and default action; Added the option to inspect the web request body as parsed
    and filtered JSON.
  * api-change:``iam``: [``botocore``] AWS Identity and Access Management GetAccessKeyLastUsed API
    will throw a custom error if customer public key is not found for access keys.
  * api-change:``glue``: [``botocore``] Allow Dots in Registry and Schema Names for CreateRegistry,
    CreateSchema; Fixed issue when duplicate keys are present and not returned as part of
    QuerySchemaVersionMetadata.
  * api-change:``docdb``: [``botocore``] This release adds support for Event Subscriptions to DocumentDB.
  * api-change:``location``: [``botocore``] Amazon Location added support for specifying pricing
    plan information on resources in alignment with our cost model.
- from version 1.17.39
  * api-change:``iotwireless``: [``botocore``] Support tag-on-create for WirelessDevice.
  * api-change:``customer-profiles``: [``botocore``] This release adds an optional parameter named
    FlowDefinition in PutIntegrationRequest.
  * api-change:``events``: [``botocore``] Add support for SageMaker Model Builder Pipelines
    Targets to EventBridge
  * api-change:``transcribe``: [``botocore``] Amazon Transcribe now supports tagging words that
    match your vocabulary filter for batch transcription.
- from version 1.17.38
  * api-change:``lookoutmetrics``: [``botocore``] Allowing uppercase alphabets for RDS
    and Redshift database names.
- from version 1.17.37
  * api-change:``sqs``: [``botocore``] Documentation updates for Amazon SQS
  * api-change:``rekognition``: [``botocore``] This release introduces AWS tagging support for
    Amazon Rekognition collections, stream processors, and Custom Label models.
  * api-change:``sagemaker``: [``botocore``] This feature allows customer to specify the environment
    variables in their CreateTrainingJob requests.
  * api-change:``medialive``: [``botocore``] EML now supports handling HDR10 and HLG 2020
    color space from a Link input.
  * api-change:``lookoutmetrics``: [``botocore``] Amazon Lookout for Metrics is now generally available.
    You can use Lookout for Metrics to monitor your data for anomalies. For more information, see the
    Amazon Lookout for Metrics Developer Guide.
  * api-change:``alexaforbusiness``: [``botocore``] Added support for enabling and disabling data
    retention in the CreateProfile and UpdateProfile APIs and retrieving the state of data retention
    for a profile in the GetProfile API.
- from version 1.17.36
  * api-change:``ssm``: [``botocore``] This release allows SSM Explorer customers to enable OpsData
    sources across their organization when creating a resource data sync.
  * api-change:``route53``: [``botocore``] Documentation updates for route53
  * bugfix:S3: [``botocore``] Fix an issue with XML newline normalization in
    PutBucketLifecycleConfiguration requests.
  * api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
  * api-change:``s3control``: [``botocore``] Documentation updates for s3-control
  * api-change:``ec2``: [``botocore``] maximumEfaInterfaces added to DescribeInstanceTypes API
  * api-change:``greengrass``: [``botocore``] Updated the parameters to make
    name required for CreateGroup API.
- from version 1.17.35
  * api-change:``ce``: [``botocore``] You can now create cost categories with inherited value
    rules and specify default values for any uncategorized costs.
  * api-change:``fis``: [``botocore``] Updated maximum allowed size of action parameter from 64 to 1024
  * api-change:``redshift``: [``botocore``] Removed APIs to control AQUA on clusters.
  * api-change:``iam``: [``botocore``] Documentation updates for IAM operations and descriptions.
  * api-change:``gamelift``: [``botocore``] GameLift adds support for using event notifications
    to monitor game session placements. Specify an SNS topic or use CloudWatch Events to track activity
    for a game session queue.
- from version 1.17.34
  * api-change:``ec2``: [``botocore``] This release adds support for UEFI boot on
    selected AMD- and Intel-based EC2 instances.
  * api-change:``redshift``: [``botocore``] Added support to enable AQUA in Amazon Redshift clusters.
  * api-change:``codeartifact``: [``botocore``] Documentation updates for CodeArtifact
  * api-change:``macie2``: [``botocore``] This release of the Amazon Macie API adds support for
    publishing sensitive data findings to AWS Security Hub and specifying which categories of
    findings to publish to Security Hub.
- from version 1.17.33
  * api-change:``sagemaker``: [``botocore``] Adding authentication support for pulling images
    stored in private Docker registries to build containers for real-time inference.
  * api-change:``ec2``: [``botocore``] X2gd instances are the next generation of memory-optimized
    instances powered by AWS-designed, Arm-based AWS Graviton2 processors.
- from version 1.17.32
  * bugfix:s3: [``botocore``] Updated mislabeled exceptions for S3 Object Lambda
- from version 1.17.31
  * api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling Instance Refresh
    now supports phased deployments.
  * api-change:``s3``: [``botocore``] S3 Object Lambda is a new S3 feature that enables users
    to apply their own custom code to process the output of a standard S3 GET request by
    automatically invoking a Lambda function with a GET request
  * api-change:``redshift``: [``botocore``] Add new fields for additional information about VPC
    endpoint for clusters with reallocation enabled, and a new field for total storage capacity
    for all clusters.
  * api-change:``s3control``: [``botocore``] S3 Object Lambda is a new S3 feature that enables
    users to apply their own custom code to process the output of a standard S3 GET request
    by automatically invoking a Lambda function with a GET request
  * api-change:``securityhub``: [``botocore``] New object for separate provider and customer
    values. New objects track S3 Public Access Block configuration and identify sensitive data.
    BatchImportFinding requests are limited to 100 findings.
- from version 1.17.30
  * api-change:``sagemaker``: [``botocore``] Support new target device ml_eia2 in SageMaker
    CreateCompilationJob API
  * api-change:``batch``: [``botocore``] Making serviceRole an optional parameter when creating
    a compute environment. If serviceRole is not provided then Service Linked Role will be
    created (or reused if it already exists).
- from version 1.17.29
  * api-change:``lambda``: [``botocore``] Allow empty list for function response types
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity
    and Access Management (IAM).
  * api-change:``mediaconnect``: [``botocore``] This release adds support for the SRT-listener
    protocol on sources and outputs.
  * api-change:``accessanalyzer``: [``botocore``] This release adds support for the ValidatePolicy
    API. IAM Access Analyzer is adding over 100 policy checks and actionable recommendations that
    help you validate your policies during authoring.
  * api-change:``mediatailor``: [``botocore``] MediaTailor channel assembly is a new manifest-only
    service that allows you to assemble linear streams using your existing VOD content.
  * api-change:``mwaa``: [``botocore``] This release adds UPDATE_FAILED and UNAVAILABLE
    MWAA environment states.
  * api-change:``gamelift``: [``botocore``] GameLift expands to six new AWS Regions, adds support
    for multi-location fleets to streamline management of hosting resources, and lets you customize
    more of the game session placement process.
- from version 1.17.28
  * api-change:``fis``: [``botocore``] Initial release of AWS Fault Injection Simulator, a managed
    service that enables you to perform fault injection experiments on your AWS workloads
  * api-change:``codedeploy``: [``botocore``] AWS CodeDeploy can now detect instances running an
    outdated revision of your application and automatically update them with the latest revision.
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``ecs``: [``botocore``] This is for ecs exec feature release which includes two new
    APIs - execute-command and update-cluster and an AWS CLI customization for execute-command API
- from version 1.17.27
  * api-change:``mediatailor``: [``botocore``] MediaTailor channel assembly is a new manifest-only
    service that allows you to assemble linear streams using your existing VOD content.
  * api-change:``workspaces``: [``botocore``] Adds API support for WorkSpaces bundle management operations.
  * api-change:``cur``: [``botocore``] - Added optional billingViewArn field for OSG.
- from version 1.17.26
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``network-firewall``: [``botocore``] Update network-firewall client to latest version
- from version 1.17.25
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``backup``: [``botocore``] Update backup client to latest version
- from version 1.17.24
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``codeguruprofiler``: [``botocore``] Update codeguruprofiler client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``iotwireless``: [``botocore``] Update iotwireless client to latest version
  * api-change:``efs``: [``botocore``] Update efs client to latest version
- from version 1.17.23
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``kinesis-video-archived-media``: [``botocore``] Update
    kinesis-video-archived-media client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
- from version 1.17.22
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``network-firewall``: [``botocore``] Update network-firewall client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``athena``: [``botocore``] Update athena client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``shield``: [``botocore``] Update shield client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
- from version 1.17.21
  * api-change:``servicediscovery``: [``botocore``] Update servicediscovery client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``mwaa``: [``botocore``] Update mwaa client to latest version
- from version 1.17.20
  * api-change:``forecast``: [``botocore``] Update forecast client to latest version
  * api-change:``secretsmanager``: [``botocore``] Update secretsmanager client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``acm``: [``botocore``] Update acm client to latest version
  * api-change:``wellarchitected``: [``botocore``] Update wellarchitected client to latest version
- from version 1.17.19
  * api-change:``iotwireless``: [``botocore``] Update iotwireless client to latest version
  * api-change:``directconnect``: [``botocore``] Update directconnect client to latest version
  * bugfix:S3: [``botocore``] Fix an issue with XML newline normalization that could result
    in the DeleteObjects operation incorrectly deleting the wrong keys.
  * api-change:``managedblockchain``: [``botocore``] Update managedblockchain client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
- from version 1.17.18
  * enhancement:DynamoDB: Add a `__bytes__` method to the `Binary` DynamoDB type.
  * api-change:``alexaforbusiness``: [``botocore``] Update alexaforbusiness client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
- from version 1.17.17
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``sso-admin``: [``botocore``] Update sso-admin client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
- from version 1.17.16
  * api-change:``databrew``: [``botocore``] Update databrew client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
- from version 1.17.15
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``mediapackage-vod``: [``botocore``] Update mediapackage-vod client to latest version
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
  * api-change:``ecr-public``: [``botocore``] Update ecr-public client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
- from version 1.17.14
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``redshift-data``: [``botocore``] Update redshift-data client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
- from version 1.17.13
  * api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client
    to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
- from version 1.17.12
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.17.11
  * api-change:``health``: [``botocore``] Update health client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
- from version 1.17.10
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``lookoutvision``: [``botocore``] Update lookoutvision client to latest version
- Update BuildRequires and Requires from setup.py
- Version update to 1.17.9 (bsc#1182421, bsc#1182422, jsc#ECO-3352, jsc#PM-2485)
  * api-change:``devops-guru``: [``botocore``] Update devops-guru client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
- from version 1.17.8
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``kinesis-video-archived-media``: [``botocore``] Update kinesis-video-archived-media
    client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``redshift-data``: [``botocore``] Update redshift-data client to latest version
  * api-change:``workmailmessageflow``: [``botocore``] Update workmailmessageflow client to latest version
  * api-change:``mediatailor``: [``botocore``] Update mediatailor client to latest version
- from version 1.17.7
  * api-change:``personalize-events``: [``botocore``] Update personalize-events client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``iam``: [``botocore``] Update iam client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.17.6
  * api-change:``databrew``: [``botocore``] Update databrew client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.17.5
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``qldb-session``: [``botocore``] Update qldb-session client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
- from version 1.17.4
  * api-change:``dataexchange``: [``botocore``] Update dataexchange client to latest version
  * api-change:``cloudtrail``: [``botocore``] Update cloudtrail client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``ivs``: [``botocore``] Update ivs client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.17.3
  * api-change:``macie``: [``botocore``] Update macie client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- from version 1.17.2
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
  * api-change:``emr-containers``: [``botocore``] Update emr-containers client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``athena``: [``botocore``] Update athena client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.17.1
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``databrew``: [``botocore``] Update databrew client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
  * api-change:``auditmanager``: [``botocore``] Update auditmanager client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
- from version 1.17.0
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * feature:Python: Dropped support for Python 3.4 and 3.5
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling
  client to latest version
  * api-change:``lookoutvision``: [``botocore``] Update lookoutvision client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * feature:Python: [``botocore``] Dropped support for Python 3.4 and 3.5
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``route53``: [``botocore``] Update route53 client to latest version
  * api-change:``location``: [``botocore``] Update location client to latest version
  * enhancement:s3: [``botocore``] Amazon S3 now supports AWS PrivateLink, providing direct access
    to S3 via a private endpoint within your virtual private network.
  * api-change:``iotwireless``: [``botocore``] Update iotwireless client to latest version
- from version 1.16.63
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
- from version 1.16.62
  * api-change:``wellarchitected``: [``botocore``] Update wellarchitected client to latest version
  * api-change:``managedblockchain``: [``botocore``] Update managedblockchain client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``databrew``: [``botocore``] Update databrew client to latest version
  * bugfix:Validator: [``botocore``] Fix showing incorrect max-value in error message for
    range and length value validation
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
- from version 1.16.61
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``customer-profiles``: [``botocore``] Update customer-profiles client to latest version
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
- from version 1.16.60
  * api-change:``backup``: [``botocore``] Update backup client to latest version
- from version 1.16.59
  * api-change:``greengrassv2``: [``botocore``] Update greengrassv2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.16.58
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update resourcegroupstaggingapi
    client to latest version
- from version 1.16.57
  * api-change:``acm-pca``: [``botocore``] Update acm-pca client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.16.56
  * api-change:``sns``: [``botocore``] Update sns client to latest version
- from version 1.16.55
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``cognito-identity``: [``botocore``] Update cognito-identity client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
- from version 1.16.54
  * api-change:``frauddetector``: [``botocore``] Update frauddetector client to latest version
  * api-change:``personalize``: [``botocore``] Update personalize client to latest version
- from version 1.16.53
  * api-change:``appstream``: [``botocore``] Update appstream client to latest version
  * api-change:``auditmanager``: [``botocore``] Update auditmanager client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
- Update BuildRequires and Requires from setup.py
- Version update to 1.16.52
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
- from version 1.16.51
  * api-change:``devops-guru``: [``botocore``] Update devops-guru client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.16.50
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
  * api-change:``autoscaling-plans``: [``botocore``] Update autoscaling-plans client to latest version
- from version 1.16.49
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling
    client to latest version
- from version 1.16.48
  * api-change:``healthlake``: [``botocore``] Update healthlake client to latest version
  * api-change:``cloudsearch``: [``botocore``] Update cloudsearch client to latest version
- from version 1.16.47
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
- from version 1.16.46
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.16.45
  * api-change:``acm-pca``: [``botocore``] Update acm-pca client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
- from version 1.16.44
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
- from version 1.16.43
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``resource-groups``: [``botocore``] Update resource-groups client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
- from version 1.16.42
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``iotwireless``: [``botocore``] Update iotwireless client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.16.41
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``managedblockchain``: [``botocore``] Update managedblockchain client to latest version
  * api-change:``service-quotas``: [``botocore``] Update service-quotas client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``connectparticipant``: [``botocore``] Update connectparticipant client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``qldb-session``: [``botocore``] Update qldb-session client to latest version
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
  * api-change:``servicecatalog-appregistry``: [``botocore``] Update servicecatalog-appregistry
    client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``apigateway``: [``botocore``] Update apigateway client to latest version
- from version 1.16.40
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * bugfix:SSO: [``botocore``] Fixed timestamp format for SSO credential expirations
  * api-change:``personalize-runtime``: [``botocore``] Update personalize-runtime
    client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.16.39
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
  * api-change:``route53resolver``: [``botocore``] Update route53resolver client to latest version
  * api-change:``sqs``: [``botocore``] Update sqs client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``route53``: [``botocore``] Update route53 client to latest version
- from version 1.16.38
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``amp``: [``botocore``] Update amp client to latest version
  * api-change:``location``: [``botocore``] Update location client to latest version
  * api-change:``wellarchitected``: [``botocore``] Update wellarchitected client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
- from version 1.16.37
  * api-change:``iotwireless``: [``botocore``] Update iotwireless client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``greengrassv2``: [``botocore``] Update greengrassv2 client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``iotdeviceadvisor``: [``botocore``] Update iotdeviceadvisor client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
  * api-change:``amp``: [``botocore``] Update amp client to latest version
  * api-change:``iotfleethub``: [``botocore``] Update iotfleethub client to latest version
- from version 1.16.36
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator
    client to latest version
  * api-change:``devops-guru``: [``botocore``] Update devops-guru client
    to latest version
- from version 1.16.35
  * api-change:``guardduty``: [``botocore``] Update guardduty client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``pi``: [``botocore``] Update pi client to latest version
  * api-change:``cloudtrail``: [``botocore``] Update cloudtrail client to latest version
- from version 1.16.34
  * api-change:``networkmanager``: [``botocore``] Update networkmanager
    client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.16.33
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator
    client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
- from version 1.16.32
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``auditmanager``: [``botocore``] Update auditmanager client to latest version
  * api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
  * api-change:``sagemaker-edge``: [``botocore``] Update sagemaker-edge client to latest version
  * api-change:``forecast``: [``botocore``] Update forecast client to latest version
  * api-change:``healthlake``: [``botocore``] Update healthlake client to latest version
  * api-change:``emr-containers``: [``botocore``] Update emr-containers client to latest version
- from version 1.16.31
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``servicecatalog-appregistry``: [``botocore``] Update servicecatalog-appregistry
    client to latest version
- from version 1.16.30
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.16.29
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``amplifybackend``: [``botocore``] Update amplifybackend client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
- from version 1.16.28
  * api-change:``customer-profiles``: [``botocore``] Update customer-profiles
    client to latest version
- from version 1.16.27
  * api-change:``sagemaker-featurestore-runtime``: [``botocore``] Update
    sagemaker-featurestore-runtime client to latest version
  * api-change:``ecr-public``: [``botocore``] Update ecr-public client to latest version
  * api-change:``honeycode``: [``botocore``] Update honeycode client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``amplifybackend``: [``botocore``] Update amplifybackend client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``lookoutvision``: [``botocore``] Update lookoutvision client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``connect-contact-lens``: [``botocore``] Update connect-contact-lens client to latest version
  * api-change:``profile``: [``botocore``] Update profile client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``appintegrations``: [``botocore``] Update appintegrations client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
  * api-change:``devops-guru``: [``botocore``] Update devops-guru client to latest version
- from version 1.16.26
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- Update BuildRequires and Requires from setup.py
- Version update to 1.16.25
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``timestream-write``: [``botocore``] Update timestream-write client to latest version
  * api-change:``elasticbeanstalk``: [``botocore``] Update elasticbeanstalk client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``cloudtrail``: [``botocore``] Update cloudtrail client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``mwaa``: [``botocore``] Update mwaa client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
- from version 1.16.24
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``translate``: [``botocore``] Update translate client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``application-insights``: [``botocore``] Update application-insights client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``signer``: [``botocore``] Update signer client to latest version
  * api-change:``codestar-connections``: [``botocore``] Update codestar-connections client to latest version
  * api-change:``codeartifact``: [``botocore``] Update codeartifact client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``forecast``: [``botocore``] Update forecast client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``timestream-query``: [``botocore``] Update timestream-query client to latest version
  * api-change:``sso-admin``: [``botocore``] Update sso-admin client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
- from version 1.16.23
  * api-change:``servicecatalog-appregistry``: [``botocore``] Update servicecatalog-appregistry client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``cloudhsmv2``: [``botocore``] Update cloudhsmv2 client to latest version
  * api-change:``codeguru-reviewer``: [``botocore``] Update codeguru-reviewer client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``cognito-identity``: [``botocore``] Update cognito-identity client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
- from version 1.16.22
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``lex-runtime``: [``botocore``] Update lex-runtime client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
  * api-change:``kinesisanalyticsv2``: [``botocore``] Update kinesisanalyticsv2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
- from version 1.16.21
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * bugfix:Retry: [``botocore``] Fix bug where retries were attempted on any response with an "/Error"/ key.
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``backup``: [``botocore``] Update backup client to latest version
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
- from version 1.16.20
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``fms``: [``botocore``] Update fms client to latest version
  * api-change:``network-firewall``: [``botocore``] Update network-firewall client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
- from version 1.16.19
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``iotsecuretunneling``: [``botocore``] Update iotsecuretunneling client to latest version
  * api-change:``sns``: [``botocore``] Update sns client to latest version
  * api-change:``synthetics``: [``botocore``] Update synthetics client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
- from version 1.16.18
  * api-change:``textract``: [``botocore``] Update textract client to latest version
  * api-change:``shield``: [``botocore``] Update shield client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
- from version 1.16.17
  * api-change:``personalize-runtime``: [``botocore``] Update personalize-runtime client to latest version
  * api-change:``servicecatalog-appregistry``: [``botocore``] Update servicecatalog-appregistry client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``polly``: [``botocore``] Update polly client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
- from version 1.16.16
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``databrew``: [``botocore``] Update databrew client to latest version
  * api-change:``forecast``: [``botocore``] Update forecast client to latest version
  * api-change:``amplify``: [``botocore``] Update amplify client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
- from version 1.16.15
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.16.14
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
- from version 1.16.13
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
- from version 1.16.12
  * api-change:``frauddetector``: [``botocore``] Update frauddetector client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
- from version 1.16.11
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
  * api-change:``mq``: [``botocore``] Update mq client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``meteringmarketplace``: [``botocore``] Update meteringmarketplace client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
- from version 1.16.10
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.16.9
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``braket``: [``botocore``] Update braket client to latest version
  * api-change:``sns``: [``botocore``] Update sns client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.16.8
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``codeartifact``: [``botocore``] Update codeartifact client to latest version
  * api-change:``marketplacecommerceanalytics``: [``botocore``] Update marketplacecommerceanalytics client to latest version
  * api-change:``apigateway``: [``botocore``] Update apigateway client to latest version
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
- from version 1.16.7
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
- from version 1.16.6
  * api-change:``glue``: [``botocore``] Update glue client to latest version
- from version 1.16.5
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``neptune``: [``botocore``] Update neptune client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
- from version 1.16.4
  * api-change:``mediatailor``: [``botocore``] Update mediatailor client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
- from version 1.16.3
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``sns``: [``botocore``] Update sns client to latest version
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
- from version 1.16.2
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
- from version 1.16.1
  * api-change:``elasticbeanstalk``: [``botocore``] Update elasticbeanstalk client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
- from version 1.16.0
  * api-change:``backup``: [``botocore``] Update backup client to latest version
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * feature:imds: [``botocore``] Updated InstanceMetadataFetcher to use custom ipv6 uri as endpoint if envvar or config set
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.15.18
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- from version 1.15.17
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``groundstation``: [``botocore``] Update groundstation client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``budgets``: [``botocore``] Update budgets client to latest version
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
- from version 1.15.16
  * api-change:``snowball``: [``botocore``] Update snowball client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``amplify``: [``botocore``] Update amplify client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
- Update BuildRequires and Requires from setup.py
- Only build Python3 flavors for distributions 15 and greater
- Version update to 1.15.15
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``sns``: [``botocore``] Update sns client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
- from version 1.15.14
  * api-change:``mediapackage``: [``botocore``] Update mediapackage client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.15.13
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``kinesisanalyticsv2``: [``botocore``] Update kinesisanalyticsv2 client to latest version
  * api-change:``marketplace-catalog``: [``botocore``] Update marketplace-catalog client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.15.12
  * api-change:``dynamodbstreams``: [``botocore``] Update dynamodbstreams client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
- from version 1.15.11
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``personalize-events``: [``botocore``] Update personalize-events client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``servicediscovery``: [``botocore``] Update servicediscovery client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
- from version 1.15.10
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
- from version 1.15.9
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``s3outposts``: [``botocore``] Update s3outposts client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling client to latest version
  * api-change:``directconnect``: [``botocore``] Update directconnect client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
- from version 1.15.8
  * api-change:``timestream-write``: [``botocore``] Update timestream-write client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``schemas``: [``botocore``] Update schemas client to latest version
  * api-change:``timestream-query``: [``botocore``] Update timestream-query client to latest version
- from version 1.15.7
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.15.6
  * api-change:``frauddetector``: [``botocore``] Update frauddetector client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``sts``: [``botocore``] Update sts client to latest version
- from version 1.15.5
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``textract``: [``botocore``] Update textract client to latest version
  * api-change:``amplify``: [``botocore``] Update amplify client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``savingsplans``: [``botocore``] Update savingsplans client to latest version
  * api-change:``synthetics``: [``botocore``] Update synthetics client to latest version
- from version 1.15.4
  * api-change:``translate``: [``botocore``] Update translate client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``backup``: [``botocore``] Update backup client to latest version
- from version 1.15.3
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``dynamodbstreams``: [``botocore``] Update dynamodbstreams client to latest version
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
- from version 1.15.2
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update resourcegroupstaggingapi client to latest version
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``resource-groups``: [``botocore``] Update resource-groups client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.15.1
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``sso-admin``: [``botocore``] Update sso-admin client to latest version
  * api-change:``codestar-connections``: [``botocore``] Update codestar-connections client to latest version
- from version 1.15.0
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``apigateway``: [``botocore``] Update apigateway client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
  * feature:dependency: [``botocore``] botocore has removed docutils as a required dependency
- from version 1.14.63
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``greengrass``: [``botocore``] Update greengrass client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.14.62
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``budgets``: [``botocore``] Update budgets client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- from version 1.14.61
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``managedblockchain``: [``botocore``] Update managedblockchain client to latest version
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
- from version 1.14.60
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
- from version 1.14.59
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``ebs``: [``botocore``] Update ebs client to latest version
  * api-change:``sso-admin``: [``botocore``] Update sso-admin client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
- from version 1.14.58
  * api-change:``kinesisanalyticsv2``: [``botocore``] Update kinesisanalyticsv2 client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``redshift-data``: [``botocore``] Update redshift-data client to latest version
- from version 1.14.57
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
- Update BuildRequires and Requires from setup.py
- Version update to 1.14.56
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.14.55
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``guardduty``: [``botocore``] Update guardduty client to latest version
  * api-change:``mediapackage``: [``botocore``] Update mediapackage client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
- from version 1.14.54
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
- from version 1.14.53
  * api-change:``codeguru-reviewer``: [``botocore``] Update codeguru-reviewer client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
- from version 1.14.52
  * api-change:``sqs``: [``botocore``] Update sqs client to latest version
  * api-change:``backup``: [``botocore``] Update backup client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.14.51
  * api-change:``cur``: [``botocore``] Update cur client to latest version
  * api-change:``route53``: [``botocore``] Update route53 client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
- from version 1.14.50
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.14.49
  * api-change:``appflow``: [``botocore``] Update appflow client to latest version
  * api-change:``route53resolver``: [``botocore``] Update route53resolver client to latest version
- from version 1.14.48
  * api-change:``iotsitewise``: [``botocore``] Update iotsitewise client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``logs``: [``botocore``] Update logs client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
- from version 1.14.47
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
- from version 1.14.46
  * api-change:``lakeformation``: [``botocore``] Update lakeformation client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
  * api-change:``ivs``: [``botocore``] Update ivs client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
- from version 1.14.45
  * api-change:``identitystore``: [``botocore``] Update identitystore client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
- from version 1.14.44
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``kinesis``: [``botocore``] Update kinesis client to latest version
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
  * api-change:``acm``: [``botocore``] Update acm client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
  * api-change:``elb``: [``botocore``] Update elb client to latest version
  * api-change:``acm-pca``: [``botocore``] Update acm-pca client to latest version
- from version 1.14.43
  * api-change:``braket``: [``botocore``] Update braket client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``appstream``: [``botocore``] Update appstream client to latest version
- from version 1.14.42
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``macie2``: [``botocore``] Update macie2 client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
  * api-change:``braket``: [``botocore``] Update braket client to latest version
- from version 1.14.41
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``cloud9``: [``botocore``] Update cloud9 client to latest version
- Update BuildRequires and Requires from setup.py
python-botocore
- Disables Py 2 build for SLE 15
  + Py 2 is considered legacy with limited support. Should not have been
    built or released for Py 2. This was a mistake.
- Version update to 1.21.7 (bsc#1189649)
  * api-change:``s3control``: S3 Access Point aliases can be used anywhere you
    use S3 bucket names to access data in S3
  * api-change:``textract``: Adds support for AnalyzeExpense, a new API to extract
    relevant data such as contact information, items purchased, and vendor name,
    from almost any invoice or receipt without the need for any templates or
    configuration.
  * api-change:``proton``: Documentation-only update links
  * api-change:``identitystore``: Documentation updates for SSO API Ref.
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``synthetics``: CloudWatch Synthetics now supports visual
    testing in its canaries.
- from version 1.21.6
  * api-change:``securityhub``: Added product name, company name, and Region fields for
    security findings. Added details objects for RDS event subscriptions and AWS ECS
    services. Added fields to the details for AWS Elasticsearch domains.
  * api-change:``imagebuilder``: Update to documentation to reapply missing change to
    SSM uninstall switch default value and improve description.
  * api-change:``s3outposts``: Add on-premise access type support for endpoints
- from version 1.21.5
  * api-change:``medialive``: MediaLive now supports passing through style data
    on WebVTT caption outputs.
  * api-change:``databrew``: This SDK release adds two new features: 1) Output to
    Native JDBC destinations and 2) Adding configurations to profile jobs
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``s3control``: Documentation updates for Amazon S3-control
  * api-change:``ec2``: This release allows customers to assign prefixes to their
    elastic network interface and to reserve IP blocks in their subnet CIDRs. These
    reserved blocks can be used to assign prefixes to elastic network interfaces or
    be excluded from auto-assignment.
  * api-change:``qldb``: Amazon QLDB now supports ledgers encrypted with customer
    managed KMS keys. Changes in CreateLedger, UpdateLedger and DescribeLedger APIs
    to support the changes.
- from version 1.21.4
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for
    Amazon WorkDocs. For more information, see
    https://docs.aws.amazon.com/kendra/latest/dg/data-source-workdocs.html
  * api-change:``proton``: Documentation updates for AWS Proton
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``rds``: Adds the OriginalSnapshotCreateTime field to the DBSnapshot response
    object. This field timestamps the underlying data of a snapshot and doesn't change when
    the snapshot is copied.
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``lambda``: New ResourceConflictException error code for PutFunctionEventInvokeConfig,
    UpdateFunctionEventInvokeConfig, and DeleteFunctionEventInvokeConfig operations.
  * api-change:``codebuild``: AWS CodeBuild now allows you to set the access permissions for build
    artifacts, project artifacts, and log files that are uploaded to an Amazon S3 bucket that is
    owned by another account.
  * api-change:``personalize``: My AWS Service (placeholder) - Making minProvisionedTPS an optional
    parameter when creating a campaign. If not provided, it defaults to 1.
  * api-change:``emr``: Update emr client to latest version
- from version 1.21.3
  * api-change:``compute-optimizer``: Documentation updates for Compute Optimizer
  * api-change:``ec2``: Added idempotency to the CreateVolume API using the ClientToken
    request parameter
- from version 1.21.2
  * api-change:``imagebuilder``: Documentation updates for reversal of default value for additional
    instance configuration SSM switch, plus improved descriptions for semantic versioning.
  * api-change:``directconnect``: Documentation updates for directconnect
  * api-change:``health``: In the Health API, the maximum number of entities for the EventFilter and
    EntityFilter data types has changed from 100 to 99. This change is related to an internal
    optimization of the AWS Health service.
  * api-change:``robomaker``: This release allows customers to create a new version of WorldTemplates
    with support for Doors.
  * api-change:``location``: Add five new API operations: UpdateGeofenceCollection, UpdateMap,
    UpdatePlaceIndex, UpdateRouteCalculator, UpdateTracker.
  * api-change:``emr-containers``: Updated DescribeManagedEndpoint and ListManagedEndpoints to return
    failureReason and stateDetails in API response.
- from version 1.21.1
  * api-change:``appintegrations``: Documentation update for AppIntegrations Service
  * api-change:``chime``: This SDK release adds Account Status as one of the attributes in Account API response
  * api-change:``auditmanager``: This release relaxes the S3 URL character restrictions in AWS Audit Manager.
    Regex patterns have been updated for the following attributes: s3RelativePath, destination, and s3ResourcePath.
    'AWS' terms have also been replaced with entities to align with China Rebrand documentation efforts.
- from version 1.21.0
  * api-change:``ec2``: This feature enables customers  to specify weekly recurring time window(s) for scheduled
    events that reboot, stop or terminate EC2 instances.
  * api-change:``cognito-idp``: Documentation updates for cognito-idp
  * api-change:``ecs``: Documentation updates for support of awsvpc mode on Windows.
  * api-change:``lex-models``: Lex now supports the en-IN locale
  * api-change:``iotsitewise``: Update the default endpoint for the APIs used to manage asset models, assets, gateways,
    tags, and account configurations. If you have firewalls with strict egress rules, configure the rules to grant
    you access to api.iotsitewise.[region].amazonaws.com or api.iotsitewise.[cn-region].amazonaws.com.cn.
  * feature:Python: Dropped support for Python 2.7
- Disable Python2 builds for all SUSE distributions
- Remove Python2 build dependencies from spec file
- Version update to 1.20.112
  * api-change:``dms``: Release of feature needed for ECA-Endpoint settings. This allows
    customer to delete a field in endpoint settings by using --exact-settings flag in modify-
    endpoint api. This also displays default values for certain required fields of endpoint
    settings in describe-endpoint-settings api.
  * api-change:``glue``: Add support for Event Driven Workflows
  * api-change:``acm``: Added support for RSA 3072 SSL certificate import
  * api-change:``healthlake``: General availability for Amazon HealthLake. StartFHIRImportJob
    and StartFHIRExportJob APIs now require AWS KMS parameter. For more information, see the
    Amazon HealthLake Documentation https://docs.aws.amazon.com/healthlake/index.html.
  * api-change:``wellarchitected``: This update provides support for Well-Architected API users
    to mark answer choices as not applicable.
  * api-change:``lightsail``: This release adds support for the Amazon Lightsail object storage
    service, which allows you to create buckets and store objects.
- from version 1.20.111
  * api-change:``amplifybackend``: Added Sign in with Apple OAuth provider.
  * api-change:``redshift``: Release new APIs to support new Redshift feature - Authentication Profile
  * api-change:``ssm``: Changes to OpsCenter APIs to support a new feature, operational insights.
  * api-change:``lex-models``: Customers can now migrate bots built with Lex V1 APIs to V2 APIs.
    This release adds APIs to initiate and manage the migration of a bot.
  * api-change:``directconnect``: This release adds a new filed named awsLogicalDeviceId that it
    displays the AWS Direct Connect endpoint which terminates a physical connection's BGP Sessions.
  * api-change:``pricing``: Documentation updates for api.pricing
- from version 1.20.110
  * api-change:``eks``: Documentation updates for Wesley to support the parallel node upgrade feature.
  * api-change:``kendra``: Amazon Kendra now supports Principal Store
- from version 1.20.109
  * api-change:``sagemaker``: Releasing new APIs related to Tuning steps in model building pipelines.
  * api-change:``frauddetector``: This release adds support for ML Explainability to display model
    variable importance value in Amazon Fraud Detector.
  * api-change:``mediaconvert``: MediaConvert now supports color, style and position information
    passthrough from 608 and Teletext to SRT and WebVTT subtitles. MediaConvert now also supports
    Automatic QVBR quality levels for QVBR RateControlMode.
- from version 1.20.108
  * api-change:``eks``: Added waiters for EKS FargateProfiles.
  * api-change:``outposts``: Added property filters for listOutposts
  * api-change:``fms``: AWS Firewall Manager now supports route table monitoring, and provides
    remediation action recommendations to security administrators for AWS Network Firewall policies
    with misconfigured routes.
  * api-change:``mediatailor``: Add ListAlerts for Channel, Program, Source Location, and VOD Source to
    return alerts for resources.
  * api-change:``devops-guru``: Add AnomalyReportedTimeRange field to include open and close
    time of anomalies.
  * api-change:``ssm-contacts``: Updated description for CreateContactChannel contactId.
- from version 1.20.107
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``sts``: Documentation updates for AWS Security Token Service.
  * api-change:``mq``: adds support for modifying the maintenance window for brokers.
  * api-change:``cloudfront``: Amazon CloudFront now provides two new APIs, ListConflictingAliases and
    AssociateAlias, that help locate and move Alternate Domain Names (CNAMEs) if you encounter the
    CNAMEAlreadyExists error code.
  * api-change:``chime``: Releasing new APIs for AWS Chime MediaCapturePipeline
  * api-change:``iotsitewise``: This release add storage configuration APIs for AWS IoT SiteWise.
  * api-change:``storagegateway``: Adding support for oplocks for SMB file shares,  S3 Access Point and
    S3 Private Link for all file shares and IP address support for file system associations
  * api-change:``ec2``: This release adds resource ids and tagging support for VPC security group rules.
- from version 1.20.106
  * api-change:``lambda``: Added support for AmazonMQRabbitMQ as an event source. Added support for
    VIRTUAL_HOST as SourceAccessType for streams event source mappings.
  * api-change:``imagebuilder``: Adds support for specifying parameters to customize components for recipes.
    Expands configuration of the Amazon EC2 instances that are used for building and testing images,
    including the ability to specify commands to run on launch, and more control over installation and
    removal of the SSM agent.
  * api-change:``mgn``: Bug fix: Remove not supported EBS encryption type "/NONE"/
  * api-change:``eks``: Adding new error code UnsupportedAddonModification for Addons in EKS
  * api-change:``macie2``: Sensitive data findings in Amazon Macie now include enhanced location
    data for JSON and JSON Lines files
  * api-change:``sns``: Documentation updates for Amazon SNS.
- from version 1.20.105
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``ec2``: This release removes network-insights-boundary
- from version 1.20.104
  * api-change:``sagemaker``: SageMaker model registry now supports up to 5 containers
    and associated environment variables.
  * api-change:``sqs``: Documentation updates for Amazon SQS.
  * api-change:``ec2``: Adding a new reserved field to support future infrastructure
    improvements for Amazon EC2 Fleet.
- from version 1.20.103
  * api-change:``autoscaling``: Amazon EC2 Auto Scaling infrastructure improvements and optimizations.
  * api-change:``kendra``: Amazon Kendra Enterprise Edition now offered in smaller more granular units
    to enable customers with smaller workloads. Virtual Storage Capacity units now offer scaling in
    increments of 100,000 documents (up to 30GB) per unit and Virtual Query Units offer scaling increments
    of 8,000 queries per day.
  * api-change:``mediapackage-vod``: Add support for Widevine DRM on CMAF packaging configurations.
    Both Widevine and FairPlay DRMs can now be used simultaneously, with CBCS encryption.
  * api-change:``ssm-contacts``: Fixes the tag key length range to 128 chars,  tag value length to 256
    chars; Adds support for UTF-8 chars for contact and channel names, Allows users to unset name in
    UpdateContact API; Adds throttling exception to StopEngagement API, validation exception to APIs
    UntagResource, ListTagsForResource
  * api-change:``databrew``: Adds support for the output of job results to the AWS Glue Data Catalog.
  * api-change:``servicediscovery``: AWS Cloud Map now allows configuring the TTL of the SOA record for a
    hosted zone to control the negative caching for new services.
- from version 1.20.102
  * api-change:``sagemaker``: Sagemaker Neo now supports running compilation jobs using customer's Amazon VPC
  * api-change:``glue``: Add JSON Support for Glue Schema Registry
  * api-change:``redshift``: Added InvalidClusterStateFault to the DisableLogging API, thrown when calling the
    API on a non available cluster.
  * api-change:``mediaconvert``: MediaConvert adds support for HDR10+, ProRes 4444,  and XAVC outputs, ADM/DAMF
    support for Dolby Atmos ingest, and alternative audio and WebVTT caption ingest via HLS inputs. MediaConvert
    also now supports creating trickplay outputs for Roku devices for HLS, CMAF, and DASH output groups.
- from version 1.20.101
  * api-change:``proton``: Added waiters for template registration, service operations, and environment deployments.
  * api-change:``amplifybackend``: Imports an existing backend authentication resource.
  * api-change:``snowball``: AWS Snow Family customers can remotely monitor and operate their connected AWS Snowcone
    devices. AWS Snowball Edge Storage Optimized customers can now import and export their data using NFS.
- from version 1.20.100
  * api-change:``chime``: Adds EventIngestionUrl field to MediaPlacement
  * api-change:``cloud9``: Minor update to AWS Cloud9 documentation to allow correct parsing of outputted text
  * api-change:``connect``: Released Amazon Connect quick connects management API for general availability (GA).
    For more information, see https://docs.aws.amazon.com/connect/latest/APIReference/Welcome.html
  * api-change:``dax``: Add support for encryption in transit to DAX clusters.
  * api-change:``wafv2``: Added support for 15 new text transformation.
  * api-change:``kendra``: Amazon Kendra now supports SharePoint 2013 and SharePoint 2016 when
    using a SharePoint data source.
  * api-change:``securityhub``: Added new resource details for ECS clusters and ECS task definitions. Added
    additional information for S3 buckets, Elasticsearch domains, and API Gateway V2 stages.
  * api-change:``transfer``: Customers can successfully use legacy clients with Transfer Family endpoints enabled
    for FTPS and FTP behind routers, firewalls, and load balancers by providing a Custom IP address used for data
    channel communication.
  * api-change:``codebuild``: BucketOwnerAccess is currently not supported
- from version 1.20.99
  * api-change:``docdb``: DocumentDB documentation-only edits
  * api-change:``cloud9``: Updated documentation for CreateEnvironmentEC2 to explain that because Amazon Linux AMI
    has ended standard support as of December 31, 2020, we recommend you choose Amazon Linux 2--which includes long
    term support through 2023--for new AWS Cloud9 environments.
  * api-change:``quicksight``: Releasing new APIs for AWS QuickSight Folders
  * api-change:``mediatailor``: Update GetChannelSchedule to return information on ad breaks.
  * api-change:``cloudfront``: Amazon CloudFront adds support for a new security policy, TLSv1.2_2021.
  * api-change:``license-manager``: AWS License Manager now allows license administrators and end users to communicate
    to each other by setting custom status reasons when updating the status on a granted license.
  * api-change:``ec2``: This release adds support for provisioning your own IP (BYOIP) range in multiple regions.
    This feature is in limited Preview for this release. Contact your account manager if you are interested in
    this feature.
  * api-change:``events``: Added the following parameters to ECS targets: CapacityProviderStrategy, EnableECSManagedTags,
    EnableExecuteCommand, PlacementConstraints, PlacementStrategy, PropagateTags, ReferenceId, and Tags
  * api-change:``cloudsearch``: This release replaces previous generation CloudSearch instances with equivalent new
    instances that provide better stability at the same price.
  * api-change:``codeguru-reviewer``: Adds support for S3 based full repository analysis and changed lines scan.
- from version 1.20.98
  * api-change:``cloudformation``: CloudFormation registry service now supports 3rd party public type sharing
- from version 1.20.97
  * api-change:``kendra``: Amazon Kendra now supports the indexing of web documents for search through the web crawler.
  * api-change:``sagemaker``: Enable ml.g4dn instance types for SageMaker Batch Transform and SageMaker Processing
  * api-change:``rds``: This release enables Database Activity Streams for RDS Oracle
  * api-change:``chime``: This release adds a new API UpdateSipMediaApplicationCall, to update an in-progress
    call for SipMediaApplication.
- from version 1.20.96
  * api-change:``kms``: Adds support for multi-Region keys
  * api-change:``ec2``: This release adds support for VLAN-tagged network traffic over an Elastic Network Interface
    (ENI). This feature is in limited Preview for this release. Contact your account manager if you are interested
    in this feature.
  * api-change:``rds``: This release enables fast cloning in Aurora Serverless. You can now clone between Aurora
    Serverless clusters and Aurora Provisioned clusters.
  * api-change:``mediatailor``: Adds AWS Secrets Manager Access Token Authentication for Source Locations
- from version 1.20.95
  * api-change:``redshift-data``: Redshift Data API service now supports SQL parameterization.
  * api-change:``connect``: This release adds new sets of APIs: AssociateBot, DisassociateBot, and ListBots. You can
    use it to programmatically add an Amazon Lex bot or Amazon Lex V2 bot on the specified Amazon Connect instance
  * api-change:``ec2``: EC2 M5n, M5dn, R5n, R5dn metal instances with 100 Gbps network performance and Elastic Fabric
    Adapter (EFA) for ultra low latency
  * api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
- from version 1.20.94
  * api-change:``lookoutmetrics``: Added "/LEARNING"/ status for anomaly detector and updated description for "/Offset"/
    parameter in MetricSet APIs.
  * api-change:``iotanalytics``: Adds support for data store partitions.
  * api-change:``greengrassv2``: We have verified the APIs being released here and are ready to release
- from version 1.20.93
  * api-change:``ec2``: Amazon EC2 adds new AMI property to flag outdated AMIs
  * api-change:``medialive``: AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27 image-based
    source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
  * api-change:``mediaconnect``: When you enable source failover, you can now designate one of two sources as the
    primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge
    combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
- from version 1.20.92
  * api-change:``sagemaker``: Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing, maintaining,
    and deploying models to your devices. You can now create deployable IoT Greengrass components during edge packaging
    jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
  * api-change:``appmesh``: AppMesh now supports additional routing capabilities in match and rewrites for Gateway Routes
    and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
  * api-change:``redshift``: Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when calling the
    API on a non available cluster.
  * api-change:``chime``: This SDK release adds support for UpdateAccount API to allow users to update their default
    license on Chime account.
  * api-change:``ec2``: This release adds a new optional parameter connectivityType (public, private) for the
    CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC
    and can be used for communication with other VPCs and on-premise networks.
  * api-change:``ram``: AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in ListPermissions
    and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter by permission
    attached
  * api-change:``sagemaker-featurestore-runtime``: Release BatchGetRecord API for AWS SageMaker Feature Store Runtime.
  * api-change:``cognito-idp``: Amazon Cognito now supports targeted sign out through refresh token revocation
  * api-change:``appflow``: Adding MAP_ALL task type support.
  * api-change:``managedblockchain``: This release supports KMS customer-managed Customer Master Keys (CMKs) on
    member-specific Hyperledger Fabric resources.
- from version 1.20.91
  * api-change:``transfer``: Documentation updates for the AWS Transfer Family service.
  * api-change:``personalize-events``: Support for unstructured text inputs in the items dataset to to automatically
    extract key information from product/content description as an input when creating solution versions.
  * api-change:``proton``: This is the initial SDK release for AWS Proton
  * api-change:``kendra``: AWS Kendra now supports checking document status.
- from version 1.20.90
  * api-change:``fsx``: This release adds support for auditing end-user access to files, folders, and file shares
    using Windows event logs, enabling customers to meet their security and compliance needs.
  * api-change:``servicecatalog``: increase max pagesize for List/Search apis
  * api-change:``macie2``: This release of the Amazon Macie API introduces stricter validation of S3 object
    criteria for classification jobs.
  * api-change:``cognito-idp``: Documentation updates for cognito-idp
- from version 1.20.89
  * api-change:``sagemaker``: AWS SageMaker - Releasing new APIs related to Callback steps in model building pipelines.
    Adds experiment integration to model building pipelines.
  * api-change:``glue``: Add SampleSize variable to S3Target to enable s3-sampling feature through API.
  * api-change:``personalize``: Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
  * api-change:``eks``: Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
- from version 1.20.88
  * api-change:``rds``: Documentation updates for RDS: fixing an outdated link to the RDS documentation
    in DBInstance$DBInstanceStatus
  * api-change:``pi``: The new GetDimensionKeyDetails action retrieves the attributes of the specified dimension group
    for a DB instance or data source.
  * api-change:``cloudtrail``: AWS CloudTrail supports data events on new service resources, including Amazon DynamoDB
    tables and S3 Object Lambda access points.
  * api-change:``medialive``: Add support for automatically setting the H.264 adaptive quantization and GOP B-frame fields.
  * api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling
  * api-change:``qldb``: Documentation updates for Amazon QLDB
- from version 1.20.87
  * api-change:``s3``: S3 Inventory now supports Bucket Key Status
  * api-change:``s3control``: Amazon S3 Batch Operations now supports S3 Bucket Keys.
  * api-change:``route53resolver``: Documentation updates for Route 53 Resolver
  * api-change:``ssm``: Documentation updates for ssm to fix customer reported issue
  * api-change:``forecast``: Added optional field AutoMLOverrideStrategy to CreatePredictor API that allows users to
    customize AutoML strategy. If provided in CreatePredictor request, this field is visible in DescribePredictor and
    GetAccuracyMetrics responses.
- Enable python2 builds for SLE-15
- Version update to 1.20.86
  * api-change:``autoscaling``: You can now launch EC2 instances with GP3 volumes
    when using Auto Scaling groups with Launch Configurations
  * api-change:``lightsail``: Documentation updates for Lightsail
  * api-change:``ecs``: Documentation updates for Amazon ECS.
  * api-change:``docdb``: This SDK release adds support for DocDB global clusters.
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``braket``: Introduction of a RETIRED status for devices.
- from version 1.20.85
  * api-change:``sns``: This release adds SMS sandbox in Amazon SNS and the ability to view
    all configured origination numbers. The SMS sandbox provides a safe environment for sending
    SMS messages, without risking your reputation as an SMS sender.
  * api-change:``polly``: Amazon Polly adds new Canadian French voice - Gabrielle.
    Gabrielle is available as Neural voice only.
  * api-change:``ec2``: Added idempotency to CreateNetworkInterface using the ClientToken parameter.
  * api-change:``iotwireless``: Added six new public customer logging APIs to allow customers to
    set/get/reset log levels at resource type and resource id level. The log level set from the APIs
    will be used to filter log messages that can be emitted to CloudWatch in customer accounts.
  * api-change:``servicediscovery``: Bugfixes - The DiscoverInstances API operation now provides an
    option to return all instances for health-checked services when there are no healthy instances
    available.
- from version 1.20.84
  * api-change:``lookoutmetrics``: Allowing dot(.) character in table name for RDS and Redshift as
    source connector.
  * api-change:``location``: Adds support for calculation of routes, resource tagging and customer
    provided KMS keys.
  * api-change:``datasync``: Added SecurityDescriptorCopyFlags option that allows for control of which
    components of SMB security descriptors are copied from source to destination objects.
- from version 1.20.83
  * api-change:``iotevents-data``: Releasing new APIs for AWS IoT Events Alarms
  * api-change:``devicefarm``: Introduces support for using our desktop testing service with
    applications hosted within your Virtual Private Cloud (VPC).
  * api-change:``kendra``: Amazon Kendra now suggests popular queries in order to help guide query
    typing and help overall accuracy.
  * api-change:``iotsitewise``: IoT SiteWise Monitor Portal API updates to add alarms feature configuration.
  * api-change:``resource-groups``: Documentation updates for Resource Groups.
  * api-change:``lightsail``: Documentation updates for Lightsail
  * api-change:``iotevents``: Releasing new APIs for AWS IoT Events Alarms
  * api-change:``fsx``: This release adds LZ4 data compression support to FSx for Lustre to reduce storage
    consumption of both file system storage and file system backups.
  * api-change:``sqs``: Documentation updates for Amazon SQS for General Availability of high throughput
    for FIFO queues.
- from version 1.20.82
  * api-change:``ec2``: This release removes resource ids and tagging support for VPC security group rules.
- from version 1.20.81
  * api-change:``qldb``: Support STANDARD permissions mode in CreateLedger and DescribeLedger. Add
    UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
  * api-change:``cloudfront``: Documentation fix for CloudFront
  * api-change:``outposts``: Add ConflictException to DeleteOutpost, CreateOutpost
  * api-change:``mwaa``: Adds scheduler count selection for Environments using Airflow version 2.0.2 or later.
  * api-change:``ec2``: This release adds resource ids and tagging support for VPC security group rules.
  * api-change:``ecs``: The release adds support for registering External instances to your Amazon ECS clusters.
  * api-change:``acm-pca``: This release enables customers to store CRLs in S3 buckets with Block Public Access
    enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority and
    UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
- from version 1.20.80
  * api-change:``transfer``: AWS Transfer Family customers can now use AWS Managed Active Directory or AD Connector
    to authenticate their end users, enabling seamless migration of file transfer workflows that rely on AD
    authentication, without changing end users' credentials or needing a custom authorizer.
  * api-change:``iot``: This release includes support for a new feature: Job templates for AWS IoT Device Management
    Jobs. The release includes job templates as a new resource and APIs for managing job templates.
  * api-change:``workspaces``: Adds support for Linux device types in WorkspaceAccessProperties
- from version 1.20.79
  * api-change:``quicksight``: Add new parameters on RegisterUser and UpdateUser APIs to assign or update external
    ID associated to QuickSight users federated through web identity.
  * api-change:``ce``: Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization and
    NetworkResourceUtilization to GetRightsizingRecommendation action
  * api-change:``compute-optimizer``: Adds support for 1) additional instance types, 2) additional instance metrics,
    3) finding reasons for instance recommendations, and 4) platform differences between a current instance and a
    recommended instance type.
  * api-change:``ec2``: This release adds support for creating and managing EC2 On-Demand Capacity Reservations on Outposts.
  * api-change:``logs``: This release provides dimensions and unit support for metric filters.
- from version 1.20.78
  * api-change:``efs``: Update efs client to latest version
  * api-change:``s3``: Documentation updates for Amazon S3
  * api-change:``forecast``: Updated attribute statistics in DescribeDatasetImportJob response to support Long values
  * api-change:``opsworkscm``: New PUPPET_API_CRL attribute returned by DescribeServers API; new EngineVersion
    of 2019 available for Puppet Enterprise servers.
- from version 1.20.77
  * api-change:``personalize``: Added new API to stop a solution version creation that is pending or in
    progress for Amazon Personalize
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``quicksight``: Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
- from version 1.20.76
  * api-change:``kinesisanalyticsv2``: Kinesis Data Analytics now allows rapid iteration on Apache Flink stream
    processing through the Kinesis Data Analytics Studio feature.
  * api-change:``rekognition``: Amazon Rekognition Custom Labels adds support for customer managed encryption, using
    AWS Key Management Service, of image files copied into the service and files written back to the customer.
  * api-change:``iam``: Add pagination to ListUserTags operation
  * api-change:``eks``: Update the EKS AddonActive waiter.
  * api-change:``autoscaling``: With this release, customers can easily use Predictive Scaling as a policy directly
    through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead of predicted demand.
  * api-change:``lightsail``: Documentation updates for Amazon Lightsail.
- Update BuildRequires from requirements.txt
- Version update to 1.20.75
  * api-change:support: Documentation updates for support
  * api-change:apprunner: AWS App Runner is a service that provides
    a fast, simple, and cost-effective way to deploy from source
    code or a container image directly to a scalable and secure web
    application in the AWS Cloud.
  * api-change:compute-optimizer: This release enables compute
    optimizer to support exporting recommendations to Amazon S3 for
    EBS volumes and Lambda Functions.
  * api-change:personalize: Amazon Personalize now supports the
    ability to optimize a solution for a custom objective in
    addition to maximizing relevance.
  * api-change:license-manager: AWS License Manager now supports
    periodic report generation.
  * api-change:iotsitewise: Documentation updates for AWS IoT
    SiteWise.
  * api-change:lexv2-models: Update lexv2-models client to latest
    version
- from version 1.20.74
  * api-change:mediaconnect: MediaConnect now supports JPEG XS for
    AWS Cloud Digital Interface (AWS CDI) uncompressed workflows,
    allowing you to establish a bridge between your on-premises
    live video network and the AWS Cloud.
  * api-change:sagemaker-a2i-runtime: Documentation updates for
    Amazon A2I Runtime model
  * api-change:applicationcostprofiler: APIs for AWS Application
    Cost Profiler.
  * api-change:neptune: Neptune support for CopyTagsToSnapshots
  * api-change:iotdeviceadvisor: AWS IoT Core Device Advisor is
    fully managed test capability for IoT devices. Device
    manufacturers can use Device Advisor to test their IoT devices
    for reliable and secure connectivity with AWS IoT.
  * api-change:elasticache: Documentation updates for elasticache
- from version 1.20.73
  * api-change:events: Update InputTransformer variable limit from
    10 to 100 variables.
  * enhancement:s3: Block endpoint resolution of clients configured
    with S3 pseudo-regions (e.g. aws-global, s3-external-1) that
    will never resolve to a correct access point endpoint.
  * api-change:macie2: This release of the Amazon Macie API adds
    support for defining run-time, S3 bucket criteria for
    classification jobs. It also adds resources for querying data
    about AWS resources that Macie monitors.
  * api-change:es: Adds support for cold storage.
  * api-change:securityhub: Updated descriptions to add notes on
    array lengths.
  * api-change:detective: Updated descriptions of array parameters
    to add the restrictions on the array and value lengths.
  * api-change:transcribe: Transcribe Medical now supports
    identification of PHI entities within transcripts
  * api-change:imagebuilder: Text-only updates for bundled
    documentation feedback tickets - spring 2021.
  * enhancement:FIPS: Add validation to only attempt to connect to
    FIPS endpoints with a FIPS pseudo-region if the pseudo-region
    is explicitly known to the SDK.
- from version 1.20.72
  * api-change:ec2: High Memory virtual instances are powered by
    Intel Sky Lake CPUs and offer up to 12TB of memory.
- from version 1.20.71
  * api-change:ssm-incidents: AWS Systems Manager Incident Manager
    enables faster resolution of critical application availability
    and performance issues, management of contacts and
    post-incident analysis
  * api-change:ssm-contacts: AWS Systems Manager Incident Manager
    enables faster resolution of critical application availability
    and performance issues, management of contacts and post
    incident analysis
  * api-change:s3control: Documentation updates for Amazon
    S3-control
- from version 1.20.70
  * api-change:mediaconvert: AWS Elemental MediaConvert SDK has
    added support for Kantar SNAP File Audio Watermarking with a
    Kantar Watermarking account, and Display Definition
    Segment(DDS) segment data controls for DVB-Sub caption outputs.
  * api-change:ecs: This release contains updates for Amazon ECS.
  * api-change:codeartifact: Documentation updates for CodeArtifact
  * api-change:eks: This release updates create-nodegroup and
    update-nodegroup-config APIs for adding/updating taints on
    managed nodegroups.
  * api-change:iotwireless: Add three new optional fields to
    support filtering and configurable sub-band in WirelessGateway
    APIs. The filtering is for all the RF region supported. The
    sub-band configuration is only applicable to LoRa gateways of
    US915 or AU915 RF region.
  * api-change:ssm: This release adds new APIs to associate,
    disassociate and list related items in SSM OpsCenter; and this
    release adds DisplayName as a version-level attribute for SSM
    Documents and introduces two new document types:
    ProblemAnalysis, ProblemAnalysisTemplate.
  * api-change:kinesisanalyticsv2: Amazon Kinesis Analytics now
    supports ListApplicationVersions and DescribeApplicationVersion
    API for Apache Flink applications
  * api-change:config: Adds paginator to multiple APIs: By default,
    the paginator allows user to iterate over the results and
    allows the CLI to return up to 1000 results.
- Version update to 1.20.69
  * api-change:``lakeformation``: This release adds Tag Based
    Access Control to AWS Lake Formation service
  * api-change:``lookoutmetrics``: Enforcing UUID style for
    parameters that are already in UUID format today. Documentation
    specifying eventual consistency of lookoutmetrics resources.
  * api-change:``connect``: Adds tagging support for Connect APIs
    CreateIntegrationAssociation and CreateUseCase.
- from version 1.20.68
  * api-change:``servicediscovery``: Bugfix: Improved input
    validation for RegisterInstance action, InstanceId field
  * api-change:``kafka``: IAM Access Control for Amazon MSK enables
    you to create clusters that use IAM to authenticate clients and
    to allow or deny Apache Kafka actions for those clients.
  * api-change:``ssm``: SSM feature release - ChangeCalendar
    integration with StateManager.
  * api-change:``snowball``: AWS Snow Family adds APIs for ordering
    and managing Snow jobs with long term pricing
- from version 1.20.67
  * api-change:``auditmanager``: This release updates the
    CreateAssessmentFrameworkControlSet and
    UpdateAssessmentFrameworkControlSet API data types. For both of
    these data types, the control set name is now a required
    attribute.
  * api-change:``nimble``: Documentation Updates for Amazon Nimble
    Studio.
  * api-change:``kinesisanalyticsv2``: Amazon Kinesis Analytics now
    supports RollbackApplication for Apache Flink applications to
    revert the application to the previous running version
  * api-change:``sagemaker``: Amazon SageMaker Autopilot now
    provides the ability to automatically deploy the best model to
    an endpoint
- from version 1.20.66
  * api-change:``finspace``: Documentation updates for FinSpace
    API.
  * api-change:``finspace-data``: Documentation updates for
    FinSpaceData API.
- from version 1.20.65
  * api-change:``devops-guru``: Added GetCostEstimation and
    StartCostEstimation to get the monthly resource usage cost and
    added ability to view resource health by AWS service name and
    to search insights be AWS service name.
  * api-change:``acm-pca``: This release adds the
    KeyStorageSecurityStandard parameter to the
    CreateCertificateAuthority API to allow customers to mandate a
    security standard to which the CA key will be stored within.
  * api-change:``health``: Documentation updates for health
  * api-change:``chime``: This release adds the ability to search
    for and order international phone numbers for Amazon Chime SIP
    media applications.
  * api-change:``sagemaker``: Enable retrying Training and
    Tuning Jobs that fail with InternalServerError by setting
    RetryStrategy.
- from version 1.20.64
  * api-change:``finspace-data``: Update FinSpace Data
    serviceAbbreviation
- from version 1.20.63
  * api-change:``finspace-data``: This is the initial SDK release
    for the data APIs for Amazon FinSpace. Amazon FinSpace is a
    data management and analytics application for the financial
    services industry (FSI).
  * api-change:``mturk``: Update mturk client to latest version
  * api-change:``chime``: Added new BatchCreateChannelMembership
    API to support multiple membership creation for channels
  * api-change:``finspace``: This is the initial SDK release for
    the management APIs for Amazon FinSpace. Amazon FinSpace is a
    data management and analytics service for the financial
    services industry (FSI).
  * api-change:``securityhub``: Updated ASFF to add the following
    new resource details objects: AwsEc2NetworkAcl, AwsEc2Subnet,
    and AwsElasticBeanstalkEnvironment.
- from version 1.20.62
  * api-change:``personalize``: Update URL for dataset export job
    documentation.
  * api-change:``marketplace-catalog``: Allows user defined names
    for Changes in a ChangeSet. Users can use ChangeNames to
    reference properties in another Change within a ChangeSet. This
    feature allows users to make changes to an entity when the
    entity identifier is not yet available while constructing the
    StartChangeSet request.
  * api-change:``forecast``: Added new DeleteResourceTree operation
    that helps in deleting all the child resources of a given
    resource including the given resource.
  * api-change:``robomaker``: Adds ROS2 Foxy as a supported Robot
    Software Suite Version and Gazebo 11 as a supported Simulation
    Software Suite Version
  * api-change:``cloudfront``: CloudFront now supports CloudFront
    Functions, a native feature of CloudFront that enables you to
    write lightweight functions in JavaScript for high-scale,
    latency-sensitive CDN customizations.
  * api-change:``customer-profiles``: This release introduces
    GetMatches and MergeProfiles APIs to fetch and merge duplicate
    profiles
- from version 1.20.61
  * api-change:``macie2``: The Amazon Macie API now provides S3
    bucket metadata that indicates whether a bucket policy requires
    server-side encryption of objects when objects are uploaded to
    the bucket.
  * api-change:``organizations``: Minor text updates for AWS
    Organizations API Reference
  * api-change:``ecs``: Add support for EphemeralStorage on
    TaskDefinition and TaskOverride
  * api-change:``chime``: Increase AppInstanceUserId length to 64
    characters
- from version 1.20.60
  * api-change:``connect``: Updated max number of tags that can be
    attached from 200 to 50. MaxContacts is now an optional
    parameter for the UpdateQueueMaxContact API.
  * api-change:``mediapackage-vod``: MediaPackage now offers the
    option to place your Sequence Parameter Set (SPS), Picture
    Parameter Set (PPS), and Video Parameter Set (VPS) encoder
    metadata in every video segment instead of in the init fragment
    for DASH and CMAF endpoints.
  * api-change:``nimble``: Amazon Nimble Studio is a virtual studio
    service that empowers visual effects, animation, and
    interactive content teams to create content securely within a
    scalable, private cloud service.
  * api-change:``iotsitewise``: AWS IoT SiteWise interpolation API
    will get interpolated values for an asset property per
    specified time interval during a period of time.
  * api-change:``cloudformation``: Add CallAs parameter to
    GetTemplateSummary to enable use with StackSets delegated
    administrator integration
- from version 1.20.59
  * api-change:``auditmanager``: This release restricts using
    backslashes in control, assessment, and framework names. The
    controlSetName field of the UpdateAssessmentFrameworkControlSet
    API now allows strings without backslashes.
- from version 1.20.58
  * api-change:``ec2``: Adding support for Red Hat Enterprise Linux
    with HA for Reserved Instances.
  * api-change:``iotwireless``: Add a new optional field
    MessageType to support Sidewalk devices in
    SendDataToWirelessDevice API
  * api-change:``kinesisanalyticsv2``: Amazon Kinesis Data
    Analytics now supports custom application maintenance
    configuration using UpdateApplicationMaintenanceConfiguration
    API for Apache Flink applications. Customers will have
    visibility when their application is under maintenance status
    using 'MAINTENANCE' application status.
  * api-change:``personalize``: Added support for exporting data
    imported into an Amazon Personalize dataset to a specified data
    source (Amazon S3 bucket).
  * api-change:``mediaconvert``: Documentation updates for
    mediaconvert
  * api-change:``codeguru-reviewer``: Include KMS Key Details in
    Repository Association APIs to enable usage of customer managed
    KMS Keys.
  * api-change:``glue``: Adding Kafka Client Auth Related
    Parameters
  * api-change:``eks``: This release updates existing Amazon EKS
    input validation so customers will see an
    InvalidParameterException instead of a ParamValidationError
    when they enter 0 for minSize and/or desiredSize. It also adds
    LaunchTemplate information to update responses and a new
    "/CUSTOM"/ value for AMIType.
- from version 1.20.57
  * api-change:``mediapackage``: Add support for Widevine DRM on
    CMAF origin endpoints. Both Widevine and FairPlay DRMs can now
    be used simultaneously, with CBCS encryption.
  * api-change:``sns``: Amazon SNS adds two new attributes,
    TemplateId and EntityId, for using sender IDs to send SMS
    messages to destinations in India.
- from version 1.20.56
  * api-change:``forecast``: This release adds
    EstimatedTimeRemaining minutes field to the
    DescribeDatasetImportJob, DescribePredictor, DescribeForecast
    API response which denotes the time remaining to complete the
    job IN_PROGRESS.
  * api-change:``securityhub``: Replaced the term "/master"/ with
    "/administrator"/. Added new actions to replace AcceptInvitation,
    GetMasterAccount, and DisassociateFromMasterAccount. In Member,
    replaced MasterId with AdministratorId.
  * api-change:``cognito-idp``: Documentation updates for
    cognito-idp
  * api-change:``elasticache``: This release introduces log
    delivery of Redis slow log from Amazon ElastiCache.
- from version 1.20.55
  * api-change:``detective``: Added parameters to track the data
    volume in bytes for a member account. Deprecated the existing
    parameters that tracked the volume as a percentage of the
    allowed volume for a behavior graph. Changes reflected in
    MemberDetails object.
  * api-change:``redshift``: Add operations: AddPartner,
    DescribePartners, DeletePartner, and UpdatePartnerStatus to
    support tracking integration status with data partners.
  * api-change:``groundstation``: Support new S3 Recording Config
    allowing customers to write downlink data directly to S3.
  * api-change:``kendra``: Amazon Kendra now enables users to
    override index-level boosting configurations for each query.
  * api-change:``cloudformation``: Added support for creating and
    updating stack sets with self-managed permissions from
    templates that reference macros.
- from version 1.20.54
  * api-change:``savingsplans``: Added support for Amazon SageMaker
    in Machine Learning Savings Plans
  * api-change:``ce``: Adding support for Sagemaker savings plans
    in GetSavingsPlansPurchaseRecommendation API
- from version 1.20.53
  * api-change:``sts``: STS now supports assume role with Web
    Identity using JWT token length upto 20000 characters
  * api-change:``dms``: AWS DMS added support of TLS for Kafka
    endpoint. Added Describe endpoint setting API for DMS
    endpoints.
- from version 1.20.52
  * api-change:``mediaconnect``: For flows that use Listener
    protocols, you can now easily locate an output's outbound IP
    address for a private internet. Additionally, MediaConnect now
    supports the Waiters feature that makes it easier to poll for
    the status of a flow until it reaches its desired state.
  * api-change:``config``: Add exception for
    DeleteRemediationConfiguration and
    DescribeRemediationExecutionStatus
  * api-change:``route53``: Documentation updates for route53
  * api-change:``codestar-connections``: This release adds tagging
    support for CodeStar Connections Host resources
- from version 1.20.51
  * api-change:``lightsail``: Documentation updates for Amazon
    Lightsail.
  * api-change:``sts``: This release adds the SourceIdentity
    parameter that can be set when assuming a role.
  * api-change:``comprehendmedical``: The InferICD10CM API now
    returns TIME_EXPRESSION entities that refer to medical
    conditions.
  * api-change:``rds``: Clarify that enabling or disabling
    automated backups causes a brief downtime, not an outage.
  * api-change:``redshift``: Added support to enable AQUA in Amazon
    Redshift clusters.
- Version update to 1.20.50
  * api-change:``fsx``: Support for cross-region and cross-account backup copies
  * api-change:``codebuild``: AWS CodeBuild now allows you to set the access
    permissions for build artifacts, project artifacts, and log files that are
    uploaded to an Amazon S3 bucket that is owned by another account.
- from version 1.20.49
  * api-change:``redshift``: Add support for case sensitive table level restore
  * api-change:``ec2``: Add paginator support to DescribeStoreImageTasks and update documentation.
  * api-change:``shield``: CreateProtection now throws InvalidParameterException
    instead of InternalErrorException when system tags (tag with keys prefixed with
    "/aws:"/) are passed in.
- from version 1.20.48
  * api-change:``lookoutequipment``: This release introduces support for Amazon Lookout for Equipment.
  * api-change:``kinesis-video-archived-media``: Documentation updates for archived.kinesisvideo
  * api-change:``robomaker``: This release allows RoboMaker customers to specify
    custom tools to run with their simulation job
  * api-change:``appstream``: This release provides support for image updates
  * api-change:``ram``: Documentation updates for AWS RAM resource sharing
  * api-change:``customer-profiles``: Documentation updates for Put-Integration API
  * api-change:``autoscaling``: Amazon EC2 Auto Scaling announces Warm Pools that help
    applications to scale out faster by pre-initializing EC2 instances and
    save money by requiring fewer continuously running instances
- from version 1.20.47
  * api-change:``storagegateway``: File Gateway APIs now support FSx for Windows as a cloud storage.
  * api-change:``accessanalyzer``: IAM Access Analyzer now analyzes your CloudTrail
    events to identify actions and services that have been used by an IAM entity
    (user or role) and generates an IAM policy that is based on that activity.
  * api-change:``elasticache``: This release adds tagging support for all
    AWS ElastiCache resources except Global Replication Groups.
  * api-change:``ivs``: This release adds support for the Auto-Record to S3 feature.
    Amazon IVS now enables you to save your live video to Amazon S3.
  * api-change:``mgn``: Add new service - Application Migration Service.
- from version 1.20.46
  * api-change:``ssm``: Supports removing a label or labels from a parameter, enables
    ScheduledEndTime and ChangeDetails for StartChangeRequestExecution API, supports
    critical/security/other noncompliant count for patch API.
  * api-change:``medialive``: MediaLive VPC outputs update to include Availability Zones,
    Security groups, Elastic Network Interfaces, and Subnet Ids in channel response
  * api-change:``ec2``: This release adds support for storing EBS-backed AMIs in S3
    and restoring them from S3 to enable cross-partition copying of AMIs
  * api-change:``cloud9``: Documentation updates for Cloud9
- from version 1.20.45
  * api-change:``auditmanager``: AWS Audit Manager has updated the GetAssessment API
    operation to include a new response field called userRole. The userRole field
    indicates the role information and IAM ARN of the API caller.
  * api-change:``medialive``: MediaLive now support HTML5 Motion Graphics overlay
  * api-change:``appflow``: Added destination properties for Zendesk.
- from version 1.20.44
  * api-change:``mediapackage``: SPEKE v2 is an upgrade to the existing SPEKE API to
    support multiple encryption keys, based on an encryption contract selected by
    the customer.
  * api-change:``imagebuilder``: This release adds support for Block Device Mappings
    for container image builds, and adds distribution configuration support for EC2
    launch templates in AMI builds.
- from version 1.20.43
  * api-change:``route53resolver``: Route 53 Resolver DNS Firewall is a firewall service
    that allows you to filter and regulate outbound DNS traffic for your VPCs.
  * api-change:``mediaconvert``: MediaConvert now supports HLS ingest, sidecar WebVTT
    ingest, Teletext color & style passthrough to TTML subtitles, TTML to WebVTT subtitle
    conversion with style, & DRC profiles in AC3 audio.
  * api-change:``lightsail``: - This release adds support for state detail for
    Amazon Lightsail container services.
  * api-change:``kendra``: AWS Kendra's ServiceNow data source now supports OAuth 2.0
    authentication and knowledge article filtering via a ServiceNow query.
  * api-change:``lex-models``: Lex now supports the ja-JP locale
  * api-change:``lex-runtime``: Update lex-runtime client to latest version
  * api-change:``fms``: Added Firewall Manager policy support for
    AWS Route 53 Resolver DNS Firewall.
  * api-change:``ec2``: VPC Flow Logs Service adds a new API, GetFlowLogsIntegrationTemplate,
    which generates CloudFormation templates for Athena.
    For more info, see https://docs.aws.amazon.com/console/vpc/flow-logs/athena
  * api-change:``wafv2``: Added support for ScopeDownStatement for ManagedRuleGroups,
    Labels, LabelMatchStatement, and LoggingFilter. For more information on these
    features, see the AWS WAF Developer Guide.
- from version 1.20.42
  * api-change:``iot``: Added ability to prefix search on attribute value for ListThings API.
  * api-change:``pricing``: Minor documentation and link updates.
  * api-change:``transcribe``: Amazon Transcribe now supports creating custom language models
    in the following languages: British English (en-GB), Australian English (en-AU), Indian
    Hindi (hi-IN), and US Spanish (es-US).
  * api-change:``cloudhsm``: Minor documentation and link updates.
  * api-change:``comprehend``: Support for customer managed KMS encryption of Comprehend custom models
  * api-change:``cognito-sync``: Minor documentation updates and link updates.
  * api-change:``batch``: AWS Batch adds support for Amazon EFS File System
  * api-change:``detective``: Added the ability to assign tag values to Detective behavior
    graphs. Tag values can be used for attribute-based access control, and for cost
    allocation for billing.
  * api-change:``iotwireless``: Add Sidewalk support to APIs: GetWirelessDevice, ListWirelessDevices,
    GetWirelessDeviceStatistics. Add Gateway connection status in GetWirelessGatewayStatistics API.
  * api-change:``cloudformation``: 1. Added a new parameter RegionConcurrencyType in OperationPreferences.
    2. Changed the name of AccountUrl to AccountsUrl in DeploymentTargets parameter.
  * api-change:``cloud9``: Add ImageId input parameter to CreateEnvironmentEC2 endpoint.
    New parameter enables creation of environments with different AMIs.
  * api-change:``directconnect``: This release adds MACsec support to AWS Direct Connect
  * api-change:``redshift``: Enable customers to share access to their Redshift
    clusters from other VPCs (including VPCs from other accounts).
  * api-change:``workmail``: This release adds support for mobile device access
    rules management in Amazon WorkMail.
  * api-change:``datapipeline``: Minor documentation updates and link updates.
  * api-change:``machinelearning``: Minor documentation updates and link updates.
- from version 1.20.41
  * api-change:``sagemaker``: Amazon SageMaker Autopilot now supports 1) feature importance
    reports for AutoML jobs and 2) PartialFailures for AutoML jobs
  * api-change:``ec2-instance-connect``: Adding support to push SSH keys to the EC2 serial
    console in order to allow an SSH connection to your Amazon EC2 instance's serial port.
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``databrew``: This SDK release adds two new dataset features: 1) support for
    specifying a database connection as a dataset input 2) support for dynamic datasets that
    accept configurable parameters in S3 path.
  * api-change:``frauddetector``: This release adds support for
    Batch Predictions in Amazon Fraud Detector.
  * api-change:``ec2``: ReplaceRootVolume feature enables customers to replace the EBS root
    volume of a running instance to a previously known state. Add support to grant
    account-level access to the EC2 serial console
  * api-change:``config``: Adding new APIs to support ConformancePack Compliance CI in Aggregators
  * api-change:``pinpoint``: Added support for journey pause/resume, journey
    updatable import segment and journey quiet time wait.
- from version 1.20.40
  * api-change:``wafv2``: Added custom request handling and custom response support in
    rule actions and default action; Added the option to inspect the web request body
    as parsed and filtered JSON.
  * api-change:``iam``: AWS Identity and Access Management GetAccessKeyLastUsed API will
    throw a custom error if customer public key is not found for access keys.
  * api-change:``glue``: Allow Dots in Registry and Schema Names for CreateRegistry,
    CreateSchema; Fixed issue when duplicate keys are present and not returned as part
    of QuerySchemaVersionMetadata.
  * api-change:``docdb``: This release adds support for Event Subscriptions to DocumentDB.
  * api-change:``location``: Amazon Location added support for specifying pricing plan
    information on resources in alignment with our cost model.
- from version 1.20.39
  * api-change:``iotwireless``: Support tag-on-create for WirelessDevice.
  * api-change:``customer-profiles``: This release adds an optional parameter
    named FlowDefinition in PutIntegrationRequest.
  * api-change:``events``: Add support for SageMaker Model Builder
    Pipelines Targets to EventBridge
  * api-change:``transcribe``: Amazon Transcribe now supports tagging words that
    match your vocabulary filter for batch transcription.
- from version 1.20.38
  * api-change:``lookoutmetrics``: Allowing uppercase alphabets for RDS and Redshift database names.
- from version 1.20.37
  * api-change:``sqs``: Documentation updates for Amazon SQS
  * api-change:``rekognition``: This release introduces AWS tagging support
    for Amazon Rekognition collections, stream processors, and Custom Label models.
  * api-change:``sagemaker``: This feature allows customer to specify the environment
    variables in their CreateTrainingJob requests.
  * api-change:``medialive``: EML now supports handling HDR10 and
    HLG 2020 color space from a Link input.
  * api-change:``lookoutmetrics``: Amazon Lookout for Metrics is now generally available.
    You can use Lookout for Metrics to monitor your data for anomalies.
    For more information, see the Amazon Lookout for Metrics Developer Guide.
  * api-change:``alexaforbusiness``: Added support for enabling and disabling data
    retention in the CreateProfile and UpdateProfile APIs and retrieving the state of
    data retention for a profile in the GetProfile API.
- from version 1.20.36
  * api-change:``ssm``: This release allows SSM Explorer customers to enable OpsData
    sources across their organization when creating a resource data sync.
  * api-change:``route53``: Documentation updates for route53
  * bugfix:S3: Fix an issue with XML newline normalization in PutBucketLifecycleConfiguration requests.
  * api-change:``s3``: Documentation updates for Amazon S3
  * api-change:``s3control``: Documentation updates for s3-control
  * api-change:``ec2``: maximumEfaInterfaces added to DescribeInstanceTypes API
  * api-change:``greengrass``: Updated the parameters to make name required for CreateGroup API.
- from version 1.20.35
  * api-change:``ce``: You can now create cost categories with inherited value
    rules and specify default values for any uncategorized costs.
  * api-change:``fis``: Updated maximum allowed size of action parameter from 64 to 1024
  * api-change:``redshift``: Removed APIs to control AQUA on clusters.
  * api-change:``iam``: Documentation updates for IAM operations and descriptions.
  * api-change:``gamelift``: GameLift adds support for using event notifications to monitor
    game session placements. Specify an SNS topic or use CloudWatch Events to track activity
    for a game session queue.
- from version 1.20.34
  * api-change:``ec2``: This release adds support for UEFI boot on selected
    AMD- and Intel-based EC2 instances.
  * api-change:``redshift``: Added support to enable AQUA in Amazon Redshift clusters.
  * api-change:``codeartifact``: Documentation updates for CodeArtifact
  * api-change:``macie2``: This release of the Amazon Macie API adds support for publishing
    sensitive data findings to AWS Security Hub and specifying which categories of findings
    to publish to Security Hub.
- from version 1.20.33
  * api-change:``sagemaker``: Adding authentication support for pulling images stored in
    private Docker registries to build containers for real-time inference.
  * api-change:``ec2``: X2gd instances are the next generation of memory-optimized instances
    powered by AWS-designed, Arm-based AWS Graviton2 processors.
- from version 1.20.32
  * bugfix:s3: Updated mislabeled exceptions for S3 Object Lambda
- from version 1.20.31
  * api-change:``autoscaling``: Amazon EC2 Auto Scaling Instance Refresh
    now supports phased deployments.
  * api-change:``s3``: S3 Object Lambda is a new S3 feature that enables users to apply their
    own custom code to process the output of a standard S3 GET request by automatically
    invoking a Lambda function with a GET request
  * api-change:``redshift``: Add new fields for additional information about VPC endpoint
    for clusters with reallocation enabled, and a new field for total storage capacity for
    all clusters.
  * api-change:``s3control``: S3 Object Lambda is a new S3 feature that enables users to apply
    their own custom code to process the output of a standard S3 GET request by automatically
    invoking a Lambda function with a GET request
  * api-change:``securityhub``: New object for separate provider and customer values. New objects
    track S3 Public Access Block configuration and identify sensitive data. BatchImportFinding
    requests are limited to 100 findings.
- from version 1.20.30
  * api-change:``sagemaker``: Support new target device ml_eia2 in SageMaker CreateCompilationJob API
  * api-change:``batch``: Making serviceRole an optional parameter when creating a compute environment.
    If serviceRole is not provided then Service Linked Role will be created (or reused if it already exists).
- from version 1.20.29
  * api-change:``lambda``: Allow empty list for function response types
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``mediaconnect``: This release adds support for the
    SRT-listener protocol on sources and outputs.
  * api-change:``accessanalyzer``: This release adds support for the ValidatePolicy API. IAM Access
    Analyzer is adding over 100 policy checks and actionable recommendations that help you validate
    your policies during authoring.
  * api-change:``mediatailor``: MediaTailor channel assembly is a new manifest-only service
    that allows you to assemble linear streams using your existing VOD content.
  * api-change:``mwaa``: This release adds UPDATE_FAILED and UNAVAILABLE MWAA environment states.
  * api-change:``gamelift``: GameLift expands to six new AWS Regions, adds support for multi-location
    fleets to streamline management of hosting resources, and lets you customize more
    of the game session placement process.
- from version 1.20.28
  * api-change:``fis``: Initial release of AWS Fault Injection Simulator, a managed service that
    enables you to perform fault injection experiments on your AWS workloads
  * api-change:``codedeploy``: AWS CodeDeploy can now detect instances running an outdated revision
    of your application and automatically update them with the latest revision.
  * api-change:``emr``: Update emr client to latest version
  * api-change:``ecs``: This is for ecs exec feature release which includes two new APIs - execute-command
    and update-cluster and an AWS CLI customization for execute-command API
- from version 1.20.27
  * api-change:``mediatailor``: MediaTailor channel assembly is a new manifest-only service
    that allows you to assemble linear streams using your existing VOD content.
  * api-change:``workspaces``: Adds API support for WorkSpaces bundle management operations.
  * api-change:``cur``: - Added optional billingViewArn field for OSG.
- from version 1.20.26
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``network-firewall``: Update network-firewall client to latest version
- from version 1.20.25
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``backup``: Update backup client to latest version
- from version 1.20.24
  * api-change:``rds``: Update rds client to latest version
  * api-change:``codeguruprofiler``: Update codeguruprofiler client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``iotwireless``: Update iotwireless client to latest version
  * api-change:``efs``: Update efs client to latest version
- from version 1.20.23
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``kinesis-video-archived-media``: Update kinesis-video-archived-media
    client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
- from version 1.20.22
  * api-change:``license-manager``: Update license-manager client to latest version
  * api-change:``network-firewall``: Update network-firewall client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``athena``: Update athena client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``shield``: Update shield client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``appflow``: Update appflow client to latest version
- from version 1.20.21
  * api-change:``servicediscovery``: Update servicediscovery client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``mwaa``: Update mwaa client to latest version
- from version 1.20.20
  * api-change:``forecast``: Update forecast client to latest version
  * api-change:``secretsmanager``: Update secretsmanager client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``acm``: Update acm client to latest version
  * api-change:``wellarchitected``: Update wellarchitected client to latest version
- from version 1.20.19
  * api-change:``iotwireless``: Update iotwireless client to latest version
  * api-change:``directconnect``: Update directconnect client to latest version
  * bugfix:S3: Fix an issue with XML newline normalization that could result in the
    DeleteObjects operation incorrectly deleting the wrong keys.
  * api-change:``managedblockchain``: Update managedblockchain client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``compute-optimizer``: Update compute-optimizer client to latest version
  * api-change:``datasync``: Update datasync client to latest version
- from version 1.20.18
  * api-change:``alexaforbusiness``: Update alexaforbusiness client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``eks``: Update eks client to latest version
- from version 1.20.17
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``sso-admin``: Update sso-admin client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``emr``: Update emr client to latest version
- from version 1.20.16
  * api-change:``databrew``: Update databrew client to latest version
  * api-change:``detective``: Update detective client to latest version
  * api-change:``lightsail``: Update lightsail client to latest version
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``transfer``: Update transfer client to latest version
- from version 1.20.15
  * api-change:``es``: Update es client to latest version
  * api-change:``mediapackage-vod``: Update mediapackage-vod client to latest version
  * api-change:``appflow``: Update appflow client to latest version
  * api-change:``ecr-public``: Update ecr-public client to latest version
  * api-change:``compute-optimizer``: Update compute-optimizer client to latest version
- from version 1.20.14
  * api-change:``glue``: Update glue client to latest version
  * api-change:``redshift-data``: Update redshift-data client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``iotevents``: Update iotevents client to latest version
  * api-change:``connect``: Update connect client to latest version
- from version 1.20.13
  * api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
- from version 1.20.12
  * api-change:``rds``: Update rds client to latest version
- from version 1.20.11
  * api-change:``health``: Update health client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
- from version 1.20.10
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``config``: Update config client to latest version
  * api-change:``lookoutvision``: Update lookoutvision client to latest version
- Version update to 1.20.9 (bsc#1182421, bsc#1182422, jsc#ECO-3352, jsc#PM-2485)
  * api-change:``devops-guru``: Update devops-guru client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
- from version 1.20.8
  * api-change:``lightsail``: Update lightsail client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``kinesis-video-archived-media``: Update kinesis-video-archived-media
    client to latest version
  * api-change:``config``: Update config client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``redshift-data``: Update redshift-data client to latest version
  * api-change:``workmailmessageflow``: Update workmailmessageflow client to latest version
  * api-change:``mediatailor``: Update mediatailor client to latest version
- from version 1.20.7
  * api-change:``personalize-events``: Update personalize-events client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``iam``: Update iam client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``detective``: Update detective client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``appsync``: Update appsync client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.20.6
  * api-change:``databrew``: Update databrew client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.20.5
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``qldb-session``: Update qldb-session client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
- from version 1.20.4
  * api-change:``dataexchange``: Update dataexchange client to latest version
  * api-change:``cloudtrail``: Update cloudtrail client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``ivs``: Update ivs client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
- from version 1.20.3
  * api-change:``macie``: Update macie client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``organizations``: Update organizations client to latest version
- from version 1.20.2
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``appflow``: Update appflow client to latest version
  * api-change:``emr-containers``: Update emr-containers client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``athena``: Update athena client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.20.1
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``databrew``: Update databrew client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``workmail``: Update workmail client to latest version
  * api-change:``auditmanager``: Update auditmanager client to latest version
  * api-change:``compute-optimizer``: Update compute-optimizer client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
- from version 1.20.0
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``lookoutvision``: Update lookoutvision client to latest version
  * api-change:``organizations``: Update organizations client to latest version
  * feature:Python: Dropped support for Python 3.4 and 3.5
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``rds-data``: Update rds-data client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``route53``: Update route53 client to latest version
  * api-change:``location``: Update location client to latest version
  * enhancement:s3: Amazon S3 now supports AWS PrivateLink, providing direct
    access to S3 via a private endpoint within your virtual private network.
  * api-change:``iotwireless``: Update iotwireless client to latest version
- from version 1.19.63
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``connect``: Update connect client to latest version
  * api-change:``medialive``: Update medialive client to latest version
- from version 1.19.62
  * api-change:``wellarchitected``: Update wellarchitected client to latest version
  * api-change:``managedblockchain``: Update managedblockchain client to latest version
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``databrew``: Update databrew client to latest version
  * bugfix:Validator: Fix showing incorrect max-value in error message for
    range and length value validation
  * api-change:``iot``: Update iot client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
- from version 1.19.61
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``customer-profiles``: Update customer-profiles client to latest version
  * api-change:``sesv2``: Update sesv2 client to latest version
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
  * api-change:``lightsail``: Update lightsail client to latest version
  * api-change:``es``: Update es client to latest version
- from version 1.19.60
  * api-change:``backup``: Update backup client to latest version
- from version 1.19.59
  * api-change:``greengrassv2``: Update greengrassv2 client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.19.58
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``resourcegroupstaggingapi``: Update resourcegroupstaggingapi
    client to latest version
- from version 1.19.57
  * api-change:``acm-pca``: Update acm-pca client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.19.56
  * api-change:``sns``: Update sns client to latest version
- from version 1.19.55
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``cognito-identity``: Update cognito-identity client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
- from version 1.19.54
  * api-change:``frauddetector``: Update frauddetector client to latest version
  * api-change:``personalize``: Update personalize client to latest version
- from version 1.19.53
  * api-change:``appstream``: Update appstream client to latest version
  * api-change:``auditmanager``: Update auditmanager client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``lightsail``: Update lightsail client to latest version
- from version 1.19.52
  * api-change:``rds``: Update rds client to latest version
  * api-change:``kms``: Update kms client to latest version
- from version 1.19.51
  * api-change:``devops-guru``: Update devops-guru client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.19.50
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``transfer``: Update transfer client to latest version
  * api-change:``autoscaling-plans``: Update autoscaling-plans client to latest version
- from version 1.19.49
  * api-change:``ce``: Update ce client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling
    client to latest version
- from version 1.19.48
  * api-change:``healthlake``: Update healthlake client to latest version
  * api-change:``cloudsearch``: Update cloudsearch client to latest version
- Add python-nose to BuildRequires
- Drop python-pytest from BuildRequires
- Drop patch which no longer applies but hasn't been merged upstream yet
  + remove_nose.patch
- Switch testsuite invocation back to python-nose
- Update to 1.19.47
  * api-change:servicecatalog: Update servicecatalog client to
    latest version
- Changes in 1.19.46
  * api-change:macie2: Update macie2 client to latest version
  * api-change:elasticache: Update elasticache client to latest
    version
- Changes in 1.19.45
  * api-change:acm-pca: Update acm-pca client to latest version
  * api-change:apigatewayv2: Update apigatewayv2 client to latest
    version
- Changes in 1.19.44
  * api-change:cloudfront: Update cloudfront client to latest
    version
- Changes in 1.19.43
  * api-change:compute-optimizer: Update compute-optimizer client
    to latest version
  * api-change:resource-groups: Update resource-groups client to
    latest version
  * api-change:dms: Update dms client to latest version
- Changes in 1.19.42
  * api-change:ssm: Update ssm client to latest version
  * api-change:iotwireless: Update iotwireless client to latest
    version
  * api-change:rds: Update rds client to latest version
  * api-change:glue: Update glue client to latest version
  * api-change:ce: Update ce client to latest version
  * api-change:connect: Update connect client to latest version
  * api-change:elasticache: Update elasticache client to latest
    version
- Changes in 1.19.41
  * api-change:config: Update config client to latest version
  * api-change:ec2: Update ec2 client to latest version
  * api-change:glue: Update glue client to latest version
  * api-change:batch: Update batch client to latest version
  * api-change:managedblockchain: Update managedblockchain client
    to latest version
  * api-change:service-quotas: Update service-quotas client to
    latest version
  * api-change:s3: Update s3 client to latest version
  * api-change:connectparticipant: Update connectparticipant
    client to latest version
  * api-change:securityhub: Update securityhub client to latest
    version
  * api-change:qldb-session: Update qldb-session client to latest
    version
  * api-change:outposts: Update outposts client to latest version
  * api-change:servicecatalog-appregistry: Update servicecatalog-
    appregistry client to latest version
  * api-change:dms: Update dms client to latest version
  * api-change:apigateway: Update apigateway client to latest
    version
- Changes in 1.19.40
  * api-change:rds: Update rds client to latest version
  * bugfix:SSO: Fixed timestamp format for SSO credential
    expirations
  * api-change:personalize-runtime: Update personalize-runtime
    client to latest version
  * api-change:ec2: Update ec2 client to latest version
- Changes in 1.19.39
  * api-change:ec2: Update ec2 client to latest version
  * api-change:servicecatalog: Update servicecatalog client to
    latest version
  * api-change:dlm: Update dlm client to latest version
  * api-change:kms: Update kms client to latest version
  * api-change:route53resolver: Update route53resolver client to
    latest version
  * api-change:sqs: Update sqs client to latest version
  * api-change:config: Update config client to latest version
  * api-change:imagebuilder: Update imagebuilder client to latest
    version
  * api-change:route53: Update route53 client to latest version
- Changes in 1.19.38
  * api-change:ce: Update ce client to latest version
  * api-change:amp: Update amp client to latest version
  * api-change:location: Update location client to latest version
  * api-change:wellarchitected: Update wellarchitected client to
    latest version
  * api-change:quicksight: Update quicksight client to latest
    version
- Changes in 1.19.37
  * api-change:iotwireless: Update iotwireless client to latest
  version
  * api-change:lambda: Update lambda client to latest version
  * api-change:greengrassv2: Update greengrassv2 client to latest
    version
  * api-change:ssm: Update ssm client to latest version
  * api-change:iotdeviceadvisor: Update iotdeviceadvisor client to
    latest version
  * api-change:iot: Update iot client to latest version
  * api-change:iotanalytics: Update iotanalytics client to latest
    version
  * api-change:amp: Update amp client to latest version
  * api-change:iotfleethub: Update iotfleethub client to latest
    version
- Changes in 1.19.36
  * api-change:ec2: Update ec2 client to latest version
  * api-change:globalaccelerator: Update globalaccelerator client
    to latest version
  * api-change:devops-guru: Update devops-guru client to latest
    version
- Changes in 1.19.35
  * api-change:guardduty: Update guardduty client to latest
    version
  * api-change:iotsitewise: Update iotsitewise client to latest
    version
  * api-change:autoscaling: Update autoscaling client to latest
    version
  * api-change:cloudwatch: Update cloudwatch client to latest
    version
  * api-change:pi: Update pi client to latest version
  * api-change:cloudtrail: Update cloudtrail client to latest
    version
- Changes in 1.19.34
  * api-change:networkmanager: Update networkmanager client to
    latest version
  * api-change:kendra: Update kendra client to latest version
  * api-change:ec2: Update ec2 client to latest version
- Changes in 1.19.33
  * api-change:globalaccelerator: Update globalaccelerator client
    to latest version
  * api-change:ec2: Update ec2 client to latest version
  * api-change:redshift: Update redshift client to latest version
- Changes in 1.19.32
  * api-change:ecr: Update ecr client to latest version
  * api-change:sagemaker: Update sagemaker client to latest
    version
  * api-change:kendra: Update kendra client to latest version
  * api-change:quicksight: Update quicksight client to latest
    version
  * api-change:auditmanager: Update auditmanager client to latest
    version
  * api-change:sagemaker-runtime: Update sagemaker-runtime client
    to latest version
  * api-change:sagemaker-edge: Update sagemaker-edge client to
    latest version
  * api-change:forecast: Update forecast client to latest version
  * api-change:healthlake: Update healthlake client to latest
    version
  * api-change:emr-containers: Update emr-containers client to
    latest version
- Changes in 1.19.31
  * api-change:dms: Update dms client to latest version
  * api-change:servicecatalog-appregistry: Update servicecatalog-
    appregistry client to latest version
- Changes in 1.19.30
  * api-change:ssm: Update ssm client to latest version
  * api-change:ec2: Update ec2 client to latest version
  * api-change:workspaces: Update workspaces client to latest
    version
  * api-change:license-manager: Update license-manager client to
    latest version
  * api-change:lambda: Update lambda client to latest version
  * api-change:ds: Update ds client to latest version
  * api-change:kafka: Update kafka client to latest version
  * api-change:medialive: Update medialive client to latest
    version
  * api-change:rds: Update rds client to latest version
- Changes in 1.19.29
  * api-change:license-manager: Update license-manager client to
    latest version
  * api-change:compute-optimizer: Update compute-optimizer client
    to latest version
  * api-change:amplifybackend: Update amplifybackend client to
    latest version
  * api-change:batch: Update batch client to latest version
- Changes in 1.19.28
  * api-change:customer-profiles: Update customer-profiles client
    to latest version
- Changes in 1.19.27
  * api-change:sagemaker-featurestore-runtime: Update sagemaker-
    featurestore-runtime client to latest version
  * api-change:ecr-public: Update ecr-public client to latest
    version
  * api-change:honeycode: Update honeycode client to latest
    version
  * api-change:eks: Update eks client to latest version
  * api-change:amplifybackend: Update amplifybackend client to
    latest version
  * api-change:lambda: Update lambda client to latest version
  * api-change:sagemaker: Update sagemaker client to latest
    version
  * api-change:lookoutvision: Update lookoutvision client to
    latest version
  * api-change:ec2: Update ec2 client to latest version
  * api-change:connect: Update connect client to latest version
  * api-change:connect-contact-lens: Update connect-contact-lens
    client to latest version
  * api-change:profile: Update profile client to latest version
  * api-change:s3: Update s3 client to latest version
  * api-change:appintegrations: Update appintegrations client to
    latest version
  * api-change:ds: Update ds client to latest version
  * api-change:devops-guru: Update devops-guru client to latest
    version
- Changes in 1.19.26
  * api-change:ec2: Update ec2 client to latest version
- Unpin upper versions
- Refresh remove_nose.patch
- Version update to 1.19.25
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
  * api-change:``appflow``: Update appflow client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``timestream-write``: Update timestream-write client to latest version
  * api-change:``elasticbeanstalk``: Update elasticbeanstalk client to latest version
  * api-change:``batch``: Update batch client to latest version
  * api-change:``cloudtrail``: Update cloudtrail client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``mwaa``: Update mwaa client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
- from version 1.19.24
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``translate``: Update translate client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``application-insights``: Update application-insights client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``signer``: Update signer client to latest version
  * api-change:``codestar-connections``: Update codestar-connections client to latest version
  * api-change:``codeartifact``: Update codeartifact client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``forecast``: Update forecast client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``timestream-query``: Update timestream-query client to latest version
  * api-change:``sso-admin``: Update sso-admin client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``outposts``: Update outposts client to latest version
  * api-change:``license-manager``: Update license-manager client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
- from version 1.19.23
  * api-change:``servicecatalog-appregistry``: Update servicecatalog-appregistry client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``cloudhsmv2``: Update cloudhsmv2 client to latest version
  * api-change:``codeguru-reviewer``: Update codeguru-reviewer client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``cognito-identity``: Update cognito-identity client to latest version
  * api-change:``connect``: Update connect client to latest version
- from version 1.19.22
  * api-change:``ce``: Update ce client to latest version
  * api-change:``lex-runtime``: Update lex-runtime client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``ds``: Update ds client to latest version
  * api-change:``kinesisanalyticsv2``: Update kinesisanalyticsv2 client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``lambda``: Update lambda client to latest version
- from version 1.19.21
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * bugfix:Retry: Fix bug where retries were attempted on any response with an "/Error"/ key.
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``backup``: Update backup client to latest version
  * api-change:``outposts``: Update outposts client to latest version
- from version 1.19.20
  * api-change:``connect``: Update connect client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``fms``: Update fms client to latest version
  * api-change:``network-firewall``: Update network-firewall client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
- from version 1.19.19
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``dms``: Update dms client to latest version
  * api-change:``iotsecuretunneling``: Update iotsecuretunneling client to latest version
  * api-change:``sns``: Update sns client to latest version
  * api-change:``synthetics``: Update synthetics client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
- from version 1.19.18
  * api-change:``textract``: Update textract client to latest version
  * api-change:``shield``: Update shield client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
- from version 1.19.17
  * api-change:``personalize-runtime``: Update personalize-runtime client to latest version
  * api-change:``servicecatalog-appregistry``: Update servicecatalog-appregistry client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``polly``: Update polly client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
  * api-change:``lightsail``: Update lightsail client to latest version
- from version 1.19.16
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``databrew``: Update databrew client to latest version
  * api-change:``forecast``: Update forecast client to latest version
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
- from version 1.19.15
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.19.14
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``iotanalytics``: Update iotanalytics client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``datasync``: Update datasync client to latest version
- from version 1.19.13
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``dlm``: Update dlm client to latest version
- from version 1.19.12
  * api-change:``frauddetector``: Update frauddetector client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
- from version 1.19.11
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``xray``: Update xray client to latest version
  * api-change:``mq``: Update mq client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``meteringmarketplace``: Update meteringmarketplace client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
- from version 1.19.10
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.19.9
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``dms``: Update dms client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``braket``: Update braket client to latest version
  * api-change:``sns``: Update sns client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
- from version 1.19.8
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``codeartifact``: Update codeartifact client to latest version
  * api-change:``marketplacecommerceanalytics``: Update marketplacecommerceanalytics client to latest version
  * api-change:``apigateway``: Update apigateway client to latest version
  * api-change:``sesv2``: Update sesv2 client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
- from version 1.19.7
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``workmail``: Update workmail client to latest version
- from version 1.19.6
  * api-change:``glue``: Update glue client to latest version
- from version 1.19.5
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``neptune``: Update neptune client to latest version
  * api-change:``kendra``: Update kendra client to latest version
- from version 1.19.4
  * api-change:``mediatailor``: Update mediatailor client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
- from version 1.19.3
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``sns``: Update sns client to latest version
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
  * api-change:``appflow``: Update appflow client to latest version
- from version 1.19.2
  * api-change:``organizations``: Update organizations client to latest version
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``glue``: Update glue client to latest version
- from version 1.19.1
  * api-change:``elasticbeanstalk``: Update elasticbeanstalk client to latest version
  * api-change:``appsync``: Update appsync client to latest version
  * api-change:``batch``: Update batch client to latest version
- from version 1.19.0
  * api-change:``backup``: Update backup client to latest version
  * api-change:``docdb``: Update docdb client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * feature:imds: Updated InstanceMetadataFetcher to use custom ipv6 uri as endpoint if envvar or config set
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.18.18
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``organizations``: Update organizations client to latest version
- from version 1.18.17
  * api-change:``transfer``: Update transfer client to latest version
  * api-change:``xray``: Update xray client to latest version
  * api-change:``dms``: Update dms client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``groundstation``: Update groundstation client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``budgets``: Update budgets client to latest version
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``workmail``: Update workmail client to latest version
  * api-change:``iot``: Update iot client to latest version
- from version 1.18.16
  * api-change:``snowball``: Update snowball client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``medialive``: Update medialive client to latest version
- Update BuildRequires and Requires
- Only build Python3 flavors for distributions 15 and greater
- Version update to 1.18.15
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``sns``: Update sns client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version
- from version 1.18.14
  * api-change:``mediapackage``: Update mediapackage client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``compute-optimizer``: Update compute-optimizer client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
- from version 1.18.13
  * api-change:``dms``: Update dms client to latest version
  * api-change:``kinesisanalyticsv2``: Update kinesisanalyticsv2 client to latest version
  * api-change:``marketplace-catalog``: Update marketplace-catalog client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.18.12
  * api-change:``dynamodbstreams``: Update dynamodbstreams client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``glue``: Update glue client to latest version
- from version 1.18.11
  * api-change:``batch``: Update batch client to latest version
  * api-change:``personalize-events``: Update personalize-events client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``servicediscovery``: Update servicediscovery client to latest version
  * api-change:``s3``: Update s3 client to latest version
- from version 1.18.10
  * api-change:``glue``: Update glue client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``appsync``: Update appsync client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
- from version 1.18.9
  * api-change:``datasync``: Update datasync client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``s3outposts``: Update s3outposts client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``directconnect``: Update directconnect client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
- from version 1.18.8
  * api-change:``timestream-write``: Update timestream-write client to latest version
  * api-change:``connect``: Update connect client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``schemas``: Update schemas client to latest version
  * api-change:``timestream-query``: Update timestream-query client to latest version
- from version 1.18.7
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.18.6
  * api-change:``frauddetector``: Update frauddetector client to latest version
  * api-change:``config``: Update config client to latest version
  * api-change:``batch``: Update batch client to latest version
  * api-change:``docdb``: Update docdb client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``sts``: Update sts client to latest version
- from version 1.18.5
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``textract``: Update textract client to latest version
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``savingsplans``: Update savingsplans client to latest version
  * api-change:``synthetics``: Update synthetics client to latest version
- from version 1.18.4
  * api-change:``translate``: Update translate client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``backup``: Update backup client to latest version
- from version 1.18.3
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``dynamodbstreams``: Update dynamodbstreams client to latest version
  * api-change:``workmail``: Update workmail client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
- from version 1.18.2
  * api-change:``glue``: Update glue client to latest version
  * api-change:``resourcegroupstaggingapi``: Update resourcegroupstaggingapi client to latest version
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``resource-groups``: Update resource-groups client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.18.1
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``sso-admin``: Update sso-admin client to latest version
  * api-change:``codestar-connections``: Update codestar-connections client to latest version
- from version 1.18.0
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``apigateway``: Update apigateway client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
  * feature:dependency: botocore has removed docutils as a required dependency
- from version 1.17.63
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``greengrass``: Update greengrass client to latest version
  * api-change:``connect``: Update connect client to latest version
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.17.62
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``budgets``: Update budgets client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``organizations``: Update organizations client to latest version
- from version 1.17.61
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``managedblockchain``: Update managedblockchain client to latest version
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``docdb``: Update docdb client to latest version
- from version 1.17.60
  * api-change:``workspaces``: Update workspaces client to latest version
- from version 1.17.59
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``ebs``: Update ebs client to latest version
  * api-change:``sso-admin``: Update sso-admin client to latest version
  * api-change:``s3``: Update s3 client to latest version
- from version 1.17.58
  * api-change:``kinesisanalyticsv2``: Update kinesisanalyticsv2 client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``redshift-data``: Update redshift-data client to latest version
- from version 1.17.57
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
- Drop patches no longer required
  * hide_py_pckgmgmt.patch
- Refresh patches for new version
  * remove_nose.patch
- Update BuildRequires and Requires from requirements.txt and setup.py
- Adjust remove_nose.patch to apply again
- Version update to 1.17.56
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``xray``: Update xray client to latest version
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.17.55
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``guardduty``: Update guardduty client to latest version
  * api-change:``mediapackage``: Update mediapackage client to latest version
  * api-change:``kendra``: Update kendra client to latest version
- from version 1.17.54
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
- from version 1.17.53
  * api-change:``codeguru-reviewer``: Update codeguru-reviewer client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
- from version 1.17.52
  * api-change:``sqs``: Update sqs client to latest version
  * api-change:``backup``: Update backup client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.17.51
  * api-change:``cur``: Update cur client to latest version
  * api-change:``route53``: Update route53 client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``emr``: Update emr client to latest version
- from version 1.17.50
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.17.49
  * api-change:``appflow``: Update appflow client to latest version
  * api-change:``route53resolver``: Update route53resolver client to latest version
- from version 1.17.48
  * api-change:``iotsitewise``: Update iotsitewise client to latest version
  * api-change:``xray``: Update xray client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``logs``: Update logs client to latest version
  * api-change:``dms``: Update dms client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``kafka``: Update kafka client to latest version
- from version 1.17.47
  * api-change:``chime``: Update chime client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
- from version 1.17.46
  * api-change:``lakeformation``: Update lakeformation client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
  * api-change:``ivs``: Update ivs client to latest version
  * api-change:``organizations``: Update organizations client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
- from version 1.17.45
  * api-change:``identitystore``: Update identitystore client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``datasync``: Update datasync client to latest version
  * api-change:``sesv2``: Update sesv2 client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
- from version 1.17.44
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``kinesis``: Update kinesis client to latest version
  * api-change:``ecr``: Update ecr client to latest version
  * api-change:``acm``: Update acm client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
  * api-change:``elb``: Update elb client to latest version
  * api-change:``acm-pca``: Update acm-pca client to latest version
- from version 1.17.43
  * api-change:``braket``: Update braket client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``license-manager``: Update license-manager client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``appstream``: Update appstream client to latest version
- from version 1.17.42
  * api-change:``rds``: Update rds client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``macie2``: Update macie2 client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``appsync``: Update appsync client to latest version
  * api-change:``braket``: Update braket client to latest version
- from version 1.17.41
  * api-change:``transfer``: Update transfer client to latest version
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``cloud9``: Update cloud9 client to latest version
- Add remove_nose.patch which ports test suite from nose to
  pytest (mostly just plain unittest, I just don't know how to
  mark tests as slow). Filed upstream as gh#boto/botocore#2134.
python-configshell-fb
- Upgrade to latest upstream version v1.1.29 (jre#SLE-17360):
  * setup.py: specify a version range for pyparsing
  * setup.py: lets stick to pyparsing v2.4.7
  * Don't warn if prefs file doesn't exist
- Update to version v1.1.28 from v1.1.27 (jre#SLE-17360):
  * version 1.1.28
  * Ensure that all output reaches the client when daemonized
  * Remove Epydoc markup from command messages
  * Remove epydoc imports and epydoc calls
  Which removed the need for patch:
  * Ensure-that-all-output-reaches-the-client-when-daemo.patch
python-dbus-python
- Update to latest version from tumbleweed jira#OPENSUSE-22
  boo#1183818
- Enable testsuite
- update to 1.2.16:
  * All tests are run even if the tap.py module is not available, although
    diagnostics for failing tests will be better if it is present.
  * Forbid unexpanded AX-prefixed macros more selectively
- Support builds with more than one python3 flavor
  gh#openSUSE/python-rpm-macros#66
- Remove shebang from examples (rpmlint warning, is in common doc)
- Clean duplicate python flavor variables for configure
- Update the provides/obsoletes tags for old-style dbus-1-$python
- Version update to version 1.2.14:
  * Ensure that the numeric types from dbus.types get the same
    str() under Python 3.8 that they did under previous versions.
  * Disable -Winline.
  * Add Python 3.8 to CI.
  - Changes in version 1.2.12:
  * Don't save and restore the exception indicator when called
    from C code.
  - Changes in version 1.2.10:
  * Rewrite CONTRIBUTING.md document, based on Wayland's equivalent
  * Add clearer license information using SPDX-License-Identifier.
  * Improve test coverage.
  * Don't set deprecated tp_print to NULL under Python 3.
  * Include inherited methods and properties when documenting
    objects, which regressed when migrating from epydoc to sphinx.
  * Add missing variant_level member to UnixFd type, for parity
    with the other dbus.types types (dbus-python!3.
  - Note that this is a potentially incompatible change: unknown
    keyword arguments were previously ignored (!) and are now an
    error.
  * Don't reply to method calls if they have the NO_REPLY_EXPECTED
    flag (fd.o#32529, dbus-python#26.
  * Silence -Wcast-function-type with gcc 8.
  * Fix distcheck with python3.7 by deleting __pycache__ during
    uninstall.
  * Consistently save and restore the exception indicator when
    called from C code.
  * Avoid a long-standing race condition in the automated tests.
  * Fix Qt website URL.
- Up dbus dependency; 1.8 is now required.
- Add missing dependency for pkg-config files
- Version update to version 1.2.8:
  * Python 2.7 required or 3.4 respectively
  * Tests use tap.py functionality
  * Upstream dropped epydoc completely
  * See NEWS for more
- Use requires_ge instead of the rpm calls
python-pyasn1

      
python-pycparser

      
python-pytz
- Add %pyunittest shim for platforms where it is missing.
- Remove real directory of %{python_sitelib}/pytz/zoneinfo when
  upgrading, before it is replaced by a symlink (bsc#1185748).
- %check: use %pyunittest rpm macro
- Bump tzdata_version
- update to 2021.1:
  * update to IANA 2021a timezone release
- update to 2020.5:
  * update to IANA 2020e timezone release
- update to 2020.4:
  * update to IANA 2020d timezone release
- specfile:
  * be more specific in %files section
  * README.txt -> README.rst
- update to version 2020.1:
  * Test against Python 3.8 and Python 3.9
  * Bump version numbers to 2020.1/2020a
  * Base class for all errors
  * Add flake8 settings
  * IANA 2020a
  * Fix remaining references to README.txt
  * Update README.md
  * Use .rst extension for reStructuredText
  * typo
  * highlight codes
  * use .rst extension name
  * Tidelift links
  * Add links for security reports
  * Update LICENSE.txt
  * Create FUNDING.yml
  * Make FixedOffset part of public API
- Update to 2019.3
  * IANA 2019c
- Add versioned dependency on timezone database to ensure the
  correct data is installed
- Remove system_zoneinfo.patch, and instead add a symlink to the
  system timezone database
- Replace unnecessary pytest, adding a missing __init__.py in the
  tests to allow the test suite to work on Python 2.7 without pytest
- update to 2019.2
  * IANA 2019b
  * Defer generating case-insensitive lookups
python-pyzmq
- update to version 17.1.2 (fixes boo#1186945)
  * Fix possible hang when working with asyncio
  * Remove some outdated workarounds for old Cython versions
  * Fix some compilation with custom compilers
  * Remove unneeded link of libstdc++ on PyPy
python-rsa
- Add cve_2020-13757.patch (CVE-2020-13757 bsc#1172389)
  + Handle leading '0' bytes during decryption of ciphertext
python-s3transfer
- Update 0.5.0: (bsc#1189649)
  * feature:Python: Dropped support for Python 2.7
- Disable Python2 builds for all SUSE distributions
- Remove Python2 build dependencies from spec file
- Update to 0.4.2:
  * enhancement:s3: Add support for ExpectedBucketOwner. Fixes #181.
- Update to 0.4.1:
  * enhancement:crt: Add set_exception to CRTTransferFuture to allow setting exceptions in subscribers.
- Update to 0.4.0:
  * feature:crt: Add optional AWS Common Runtime (CRT) support. The AWS CRT provides a C-based S3 transfer client that can improve transfer throughput.
- Update to 0.3.7:
  * bugfix:ReadFileChunk: Fix seek behavior in ReadFileChunk class
- Update to 0.3.6:
  * bugfix:packaging: Fix setup.py metadata for futures on Python 2.7
- Update to 0.3.5:
  * enhancement:s3: Block TransferManager methods for S3 Object Lambda resources
- Update to 0.3.4:
  * enhancement:s3: Add server side encryption context into allowed list
- Only build Python3 flavors for distributions 15 and greater
- Update to version 0.2.1 (bsc#1146853)
- update to 0.1.13 (bsc#1075263)
python-urllib3
- Add %dir declaration for %{_licensedir}
- Add CVE-2021-33503.patch (bsc#1187045, CVE-2021-33503)
  * Improve performance of sub-authority splitting in URL
- Update in SLE-15 (bsc#1182422, jsc#ECO-3352, jsc#PM-2485)
- Enable python2 builds
- Re-add file permissions in %file section
- Undo python2/3 split in %install section
- Skip test for RECENT_DATE. It is a test purely for developers.
  To maintain reproducibility, keep upstreams possibly outdated
  RECENT_DATE in the source code.
- Add CI variable, which makes timeouts in the test suite longer
  (gh#urllib3/urllib3#2109, bsc#1176389) and
  test_timeout_errors_cause_retries should not fail.
- Generate pyc for ssl_match_hostname too
- update to 1.25.10:
  * Added support for ``SSLKEYLOGFILE`` environment variable for
    logging TLS session keys with use with programs like
    Wireshark for decrypting captured web traffic (Pull #1867)
  * Fixed loading of SecureTransport libraries on macOS Big Sur
    due to the new dynamic linker cache (Pull #1905)
  * Collapse chunked request bodies data and framing into one
  call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906)
  * Don't insert ``None`` into ``ConnectionPool`` if the pool
    was empty when requesting a connection (Pull #1866)
  * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858)
- update to 1.25.9 (bsc#1177120, CVE-2020-26137):
  * Added ``InvalidProxyConfigurationWarning`` which is raised when
    erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently
    support connecting to HTTPS proxies but will soon be able to
    and we would like users to migrate properly without much breakage.
  * Drain connection after ``PoolManager`` redirect (Pull #1817)
  * Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull #1812)
  * Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull #1805)
  * Allow the CA certificate data to be passed as a string (Pull #1804)
  * Raise ``ValueError`` if method contains control characters (Pull #1800)
  * Add ``__repr__`` to ``Timeout`` (Pull #1795)
- Explicitly switch off building python 2 version.
- update to 1.25.8
  * Drop support for EOL Python 3.4
  * Optimize _encode_invalid_chars
  * Preserve chunked parameter on retries
  * Allow unset SERVER_SOFTWARE in App Engine
  * Fix issue where URL fragment was sent within the request target.
  * Fix issue where an empty query section in a URL would fail to parse.
  * Remove TLS 1.3 support in SecureTransport due to Apple removing support.
- Require a new enough release of python-six. 1.25.6 needs at least
  1.12.0 for ensure_text() and friends.
- Updae to 1.25.6:
  * Fix issue where tilde (~) characters were incorrectly percent-encoded in the path. (Pull #1692)
- Restrict the tornado dep from tom to 5 or older release as the
  6.x changed the API
- Update to 1.25.5:
  * Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using cert_reqs=CERT_NONE. (Issue #1682)
  * Propagate Retry-After header settings to subsequent retries. (Pull #1607)
  * Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)
  * Remove dependency on rfc3986 for URL parsing.
  * Fix issue where URLs containing invalid characters within Url.auth would raise an exception instead of percent-encoding those characters.
  * Add support for HTTPResponse.auto_close = False which makes HTTP responses work well with BufferedReaders and other io module features. (Pull #1652)
  * Percent-encode invalid characters in URL for HTTPConnectionPool.request() (Pull #1673)
- Drop patch urllib3-ssl-default-context.patch
- Drop patch python-urllib3-recent-date.patch the date is recent
  enough on its own
- Use have/skip_python2/3 macros to allow building only one flavour
- Use old pytest 3.x as newer do not work with this release
  * this will be fixed with next release, just spread among
    numerous fixes in the git for quick backporting
- Fixup pre script: the migration issue happens when changing from
  python-urllib3 to python2-urllib3: the number of installed
  instances of python2-urlliib3 is at this moment 1, unlike in
  regular updates. This is due to a name change, which consists not
  of a pure package update.
- Provides/Obsoletes does not fix the issue: we have a
  directory-to-symlink switch, which cannot be handled by RPM
  internally. Assist using pre script (boo#1138715).
- Fix Upgrade from Leap 42.1/42.2 by adding Obsoletes/Provides:
  python-urllib3, fixes boo#1138746
- Add more test to skip as with new openssl some behaviour changed
  and we can't rely on them anymore
- Unbundle the six, rfc3986, and backports.ssl_match_hostname
- Add missing dependency on python-six (bsc#1150895)
- Update to 1.25.3:
  * Change HTTPSConnection to load system CA certificates when ca_certs, ca_cert_dir, and ssl_context are unspecified. (Pull #1608, Issue #1603)
  * Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605)
- Update to 1.25.2:
  * Change is_ipaddress to not detect IPvFuture addresses. (Pull #1583)
  * Change parse_url to percent-encode invalid characters within the path, query, and target components. (Pull #1586)
  * Add support for Google's Brotli package. (Pull #1572, Pull #1579)
  * Upgrade bundled rfc3986 to v1.3.1 (Pull #1578)
- Require all the deps from the secure list rather than Recommend.
  This makes the check to be run always and ensure the urls are
  "/secure"/.
- Remove ndg-httpsclient as it is not needed since 2015
- Add missing dependency on brotlipy
- Fix the tests to pass again
- update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236):
  * Require and validate certificates by default when using HTTPS
  * Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant.
  * Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
    encrypted ``key_file`` without creating your own ``SSLContext`` object.
  * Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
    implementations. (Pull #1496)
  * Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
  * Fixed issue where OpenSSL would block if an encrypted client private key was
    given and no password was given. Instead an ``SSLError`` is raised.
  * Added support for Brotli content encoding. It is enabled automatically if
  ``brotlipy`` package is installed which can be requested with
  ``urllib3[brotli]`` extra.
  * Drop ciphers using DSS key exchange from default TLS cipher suites.
    Improve default ciphers when using SecureTransport.
  * Implemented a more efficient ``HTTPResponse.__iter__()`` method.
- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed
- Update to 1.24.2 (bsc#1132900, CVE-2019-11324):
  - Implemented a more efficient HTTPResponse.__iter__() method.
    (Issue #1483)
  - Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant.
    (Pull #1487)
  - Remove Authorization header regardless of case when
    redirecting to cross-site. (Issue #1510)
  - Added support for key_password for HTTPSConnectionPool to use
    encrypted key_file without creating your own SSLContext
    object. (Pull #1489)
  - Fixed issue where OpenSSL would block if an encrypted client
    private key was given and no password was given. Instead an
    SSLError is raised. (Pull #1489)
  - Require and validate certificates by default when using HTTPS
    (Pull #1507)
  - Added support for Brotli content encoding. It is enabled
    automatically if brotlipy package is installed which can be
    requested with urllib3[brotli] extra. (Pull #1532)
  - Add TLSv1.3 support to CPython, pyOpenSSL, and
    SecureTransport SSLContext implementations. (Pull #1496)
  - Drop ciphers using DSS key exchange from default TLS cipher
    suites. Improve default ciphers when using SecureTransport.
    (Pull #1496)
  - Add support for IPv6 addresses in subjectAltName section of
    certificates. (Issue #1269)
  - Switched the default multipart header encoder from RFC 2231
    to HTML 5 working draft. (Issue #303, PR #1492)
- Update to 1.24.1:
  * Remove quadratic behavior within GzipDecoder.decompress()
    (Issue #1467)
  * Restored functionality of ciphers parameter for
    create_urllib3_context(). (Issue #1462)
python3
- The previous construct works only on the current Factory, not
  in SLE.
- BuildRequire rpm-build-python: The provider to inject python(abi)
  has been moved there. rpm-build pulls rpm-build-python
  automatically in when building anything against python3-base, but
  this implies that the initial build of python3-base does not
  trigger the automatic installation.
- Due to conflicting demands of bsc#1183858 and platforms where
  Python 3.6 is only in interpreter+pip set we have to make
  complicated ugly construct about Sphinx BR.
- Make python36 primary interpreter on SLE-15
- Make build working even on older SLEs.
- Update to 3.6.15:
  - bpo-43124: Made the internal putcmd function in smtplib
    sanitize input for presence of r and n characters to avoid
    (unlikely) command injection. Library
  - bpo-45001: Made email date parsing more robust against
    malformed input, namely a whitespace-only Date: header. Patch
    by Wouter Bolsterlee. Tests
  - bpo-38965: Fix test_faulthandler on GCC 10. Use the
    “volatile” keyword in faulthandler._stack_overflow() to
    prevent tail call optimization on any compiler, rather than
    relying on compiler specific pragma.
- Remove upstreamed patches:
  - faulthandler_stack_overflow_on_GCC10.patch
- test_faulthandler is still problematic under qemu linux-user emulation,
  disable it there
- Update to 3.6.14:
  * Security
  - bpo-44022 (bsc#1189241, CVE-2021-3737): mod:http.client now
    avoids infinitely reading potential HTTP headers after
    a 100 Continue status response from the server.
  - bpo-43882: The presence of newline or tab characters in parts
    of a URL could allow some forms of attacks.
    Following the controlling specification for URLs defined by
    WHATWG urllib.parse() now removes ASCII newlines and tabs
    from URLs, preventing such attacks.
  - bpo-42988 (CVE-2021-3426, bsc#1183374): Remove the getfile feature
    of the pydoc module which could be abused to read arbitrary files
    on the disk (directory traversal vulnerability). Moreover, even
    source code of Python modules can contain sensitive data like
    passwords. Vulnerability reported by David Schwörer.
  - bpo-43285: ftplib no longer trusts the IP address value
    returned from the server in response to the PASV command by
    default. This prevents a malicious FTP server from using the
    response to probe IPv4 address and port combinations on the
    client network.
    Code that requires the former vulnerable behavior may set a
    trust_server_pasv_ipv4_address attribute on their ftplib.FTP
    instances to True to re-enable it.
  - bpo-43075 (CVE-2021-3733, bsc#1189287): Fix Regular Expression
    Denial of Service (ReDoS) vulnerability in
    urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable
    regex has quadratic worst-case complexity and it allows cause
    a denial of service when identifying crafted invalid RFCs. This
    ReDoS issue is on the client side and needs remote attackers to
    control the HTTP server.
- Upstreamed patches were removed:
  - CVE-2021-3426-inf-disclosure-pydoc-getfile.patch
- Refreshed patches:
  - python3-sorted_tar.patch
  - riscv64-ctypes.patch
- Rebuild to get new headers, avoid building in support for
  stropts.h (bsc#1187338).
- Use versioned python-Sphinx to avoid dependency on other
  version of Python (bsc#1183858).
- Modify Lib/ensurepip/__init__.py to contain the same version
  numbers as are in reality the ones in the bundled wheels
  (bsc#1187668).
- add 22198.patch to build with Sphinx 4
- Stop providing "/python"/ symbol (bsc#1185588), which means
  python2 currently.
- (bsc#1180125) We really don't Require python-rpm-macros package.
  Unnecessary dependency.
python3-ec2imgutils
- Update to version 9.0.4 (bsc#1192298)
  + Set a time out for the ssh connection to avoid hang in a multi threaded
    environment
- Update to version 9.0.3 (bsc#1190538)
  + Support setting the boot mode for EC2 images, either to legacy-bios
    or uefi. Argument is optional, without it instance will use the default
    boot mode for the given instance type.
- Update to version 9.0.2 (bsc#1189649)
  + In addition to tagging images in AWS also set them to deprecated
    in EC2. This allows the framework to hide the images from new users
    when images are no longer supposed to be used.
release-notes-sles-for-sap
- 15.2.20211213 (tracked in bsc#933411)
- Adding disclaimer for Trento in tech preview section (jsc#PM-3168)
resource-agents
- nfs ganehsa failover takes 5 minutes for the client to regain access to nfs share
  (bsc#1184382)
  Add patches:
    nfsnotify.patch
    portblock.patch
- VirtualDomain RA using migration_network_suffix does create xenmigr
  URI causing live migration to fail (bsc#1180668)
- Failover issue due to a Google API being unreachable - request
  upstream patches which include a retry (bsc#1186830)
  Add upstream patches:
    0001-VirtualDomain-drop-prefix-xenmigr-from-migrate-uri.patch
    0001-gcp-vpc-move-vip.in-Adds-retries.patch
- SAPInstance fails to detect SAP unit files for systemd
  (bsc#1189535)
  Add upstream patches:
    0001-SAPInstance_fails_to_detect_SAP_unit_files_for_systemd.patch
    0002-SAPInstance_fails_to_detect_SAP_unit_files_for_systemd.patch
- (bsc#1188975) azure-lb RA is using /usr/bin/nc instead of
  /usr/bin/socat
  Add upstream patch:
    0001-ocf-distro-Improve-robustness-and-specificity-1558.patch
- ECO (jsc#SLE-18232)
  * Backport aws-vpc-move-ip patches to SLE15 codestreams.
  * (bsc#1186652) New GCP Load Balancer Resource Agent
  Add upstream patches:
    ECO-SLE-18232.diff
    0001-gcp-ilb-resource-wrapping-nc-or-socat-to-respond-to-.patch
rsync
- Fixed an error when using the external compression library
  where files larger that 1GB would not be transferred completely
  and failing with error:
  - deflate on token returned 0 (XXX bytes left)
  - rsync error: error in rsync protocol data stream (code 12)
  * Add rsync-fix-external-compression.patch [bsc#1190828]
- Fix a segmentation fault in iconv [bsc#1188258]
  * Add rsync-iconv-segfault.patch
rsyslog
- fix config parameters in specfile (bsc#1194593)
- Upgrade to rsyslog 8.2106.0:
  * NOTE: the prime new feature is support for TLS and non-TLS connections
    via imtcp in parallel. Furthermore, most TLS parameters can now be overriden
    at the input() level. The notable exceptions are certificate files, something
    that is due to be implemented as next step.
  * 2021-06-14: new global option "/parser.supportCompressionExtension"/
    This permits to turn off rsyslog's single-message compression extension
    when it interferes with non-syslog message processing (the parser
    subsystem expects syslog messages, not generic text)
    closes https://github.com/rsyslog/rsyslog/issues/4598
  * 2021-05-12: imtcp: add more override config params to input()
    It is now possible to override all module parameters at the input() level. Module
    parameters serve as defaults. Existing configs need no modification.
  * 2021-05-06: imtcp: add stream driver parameter to input() configuration
    This permits to have different inputs use different stream drivers
    and stream driver parameters.
    closes https://github.com/rsyslog/rsyslog/issues/3727
  * 2021-04-29: imtcp: permit to run multiple inputs in parallel
    Previously, a single server was used to run all imtcp inputs. This
    had a couple of drawsbacks. First and foremost, we could not use
    different stream drivers in the varios inputs. This patch now
    provides a baseline to do that, but does still not implement the
    capability (in this sense it is a staging patch).
    Secondly, we now ensure that each input has at least one exclusive
    thread for processing, untangling the performance of multiple
    inputs from each other.
    see also: https://github.com/rsyslog/rsyslog/issues/3727
  * 2021-04-27: tcpsrv bugfix: potential sluggishnes and hang on shutdown
    tcpsrv is used by multiple other modules (imtcp, imdiag, imgssapi, and,
    in theory, also others - even ones we do not know about). However, the
    internal synchornization did not properly take multiple tcpsrv users
    in consideration.
    As such, a single user could hang under some circumstances. This was
    caused by improperly awaking all users from a pthread condition wait.
    That in turn could lead to some sluggish behaviour and, in rare cases,
    a hang at shutdown.
    Note: it was highly unlikely to experience real problems with the
    officially provided modules.
  * 2021-04-22: refactoring of syslog/tcp driver parameter passing
    This has now been generalized to a parameter block, which makes it much cleaner and
    also easier to add new parameters in the future.
  * 2021-04-22: config script: add re_match_i() and re_extract_i() functions
    This provides case-insensitive regex functionality.
    closes https://github.com/rsyslog/rsyslog/issues/4429
- Upgrade to rsyslog 8.2104.0:
  * rainerscript: call getgrnam_r repeatedly to get all group members
    (bsc#1178490)
  * new contributed module imhiredis
  * new built-in function get_property() to access property vars
  * mmdblookup: add support for mmdb DB reload on HUP
  * script bugfix: empty array in foreach() improperly handled
  * imjournal bugfixes (handle leak, empty file)
  * new contributed function module fmunflatten
  * test bugfix: some tests did not work with newer TLS library versions
  * some improvements to project CI
- update remote.conf example file to new 'Address' and 'Port' notation
  (bsc#1182653)
- HTTPS URLs used for source
- Upgrade to rsyslog 8.2102.0:
  * omfwd: add stats counter for sent bytes
  * omfwd: add error reporting configuration option
  * action stats counter bugfix: failure count was not properly incremented
  * action stats counter bugfix: resume count was not incremented
  * omfwd bugfix: segfault or error if port not given
  * lookup table bugfix: data race on lookup table reload
  * testbench modernization
  * testbench: fix invalid sequence of kafka tests runs
  * testbench: fix kafkacat issues
  * testbench: fix year-dependendt clickhouse test
- Upgrade to rsyslog 8.2012.0:
  * testbench bugfix: some tests did not work in make distcheck
  * immark: rewrite with many improvements
  * usability: re-phrase error message to help users better understand cause
  * add new system property $now-unixtimestamp
  * omfwd: add new rate limit option
  * omfwd bug: param "/StreamDriver.PermitExpiredCerts"/ is not "/off"/ by default
- prepare usrmerge (boo#1029961)
- remove legacy stuff from specfile
  * sysvinit is not supported anymore, so remove all tests
    related to systemv in the specfile
- Upgrade to rsyslog 8.2010.0:
  * gnutls TLS subsystem bugfix: handshake error handling
  * core/msg bugfix: memory leak
  * core/msg bugfix: segfault in jsonPathFindNext() when <root> not an object
  * openssl TLS subsystem: improvments of error and status messages
  * add 'exists()' script function to check if variable exists
  * core bugfix: do not create empty JSON objects on non-existent key access
  * gnutls subsysem bugfix: potential hang on session closure
  * core/network bugfix: obey net.enableDNS=off when querying local hostname
  * core bugfix: potential segfault on query of PROGRAMNAME property
  * imtcp bugfix: broken connection not necessariy detected
  * new module: imhttp - http input
  * mmdarwin bugfix: potential zero uuid when reusing existing one
  * imdocker bugfix: build issue on some platforms
  * omudpspoof bugfix: make compatbile with Solaris build
  * testbench fix: python 3 incompatibility
  * core bugfix: segfault if disk-queue file cannot be created
  * cosmetic: fix dummy module name in debug output
  * config bugfix: intended warning emitted as error
- Upgrade to rsyslog 8.2008.0
  Way too many changes since 8.39.0 to be listed here.
- Added custom unit file rsyslog.service because
  systemd service file was removed from upstream project
- Removed obsolete patches:
  * 0001-satisfy-gcc-flag-fno-common.patch
  * rsyslog-pgsql-pkg-config.patch
  * rsyslog-unit.patch
- Use systemd_ordering instead of requiring to make rsyslog useable
  in containers.
- Fix the URL for bug reporting, should not point to novell.com
  (bsc#1173433)
- Add support for omkafka which is now in Factory, and 15.x repos
- avoid build error with gcc flag -fno-common (bsc#1160414)
  * add 0001-satisfy-gcc-flag-fno-common.patch
ruby2
Add patches to fix the following CVE's:
  - CVE-2021-32066.patch (CVE-2021-32066): Fix StartTLS stripping
    vulnerability in Net:IMAP (bsc#1188160)
  - CVE-2021-31810.patch (CVE-2021-31810): Fix trusting FTP PASV
    responses vulnerability in  Net:FTP (bsc#1188161)
  - CVE-2021-31799.patch (CVE-2021-31799): Fix Command injection
    vulnerability in RDoc (bsc#1190375)
rubygem-activerecord-5_1
- bsc#1182169, CVE-2021-22880: Fix possible DoS vector in PostgreSQL money type
  added: CVE-2021-22880-postgresql-money-dos.patch
runc
- Update to runc v1.0.3. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.3. CVE-2021-43784
  (bsc#1193436)
  * A potential vulnerability was discovered in runc (related to an internal
    usage of netlink), however upon further investigation we discovered that
    while this bug was exploitable on the master branch of runc, no released
    version of runc could be exploited using this bug. The exploit required
    being able to create a netlink attribute with a length that would overflow a
    uint16 but this was not possible in any released version of runc. For more
    information see GHSA-v95c-p5hm-xq8f and CVE-2021-43784.
    Due to an abundance of caution we decided to do an emergency release with
    this fix, but to reiterate we do not believe this vulnerability was
    possible to exploit. Thanks to Felix Wilhelm from Google Project Zero for
    discovering and reporting this vulnerability so quickly.
  * Fixed inability to start a container with read-write bind mount of a
    read-only fuse host mount.
  * Fixed inability to start when read-only /dev in set in spec.
  * Fixed not removing sub-cgroups upon container delete, when rootless cgroup
    v2 is used with older systemd.
  * Fixed returning error from GetStats when hugetlb is unsupported (which
    causes excessive logging for kubernetes).
- Update to runc v1.0.2. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.2
  * Fixed a failure to set CPU quota period in some cases on cgroup v1.
  * Fixed the inability to start a container with the "/adding seccomp filter
    rule for syscall ..."/ error, caused by redundant seccomp rules (i.e. those
    that has action equal to the default one). Such redundant rules are now
    skipped.
  * Made release builds reproducible from now on.
  * Fixed a rare debug log race in runc init, which can result in occasional
    harmful "/failed to decode ..."/ errors from runc run or exec.
  * Fixed the check in cgroup v1 systemd manager if a container needs to be
    frozen before Set, and add a setting to skip such freeze unconditionally.
    The previous fix for that issue, done in runc 1.0.1, was not working.
- Update to runc v1.0.1. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.1
  * Fixed occasional runc exec/run failure ("/interrupted system call"/) on an
    Azure volume.
  * Fixed "/unable to find groups ... token too long"/ error with /etc/group
    containing lines longer than 64K characters.
  * cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
    frozen. This is a regression in 1.0.0, not affecting runc itself but some
    of libcontainer users (e.g Kubernetes).
  * cgroupv2: bpf: Ignore inaccessible existing programs in case of
    permission error when handling replacement of existing bpf cgroup
    programs. This fixes a regression in 1.0.0, where some SELinux
    policies would block runc from being able to run entirely.
  * cgroup/systemd/v2: don't freeze cgroup on Set.
  * cgroup/systemd/v1: avoid unnecessary freeze on Set.
- Remove upstreamed patches:
  + boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch
- Backport <https://github.com/opencontainers/runc/pull/3055> to fix issues
  with runc under openSUSE MicroOS's SELinux policy. boo#1187704
  + boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch
- Update to runc v1.0.0. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0
  ! The usage of relative paths for mountpoints will now produce a warning
    (such configurations are outside of the spec, and in future runc will
    produce an error when given such configurations).
  * cgroupv2: devices: rework the filter generation to produce consistent
    results with cgroupv1, and always clobber any existing eBPF
    program(s) to fix runc update and avoid leaking eBPF programs
    (resulting in errors when managing containers).
  * cgroupv2: correctly convert "/number of IOs"/ statistics in a
    cgroupv1-compatible way.
  * cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
  * cgroupv2: wait for freeze to finish before returning from the freezing
    code, optimize the method for checking whether a cgroup is frozen.
  * cgroups/systemd: fixed "/retry on dbus disconnect"/ logic introduced in rc94
  * cgroups/systemd: fixed returning "/unit already exists"/ error from a systemd
    cgroup manager (regression in rc94)
  + cgroupv2: support SkipDevices with systemd driver
  + cgroup/systemd: return, not ignore, stop unit error from Destroy
  + Make "/runc --version"/ output sane even when built with go get or
    otherwise outside of our build scripts.
  + cgroups: set SkipDevices during runc update (so we don't modify
    cgroups at all during runc update).
  + cgroup1: blkio: support BFQ weights.
  + cgroupv2: set per-device io weights if BFQ IO scheduler is available.
- Update to runc v1.0.0~rc95. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95
  This release of runc contains a fix for CVE-2021-30465, and users are
  strongly recommended to update (especially if you are providing
  semi-limited access to spawn containers to untrusted users). bsc#1185405
- Update to runc v1.0.0~rc94. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94
  Breaking Changes:
  * cgroupv1: kernel memory limits are now always ignored, as kmemcg has
    been effectively deprecated by the kernel. Users should make use of regular
    memory cgroup controls.
  Regression Fixes:
  * seccomp: fix 32-bit compilation errors
  * runc init: fix a hang caused by deadlock in seccomp/ebpf loading code
  * runc start: fix "/chdir to cwd: permission denied"/ for some setups
- Remove upstreamed patches:
  - 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch
    syscalls unusable for glibc.
salt
- Use dnfnotify instead yumnotify for relevant distros
- Remove wrong _parse_cpe_name from grains.core
- dnfnotify pkgset plugin implementation
- Add rpm_vercmp python library support for version comparison
- Prevent pkg plugins errors on missing cookie path (bsc#1186738)
- Fix ip6_interface grain to not leak secondary IPv4 aliases (bsc#1191412)
- Make "/salt-api"/ package to require python3-cherrypy on RHEL systems
- tar is required by minion on transactional-update system
- Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446)
- Fix traceback.*_exc() calls
- Added:
  * fix-the-regression-for-yumnotify-plugin-456.patch
  * add-rpm_vercmp-python-library-for-version-comparison.patch
  * remove-wrong-_parse_cpe_name-from-grains.core-452.patch
  * 3002.2-do-not-consider-skipped-targets-as-failed-for.patch
  * fix-traceback.-_exc-calls-429.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
  * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
  * mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
- Support querying for JSON data in external sql pillar
- Exclude the full path of a download URL to prevent injection of
  malicious code (bsc#1190265) (CVE-2021-21996)
- Added:
  * 3002.2-postgresql-json-support-in-pillar-424.patch
  * exclude-the-full-path-of-a-download-url-to-prevent-i.patch
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
- Don't pass shell="//sbin/nologin"/ to onlyif/unless checks (bsc#1188259)
- Add missing aarch64 to rpm package architectures
- Backport of upstream PR#59492
- Fix failing unit test for systemd
- Fix error handling in openscap module (bsc#1188647)
- Better handling of bad public keys from minions (bsc#1189040)
- Define license macro as doc in spec file if not existing
- Add standalone formulas configuration for salt minion and remove salt-master requirement (bsc#1168327)
- Added:
  * backport-of-upstream-pr59492-to-3002.2-404.patch
  * fix-failing-unit-tests-for-systemd.patch
  * don-t-use-shell-sbin-nologin-in-requisites.patch
  * fix-error-handling-in-openscap-module-bsc-1188647-40.patch
  * add-missing-aarch64-to-rpm-package-architectures-405.patch
  * better-handling-of-bad-public-keys-from-minions-bsc-.patch
  * templates-move-the-globals-up-to-the-environment-jin.patch
- Do noop for services states when running systemd in offline mode (bsc#1187787)
- transactional_updates: do not execute states in parallel but use a queue (bsc#1188170)
- Handle "/master tops"/ data when states are applied by "/transactional_update"/ (bsc#1187787)
- Enhance openscap module: add "/xccdf_eval"/ call
- virt: pass emulator when getting domain capabilities from libvirt
- Adding preliminary support for Rocky Linux
- Implementation of held/unheld functions for state pkg (bsc#1187813)
- Replace deprecated Thread.isAlive() with Thread.is_alive()
- Fix exception in yumpkg.remove for not installed package
- Fix save for iptables state module (bsc#1185131)
- virt: use /dev/kvm to detect KVM
- zypperpkg: improve logic for handling vendorchange flags
- Add bundled provides for tornado to the spec file
- Enhance logging when inotify beacon is missing pyinotify (bsc#1186310)
- Add "/python3-pyinotify"/ as a recommended package for Salt in SUSE/OpenSUSE distros
- Fix tmpfiles.d configuration for salt to not use legacy paths (bsc#1173103)
- Detect Python version to use inside container (bsc#1167586) (bsc#1164192)
- Handle volumes on stopped pools in virt.vm_info (bsc#1186287)
- grains.extra: support old non-intel kernels (bsc#1180650)
- Fix missing minion returns in batch mode (bsc#1184659)
- Parsing Epoch out of version provided during pkg remove (bsc#1173692)
- Added:
  * enhance-openscap-module-add-xccdf_eval-call-386.patch
  * fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
  * move-vendor-change-logic-to-zypper-class-355.patch
  * enhance-logging-when-inotify-beacon-is-missing-pyino.patch
  * grains.extra-support-old-non-intel-kernels-bsc-11806.patch
  * fix-missing-minion-returns-in-batch-mode-360.patch
  * parsing-epoch-out-of-version-provided-during-pkg-rem.patch
  * handle-master-tops-data-when-states-are-applied-by-t.patch
  * figure-out-python-interpreter-to-use-inside-containe.patch
  * fix-save-for-iptables-state-module-bsc-1185131-372.patch
  * do-noop-for-services-states-when-running-systemd-in-.patch
  * virt-use-dev-kvm-to-detect-kvm-383.patch
  * virt-pass-emulator-when-getting-domain-capabilities-.patch
  * backport-thread.is_alive-fix-390.patch
  * handle-volumes-on-stopped-pools-in-virt.vm_info-373.patch
  * adding-preliminary-support-for-rocky.-59682-391.patch
  * implementation-of-held-unheld-functions-for-state-pk.patch
- Check if dpkgnotify is executable (bsc#1186674)
- Added:
  * check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
- Update to Salt release version 3002.2 (jsc#ECO-3212) (jsc#SLE-18033)
- See release notes: https://docs.saltstack.com/en/latest/topics/releases/3002.2.html
- Drop support for Python2. Obsoletes "/python2-salt"/ package
- virt module updates
  * network: handle missing ipv4 netmask attribute
  * more network support
  * PCI/USB host devices passthrough support
  * drop wrong capabilities code after rebasing patches
- Set distro requirement to oldest supported version in requirements/base.txt
- Bring missing part of async batch implementation back (bsc#1182382) (CVE-2021-25315)
- Always require python3-distro (bsc#1182293)
- Remove deprecated warning that breaks minion execution when "/server_id_use_crc"/ opts is missing
- Fix pkg states when DEB package has "/all"/ arch
- Do not force beacons configuration to be a list.
  (Revert https://github.com/saltstack/salt/pull/58655)
- Remove msgpack < 1.0.0 from base requirements (bsc#1176293)
- msgpack support for version >= 1.0.0 (bsc#1171257)
- Added:
  * 3002-set-distro-requirement-to-oldest-supported-vers.patch
  * add-alibaba-cloud-linux-2-by-backporting-upstream-s-.patch
  * add-almalinux-and-alibaba-cloud-linux-to-the-os-fami.patch
  * add-sleep-on-exception-handling-on-minion-connection.patch
  * async-batch-implementation-fix-320.patch
  * drop-wrong-virt-capabilities-code-after-rebasing-pat.patch
  * fix-aptpkg.normalize_name-when-package-arch-is-all.patch
  * fix-grains.test_core-unit-test-277.patch
  * fix-__mount_device-wrapper-254.patch
  * opensuse-3000.2-virt-backports-236-257.patch
  * opensuse-3000.3-spacewalk-runner-parse-command-250.patch
  * opensuse-3000-libvirt-engine-fixes-251.patc
  * open-suse-3002.2-bigvm-310.patch
  * open-suse-3002.2-virt-network-311.patch
  * pkgrepo-support-python-2.7-function-call-295.patch
  * remove-deprecated-warning-that-breaks-miniion-execut.patch
  * remove-msgpack-1.0.0-requirement-in-the-installed-me.patch
  * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
  * support-transactional-systems-microos-271.patch
  * update-target-fix-for-salt-ssh-to-process-targets-li.patch
  * virt.network_update-handle-missing-ipv4-netmask-attr.patch
  * zypperpkg-filter-patterns-that-start-with-dot-244.patch
- Modified:
  * 3002.2-xen-spicevmc-dns-srv-records-backports-314.patch
  * accumulated-changes-from-yomi-167.patch
  * accumulated-changes-required-for-yomi-165.patch
  * activate-all-beacons-sources-config-pillar-grains.patch
  * add-all_versions-parameter-to-include-all-installed-.patch
  * add-astra-linux-common-edition-to-the-os-family-list.patch
  * add-batch_presence_ping_timeout-and-batch_presence_p.patch
  * add-cpe_name-for-osversion-grain-parsing-u-49946.patch
  * add-custom-suse-capabilities-as-grains.patch
  * add-docker-logout-237.patch
  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
  * add-hold-unhold-functions.patch
  * add-migrated-state-and-gpg-key-management-functions-.patch
  * add-multi-file-support-and-globbing-to-the-filetree-.patch
  * add-new-custom-suse-capability-for-saltutil-state-mo.patch
  * add-patch-support-for-allow-vendor-change-option-wit.patch
  * add-pkg.services_need_restart-302.patch
  * add-publish_batch-to-clearfuncs-exposed-methods.patch
  * add-saltssh-multi-version-support-across-python-inte.patch
  * adds-explicit-type-cast-for-port.patch
  * add-standalone-configuration-file-for-enabling-packa.patch
  * add-supportconfig-module-for-remote-calls-and-saltss.patch
  * add-virt.all_capabilities.patch
  * allow-extra_filerefs-as-sanitized-kwargs-for-ssh-cli.patch
  * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch
  * allow-vendor-change-option-with-zypper-313.patch
  * ansiblegate-take-care-of-failed-skipped-and-unreacha.patch
  * apply-patch-from-upstream-to-support-python-3.8.patch
  * async-batch-implementation.patch
  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
  * avoid-traceback-when-http.query-request-cannot-be-pe.patch
  * backport-a-few-virt-prs-272.patch
  * backport-virt-patches-from-3001-256.patch
  * batch_async-avoid-using-fnmatch-to-match-event-217.patch
  * batch-async-catch-exceptions-and-safety-unregister-a.patch
  * batch.py-avoid-exception-when-minion-does-not-respon.patch
  * bsc-1176024-fix-file-directory-user-and-group-owners.patch
  * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch
  * changed-imports-to-vendored-tornado.patch
  * debian-info_installed-compatibility-50453.patch
  * do-not-break-repo-files-with-multiple-line-values-on.patch
  * do-not-crash-when-there-are-ipv6-established-connect.patch
  * do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
  * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
  * do-not-make-ansiblegate-to-crash-on-python3-minions.patch
  * do-not-monkey-patch-yaml-bsc-1177474.patch
  * do-not-raise-streamclosederror-traceback-but-only-lo.patch
  * don-t-call-zypper-with-more-than-one-no-refresh.patch
  * drop-wrong-mock-from-chroot-unit-test.patch
  * early-feature-support-config.patch
  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
  * ensure-virt.update-stop_on_reboot-is-updated-with-it.patch
  * fall-back-to-pymysql.patch
  * fix-aptpkg-systemd-call-bsc-1143301.patch
  * fix-async-batch-multiple-done-events.patch
  * fix-async-batch-race-conditions.patch
  * fix-a-test-and-some-variable-names-229.patch
  * fix-a-wrong-rebase-in-test_core.py-180.patch
  * fix-batch_async-obsolete-test.patch
  * fix-bsc-1065792.patch
  * fix-cve-2020-25592-and-add-tests-bsc-1178319.patch
  * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch
  * fixes-56144-to-enable-hotadd-profile-support.patch
  * fixes-cve-2018-15750-cve-2018-15751.patch
  * fix-failing-unit-tests-for-batch-async.patch
  * fix-for-log-checking-in-x509-test.patch
  * fix-for-some-cves-bsc1181550.patch
  * fix-for-suse-expanded-support-detection.patch
  * fix-for-temp-folder-definition-in-loader-unit-test.patch
  * fix-git_pillar-merging-across-multiple-__env__-repos.patch
  * fixing-streamclosed-issue.patch
  * fix-ipv6-scope-bsc-1108557.patch
  * fix-issue-2068-test.patch
  * fix-issue-parsing-errors-in-ansiblegate-state-module.patch
  * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch
  * fix-novendorchange-option-284.patch
  * fix-onlyif-unless-when-multiple-conditions-bsc-11808.patch
  * fix-regression-on-cmd.run-when-passing-tuples-as-cmd.patch
  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
  * fix-the-removed-six.itermitems-and-six.-_type-262.patch
  * fix-unit-test-for-grains-core.patch
  * fix-unit-tests-for-batch-async-after-refactor.patch
  * fix-virt.update-with-cpu-defined-263.patch
  * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
  * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch
  * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch
  * force-zyppnotify-to-prefer-packages.db-than-packages.patch
  * get-os_arch-also-without-rpm-package-installed.patch
  * grains-master-can-read-grains.patch
  * implementation-of-suse_ip-execution-module-bsc-10999.patch
  * implement-network.fqdns-module-function-bsc-1134860-.patch
  * improve-batch_async-to-release-consumed-memory-bsc-1.patch
  * improvements-on-ansiblegate-module-354.patch
  * include-aliases-in-the-fqdns-grains.patch
  * info_installed-works-without-status-attr-now.patch
  * integration-of-msi-authentication-with-azurearm-clou.patch
  * invalidate-file-list-cache-when-cache-file-modified-.patch
  * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
  * loop-fix-variable-names-for-until_no_eval.patch
  * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch
  * make-aptpkg.list_repos-compatible-on-enabled-disable.patch
  * make-profiles-a-package.patch
  * make-setup.py-script-to-not-require-setuptools-9.1.patch
  * move-server_id-deprecation-warning-to-reduce-log-spa.patch
  * notify-beacon-for-debian-ubuntu-systems-347.patch
  * opensuse-3000-virt-defined-states-222.patch
  * open-suse-3002.2-xen-grub-316.patch
  * option-to-en-disable-force-refresh-in-zypper-215.patch
  * path-replace-functools.wraps-with-six.wraps-bsc-1177.patch
  * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch
  * prevent-command-injection-in-the-snapper-module-bsc-.patch
  * prevent-import-errors-when-running-test_btrfs-unit-t.patch
  * prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch
  * prevent-race-condition-on-sigterm-for-the-minion-bsc.patch
  * prevent-systemd-run-description-issue-when-running-a.patch
  * prevent-test_mod_del_repo_multiline_values-to-fail.patch
  * provide-the-missing-features-required-for-yomi-yet-o.patch
  * python3.8-compatibility-pr-s-235.patch
  * re-adding-function-to-test-for-root.patch
  * read-repo-info-without-using-interpolation-bsc-11356.patch
  * regression-fix-of-salt-ssh-on-processing-targets-353.patch
  * reintroducing-reverted-changes.patch
  * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch
  * remove-deprecated-usage-of-no_mock-and-no_mock_reaso.patch
  * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch
  * remove-vendored-backports-abc-from-requirements.patch
  * restore-default-behaviour-of-pkg-list-return.patch
  * return-the-expected-powerpc-os-arch-bsc-1117995.patch
  * revert-add-patch-support-for-allow-vendor-change-opt.patch
  * run-salt-api-as-user-salt-bsc-1064520.patch
  * run-salt-master-as-dedicated-salt-user.patch
  * sanitize-grains-loaded-from-roster_grains.json.patch
  * strip-trailing-from-repo.uri-when-comparing-repos-in.patch
  * support-config-non-root-permission-issues-fixes-u-50.patch
  * support-for-btrfs-and-xfs-in-parted-and-mkfs.patch
  * switch-firewalld-state-to-use-change_interface.patch
  * temporary-fix-extend-the-whitelist-of-allowed-comman.patch
  * transactional_update-detect-recursion-in-the-executo.patch
  * transactional_update-unify-with-chroot.call.patch
  * use-adler32-algorithm-to-compute-string-checksums.patch
  * use-current-ioloop-for-the-localclient-instance-of-b.patch
  * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch
  * virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch
  * virt._get_domain-don-t-raise-an-exception-if-there-i.patch
  * virt-uefi-fix-backport-312.patch
  * x509-fixes-111.patch
  * xen-disk-fixes-264.patch
  * xfs-do-not-fails-if-type-is-not-present.patch
  * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
- Removed:
  * add-alibaba-cloud-linux-2-to-salt-3000-branch-351.patch
  * add-almalinux-to-the-os-family-list-340.patch
  * add-ip-filtering-by-network.patch
  * add-missing-fun-for-returns-from-wfunc-executions.patch
  * add-missing-_utils-at-loader-grains_func.patch
  * add-sleep-on-exception-handling-minion-connecting-to.patch
  * avoid-has_docker-true-if-import-messes-with-salt.uti.patch
  * backport-commit-1b16478c51fb75c25cd8d217c80955feefb6.patch
  * decide-if-the-source-should-be-actually-skipped.patch
  * do-not-report-patches-as-installed-when-not-all-the-.patch
  * fix-cve-2020-11651-and-fix-cve-2020-11652.patch
  * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch
  * fix-for-return-value-ret-vs-return-in-batch-mode.patch
  * fix-for-unless-requisite-when-pip-is-not-installed.patch
  * fix-grains.test_core-unit-test-276.patch
  * fix-__mount_device-wrapper-253.patch
  * fix-recursion-false-detectioni-in-payload-305.patch
  * fix-regression-in-service-states-with-reload-argumen.patch
  * fix-type-error-in-tornadoimporter.patch patch
  * fix-typo-on-msgpack-version-when-sanitizing-msgpack-.patch
  * fix-zmq-hang-backport-of-saltstack-salt-58364.patch
  * loader-invalidate-the-import-cachefor-extra-modules.patch
  * make-lazyloader.__init__-call-to-_refresh_file_mappi.patch
  * make-salt.ext.tornado.gen-to-use-salt.ext.backports_.patch
  * opensuse-3000.2-virt-backports-236.patch
  * opensuse-3000-bigvm-backports-300.patch
  * opensuse-3000-libvirt-engine-fixes-248.patch
  * opensuse-3000-spacewalk-runner-parse-command-247.patch
  * opensuse-3000-virtual-network-backports-329.patch
  * pkgrepo-support-python-2.7-function-call-294.patch
  * removes-unresolved-merge-conflict-in-yumpkg-module.patch
  * revert-changes-to-slspath-saltstack-salt-56341.patch
  * set-passphrase-for-salt-ssh-keys-to-empty-string-293.patch
  * support-transactional-systems-microos-268.patch
  * update-target-fix-for-salt-ssh-and-avoiding-race-con.patch
  * use-full-option-name-instead-of-undocumented-abbrevi.patch
  * various-fixes-to-the-mysql-module-to-break-out-the-h.patch
  * zypperpkg-filter-patterns-that-start-with-dot-243.patch
- Fix issue parsing errors in ansiblegate state module
- Added:
  * fix-issue-parsing-errors-in-ansiblegate-state-module.patch
- Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607)
- transactional_update: detect recursion in the executor
- Add subpackage salt-transactional-update (jsc#SLE-18028)
- Remove duplicate directories from specfile
- Added:
  * transactional_update-detect-recursion-in-the-executo.patch
  * prevent-command-injection-in-the-snapper-module-bsc-.patch
- Improvements on "/ansiblegate"/ module (bsc#1185092):
  * New methods: ansible.targets / ansible.discover_playbooks
  * General bugfixes
- Added:
  * improvements-on-ansiblegate-module-354.patch
- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)
- Regression fix of salt-ssh on processing targets
- Added:
  * add-alibaba-cloud-linux-2-to-salt-3000-branch-351.patch
  * regression-fix-of-salt-ssh-on-processing-targets-353.patch
- Update target fix for salt-ssh and avoiding race condition
  on salt-ssh event processing (bsc#1179831, bsc#1182281)
- Added:
  * update-target-fix-for-salt-ssh-and-avoiding-race-con.patch
- Add notify beacon for Debian/Ubuntu systems
- Added:
  * notify-beacon-for-debian-ubuntu-systems-347.patch
- Fix zmq bug that causes salt-call to freeze (bsc#1181368)
- Added:
  * fix-zmq-hang-backport-of-saltstack-salt-58364.patch
samba
- The username map [script] advice from CVE-2020-25717 advisory
  note has undesired side effects for the local nt token. Fallback
  to a SID/UID based mapping if the name based lookup fails;
  (bsc#1192849); (bso#14901).
- CVE-2016-2124: SMB1 client connections can be downgraded to
  plaintext authentication (bsc#1014440); (bso#12444);
- CVE-2020-25717: A user in an AD Domain could become root on
  domain members; (bsc#1192284); (bso#14556);
- CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability;
  (bsc#1192214); (bso#14875);
- Fix wrong kvno exported to keytab after net ads changetrustpw due
  to replication delay; (bsc#1188727);
- Add msDS-AdditionalDnsHostName to the keytab; (bso#14396);
  (bsc#1185420);
- Add net-ads-join dnshostname option; (bso#14396); (bsc#1185420);
- Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC;
  (bso#14406); (bsc#1185420);
sapconf
- version update from 5.0.2 to 5.0.3
- adapt the activity detection of saptune to the upcoming saptune
  version 3
  (bsc#1189496)
sapnwbootstrap-formula
- Version bump 0.6.4
  * Set default empty dictionary for virtual_addresses and ensure
    a dictionary is obtained if the value is None (hack for SUMA)
    (bsc#1185627)
- Version bump 0.6.3
  * Fix issue: azure-lb resource for ASCS/ERS is not added
    in the corresponding Resource Group
    (bsc#1186236)
- Version bump 0.6.2
  * Set the virtual ip addresses as permanent, except for HA
  scenarios, to have them even after a reboot of the machine
  (bsc#1185093)
- Add some mandatory values in the DB and PAS templates for S4HANA
  to avoid executions without them in the extra_parameters field
- Give the option to mount /sapmnt folder locally without using
  a NFS share
- Make /sapmnt path configurable using `sapmnt_path` pillar variable
- Update PAS and AAS templates to use HANA sid and instance number
  to create the configuration file
- Version 0.6.1
  * Fix error about missing instance installation requisite when monitoring is enabled
  (bsc#1181541)
saptune
- update package version of saptune to 3.0.2
- avoid excluding LVM slaves when getting valid block devices
  (bsc#1194299)
- fix 'not compliant' state for energy_perf_bias on Power systems
  and suppress misleading error message regarding missing 'mokutil'
  (bsc#1193435)
- fix wrong behaviour of 'saptune revert all', if the saptune
  service was stopped between the two commands 'apply' and
  'revert all'
- 'saptune service enablestart|disablestop' now always perform
  both actions and does no longer stop working, if the service is
  already started|stopped.
  (bsc#1193241)
- restrict the sys section of the AWS note 1656250 to the
  availability of a nvme block device to support AWS x1e instances
  too.
  sys section definition of Note 1656250 changed.
  (bsc#1192029)
- abandon the dependency to 'mokutil' by relying on sysfs to
  detect a secure boot environment.
  Related to bsc#1193435
- support /etc/fstab entries with 4 instead of 6 fields as these
  are valid entries.
  Change error handling from 'panic' to error log messages.
  (bsc#1193580)
- enhance man page 'saptune.8'.
  Add entry 'configured Note' and some more descriptions of the
  entries from 'saptune service status'
  (bsc#1192697)
- as the Power systems (hardware architecture 'ppc64le') does not
  support files in '/sys/class/dmi' (this directory is not
  available on the 'ppc64le' hardware architecture) some of our
  section 'tags' will not work.
  Add some additional log messages to identify the cause and add
  a hint to the man page.
- fix block device settings (e.g. NRREQ) for multipath devices
  (bsc#1193576)
- 'saptune verify' will now report a non existing sysctl or sys
  parameter as 'not available on the system' (footnote) and this
  parameter will not affect the compliance state.
  But a warning is displayed to raise attention to may be typos in
  the parameter name.
- 'saptune status' now reports the 'real' unit state, no mapping
  of not running (inactive) service to simply 'stopped' any more.
  (bsc#1194334)
- update package version of saptune to 3.0.1
- fix the scheduler settings for multi path devices and
  suppress missleading warning messages regarding vendor and model
  information during block device detection
  (bsc#1192460)
- fix override of custom solutions
  (bsc#1192062)
- add missing update function for enabled solutions and add a
  special fix to correct the 3.0.0 behavior
  (bsc#1192053)
- saptune_check - degraded system is no longer considered an error
  (bsc#1192272)
- log missing model and vendor information to the saptune log file
  (bsc#1190509)
- update package version of saptune to 3.0.0
  This will be additional reflected in the saptune version found in
  /etc/sysconfig/saptune (SAPTUNE_VERSION)
  So now we will have saptune version 3
- saptune version 3
  Strengthen configuration process with staging, checks of external
  changes and expansion of automation to new platforms (Azure, AWS)
  and hardware specifics
  (jsc#SLE-21029 and jsc#SLE-20985)
- remove saptune version 1
  (jsc#SLE-10823 and jsc#SLE-10842)
- remove usage of tuned from saptune
  Add an own systemd service file for saptune to start/stop tuning
  of parameter values during a reboot of the system.
  Add a new saptune action 'service' to handle the saptune.service
  supporting start/stop/enable/disable/status a.s.m.
  The saptune action 'daemon', which handled tuned.service in the
  past, is now flagged as 'deprecated' and internally linked to the
  new action 'service'
  (jsc#SLE-5589, jsc#SLE-5588, jsc#SLE-6457)
- add a sanity check to detect Note definition files which do not
  exist anymore, because they were renamed or deleted, but without
  reverting them before.
  saptune will now print an error message, remove the Note from the
  tracking variables in /etc/sysconfig/saptune and try to revert
  the related parameter settings.
  (bsc#1149205)
- check, if json input file is empty and handle some left-over
  files from the migration from saptune v1 to saptune v2
  (bsc#1167618)
- To support system parameters only relevant for specific SLES
  releases, service packs and/or hardware architectures saptune
  now supports 'tagged' sections inside the Note definition files.
  (jsc#SLE-13246, jsc#SLE-13245)
- new kernel requirement for Power added to SAP-Note 2205917 and
  2684254
  SAP Note 2205917 updated to Version 61
  SAP Note 2684254 updated to Version 15
  (bsc#1167416)
- SAP Note 2382421 updated to Version 37
  and move all 'not-well-defined' parameters from the 'reminder'
  section into the 'sysctl' section, but with 'empty' values.
  Use an override file to define the values fitting your system
  requirements
  (bsc#1170672)
- support empty parameter values in the Note definition files and
  not only in the override file.
  This is needed for the support of SAP Notes like 2382421, so that
  the customer is able to simply use an override file to define
  some special parameters instead of using a customer specific Note
  definition file.
  needed for bsc#1170672
  (jsc#TEAM-1702)
- report an 'error' instead of 'info' and set the exit code to '1',
  if we reject the apply of a solution
  (bsc#1167213)
- Skip perf bias change if secure boot is enabled
  When a system is in lockdown mode, i.e., Secure Boot is enabled,
  MSR cannot be altered in user-space. So check, if Secure Boot is
  enabled using the mokutil utility and skip setting the perf bias
  in case it is.
  (bsc#1176243)
- rework the internal block device handling to speed up the apply
  of block device related tunings on systems with a high number of
  block devices.
  (bsc#1178207)
- change block device handling to handle multipath devices
  correctly. Only the DM multipath devices will be used for the
  settings, but not its paths.
  (bsc#1179275)
- fixed wrong comparison used for setting FORCE_LATENCY
  (bsc#1185702)
- add keyword 'all' to the 'rpm' section description in the man page
  saptune-note(5)
  (bsc#1182287)
- support note definition versions containing digits, upper-case
  and lower-case letters, dots, underscores, minus and plus signs.
  (bsc#1182289)
- fixed issue with 'verify' operation and parameter
  'VSZ_TMPFS_PERCENT'. As this parameter is only used to calculate
  the value of 'ShmFileSystemSizeMB' (if it is not set to a value
  >0 in the Note definition file) it will not be checked and
  compared during the saptune operation 'verify'. A footnote is
  pointing this out.
  (bsc#1182009)
- SAP Note 1771258 update nofile values
  (bsc#1164720)
- SAP Note 2684254 updated to Version 20
  SAP Note 2578899 updated to Version 39
  SAP Note 1680803 updated to Version 26
- enhancements for saptune version 3
  All jsc#TEAM-* entries mentioned below are related to this rework
  (jsc#SLE-16972)
- Implement a lock to avoid multiple instances of saptune running
  in parallel.
  (jsc#TEAM-1700)
- Support for non-colorized output
  If redirecting the output from saptune to a pipe, you no longer
  need to deal with the 'ugly' control sequences for the colorized
  output.
  (jsc#TEAM-1679)
- Add enable/disable for systemd units and support all systemd unit
  types in section [service]
  (jsc#TEAM-1701)
- remove script /usr/share/doc/packages/saptune/sapconf2saptune
  and the associated man page
  (jsc#TEAM-1707)
- implement staging of Note definition file and solution
  definitions.
  The idea is to freeze the saptune configuration to avoid config
  changes on package update when adding/removing/changing notes
  or solutions within the package
  (jsc#TEAM-1844)
- support custom solutions and override files for solutions.
  Partners and customers will now be able to define their own
  solution definitions by using files in /etc/saptune/extra
  or to override the shipped solution definitions by using
  override files in /etc/saptune/override
  (jsc#TEAM-1706)
- support for device specific configurations
  only supported for the [block] section, tags are 'vendor' and
  'model' to support special block devices of a dedicated hardware
  vendor or a dedicated hardware model
  (jsc#TEAM-1728)
- add support for AZURE cloud (SAP Note 2993054)
  (jsc#TEAM-2676)
- add support for AWS cloud (SAP Note 1656250)
  (jsc#TEAM-1754 and jsc#TEAM-1755)
- add NVMe support to the block device handling to support AWS
  (jsc#TEAM-2675)
- add SAP Note 3024346 (a NetApp note)
  (jsc#TEAM-3454)
- rework daemon and service actions
  (jsc#TEAM-3154)
- add support for 'read_ahead_kb' and 'max_sectors_kb' to the
  [block] section
  (jsc#TEAM-1699)
- add a warning to the reminder section of SAP Note 2382421
  regarding iSCSI devices and setting of 'net.ipv4.tcp_syn_retries'
  (jsc#TEAM-1705)
- for the actions 'note customise' and 'note create' check, if the
  customer has changed something during the editor session.
  If not, remove the temporary created note definition file.
  (jsc#TEAM-825)
- add support for [sys] section
  and handle double configurations for parameters defined in the
  [sys] section
  (jsc#TEAM-3342)
- check system sysctl config files as mentioned in the comments of
  /etc/sysctl.conf and in man page sysctl.conf(5) for sysctl
  parameters currently set by saptune notes. Print a warning and a
  footnote for 'verify' and 'customize'.
  (jsc#TEAM-1696)
- add support for [filesystem] section
  only check filesystem mount options, not modify. Starting with
  filesystem type 'xfs'
  (jsc#TEAM-4093)
- add SAP Note 900929 for SAP Netweaver workloads.
  It's the equivalent to the HANA Note 1980196.
  (jsc#TEAM-4386)
- mv state files from /var/lib/saptune to /run/saptune to solve
  the problem of state files surviving a reboot.
- add /sbin/saptune_check
- add the description of the solution definitions shipped with
  saptune to the man page saptune(8)
  (jsc#TEAM-4260)
sbd
- Update to version 1.5.0+20210720.f4ca41f:
- sbd-inquisitor: Implement default delay start for diskless sbd (bsc#1189398)
- sbd-inquisitor: Sanitize numeric arguments
- Update to version 1.5.0+20210629.1c72cf2:
- sbd-inquisitor: tolerate and strip any leading spaces of command line option values (bsc#1187547)
- sbd-inquisitor: tell the actual watchdog device specified with `-w` (bsc#1187547)
- Revert "/Doc: adapt description of startup/shutdown sync with pacemaker"/
  * 0001-Revert-Doc-adapt-description-of-startup-shutdown-syn.patch
- Update to version 1.5.0+20210614.d7f447d (v1.5.0):
- Deprecated path "//var/run/"/ used in systemd-services (bsc#1185182)
- Update to version 1.4.2+20210305.926b554:
- sbd-inquisitor: take the defaults for the options set in sysconfig with empty strings (bsc#1183259)
- Update to version 1.4.2+20210305.57b84b5:
- sbd-inquisitor: prevent segfault if no command is supplied (bsc#1183237)
- Update to version 1.4.2+20210304.488a5b9:
- sbd-inquisitor,sbd-md: make watchdog warning messages more understandable (bsc#1182648)
- sbd-inquisitor: calculate the default timeout for watchdog warning based on the watchdog timeout consistently (bsc#1182648)
- sbd-inquisitor: ensure the timeout for watchdog warning specified with `-5` option is respected (bsc#1182648)
- sbd-common: ensure the default timeout for watchdog warning is about 3/5 of the default watchdog timeout (bsc#1182648)
- sbd-inquisitor: downgrade the warning about SBD_SYNC_RESOURCE_STARTUP to notice (bsc#1180966)
  * bsc#1180966-0001-Log-sbd-inquisitor-downgrade-the-warning-about-SBD_S.patch
- Update to version 1.4.2+20210129.5e2100f:
- Doc: adapt description of startup/shutdown sync with pacemaker
- Update to version 1.4.2+20201214.01c18c7:
- sbd-inquisitor: check SBD_SYNC_RESOURCE_STARTUP only in watch mode (bsc#1180966)
- Update to version 1.4.2+20201202.0446439 (v1.4.2):
- ship sbd.pc with basic sbd build information for downstream packages to use
- Update to version 1.4.1+20201105.507bd5f:
- sbd: inform the user to restart the sbd service (bsc#1179655)
- Update the uses of the systemd rpm macros
  * use '%service_del_postun_without_restart' instead of '%service_del_postun -n'
  * drop use of '%service_del_preun -n' as '-n' is unsafe and is deprecated
    This part still needs to be reworked as leaving services running why their
    package has been removed is unsafe.
- Update to version 1.4.1+20200819.4a02ef2:
- sbd-pacemaker: stay with basic string handling
- build: use configure for watchdog-default-timeout & others
- Update to version 1.4.1+20200807.7c21899:
- Update to version 1.4.1+20200727.1117c6b:
- make syncing of pacemaker resource startup configurable
- sbd-pacemaker: sync with pacemakerd for robustness
- Update to version 1.4.1+20200727.971affb:
- sbd-cluster: match qdevice-sync_timeout against wd-timeout
- Rebase:
  * bsc#1140065-Fix-sbd-cluster-exit-if-cmap-is-disconnected.patch
- Update to version 1.4.1+20200624.cee826a:
- sbd-pacemaker: handle new no_quorum_demote (rh#1850078)
shared-mime-info
- Backport bsc1191630.patch: Jaroslav backporting 15fb9891
  glfo#xdg/shared-mime-info!81 to resolve nautilus can no longer
  launch apps when browsing files problem(glfo#xdg/shared-mime-info#11,
  bsc#1191630).
sqlite3
- Sync version 3.36.0 from Factory to implement jsc#SLE-16032.
- Obsoletes sqlite3-CVE-2019-16168.patch.
- The following CVEs have been fixed in upstream releases up to
  this point, but were not mentioned in the change log so far:
  * bsc#1173641, CVE-2020-15358: heap-based buffer overflow in
    multiSelectOrderBy due to mishandling of query-flattener
    optimization
  * bsc#1164719, CVE-2020-9327: NULL pointer dereference and
    segmentation fault because of generated column optimizations in
    isAuxiliaryVtabOperator
  * bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds
    with WITH stack unwinding even after a parsing error
  * bsc#1160438, CVE-2019-19959: memory-management error via
    ext/misc/zipfile.c involving embedded '0' input
  * bsc#1160309, CVE-2019-19923: improper handling  of  certain uses
    of SELECT DISTINCT in flattenSubquery may lead to null pointer
    dereference
  * bsc#1159850, CVE-2019-19924: improper error handling in
    sqlite3WindowRewrite()
  * bsc#1159847, CVE-2019-19925: improper handling of NULL pathname
    during an update of a ZIP archive
  * bsc#1159715, CVE-2019-19926: improper handling  of certain
    errors during parsing  multiSelect in select.c
  * bsc#1159491, CVE-2019-19880: exprListAppendList in window.c
    allows attackers to trigger an invalid pointer dereference
  * bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE
    and CREATE VIEW statements, does not consider confusion with
    a shadow table name
  * bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an
    integrity_check PRAGMA command in certain cases of generated
    columns
  * bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger
    infinite recursion via certain types of self-referential views
    in conjunction with ALTER TABLE statements
  * bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits
    from the colUsed bitmask in the case of a generated column,
    which allows attackers to cause a denial of service
  * bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The
    function sqlite3Select in select.c allows a crash if a
    sub-select uses both DISTINCT and window functions, and also
    has certain ORDER BY usage
  * bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator
    vulnerability
  * bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of
    collation-sequence names
  * CVE-2020-13434 boo#1172115: integer overflow in
    sqlite3_str_vappendf
  * CVE-2020-13630 boo#1172234: use-after-free in fts3EvalNextRow
  * CVE-2020-13631 boo#1172236: virtual table allowed to be renamed
    to one of its shadow tables
  * CVE-2020-13632 boo#1172240: NULL pointer dereference via
    crafted matchinfo() query
  * CVE-2020-13435: Malicious SQL statements could have crashed the
    process that is running SQLite (boo#1172091)
sudo
- Update to 1.8.27
  - jsc#SLE-17083
  - Rebased the following patches:
    sudo-1.8.22-CVE-2019-18634.patch
    sudo-1.8.22-fix_listpw.patch
    sudo-1.8.22-pam_xauth.patch
    sudo-CVE-2019-14287.patch
    sudo-CVE-2021-23239.patch
    sudo-CVE-2021-23240.patch
    sudo-CVE-2021-3156.patch
    sudo-fix-bsc-1180687.patch
    sudo-sudoers.patch
  - Deleted sudoers2ldif-env.patch
  - Added from SLE-12-SP5:
  * sudo-1.8.27-ipa_hostname.patch
  * sudo-1.8.27-ldap-respect-SUDOERS_TIMED.patch
  - Major changes between version 1.8.27 and 1.8.26:
  * Fixes and clarifications to the sudo plugin documentation.
  * The sudo manuals no longer require extensive post-processing to hide
    system-specific features. Conditionals in the roff source are now used
    instead. This fixes corruption of the sudo manual on systems without BSD
    login classes. Bug #861.
  * If an I/O logging plugin is configured but the plugin does not actually
    log any I/O, sudo will no longer force the command to be run in a pseudo-tty.
  * In visudo, it is now possible to specify the path to sudoers without
    using the -f option. Bug #864.
  * Fixed a bug introduced in sudo 1.8.22 where the utmp (or utmpx) file
    would not be updated when a command was run in a pseudo-tty. Bug #865.
  * Sudo now sets the silent flag when opening the PAM session except when
    running a shell via sudo -s or sudo -i. This prevents the pam_lastlog
    module from printing the last login information for each sudo command.
    Bug #867.
  - Major changes between version 1.8.26 and 1.8.25p1:
  * Fixed a bug in cvtsudoers when converting to JSON format when alias
    expansion is enabled. Bug #853.
  * Sudo no long sets the USERNAME environment variable when running
    commands. This is a non-standard environment variable that was set on
    some older Linux systems.
  * Sudo now treats the LOGNAME and USER environment variables (as well as
    the LOGIN variable on AIX) as a single unit. If one is preserved or removed
    from the environment using env_keep, env_check or env_delete, so is the
    other.
  * Added support for OpenLDAP's TLS_REQCERT setting in ldap.conf.
  * Sudo now logs when the command was suspended and resumed in the I/O logs.
    This information is used by sudoreplay to skip the time suspended when
    replaying the session unless the new -S flag is used.
  * Fixed documentation problems found by the igor utility. Bug #854.
  * Sudo now prints a warning message when there is an error or end of file
    while reading the password instead of exiting silently.
  * Fixed a bug in the sudoers LDAP back-end parsing the command_timeout,
    role, type, privs and limitprivs sudoOptions. This also affected cvtsudoers
    conversion from LDIF to sudoers or JSON.
  * Fixed a bug that prevented timeout settings in sudoers from functioning
    unless a timeout was also specified on the command line.
  * Asturian translation for sudo from translationproject.org.
  * When generating LDIF output, cvtsudoers can now be configured to pad the
    sudoOrder increment such that the start order is used as a prefix. Bug #856.
  * If the user specifies a group via sudo's -g option that matches any of
    the target user's groups, it is now allowed even if no groups are present
    in the Runas_Spec. Previously, it was only allowed if it matched the target
    user's primary group.
  * The sudoers LDAP back-end now supports negated sudoRunAsUser and
    sudoRunAsGroup entries.
  * Sudo now provides a proper error message when the "/fqdn"/ sudoers option
    is set and it is unable to resolve the local host name. Bug #859.
  * Portuguese translation for sudo and sudoers from translationproject.org.
  * Sudo now includes sudoers LDAP schema for the on-line configuration
    supported by OpenLDAP.
  - Major changes between version 1.8.25p1 and 1.8.25:
  * Fixed a bug introduced in sudo 1.8.25 that caused a crash on systems that
    have the poll() function but not the ppoll() function. Bug #851.
  - Major changes between version 1.8.25 and 1.8.24:
  * Fixed a bug introduced in sudo 1.8.20 that broke formatting of I/O log
    timing file entries on systems without a C99-compatible snprintf()
    function. Our replacement snprintf() doesn't support floating point so we
    can't use the %f format directive.
  * I/O log timing file entries now use a monotonic timer and include
    nanosecond precision. A monotonic timer that does not increment while the
    system is sleeping is used where available.
  * When sudo runs a command in a pseudo-tty, the slave device is now closed
    in the main process immediately after starting the monitor process. This
    removes the need for an AIX-specific workaround that was added in sudo 1.8.24.
  * Fixed a bug displaying timeout values the "/sudo -V"/ output. The value
    displayed was 3600 times the actual value. Bug #846.
  * The testsudoers utility now supports querying an LDIF-format policy.
  * Fixed a regression introduced in sudo 1.8.24 where the LDAP and SSSD
    backends evaluated the rules in reverse sudoOrder. Bug #849.
  - Major changes between version 1.8.24 and 1.8.23:
  * The LDAP and SSS back-ends now use the same rule evaluation code as the
    sudoers file backend. This builds on the work in sudo 1.8.23 where the
    formatting functions for sudo -l output were shared. The handling of
    negated commands in SSS and LDAP is unchanged.
  * Fixed a regression introduced in 1.8.23 where sudo -i could not be used
    in conjunction with --preserve-env=VARIABLE. Bug #835.
  * cvtsudoers can now parse base64-encoded attributes in LDIF files.
  * Random insults are now more random.
  * Added SUDO_CONV_PREFER_TTY flag for conversation function to tell sudo to
    try writing to /dev/tty first. Can be used in conjunction with SUDO_CONV_
    INFO_MSG and SUDO_CONV_ERROR_MSG.
  * Fixed typos in the OpenLDAP sudo schema. Bugs #839 and #840. Bug #839 and
    bug #840.
  * Fixed a race condition when building with parallel make. Bug #842.
  * Fixed a duplicate free when netgroup_base in ldap.conf is set to an
    invalid value.
  * On systems using PAM, sudo now ignores the PAM_NEW_AUTHTOK_REQD and
    PAM_AUTHTOK_EXPIRED errors from PAM account management if authentication is
    disabled for the user. This fixes a regression introduced in sudo 1.8.23.
    Bug #843.
  * Fixed an ambiguity in the sudoers manual in the description and
    definition of User, Runas, Host, and Cmnd Aliases. Bug #834.
  * Fixed a bug that resulted in only the first window size change event
    being logged.
  * Fixed a compilation problem on systems that define O_PATH or O_SEARCH in
    fnctl.h but do not define O_DIRECTORY. Bug #844.
  - Major changes between version 1.8.23 and 1.8.22:
  * PAM account management modules and BSD auth approval modules are now run
    even when no password is required.
  * For kernel-based time stamps, if no terminal is present, fall back to
    parent-pid style time stamps.
  * The new cvtsudoers utility replaces both the sudoers2ldif script and the
    visudo -x functionality. It can read a file in either sudoers or LDIF
    format and produce JSON, LDIF or sudoers output. It is also possible to
    filter the generated output file by user, group or host name.
  * The file, ldap and sss sudoers backends now share a common set of
    formatting functions for "/sudo -l"/ output, which is also used by the
    cvtsudoers utility.
  * The /run directory is now used in preference to /var/run if it exists.
    Bug #822.
  * More accurate descriptions of the --with-rundir and --with-vardir
    configure options. Bug #823.
  * The setpassent() and setgroupent() functions are now used on systems that
    support them to keep the passwd and group database open. Sudo performs a
    lot of passwd and group lookups so it can be beneficial to avoid opening
    and closing the files each time.
  * The new case_insensitive_user and case_insensitive_group sudoers options
    can be used to control whether sudo does case-sensitive matching of users
    and groups in sudoers. Case insensitive matching is now the default.
  * Fixed a bug on some systems where sudo could hang on command exit when
    I/O logging was enabled. Bug #826.
  * Fixed a problem with the process start time test in make check when run
    in a Linux container. The test now uses the "/btime"/ field in /proc/stat to
    get the system start time instead of using /proc/uptime, which is the
    container uptime. Bug #829.
  * When determining which temporary directory to use, sudoedit now checks
    the directory for writability before using it. Previously, sudoedit only
    performed an existence check. Bug #827.
  * Sudo now includes an optional set of Monty Python-inspired insults.
  * Chinese (Taiwan) translation for sudo from translationproject.org.
- Add sudo-1.8.27-ipa_hostname.patch to fix special handling of
  ipa_hostname that was lost in sudo 1.8.24.
  We now include the long and short hostname in sudo parser container
  [bsc#1181371]
- Restore sudo ldap behavior to ignore expire dates when SUDOERS_TIMED
  option is not set in /etc/ldap.conf
  * [bsc#1176473]
  * Added sudo-1.8.27-ldap-respect-SUDOERS_TIMED.patch
    From: https://www.sudo.ws/repos/sudo/rev/d1e1bb5a6cc1
supportutils
- Changes to version 3.1.17
  + Adding ethtool options g l m to network.txt (jsc#SLE-18240)
- Changes to version 3.1.16
  + lsof options to improve performance (bsc#1186687)
- Fixes to supportconfig
  + Exclude rhn.conf from etc.txt (bsc#1186347)
- analyzevmcore supports local directories (bsc#1186397)
- getappcore checks for valid compression binary (bsc#1185991)
- getappcore does not trigger errors with help message (bsc#1185993)
supportutils-plugin-ha-sap
- Update to version 0.0.2+git.1623772960.fed5aa7:
  to fix bsc#1187373
  * Added process list for sid<adm> user
  * Added ENSA1 and ENSA2 informational messages
  * Added filter to gather logs for "/sap_suse_cluster_connector"/
  * Fixed documentation links
  * Updated Documentation Links
  * Added Authentication Section and capture information about
    sid<adm> user
  * Added some additional logic.
  * Obscure clear text password from cluster resources using
    "/crm configure show"/ output
suse-module-tools
- Update to version 15.2.16:
  * blacklist isst_if_mbox_msr (bsc#1187196)
- Update to version 15.2.15:
  * fixup "/rpm-script: fix bad exit status in OpenQA (bsc#1191922)"/
- Update to version 15.2.14:
  * Bump version to 15.2.14
  * rpm-script: fix bad exit status in OpenQA (bsc#1191922)
  * cert-script: Deal with existing $cert.delete file (bsc#1191804).
  * cert-script: Ignore kernel keyring for kernel certificates (bsc#1191480).
  * cert-script: Only print mokutil output in verbose mode.
  * kernel-scriptlets: skip cert scriptlet on non-UEFI systems (bsc#1191260)
  * inkmp-script(postun): don't pass  existing files to weak-modules2 (bsc#1191200)
- Update to version 15.2.13:
  * Import kernel scriptlets from kernel-source
    (bsc#1189841, bsc#1190598)
  * Provide "/suse-kernel-rpm-scriptlets"/
- Update to version 15.2.12:
  * modprobe.d: Remove dma=none setting for parport_pc
    (bsc#1177695)
sysconfig
- Link as Position Independent Executable (bsc#1184124).
sysstat
- Don't hard require systemd, it works without,too. (bsc#1186827)
systemd
- Import commit d38785e9adcf79c9729b94ef9f21185dd5a6d35f
  e1e30f53f2 Revert "/core: rework how we connect to the bus"/ (bsc#1193521 bsc#1193481)
  3463e3178c sleep-config: partitions can't be deleted, only files can
  e9e021b3b9 shared/sleep-config: exclude zram devices from hibernation candidates
- Drop 0001-core-prevent-bus_init_api-from-being-called-recursiv.patch
  This patch is no more needed since it was a follow-up for "/core: rework how we
  connect to the bus"/, which has been reverted.
- Add 0001-core-prevent-bus_init_api-from-being-called-recursiv.patch
- Import commit 43e57122ef9856db4ec4a8a2758bc8f73d2d1835
  1a6747aa01 umount: show correct error message
  e4b8a01ca5 core/umount: fix unitialized fields in MountPoint in dm_list_get()
- Fix IO scheduler udev rules
  * 60-io-scheduler.rules: don't use BFQ for real multiqueue devices
    (jsc#SLE-21032, bsc#1192161)
  * 60-io-scheduler.rules: use "/none"/ for multipath components
    (bsc#1192161)
- Import commit d126915ede24b052216ca940155ea5531970aa95
  f2cf0ac034 busctl: use usec granularity for the timestamp printed by the busctl monitor command (jsc#SLE-21862 jsc#SLE-18102 jsc#SLE-18103)
- Import commit 5acd9826521306d7b312826135afe491bd889a29
  df05d5b906 shutdown: Reduce log level of unmounts (bsc#1191252)
  31f2b51c18 umount: Don't bother remounting api and ro filesystems read-only
  4914963481 umount: Provide the same mount flags too when remounting read-only
  04463997a7 umount: Decide whether to remount read-only earlier
  143aed644f umount: Add more asserts and remove some unused arguments
  09c7ad555d umount: Fix memory leak
  1899743f50 shutdown: explicitly set a log target in shutdown.c
  a66287c2fe test: add tests for mount_option_mangle()
  036077c2a0 mount-util: add mount_option_mangle()
  e90a30bc86 dissect: automatically mark partitions read-only that have a read-only file system
  b09a5f1835 build-sys: require libmount >= 2.30 (#6795)
  2679668b86 systemd-shutdown: use log_set_prohibit_ipc(true)
  32625253bc rationalize interface for opening/closing logging
  46774b1d21 pid1: when we can't log to journal, remember our fallback log target
  cd994c1e81 log: remove LOG_TARGET_SAFE pseudo log target
  8d4ec9ec2e log: add brief comment for log_set_open_when_needed() and log_set_always_reopen_console()
  a914dd2003 pid1: make use of new "/prohibit_ipc"/ logging flag in PID 1 (bsc#1189803)
  496668c670 log: add new "/prohibit_ipc"/ flag to logging system
  9df8261e38 log: make log_set_upgrade_syslog_to_journal() take effect immediately
  15b3fcf953 mount-util: fix fd_is_mount_point() when both the parent and directory are network fs (bsc#1190984)
  1898f668dd core: rework how we connect to the bus (bsc#1190325)
  22a4287477 dbus: split up bus_done() into seperate functions
  42ce096d80 machine-id-setup: generate machine-id from DMI product ID on Amazon EC2
  39ea02b718 virt: detect Amazon EC2 Nitro instance (bsc#1190440)
  ef0253c6e5 virt: if we detect Xen by DMI, trust that over CPUID
- Import commit dc982a577e6d3eea8832083f470e48f6fbf227cc
  ddc6c90310 basic/unit-name: adjust comments
  390bc4e04f basic/unit-name: do not use strdupa() on a path (bsc#1188063 CVE-2021-33910)
  b83b235cac unit-name: generate a clear error code when converting an overly long fs path to a unit name
  4fd60931a5 unit-name: tighten checks for building valid unit names
  513c103faf manager: reexecute on SIGRTMIN+25, user instances only
  ff761f71a9 logind: terminate cleanly on SIGTERM/SIGINT (bsc#1188018)
  b236f23d9d units: make fsck/grows/makefs/makeswap units conflict against shutdown.target
- Dropped 1001-unit-name-tighten-checks-for-building-valid-unit-nam.patch
  Dropped 1002-unit-name-generate-a-clear-error-code-when-convertin.patch
  Dropped 1003-basic-unit-name-do-not-use-strdupa-on-a-path.patch
  Dropped 1004-basic-unit-name-adjust-comments.patch
  These patches have been merged in branch SUSE/v234.
- Update 60-io-scheduler.rules (jsc#SLE-21032, bsc#1134353)
  * rules weren't applied to dm devices (multipath), fix it
    (bsc#1188713)
  * ignore obsolete "/elevator"/ kernel parameter (bsc#1184994, bsc#1190234)
    ("/elevator"/ did falsely overide settings even for blk-mq, fixed).
- Make sure the versions of both udev and systemd packages are always the same (bsc#1189480)
- Avoid the error message when udev is updated due to udev being
  already active when the sockets are started again (bsc#1188291)
- Allow the systemd sysusers config files to be overriden during
  system installation (bsc#1171962).
- While at it, add a comment to explain why we don't use
  %sysusers_create in %pre and why it should be safe in %post.
- Added patches to fix CVE-2021-33910 (bsc#1188063)
  Added 1001-unit-name-tighten-checks-for-building-valid-unit-nam.patch
  Added 1002-unit-name-generate-a-clear-error-code-when-convertin.patch
  Added 1003-basic-unit-name-do-not-use-strdupa-on-a-path.patch
  Added 1004-basic-unit-name-adjust-comments.patch
  These patches will be moved to the git repo once the bug will become
  public.
- Added fix for bsc#1184994 to skip udev rules if 'elevator=' is used
- Create /run/lock/subsys again (bsc#1187292)
  The creation of this directory was mistakenly dropped when
  'filesystem' package took the initialization of the generic paths
  over.
  Paths under /run/lock are still managed by systemd for lack of
  better place.
- Import commit f6f87c1cb4119c41f6fb93702e03cec794829b7c
  d7ed4af259 mount-util: shorten the loop a bit (#7545)
  cdf9cbb509 mount-util: do not use the official MAX_HANDLE_SZ (#7523)
  bbcc63a032 mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761)
  d44adc63ab test: fix test-mount-util when handling duplicate mounts on the same location
  7c74260899 mount-util: fix bad indenting
  c4ef3248e2 mount-util: EOVERFLOW might have other causes than buffer size issues
  3f3eb23ccb mount-util: fix error propagation in fd_fdinfo_mnt_id()
  9f170ee221 mount-util: drop exponential buffer growing in name_to_handle_at_loop()
  5c709e7b31 udev: port udev_has_devtmpfs() to use path_get_mnt_id()
  ac57cefcb9 mount-util: add new path_get_mnt_id() call that queries the mnt ID of a path
  e49d88b898 mount-util: add name_to_handle_at_loop() wrapper around name_to_handle_at()
  060b1db043 core: fix output (logging) for mount units (#7603) (bsc#1187400)
- Import commit 93910b81b809729afa7ff9529b45b1e67f229232
  c289e1e5ae sysusers: use the usual comment style
  f11535886f test/TEST-21-SYSUSERS: add tests for new functionality
  2f2bfa731c sysusers: allow admin/runtime overrides to command-line config
  dbd190cd3b basic/strv: add function to insert items at position
  3c7b4c67fa sysusers: allow the shell to be specified
  f316974ebe man: reformat table in sysusers.d(5)
  24113b7f00 sysusers: take configuration as positional arguments
  8232e059d8 sysusers: emit a bit more info at debug level when locking fails
  461356cfe9 sysusers: allow force reusing existing user/group IDs (#8037)
  dd9349e71a sysusers: ensure GID in uid:gid syntax exists
  5e0ab33e59 sysusers: make ADD_GROUP always create a group
  0dd4a69687 test: add TEST-21-SYSUSERS test
  4dea8a2774 sysuser: use OrderedHashmap
  de09744500 sysusers: allow uid:gid in sysusers.conf files
  9271c17657 meson: "/conf.get(condition)"/ fails if condition was not defined
  These commits implement the option '--replace' for systemd-sysusers
  so %sysusers_create_package can be introduced in SLE and packages
  can rely on this rpm macro without wondering whether the macro is
  available on the different target the package is submitted to.
- udev requires systemd in its %post (bsc#1185958)
  udevadm, called in udev's %post, requires libsystemd-shared-xxx.so.
- Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807)
- Import commit ca070cf0125f3b83fb3d7300ef4f524af47c49a3
  3daea193a1 cgroup: Parse infinity properly for memory protections (bsc#1167471)
  a3f4d2980e cgroup: Make empty assignments reset to default (bsc#1167471)
  72bbd3928c cgroup: Support 0-value for memory protection directives (bsc#1167471)
  9c192a00a4 core/cgroup: accepts MemorySwapMax=0 (#8366) (bsc#1154935)
  d64f691eb7 bus-unit-util: add proper MemorySwapMax= serialization
  98af04a71c core: accept MemorySwapMax= properties that are scaled, too
  d4528bcaa3 execute: make sure to call into PAM after initializing resource limits (bsc#1184967)
  7fb1ab4f38 rlimit-util: introduce setrlimit_closest_all()
  c0d1ae3086 system-conf: drop reference to ShutdownWatchdogUsec=
  9f66f43082 core: rename ShutdownWatchdogSec to RebootWatchdogSec (bsc#1185331)
  82a5f215a3 Return -EAGAIN instead of -EALREADY from unit_reload (bsc#1185046)
- Drop 0010-core-accept-MemorySwapMax-properties-that-are-scaled.patch
  Drop 0011-bus-unit-util-add-proper-MemorySwapMax-serialization.patch
  Drop 0012-core-cgroup-accepts-MemorySwapMax-0-8366.patch
  Drop 0013-cgroup-Support-0-value-for-memory-protection-directi.patch
  Drop 0014-cgroup-Make-empty-assignments-reset-to-default.patch
  Drop 0015-cgroup-Parse-infinity-properly-for-memory-protection.patch
  These patches have been merged in SUSE/v234 branch.
- Import commit bb23f007799c0ad2b14a6da7f74ee242e10b00b9
  611376f830 rules: don't ignore Xen virtual interfaces anymore (bsc#1178561)
  65f4fa852e write_net_rules: set execute bits (bsc#1178561)
  f60153e565 udev: rework network device renaming
  df31eb968a Revert "/Revert "/udev: network device renaming - immediately give up if the target name isn't available"/"/
systemd-presets-common-SUSE
- When installing the systemd-presets-common-SUSE package for the
  first time in a new system, it might happen that some services
  are installed before systemd so the %systemd_pre/post macros
  would not work. This is handled by enabling all preset services
  in this package's %posttrans section but it wasn't enabling
  user services, just system services. Now it enables also the
  user services installed before this package, thus fixing
  boo#1186561
tar
- Link /var/lib/tests/tar/bin/genfile as Position-Independent Executable
  (bsc#1184124).
  + tar-PIE.patch
telnet
- Update Source location to use Gentoo mirror, fixes bsc#1129925
thin-provisioning-tools
- Link as position-independent executable (bsc#1184124).
tigervnc
- tigervnc-FIPS-use-RFC7919.patch
  * Enable GnuTLS 3.6.0 and later to use Diffie-Hellman parameters
    from RFC7919 instead of generating our own, for FIPS compliance.
  * Specify RFC7919 parameters for GnuTLS older than 3.6.0.
  * bsc#1179809
timezone
- timezone update 2021e (bsc#1177460):
  * Palestine will fall back 10-29 (not 10-30) at 01:00
- timezone update 2021d:
  * Fiji suspends DST for the 2021/2022 season
  * 'zic -r' marks unspecified timestamps with "/-00"/
- timezone update 2021c:
  * Revert almost all of 2021b's changes to the 'backward' file
  * Fix a bug in 'zic -b fat' that caused old timestamps to be
    mishandled in 32-bit-only readers
- timezone update 2021b:
  * Jordan now starts DST on February's last Thursday.
  * Samoa no longer observes DST.
  * Move some backward-compatibility links to 'backward'.
  * Rename Pacific/Enderbury to Pacific/Kanton.
  * Correct many pre-1993 transitions in Malawi, Portugal, etc.
  * zic now creates each output file or link atomically.
  * zic -L no longer omits the POSIX TZ string in its output.
  * zic fixes for truncation and leap second table expiration.
  * zic now follows POSIX for TZ strings using all-year DST.
  * Fix some localtime crashes and bugs in obscure cases.
  * zdump -v now outputs more-useful boundary cases.
  * tzfile.5 better matches a draft successor to RFC 8536.
- Refresh tzdata-china.patch
- Install tzdata.zi (bsc#1188127)
tuned
- bsc#1191341
  Tuned: latency-performance profile configures cpu max-cstates to POLL instead of C1
  Fixed by mainline commit:
  latency-peformance: backup latency requirement increased to 3 us
  A set_force_latency_C1.patch
util-linux
- Update to version 2.33.2 to provide seamless update
  from SLE12 SP5 to SLE15 SP2:
  * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
  * mount: Fix "/mount"/ output for net file systems (bsc#1122417).
  * Many Other fixes, see
    https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
  * obsoletes util-linux-agetty-smart-reload-13.patch,
    util-linux-agetty-smart-reload-14.patch.
  * ported util-linux-libmount-pseudofs.patch
- ipcutils: Avoid potential memory allocation overflow
  (bsc#1188921, CVE-2021-37600,
  util-linux-ipcutils-overflow-CVE-2021-37600.patch).
- Fix ipcs testsuite (bsc#1178236#c19,
  util-linux-ipcs-shmall-overflow-ts.patch).
- ipcs: Avoid overflows (bsc#1178236,
  util-linux-ipcs-shmall-overflow-1.patch,
  util-linux-ipcs-shmall-overflow-2.patch).
util-linux-systemd
- Update to version 2.33.2 to provide seamless update
  from SLE12 SP5 to SLE15 SP2:
  * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
  * mount: Fix "/mount"/ output for net file systems (bsc#1122417).
  * Many Other fixes, see
    https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
  * obsoletes util-linux-agetty-smart-reload-13.patch,
    util-linux-agetty-smart-reload-14.patch.
  * ported util-linux-libmount-pseudofs.patch
- ipcutils: Avoid potential memory allocation overflow
  (bsc#1188921, CVE-2021-37600,
  util-linux-ipcutils-overflow-CVE-2021-37600.patch).
- Fix ipcs testsuite (bsc#1178236#c19,
  util-linux-ipcs-shmall-overflow-ts.patch).
- ipcs: Avoid overflows (bsc#1178236,
  util-linux-ipcs-shmall-overflow-1.patch,
  util-linux-ipcs-shmall-overflow-2.patch).
virt-what
- update to 1.21:
  * Nutanix Acropolis Hypervisor detection
  * podman detection
- Add "/which"/ to Requires
  * Fixes boo#1161850, bsc#1176132
- Version bump 1.20. No upstream changelog, see
  http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/tags/v1.20
wget
- When running recursively, wget will verify the length of the whole
  URL when saving the files. This will make it overwrite files with
  truncated names, throwing the "/The name is too long, ... trying to
  shorten"/ messages. The patch moves the length check code to a
  separate function and call it from the append_dir_structure() for each
  path element.
  [ bsc#1181173, 0001-possibly-truncate-pathname-components.patch]
xen
- bsc#1192554 - VUL-0: CVE-2021-28706: xen: guests may exceed their
  designated memory limit (XSA-385)
  xsa385.patch
- bsc#1192557 - VUL-0: CVE-2021-28704,CVE-2021-28707,CVE-2021-28708:
  xen: PoD operations on misaligned GFNs (XSA-388)
  xsa388-1.patch
  xsa388-2.patch
- bsc#1192559 - VUL-0: CVE-2021-28705,CVE-2021-28709: xen: issues
  with partially successful P2M updates on x86 (XSA-389)
  xsa389.patch
- Upstream bug fixes (bsc#1027519)
  6138b7a1-x86-spec-ctrl-split-diagnostics-line.patch
  6138b7a2-x86-AMD-enum-speculative-hints.patch
  6138b7a3-x86-AMD-use-newer-SSBD.patch
  6139f1b1-x86-spec-ctrl-print-AMD-features.patch
  6148453b-VT-d-hidden-devices-unmap.patch
  6148455f-VT-d-PCI-segment-numbers-16-bits.patch
  61532102-PCI-bridge-with-subord-bus-0xFF.patch
  61655b5a-AMD-IOMMU-hidden-devices-flush.patch
- bsc#1191363 - VUL-0: CVE-2021-28702: xen: PCI devices with RMRRs
  not deassigned correctly (XSA-386)
  615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch
- Update to Xen 4.13.4 bug fix release (bsc#1027519)
  xen-4.13.4-testing-src.tar.bz2
- Drop patches contained in new tarball
  5e5001ee-x86-p2m-PoD-accounting-in-gpae.patch
  5e86fa2a-x86-p2m_remove_page-retval.patch
  5e86fa57-x86-p2m-remove-MFN-check.patch
  5f92909a-PCI-cleanup-MSI-before-removing-device.patch
  6011bbc7-x86-timer-fix-boot-without-PIT.patch
  60631c38-VT-d-QI-restore-flush-hooks.patch
  60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
  60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
  60787714-x86-HPET-avoid-legacy-replacement-mode.patch
  608676f2-VT-d-register-based-invalidation-optional.patch
  60a27288-x86emul-gas-2-36-test-harness-build.patch
  60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
  60be0e24-credit2-pick-runnable-unit.patch
  60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
  60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
  60bf9e19-Arm-create-dom0less-domUs-earlier.patch
  60bf9e1a-Arm-boot-modules-scrubbing.patch
  60bf9e1b-VT-d-size-qinval-queue-dynamically.patch
  60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch
  60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch
  60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch
  60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch
  60bfa904-AMD-IOMMU-wait-for-command-slot.patch
  60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch
  60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
  60d49689-VT-d-undo-device-mappings-upon-error.patch
  60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
  60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
  60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
  60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
  61122ac6-credit2-avoid-spuriously-picking-idle.patch
  611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
  611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
  6126339d-AMD-IOMMU-global-ER-extending.patch
  6126344f-AMD-IOMMU-unity-map-handling.patch
  61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch
  6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch
  6126349a-AMD-IOMMU-rearrange-reassignment.patch
  612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch
  612634c3-x86-p2m-introduce-p2m_is_special.patch
  612634dc-x86-p2m-guard-identity-mappings.patch
  612634f4-x86-mm-widen-locked-region-in-xatp1.patch
  6126350a-gnttab-release-mappings-preemption.patch
  6126351f-gnttab-replace-mapkind.patch
  6126353d-gnttab-get-status-frames-array-capacity.patch
  61263553-Arm-restrict-maxmem-for-dom0less.patch
  6128a856-gnttab-radix-tree-node-init.patch
  xsa384.patch
- bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in
  XENMAPSPACE_grant_table handling (XSA-384)
  xsa384.patch
- Upstream bug fixes (bsc#1027519)
  5e5001ee-x86-p2m-PoD-accounting-in-gpae.patch (Replaces xsa378-0a.patch)
  5e86fa2a-x86-p2m_remove_page-retval.patch (Replaces xsa378-0b.patch)
  5e86fa57-x86-p2m-remove-MFN-check.patch (Replaces xsa378-0c.patch)
  61001231-x86-work-around-GNU-ld-2-37-issue.patch
  611a7e38-x86-CET-shstk-WARN-manipulation.patch
  611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
  6128a856-gnttab-radix-tree-node-init.patch
  611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
  61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces
    credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch)
  6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch)
  6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch)
  61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch)
  6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch)
  6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch)
  612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch)
  612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch)
  612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch)
  612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch)
  6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch
  6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch)
  6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch)
  61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch)
- bsc#1189882 - refresh libxc.sr.superpage.patch
  prevent superpage allocation in the LAPIC and ACPI_INFO range
- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
  CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
  xsa378-0a.patch
  xsa378-0b.patch
  xsa378-0c.patch
  xsa378-1.patch
  xsa378-2.patch
  xsa378-3.patch
  xsa378-4.patch
  xsa378-5.patch
  xsa378-6.patch
  xsa378-7.patch
  xsa378-8.patch
- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
  pages may remain accessible after de-allocation. (XSA-379)
  xsa379.patch
- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
  grant table handling. (XSA-380)
  xsa380-1.patch
  xsa380-2.patch
- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
  status frames array bounds check. (XSA-382)
  xsa382.patch
- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
  limit for dom0less domUs. (XSA-383)
  xsa383.patch
- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
  See also bsc#1179246.
  credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch
- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.
- bsc#1176189 - xl monitoring process exits during xl save -p|-c
  keep the monitoring process running to cleanup the domU during shutdown
  xl-save-pc.patch
- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
  60be0e24-credit2-pick-runnable-unit.patch
  60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
- Upstream bug fixes (bsc#1027519)
  60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
  60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
  60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
  60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
  60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
  60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
  60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
  60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
  60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
  60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
  60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
  60d49689-VT-d-undo-device-mappings-upon-error.patch
  60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
  60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
  60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
  60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
- bsc#1183243 - L3: Core cannot be opened when using xl dump-core
  of VM with PTF
  60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
- Update logrotate.conf, move global options into per-file sections
  to prevent globbering of global state (bsc#1187406)
- Fix shell macro expansion in xen.spec, so that ExecStart=
  in xendomains-wait-disks.service is created correctly (bsc#1183877)
- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
  are not scrubbed (XSA-372)
  xsa372-1.patch
  xsa372-2.patch
- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
  timeout detection / handling (XSA-373)
  xsa373-1.patch
  xsa373-2.patch
  xsa373-3.patch
  xsa373-4.patch
  xsa373-5.patch
- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
  Bypass (XSA-375)
  xsa375.patch
- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
  protections not restored after S3 (XSA-377)
  xsa377.patch
- bsc#1180491 - "/Panic on CPU 0: IO-APIC + timer doesn't work!"/
  6011bbc7-x86-timer-fix-boot-without-PIT.patch
- Upstream bug fixes (bsc#1027519)
  60631c38-VT-d-QI-restore-flush-hooks.patch
  60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
  60787714-x86-HPET-avoid-legacy-replacement-mode.patch
  60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
  608676f2-VT-d-register-based-invalidation-optional.patch
  60a27288-x86emul-gas-2-36-test-harness-build.patch
  60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
- Drop gcc10-fixes.patch
- Add xen.sysconfig-fillup.patch to make sure xencommons is in a
  format as expected by fillup. (bsc#1185682)
  Each comment needs to be followed by an enabled key. Otherwise
  fillup will remove manually enabled key=value pairs, along with
  everything that looks like a stale comment, during next pkg update
- Refresh xenstore-launch.patch to cover also daemon case
- Update to Xen 4.13.3 bug fix release (bsc#1027519)
  xen-4.13.3-testing-src.tar.bz2
- Drop patches contained in new tarball
  5faa974f-evtchn-rework-per-channel-lock.patch
  5faa978b-evtchn-revert-52e1fc47abc3a0123.patch
  5faac497-xen-arm-Always-trap-AMU-system-registers.patch
  5fbcdf2e-evtchn-FIFO-access-last.patch
  5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch
  5fbd042b-memory-off-by-one-in-XSA-346.patch
  5fc4ee23-evtchn-FIFO-queue-locking.patch
  5fd8aebb-x86-replace-reset_stack_and_jump_nolp.patch
  5fd8aee5-x86-fold-guest_idle_loop.patch
  5fd8aef3-x86-avoid-calling-do_resume.patch
  5fd8af4b-evtchn-FIFO-add-2nd-smp_rmb.patch
  5fd8b02d-evtchn-FIFO-reorder-and-synchronize.patch
  5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
  5ff71655-x86-dpci-EOI-regardless-of-masking.patch
  5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
  600999ad-x86-dpci-do-not-remove-pirqs-from.patch
  600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
  6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
  6013e546-x86-HVM-reorder-domain-init-error-path.patch
  601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
  602bd768-page_alloc-only-flush-after-scrubbing.patch
  602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
  602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
  602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
  6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
  60410127-gcc11-adjust-rijndaelEncrypt.patch
  60422428-x86-shadow-avoid-fast-fault-path.patch
  xen-4.13.2-testing-src.tar.bz2
  xsa115-1.patch
  xsa115-10.patch
  xsa115-2.patch
  xsa115-3.patch
  xsa115-4.patch
  xsa115-5.patch
  xsa115-6.patch
  xsa115-7.patch
  xsa115-8.patch
  xsa115-9.patch
  xsa322.patch
  xsa324.patch
  xsa325.patch
  xsa351-1.patch
  xsa351-2.patch
  xsa368.patch
- bsc#1137251 - Restore changes for xen-dom0-modules.service which
  were silently removed on 2019-10-17
- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes
  toolstack (XSA-368). Also resolves,
  bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl
  bsc#1181989 - openQA job causes libvirtd to dump core when
  running kdump inside domain
xfsprogs
- xfsprogs-devel: add libhandle1 dependency following split
  (bsc#1191566)
- xfs_admin: support external log devices (bsc#1189984)
  * Add xfsprogs-xfs_admin-support-external-log-devices.patch
- xfs_quota: state command should report ugp grace times (bsc#1189983)
  * Add xfsprogs-xfs_quota-display-warning-limits-when-printing-quota.patch
  * Add xfsprogs-xfs_quota-state-command-should-report-ugp-grace-time.patch
- xfsprogs: Remove barrier/nobarrier mount options from xfs.5
  (bsc#1191675)
  * Add xfsprogs-man-Remove-barrier-nobarrier-mount-options-from.patch
- xfs_io: add label command (bsc#1191500)
  * Add xfsprogs-xfs_io-add-label-command.patch
- xfs_bmap: remove -c from manpage (bsc#1189552)
- xfs_bmap: don't reject -e (bsc#1189552)
  * Add xfsprogs-xfs_bmap-remove-c-from-manpage.patch
  * Add xfsprogs-xfs_bmap-don-t-reject-e.patch
- xfs_repair: check plausibility of root dir pointer before trashing it
  (bsc#1188651)
  * Add xfsprogs-xfs_repair-refactor-fixed-inode-location-checks.patch
  * Add xfsprogs-xfs_repair-check-plausibility-of-root-dir-pointer-be.patch
- xfsprogs: split libhandle1 into a separate package, since nothing
  within xfsprogs dynamically links against it. The shared library
  is still required by xfsdump as a runtime dependency.
- mkfs.xfs: fix ASSERT on too-small device with stripe geometry
  (bsc#1181536)
  * Add xfsprogs-mkfs.xfs-fix-ASSERT-on-too-small-device-with-stripe-.patch
- mkfs.xfs: if either sunit or swidth is nonzero, the other must be as
  well (bsc#1085917, bsc#1181535)
  * Add xfsprogs-mkfs.xfs-if-either-sunit-or-swidth-is-nonzero-the-ot.patch
- xfs_growfs: refactor geometry reporting (bsc#1181306)
  * Add xfsprogs-xfs_growfs-refactor-geometry-reporting.patch
- xfs_growfs: allow mounted device node as argument (bsc#1181299)
  * Add xfsprogs-libfrog-fs_table_lookup_mount-should-realpath-the-ar.patch
  * Add xfsprogs-xfs_fsr-refactor-mountpoint-finding-to-use-libfrog-p.patch
  * Add xfsprogs-xfs_growfs-allow-mounted-device-node-as-argument.patch
- xfs_repair: rebuild directory when non-root leafn blocks claim block 0
  (bsc#1181309)
  * Add xfsprogs-xfs_repair-rebuild-directory-when-non-root-leafn-blo.patch
xkeyboard-config
- U_Fix-media-keys-lag-on-ABNT2-keyboard.patch
  * fixes wrong keyboard mapping causing input delays with ABNT2
    keyboards (bsc#1191242)
xorg-x11-fonts
- Convert the helv*.otb and cour*.otb files in a different way,
  generating all available font sizes as fonts files named
  * -75-dpi-converted and *-100dpi-converted and having the same
  font name for 75 and 100 dpi converted fonts (fixes boo#1174895).
- As part of the above fix, don't remove the "/Regular"/ suffix from
  the full name of fonts in convertfont.py
xterm
- xterm-CVE-2021-27135.patch: Fixed buffer-overflow when clicking
  on selected utf8 text. (bsc#1182091 CVE-2021-27135)
yast2
- Do not escape "/$"/ in URL paths (bsc#1187581).
- 4.2.95
- Ignore sysctl configuration files that do not have the .conf
  extension. The only exception are kernel files
  (/boot/sysctl.conf-*) (bsc#1187018).
- 4.2.94
yast2-add-on
- Auto client does not crash when trying to import from an
  empty add-on section (bsc#1189154).
- 4.2.18
yast2-country
- Move the keyboards database to lib/ to make the module compatible
  with the self-update mechanism (bsc#1189461).
- 4.2.23
- AutoYaST: allow empty /profile/timezone/timezone setting,
  meaning to keep the UTC default (bsc#1188406).
- 4.2.22
- Fix the Comment entry in the desktop file so the tooltip
  in the control center is properly translated (bsc#1187270).
- 4.2.21
yast2-ftp-server
- Fix the label of the certificate input field (bsc#1183786).
- 4.2.6
yast2-installation
- Filter the installation proposals (in the Installation Settings
  screen) according to the AutoYaST profile even before
  tab switching (related to bsc#1190294)
- 4.2.54
- Activate devices before probing (bsc#1187220).
- 4.2.53
- Backport gh#872 by schubi@suse.de:
  - Moving <files> section handling from second installation stage
    to first installation stage. (bsc#1174194)
- 4.2.52
yast2-network
- Fixed interfaces table description for s390 Group devices
  (bsc#1192560).
- 4.2.109
- Replace calls to dropped method InterfacesTable#friendly_name
  (bsc#1192560).
- 4.2.108
- AutoYaST
  - When the interface section contains the "/device"/ (deprecated)
    and "/name"/ elements then use the "/device"/ as the "/name"/ and the
    "/name"/ as the "/description"/. (bsc#1192270)
  - Add the "/description"/ element to the interface section.
- 4.2.107
- Do not crash when checking if a virtual interface is connected
  (bsc#1192183, bsc#1192270).
- 4.2.106
- Do not crash when the interfaces table contains a not configured
  one (bnc#1190645, bsc#1190915)
- Fix the shown description using the interface friendly name when
  it is empty (bsc#1190933)
- 4.2.105
- Consider aliases sections as case insensitive (bsc#1190739).
- 4.2.104
- bnc#1190645
  - display user defined device name in the devices overview
- 4.2.103
- Support 'boot' and 'on' as aliases for the 'auto' startmode
  (bsc#1186910)
- 4.2.102
- Fix the Comment entry in the desktop file so the tooltip
  in the control center is properly translated (bsc#1187270).
- 4.2.101
- Fix error when determining the removed interfaces in order to
  remove their associated routes too (bsc#1186082)
- 4.2.100
yast2-nfs-server
- Set X-SuSE-YaST-AutoInstClient in the desktop file to properly
  determine the client name (bsc#1188618).
- 4.2.5
yast2-nis-server
- Set X-SuSE-YaST-AutoInstClient in the desktop file to properly
  determine the client name (bsc#1188644).
- 4.2.3
yast2-packager
- Fix the Comment entry in the desktop file so the tooltip
  in the control center is properly translated (bsc#1187270).
- 4.2.70
yast2-python-bindings
- Fix backtrace formatting for Python exceptions (bsc#1181595).
- 4.2.0
yast2-registration
- Fixed evaluating the update repositories (bsc#1188717),
  the SUSE Manager update repositories were not disabled
  when installing the system without updates
- 4.2.47
yast2-saptune
- version update from 1.3 to 1.4 to include the following fixes:
- Fixes for bsc#1188321
  Exchange the tuned daemon handling with the new saptune service
  handling for saptune version 3, but stay with the old behaviour
  for systems running saptune version 2.
  Add information, if the service is enabled or disabled.
yast2-schema
- Add 'description' to the interfaces in the networking section
  (bsc#1192270).
- 4.2.16
- Update the rules.xml schema:
  - add the "/hostname"/ element (bsc#1190696).
  - remove the 'haspcmica' element (related to bsc#1183352).
- 4.2.15
- Add missing elements to rules.xml schema:
  - installed_product and installed_product_version (boo#1176089)
  - dialog section (bsc#1188153)
- 4.2.14
yast2-storage-ng
- AutoYaST: fixes for reusing encrypted devices, RAIDs and bcache
  devices (bsc#1193450).
- 4.2.121
- Fix duplicate PV error detection with disabled multipath
  (related to bsc#1170216).
- 4.2.120
- Set the volume group extent size according to the AutoYaST
  profile (bsc#1192124).
- 4.2.119
- Fix the Comment entry in the desktop file so the tooltip
  in the control center is properly translated (bsc#1187270).
- 4.2.118
- ensure mount options are not doubled (bsc#1186298)
- 4.2.117
- try harder matching device names (bsc#1186268)
- 4.2.116
yast2-update
- Avoid to bind-mount /run twice (bsc#1181066).
- 4.2.22
yast2-users
- Do not rewrite authorized_keys unless it is needed (bsc#1188361).
- 4.2.13
- Fix the Comment entry in the desktop file so the tooltip
  in the control center is properly translated (bsc#1187270).
- 4.2.12
zlib
- Update 410.patch to include new fixes from upstream,
  fixes bsc#1192688
- Refresh bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
  to match upstream commit
- Drop patches which changes have been merged in 410.patch:
  * zlib-compression-switching.patch
  * zlib-390x-z15-fix-hw-compression.patch
  * bsc1174551-fxi-imcomplete-raw-streams.patch
zypper
- Fix compiler warning.
- zypper.conf: New option whether to collect subcommands found in
  $PATH (fixes #379)
  +[subcommand] i
  +
  +##  Whether to look for subcommands in $PATH
  +##
  +## If a subcommand is not found in the zypper_execdir, the wrapper
  +## will look in the rest of your $PATH for it. Thus, it's possible
  +## to write local zypper extensions that don't live in system space.
  +## See section SUBCOMMANDS in the zypper manpage.
  +##
  +## Valid values: boolean
  +## Default value: yes
  +##
  +# seachSubcommandInPath = yes.
- help subcommand: show path of command found in $PATH.
- version 1.14.50
- Avoid calling 'su' to detect a too restrictive sudo user umask
  (bsc#1186602)
- Fix typo in German translation (fixes #395)
- BuildRequires:  libzypp-devel >= 17.28.3.
- version 1.14.49
- Support new reports for singletrans rpm commit.
- BuildRequires:  libzypp-devel >= 17.27.1.
  For lock/query comments.
- Prompt: choose exact match if prompt options are not prefix
  free (bsc#1188156)
- Install summary: Show new and removed packages closer to the
  prompt (fixes #403)
  These packages are usually more interesting than the updated
  ones. In case of doubt less scrolling is needed to see them.
- Add need reboot/restart hint to XML install summary
  (bsc#1188435)
- Add comment option for lock command (fixes #388).
- version 1.14.48
- Quick fix obs:// platform guessing for Leap (bsc#1187425)
- man: point out more clearly that patches update affected
  packages to the latest version (bsc#1187466)
- version 1.14.47
- Link all executables with -pie (bsc#1186447)
- Tag PTF packages in the status column (bsc#1186503)
  Like retracted packages, a program temporary fix must be
  explicitly selected and will otherwise not be considered in
  dependency resolution.
- BuildRequires:  libzypp-devel >= 17.26.1.
- version 1.14.46