- cifs-utils
-
- CVE-2022-27239: mount.cifs: fix length check for ip option
parsing; (bsc#1197216) (bso#15025); CVE-2022-27239.
* add 0016-CVE-2022-27239-mount.cifs-fix-length-check-for-ip-op.patch
- dracut
-
- Update to version 049.1+suse.234.g902e489c:
* fix(dracut-install): copy files preserving ownership attributes (bsc#1197967)
- Update to version 049.1+suse.232.g2ccee559:
* fix(dracut-systemd): do not require vconsole-setup.service (bsc#1195508)
* fix(dracut-functions.sh): ip route parsing (bsc#1195011)
- e2fsprogs
-
- libss-add-newer-libreadline.so.7-to-dlopen-path.patch: libss: Add support
for libreadline.so.7 for Leap 15.3 (bsc#1196939)
- gcc11
-
- Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from
packages provided by older GCC work. Add a requires from that
package to the corresponding libstc++6 package to keep those
at the same version. [bsc#1196107]
- Add gcc11-D-dependence-fix.patch to fix memory corruption when
creating dependences with the D language frontend.
- Sync cross.spec.in to avoid trying to build cross-aarch64-gcc1-bootstrap
on aarch64 which is unresolvable.
- Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628]
- Put libstdc++6-pp Requires on the shared library and drop
to Recommends.
- glib2
-
- Add glib2-CVE-2021-28153.patch: fix CREATE_REPLACE_DESTINATION
with symlinks (boo#1183533 glgo#GNOME/glib#2325 CVE-2021-28153).
- google-guest-agent
-
- Update to version 20220204.00 (bsc#1195437, bsc#1195438)
* remove han from owners (#154)
* Remove extra slash from metadata URL. (#151)
- from version 20220104.00
* List IPv6 routes (#150)
- from version 20211228.00
* add add or remove route integration test, utils (#147)
- from version 20211214.00
* add malformed ssh key unit test (#142)
- google-guest-configs
-
- Update to version 20220211.00 (bsc#1195437, bsc#1195438)
* Set NVMe-PD IO timeout to 4294967295. (#32)
- google-guest-oslogin
-
- Update to version 20220205.00 (bsc#1195437, bsc#1195438)
* Fix build for EL9. (#82)
- from version 20211213.00
* Reauth error (#81)
- Rename Source0 field to Source
- Update URL in Source field to point to upstream tarball
- google-osconfig-agent
-
- Update to version 20220209.00 (bsc#1195437, bsc#1195438)
* Update licences, remove deprecated centos-8 tests (#414)
- Update to version 20220204.00
* Add DisableLocalLogging option (#413)
- from version 20220107.00
* OS assignment example: Copy file from bucket
- grub2
-
- Fix grub-install error when efi system partition is created as mdadm software
raid1 device (bsc#1179981) (bsc#1195204)
* 0001-install-fix-software-raid1-on-esp.patch
- Fix error in grub-install when linux root device is on lvm thin volume
(bsc#1192622) (bsc#1191974)
* 0001-grub-install-bailout-root-device-probing.patch
- gzip
-
- Add support to zstd in zgrep, fixes bsc#1198922
* xz_lzma.patch -> xz_lzma_zstd.patch
- Fix escaping of malicious filenames (CVE-2022-1271 bsc#1198062)
* bsc1198062.patch
* bsc1198062-2.patch
- kernel-default
-
- drm: drm_file struct kABI compatibility workaround
(bsc#1197914).
- commit 7d8a3b5
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock
(bsc#1197914).
- drm: add a locked version of drm_is_current_master
(bsc#1197914).
- commit 05fda16
- blacklist.conf: Add reverted/reverting swiotlb change (CVE-2022-0854 bsc#1196823 bsc#1197460)
- commit 8d52c36
- Reinstate some of "/swiotlb: rework "/fix info leak with
DMA_FROM_DEVICE"/"/ (CVE-2022-0854 bsc#1196823).
- swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854
bsc#1196823).
- commit ff554b5
- blacklist.conf: list unneeded commit
- commit 27adcc4
- NFSv4/pNFS: Fix another issue with a list iterator pointing
to the head (git-fixes).
- NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
(git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent()
(git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors
(git-fixes).
- commit 0460a48
- netfilter: nf_tables: initialize registers in nft_do_chain()
(CVE-2022-1016 bsc#1197227).
- commit 7111961
- Delete
patches.suse/net-tipc-validate-domain-record-count-on-input.patch.
This was the original work-in-progress patch for CVE-2022-0435 /
bsc#1195254. Later, a proper backport of mainline commit 9aa422ad3266
("/tipc: improve size validations for received domain records"/) was added as
patches.suse/tipc-improve-size-validations-for-received-domain-re.patch but
this patch was left in place. As it adds the check a bit later than
upstream fix, it did not cause a conflict so nobody noticed the duplicity.
- commit ef08708
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- commit 2237578
- net: kABI workaround for ax25_dev (CVE-2022-1199 bsc#1198028).
- commit 49e69cc
- ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205 bsc#1198027).
- ax25: fix UAF bug in ax25_send_control() (CVE-2022-1205
bsc#1198027).
- ax25: Fix NULL pointer dereferences in ax25 timers
(CVE-2022-1205 bsc#1198027).
- ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1205
bsc#1198027).
- ax25: fix UAF bugs of net_device caused by rebinding operation
(CVE-2022-1205 bsc#1198027).
- ax25: fix reference count leaks of ax25_dev (CVE-2022-1205
bsc#1198027).
- commit cfa1c37
- Update patch reference for ax25 fixes (CVE-2022-1199 bsc#1198028)
- commit 1b5a483
- ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199
bsc#1198028).
- ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1199
bsc#1198028).
- commit f30e94a
- drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
(CVE-2022-1198 bsc#1198030).
- commit 6da2b7d
- hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195
bsc#1198029).
- commit fcd70e2
- hamradio: improve the incomplete fix to avoid NPD (CVE-2022-1195
bsc#1198029).
- hamradio: defer 6pack kfree after unregister_netdev
(CVE-2022-1195 bsc#1198029).
- hamradio: defer ax25 kfree after unregister_netdev
(CVE-2022-1195 bsc#1198029).
- net: hamradio: fix memory leak in mkiss_close (CVE-2022-1195
bsc#1198029).
- commit d30e348
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb
in error path (CVE-2022-28389 bsc#1198033).
- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb()
in error path (CVE-2022-28388 bsc#1198032).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb()
in error path (CVE-2022-28390 bsc#1198031).
- commit d6e6523
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time
(bsc#1180153).
- commit 96da58a
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- commit bd0a18b
- KVM: SVM: Don't flush cache if hardware enforces cache coherency
across encryption domains (bsc#1178134).
- commit 706a179
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- commit e2095ad
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/perf: Don't use perf_hw_context for trace IMC PMU
(bsc#1156395).
- commit 130da3b
- mm/page_alloc.c: do not warn allocation failure on zone DMA
if no managed pages (bsc#1197501).
- dma/pool: create dma atomic pool only if dma zone has managed
pages (bsc#1197501).
- mm_zone: add function to check if managed dma zone exists
(bsc#1197501).
- commit c0f79a1
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled
(git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled
(git-fixes).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function
(git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST
(git-fixes).
- commit 972eb7f
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup()
(bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity
error (bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling
(bsc#1197675 bsc#1196478).
- commit 6fc0429
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb
in error path (git-fixes).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb()
in error path (git-fixes).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in
adsp_alloc_memory_region (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock
(git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
(git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: actions: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- commit 01f6f64
- printk: disable optimistic spin during panic (bsc#1197894).
- commit 0716386
- printk: Add panic_in_progress helper (bsc#1197894).
- commit f29520c
- blacklist.conf: printk: cosmetic problem
- commit eabafef
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- commit dcd324e
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- commit dc4697b
- btrfs: do not commit delayed inode when logging a file in full
sync mode (bsc#1194649).
- btrfs: do not log new dentries when logging that a new name
exists (bsc#1194649).
- commit b03bb01
- Revert "/module, async: async_synchronize_full() on module init
iff async is used"/ (bsc#1197888).
- commit 2252be2
- btrfs: avoid unnecessary lock and leaf splits when updating
inode in the log (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- commit c49b58c
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- commit bcb58d4
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts
(bsc#1194649).
- commit 215b0a5
- btrfs: remove unnecessary directory inode item update when
deleting dir entry (bsc#1194649).
- commit ebbb134
- x86/mm/pat: Don't flush cache if hardware enforces cache
coherency across encryption domnains (bsc#1178134).
- commit ed78280
- btrfs: fix race leading to unnecessary transaction commit when
logging inode (bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction
commit (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor
inodes (bsc#1194649).
- btrfs: fix race that results in logging old extents during a
fast fsync (bsc#1194649).
- commit 54994e0
- scsi: lpfc: Copyright updates for 14.2.0.0 patches
(bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR
paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the
FLOGI path (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to
native SLI4 (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt()
(bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call
(bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- commit e642242
- btrfs: check if a log tree exists at inode_logged()
(bsc#1194649).
- commit 1fd0acd
- btrfs: remove no longer needed full sync flag check at
inode_logged() (bsc#1194649).
- btrfs: eliminate some false positives when checking if inode
was logged (bsc#1194649).
- commit df30719
- btrfs: skip unnecessary searches for xattrs when logging an
inode (bsc#1194649).
- commit e2ffdf0
- btrfs: check if a log root exists before locking the log_mutex
on unlink (bsc#1194649).
- Refresh
patches.suse/0002-btrfs-qgroup-try-to-flush-qgroup-space-when-we-get-E.patch.
- commit 2097b4a
- ext2: correct max file size computing (bsc#1197820).
- commit f1d2053
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- commit 6f18f30
- block: update io_ticks when io hang (bsc#1197817).
- commit 4ee5ce6
- fscrypt: don't ignore minor_hash when hash is 0 (bsc#1197815).
- commit 0c58e0d
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- commit 18f264d
- ecryptfs: Fix typo in message (bsc#1197811).
- commit 9a64b6f
- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and
mmap_lock (CVE-2022-1048 bsc#1197331).
- Refresh
patches.kabi/ALSA-kABI-workaround-for-snd_pcm_runtime-changes.patch.
- commit 2d63590
- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and
mmap_lock (CVE-2022-1048 bsc#1197331).
- Refresh
patches.kabi/ALSA-kABI-workaround-for-snd_pcm_runtime-changes.patch.
- commit db7647d
- bpf: Remove config check to enable bpf support for branch
records (git-fixes bsc#1177028).
- commit 5fff22c
- net: sched: fix use-after-free in tc_new_tfilter()
(CVE-2022-1055 bsc#1197702).
- commit 4c7dc78
- blacklist.conf: kABI
- commit 79d1df3
- blacklist.conf: cleanup, not a bugfix
- commit 3a5b1ab
- blacklist.conf: cleanup, not a bugfix
- commit a1c1b85
- Revert "/usb: dwc3: gadget: Use list_replace_init() before
traversing lists"/ (git-fixes).
- commit 978c488
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues
(bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID
processing (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery
(bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix crash during module load unload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
(bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload
test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management
failure (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str
(bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- commit d7f7c48
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- commit 14ca561
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- commit b8afee8
- usb: bdc: remove duplicated error message (git-fixes).
- commit 3971aef
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- commit 0a2966f
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- commit f4c7fea
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- commit 3293f5c
- usb: gadget: bdc: use readl_poll_timeout() to simplify code
(git-fixes).
- commit 686f431
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling
(git-fixes).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device
(git-fixes).
- serial: core: Fix the definition name in the comment of UPF_*
flags (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake
(git-fixes).
- misc: sgi-gru: Don't cast parameter in bit operations
(git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in
rockchip_pinctrl_probe (git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: mediatek: paris: Fix "/argument"/ argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-*
(git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR()
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for
ARRAY_SIZE() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- commit ed99607
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- commit d8de3ca
- driver core: dd: fix return value of __setup handler
(git-fixes).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit
reversing (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations
(git-fixes).
- iio: inkern: make a best effort on offset calculation
(git-fixes).
- iio: inkern: apply consumer scale when no channel scale is
available (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases
(git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97
codec (git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations
(git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE
NT-USB (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
with alc671 (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface
Go 3 (git-fixes).
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- commit 34d0dc9
- blacklist.conf: Add 1e9d74660d4d "/bpf: Fix mount source show for bpffs"/
Missing required dependency
- commit 5a8e47e
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- commit 36f2c3d
- bpf: Fix comment for helper bpf_current_task_under_cgroup()
(git-fixes).
- commit b94b06c
- x86/cpu: Add hardware-enforced cache coherency as a CPUID
feature (bsc#1178134).
- Refresh patches.suse/x86-cpufeatures-add-sev-es-cpu-feature.
- commit 9b8fd9f
- Metadata update
- commit 20a72ea
- Revert "/Input: clear BTN_RIGHT/MIDDLE on buttonpads"/
(bsc#1197243).
- commit 1e324a1
- Drop HID multitouch fix patch (bsc#1197243)
Delete patches.suse/HID-multitouch-fix-Dell-Precision-7550-and-7750-butt.patch.
Replaced with another revert patch.
- commit 169cf98
- usb: dwc3: qcom: add IRQ check (git-fixes).
- commit 0f04f35
- usb: dwc3: gadget: Use list_replace_init() before traversing
lists (git-fixes).
- commit fa45b43
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
- commit 6c80c92
- Add CVE tags to
patches.suse/ext4-fix-kernel-infoleak-via-ext4_extent_header.patch
(bsc#1189562 bsc#1196761 CVE-2022-0850).
- commit f3cb08f
- blacklist.conf: 3a84fd1ed535 drm/i915/display: Fix HPD short pulse handling for eDP
- commit ae70ffd
- drm/i915/gem: add missing boundary check in vm_access
(git-fixes).
- commit 99cd925
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- commit 9c986de
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- commit 38ac9a8
- Refresh
patches.suse/drm-i915-Fix-bw-atomic-check-when-switching-between-.patch.
Alt-commit
- commit 81cf826
- Refresh
patches.suse/drm-i915-Correctly-populate-use_sagv_wm-for-all-pipe.patch.
Alt-commit
- commit 9f55faf
- Refresh
patches.suse/drm-i915-Fix-dbuf-slice-config-lookup.patch.
Alt-commit
- commit eb12d1f
- drm/amd/display: Add affected crtcs to atomic state for dsc
mst unplug (git-fixes).
- commit 1b3e76b
- blacklist.conf: 3f3a24a0a3a5 drm/amdgpu: Don't offset by 2 in FRU EEPROM
- commit 6877985
- drm/amd/pm: return -ENOTSUPP if there is no
get_dpm_ultimate_freq function (git-fixes).
- commit fb7d1f2
- drm/nouveau/acr: Fix undefined behavior in
nvkm_acr_hsfw_load_bl() (git-fixes).
- commit 4a1a717
- drm/doc: overview before functions for drm_writeback.c
(git-fixes).
- commit 6d05b7f
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- commit 8027fb9
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in
nwl_dsi_probe (git-fixes).
- commit c253ca8
- drm/meson: Fix error handling when afbcd.ops->init fails
(git-fixes).
- commit 42a3562
- drm/meson: osd_afbcd: Add an exit callback to struct
meson_afbcd_ops (git-fixes).
- commit f2138e4
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in
parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).
- commit 4765cfb
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- commit 047d2b7
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same
as vbG200 to avoid black screen (git-fixes).
- commit 3094fd1
- drm/vc4: crtc: Make sure the HDMI controller is powered when
disabling (git-fixes).
- commit 0e082ec
- esp: Fix possible buffer overflow in ESP transformation
(bsc#1197131 CVE-2022-0886 CVE-2022-27666).
- commit 39a5891
- Update
patches.suse/quota-check-block-number-when-reading-the-block-in-q.patch
(bsc#1194589 bsc#1197366 CVE-2021-45868).
- commit 1a6f8a7
- pinctrl: samsung: drop pin banks references on error paths
(git-fixes).
- memory: emif: check the pointer temp in get_device_details()
(git-fixes).
- memory: emif: Add check for setup_interrupts (git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc
(git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe
(git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe()
(git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: Revert "/media: em28xx: add missing
em28xx_close_extension"/ (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame
(git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: hantro: Fix overfill bottom register field name
(git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: bttv: fix WARNING regression on tunerless devices
(git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
(git-fixes).
- video: fbdev: atmel_lcdfb: fix an error code in
atmel_lcdfb_probe() (git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
(git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same
as vbG200 to avoid black screen (git-fixes).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers
(git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and
suspend functions (git-fixes).
- commit 33bac97
- firmware: qcom: scm: Remove reassignment to desc following
initializer (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare()
in msm8916_wcd_digital_probe (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config()
callback (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: atmel: Add missing of_node_put() in
at91sam9g20ek_audio_probe (git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting
(git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: topology: Allow TLV control to be either read or write
(git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ASoC: codecs: wcd934x: fix return value of
wcd934x_rx_hph_mode_put (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred
transaction (git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
(git-fixes).
- commit 364280e
- ALSA: pcm: Fix races among concurrent prealloc proc writes
(CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent prepare and
hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent read/write and buffer
changes (CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent hw_params and hw_free
calls (CVE-2022-1048 bsc#1197331).
- commit 0f1f53e
- cifs: use the correct max-length for dentry_path_raw()
(bsc1196196).
- commit d014f56
- blacklist.conf: a5ce9f2bb665 x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
- commit 2d7347b
- quota: check block number when reading the block in quota file
(bsc#1197366 CVE-2021-45868).
- commit a7d4915
- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
bsc#1197331).
- commit 8a9b87d
- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
bsc#1197331).
- commit 12628f8
- ALSA: pcm: Fix races among concurrent prealloc proc writes
(CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent prepare and
hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent read/write and buffer
changes (CVE-2022-1048 bsc#1197331).
- ALSA: pcm: Fix races among concurrent hw_params and hw_free
calls (CVE-2022-1048 bsc#1197331).
- commit aee063f
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- commit 8c138d0
- fuse: handle kABI change in struct fuse_args (bsc#1197343
CVE-2022-1011).
- fuse: fix pipe buffer lifetime for direct_io (bsc#1197343
CVE-2022-1011).
- commit 112493c
- spi: pxa2xx-pci: Balance reference count for PCI DMA device
(git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe
(git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings
(git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels
(git-fixes).
- crypto: cavium/nitrox - don't cast parameter in bit operations
(git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- crypto: ccree - don't attempt 0 len DMA mappings (git-fixes).
- crypto: qat - don't cast parameter in bit operations
(git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in
pkcs1pad_verify_complete() (git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check
(git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source
scatterlist (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- thermal: int340x: Check for NULL after calling kmemdup()
(git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment
(git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource
documentation (git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler
(git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no
more references (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap
in timer_of_base_init() (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting
udc->dev.driver (git-fixes).
- usb: gadget: rndis: prevent integer overflow in
rndis_set_response() (git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to
connector (git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT
(git-fixes).
- iwlwifi: don't advertise TWT support (git-fixes).
- mac80211: refuse aggregations sessions before authorized
(git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN
device when fully ready (git-fixes).
- commit 240077f
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- commit 4fc5228
- blacklist.conf: Add 2ecedd756908 ("/membarrier: Add an actual barrier before rseq_preempt()"/)
- commit e7a5059
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- commit 3a3c855
- netfilter: conntrack: don't refresh sctp entries in closed state
(bsc#1197389).
- commit d30cf2f
- NFS: Do not report writeback errors in nfs_getattr()
(git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field
(git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Don't skip directory entries when doing uncached readdir
(git-fixes).
- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed
client (git-fixes).
- NFS: Ensure the server has an up to date ctime before
hardlinking (git-fixes).
- commit 0dffa33
- blacklist.conf: fbd5969d1ff2 x86/cpufeatures: Mark two free bits in word 3
- commit 7de8046
- net: hns3: add a check for tqp_index in
hclge_get_ring_chain_from_mbx() (git-fixes).
- commit 197c612
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- commit 5f626af
- net: stmmac: set TxQ mode back to DCB after disabling CBS
(git-fixes).
- commit 64e0e15
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- commit 48628ab
- net: dsa: mv88e6xxx: override existent unicast portvec in
port_fdb_add (git-fixes).
- commit d733e4e
- team: protect features update by RCU to avoid deadlock
(git-fixes).
- commit 0917ada
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- commit e20b4bd
- Update config files.
- commit 5e3d4fd
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- commit 2e1e919
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- commit 37de9a5
- ibmvnic: fix race between xmit and reset (bsc#1197302
ltc#197259).
- commit 1372669
- Revert "/Revert "/build initrd without systemd"/ (bsc#1197300)"/
This reverts commit ff2b28e76a7040ae5ce82c0145965d62159216fd.
- commit 72ed14f
- Update config files (bsc#1195926 bsc#1175667).
VIRTIO_PCI=m -> VIRTIO_PCI=y
- commit 3edad5c
- Revert "/Revert "/rpm/kernel-source.spec.in: call fdupes per subpackage"/"/
This reverts commit f349b8133b949dee1721081d9fbc80cc43327d15.
Which was propagated from my local local tree. Restore the commit
- commit ee9cedc
- x86/speculation: Warn about Spectre v2 LFENCE mitigation
(bsc#1178134).
- Refresh
patches.suse/x86-speculation-warn-about-eibrs-lfence-unprivileged-ebpf-smt.patch.
- commit 8588aa6
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- commit 5c5db21
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF +
SMT (bsc#1178134).
- commit a719566
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- commit 53c2db3
- Sort in upstreamed BHB patches
- Refresh
patches.suse/documentation-hw-vuln-update-spectre-doc.patch.
- Refresh
patches.suse/x86-speculation-add-eibrs-retpoline-options.patch.
- Refresh
patches.suse/x86-speculation-include-unprivileged-ebpf-status-in-spectre-v2-mitigation-reporting.patch.
- Refresh
patches.suse/x86-speculation-rename-retpoline_amd-to-retpoline_lfence.patch.
- Refresh
patches.suse/x86-speculation-use-generic-retpoline-by-default-on-amd.patch.
- commit 4062a7a
- s390/mm: fix VMA and page table handling code in storage key
handling functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions
(git-fixes).
- s390/gmap: don't unconditionally call pte_unmap_unlock()
in __gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling
follow_pte() (git-fixes).
- mm: add vma_lookup(), update find_vma_intersection() comments
(git-fixes).
- commit 808c094
- net/smc: Reset conn->lgr when link group registration fails
(git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- commit 759dc2b
- blacklist.conf: net/smc cleanup with no functional change
- commit 5a33cbb
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- commit 598f26f
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- commit 1580ab2
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- commit 1cdc779
- s390/module: fix loading modules with a lot of relocations
(git-fixes).
- commit bc1865f
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- commit 2f0dd10
- s390/bpf: Perform r1 range checking before accessing
jit->seen_reg (git-fixes).
- commit 1cc7c78
- ldb
-
- Update to version 2.4.2
+ Fix for CVE-2021-3670, ensure that the LDB request has not
timed out during filter processing as the LDAP server
MaxQueryDuration is otherwise not honoured (bsc#1198397).
- libsolv
-
- reworked choice rule generation to cover more usecases
- support SOLVABLE_PREREQ_IGNOREINST in the ordering code
[bsc#1196514]
- support parsing of Debian's Multi-Arch indicator
- bump version to 0.7.22
- fix segfault on conflict resolution when using bindings
- fix split provides not working if the update includes a forbidden
vendor change
- support strict repository priorities
new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY
- support zstd compressed control files in debian packages
- add an ifdef allowing to rename Solvable dependency members
("/requires"/ is a keyword in C++20)
- support setting/reading userdata in solv files
new functions: repowriter_set_userdata, solv_read_userdata
- support queying of the custom vendor check function
new function: pool_get_custom_vendorcheck
- support solv files with an idarray block
- allow accessing the toolversion at runtime
- bump version to 0.7.21
- libtirpc
-
- add option to enforce connection via protocol version 2 first
(bsc#1196647)
add 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
- libzypp
-
- ZConfig: Update solver settings if target changes (bsc#1196368)
- version 17.30.0 (22)
- Fix possible hang in singletrans mode (bsc#1197134)
- Do 2 retries if mount is still busy.
- version 17.29.7 (22)
- Fix package signature check (bsc#1184501)
Pay attention that header and payload are secured by a valid
signature and report more detailed which signature is missing.
- Retry umount if device is busy (bsc#1196061, closes #381)
A previously released ISO image may need a bit more time to
release it's loop device. So we wait a bit and retry.
- Fix serializing/deserializing type mismatch in zypp-rpm
protocol (bsc#1196925)
- Fix handling of ISO media in releaseAll (bsc#1196061)
- Hint on common ptf resolver conflicts (bsc#1194848)
- version 17.29.6 (22)
- Hint on ptf<>patch resolver conflicts (bsc#1194848)
- version 17.29.5 (22)
- lvm2
-
- udev: create symlinks and watch even in suspended state (bsc#1195231)
+ bug-1195231-udev-create-symlinks-and-watch-even-in-suspended-sta.patch
- openldap2
-
- bsc#1191157 - Correct version specification in ppolicy to allow
submission to SP3 for TLS1.3
- bsc#1191157 - allow specification of max/min TLS version with TLS1.3
* 0239-ITS-9422-Update-for-TLS-v1.3.patch
* 0240-ITS-9518-add-LDAP_OPT_X_TLS_PROTOCOL_MAX-option.patch
* 0241-TLS-set-protocol-version.patch
- bsc#1197004 - libldap was able to be out of step with openldap in
some cases which could cause incorrect installations and symbol
resolution failures. openldap2 and libldap now are locked to their
related release versions.
- jsc#PM-3288 - restore CLDAP functionality in CLI tools
- perl
-
- Stabilize Socket::VERSION comparisons [bnc#1193489]
new patch: perl-Stabilize-Socket-VERSION-comparisons.patch
- rsyslog
-
- (CVE-2022-24903) fix potential heap buffer overflow in modules for TCP
syslog reception (bsc#1199061)
* add CVE-2022-24903.patch
- ruby2
-
- Update suse.patch:
- backport fix for CVE-2022-28739: ruby: Buffer overrun in
String-to-Float conversion (boo#1198441)
- back port date 2.0.3 CVE-2021-41817 (boo#1193035)
- merge the previous bug fixes into suse.patch
- CVE-2021-32066.patch
- CVE-2021-31810.patch
- CVE-2021-31799.patch
- Add Requires to make and gcc to ruby-devel to make the default
extconf.rb work
- suse-build-key
-
- No longer install 1024bit keys by default. (bsc#1197293)
- SLE11 key moved to documentation
- old PTF (pre March 2022) moved to documentation only
- systemd
-
- Import commit 12b0904b9117aeaef138784e5b118b82cd87d7cb
b579fe1e09 tmpfiles: constify item_compatible() parameters
01f4af3573 test: add test checking tmpfiles conf file precedence
e8f4d24e97 test tmpfiles: add a test for 'w+'
9c559f3854 tmpfiles.d: only 'w+' can have multiple lines for the same path (bsc#1198090)
7fab6b6a6e journald: make use of CLAMP() in cache_space_refresh()
1c8b02567c journald: make sure journal_file_open() doesn't leave a corrupted file around after failing (bsc#1198114)
0007446abc journal-file: port journal_file_open() to openat_report_new()
a07ad29813 fs-util: make sure openat_report_new() initializes return param also on shortcut
6bb087a1fc fs-util: fix typos in comments
42532a8bfb fs-util: add openat_report_new() wrapper around openat()
- spec: cope with %{_modprobedir} being /lib/modprobe.d on SLE
- Fix the default target when it's been incorrectly set to one of the runlevel
targets (bsc#1196567)
The script 'upgrade-from-pre-210.sh' used to initialize the default target
during migration from sysvinit to systemd. However it created symlinks to
runlevel targets, which are deprecated. If such symlinks are found the script
now renames them to point to 'true' systemd target units.
- When migrating from sysvinit to systemd (it probably won't happen anymore),
let's use the default systemd target, which is the graphical.target one. In
most cases it will do the right thing anyway.
- Import commit 117e7b96f8e8c63a9eec3459147f5352015a6d08
3a395b156d Don't open /var journals in volatile mode when runtime_journal==NULL
1cd65c15e4 udev: 60-persistent-storage-tape.rules: handle duplicate device ID (bsc#1195529)
3ee9953dd4 man: tweak description of auto/noauto (bsc#1191502)
6cfeacbf86 shared/install: ignore failures for auxiliary files
37083278ed install: make UnitFileChangeType enum anonymous
0a02185526 shared/install: reduce scope of iterator variables
86c55bde7f systemd-coredump: allow setting external core size to infinity (bsc#1195899 jsc#SLE-23867)
- update s390 udev rules conversion script to include the case when
the legacy rule was also 41-* (bsc#1195247)
* change scripts-udev-convert-rules.sh
- Add in quarantine 6000-udev-net_id-add-debug-logging-for-construction-of-de.patch
Add in quarantine 6001-udev-net_id-show-the-correct-identifier-in-the-debug.patch
- Add 1009-Drop-or-soften-some-of-the-deprecation-warnings.patch (bsc#1193086)
- systemd-presets-common-SUSE
-
- enable vgauthd service for VMWare by default (bsc#1195251)
- tar
-
- tests-skip-time01-on-32bit-time_t.patch: Add patch to skip test
'tests/time01.at' on platforms with 32-bit time_t for now.
- tar.spec: Reference it.
(%check): Output the testsuite.log in case the testsuite failed.
- The following issues have already been fixed in this package but
weren't previously mentioned in the changes file:
* bsc#1181131, CVE-2021-20193
* bsc#1120610
- GNU tar 1.34:
* Fix extraction over pipe
* Fix memory leak in read_header
* Fix extraction when . and .. are unreadable
* Gracefully handle duplicate symlinks when extracting
* Re-initialize supplementary groups when switching to user
privileges
- GNU tar 1.33:
* POSIX extended format headers do not include PID by default
* --delay-directory-restore works for archives with reversed
member ordering
* Fix extraction of a symbolic link hardlinked to another
symbolic link
* Wildcards in exclude-vcs-ignore mode don't match slash
* Fix the --no-overwrite-dir option
* Fix handling of chained renames in incremental backups
* Link counting works for file names supplied with -T
* Accept only position-sensitive (file-selection) options in file
list files
- remove deprecated texinfo packaging macros
- prepare usrmerge (boo#1029961)
- Drop Requires(pre) info in the preamble: the main package does
not contain any info files, and has not even a pre script. The
- doc subpackage already has the correct deps.
- No longer recommend -lang: supplements are in use.
- update to version 1.32
* Fix the use of --checkpoint without explicit --checkpoint-action
* Fix extraction with the -U option
* Fix iconv usage on BSD-based systems
* Fix possible NULL dereference (savannah bug #55369)
[bsc#1130496] [CVE-2019-9923]
* Improve the testsuite
- remove tar-1.31-tests_dirrem.patch and
tar-1.31-racy_compress_tests.patch that are no longer needed
(applied usptream)
- Remove libattr-devel from buildrequires, tar no longer uses
it but finds xattr functions in libc.
- update to version 1.31
* Fix heap-buffer-overrun with --one-top-level, bug introduced
with the addition of that option in 1.28
* Support for zstd compression
* New option '--zstd' instructs tar to use zstd as compression
program. When listing, extractng and comparing, zstd compressed
archives are recognized automatically. When '-a' option is in
effect, zstd compression is selected if the destination archive
name ends in '.zst' or '.tzst'.
* The -K option interacts properly with member names given in the
command line. Names of members to extract can be specified along
with the "/-K NAME"/ option. In this case, tar will extract NAME
and those of named members that appear in the archive after it,
which is consistent with the semantics of the option. Previous
versions of tar extracted NAME, those of named members that
appeared before it, and everything after it.
* Fix CVE-2018-20482 - When creating archives with the --sparse
option, previous versions of tar would loop endlessly if a
sparse file had been truncated while being archived.
- remove the following patches (upstreamed)
* tar-1.30-tests-difflink.patch
* tar-1.30-tests_dirrem_race.patch
- refresh add_readme-tests.patch
- add tar-1.31-tests_dirrem.patch to fix expected output in dirrem
tests
- add tar-1.31-racy_compress_tests.patch to fix compression tests
- xen
-
- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions
between dirty vram tracking and paging log dirty hypercalls
(XSA-397)
xsa397.patch
- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID
cleanup (XSA-399)
xsa399.patch
- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
map (AMD-Vi) handling issues (XSA-400)
xsa400-01.patch
xsa400-02.patch
xsa400-03.patch
xsa400-04.patch
xsa400-05.patch
xsa400-06.patch
xsa400-07.patch
xsa400-08.patch
xsa400-09.patch
xsa400-10.patch
xsa400-11.patch
- xz
-
- Fix ZDI-CAN-16587 Fix escaping of malicious filenames
(ZDI-CAN-16587 bsc#1198062 CVE-2022-1271)
* bsc1198062.patch
- zypper
-
- info: print the packages upstream URL if available (fixes #426)
- info: Fix SEGV with not installed PTFs (bsc#1196317)
- Don't prevent less restrictive umasks (bsc#1195999)
- version 1.14.52