- SUSEConnect
-
- Update to 0.3.36
- Allow suseconnect-keepalive.service to recognize a configured proxy. (bsc#1200994)
- Remove the `WantedBy` statement from suseconnect-keepalive.service since it's only to be triggered by a systemd timer.
- SUSEConnect will now ensure that the `PROXY_ENABLED` environment variable is honored.
- Write services with ssl_verify=no when using connect with insecure
- Update to 0.3.35
- Rely on system-wide defaults for enabling the keepalive timer by systemd-presets-branding-SLE. (bsc#1200641)
- aaa_base
-
- Add patch git-46-78b2a0b29381c16bec6b2a8fc7eabaa9925782d7.patch
* The wrapper rootsh is not a restricted shell (bsc#1199492)
- ca-certificates-mozilla
-
- Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868)
Added:
- Certainly Root E1
- Certainly Root R1
- DigiCert SMIME ECC P384 Root G5
- DigiCert SMIME RSA4096 Root G5
- DigiCert TLS ECC P384 Root G5
- DigiCert TLS RSA4096 Root G5
- E-Tugra Global Root CA ECC v3
- E-Tugra Global Root CA RSA v3
Removed:
- Hellenic Academic and Research Institutions RootCA 2011
- Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079)
Added:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- D-TRUST BR Root CA 1 2020
- D-TRUST EV Root CA 1 2020
- GlobalSign ECC Root CA R4
- GTS Root R1
- GTS Root R2
- GTS Root R3
- GTS Root R4
- HiPKI Root CA - G1
- ISRG Root X2
- Telia Root CA v2
- vTrus ECC Root CA
- vTrus Root CA
Removed:
- Cybertrust Global Root
- DST Root CA X3
- DigiNotar PKIoverheid CA Organisatie - G2
- GlobalSign ECC Root CA R4
- GlobalSign Root CA R2
- GTS Root R1
- GTS Root R2
- GTS Root R3
- GTS Root R4
- updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)
- Added CAs:
+ HARICA Client ECC Root CA 2021
+ HARICA Client RSA Root CA 2021
+ HARICA TLS ECC Root CA 2021
+ HARICA TLS RSA Root CA 2021
+ TunTrust Root CA
- Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994)
- Added new root CAs:
- NAVER Global Root Certification Authority
- Removed old root CA:
- GeoTrust Global CA
- GeoTrust Primary Certification Authority
- GeoTrust Primary Certification Authority - G3
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- thawte Primary Root CA
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- VeriSign Class 3 Public Primary Certification Authority - G4
- VeriSign Class 3 Public Primary Certification Authority - G5
- cups
-
- cups-branch-2.2-commit-3e4dd41459dabc5d18edbe06eb5b81291885204b.diff
is 'git show 3e4dd41459dabc5d18edbe06eb5b81291885204b' for
https://github.com/apple/cups/commit/3e4dd41459dabc5d18edbe06eb5b81291885204b
(except the not needed hunk for patching CHANGES.md which fails)
that fixes handling of MaxJobTime 0 (Issue #5438) in the CUPS 2.2 branch
bsc#1201511:
Stuck print jobs being cancelled immediately, despite MaxJobTime being set to 0
- curl
-
- Security fix: [bsc#1202593, CVE-2022-35252]
* Control codes in cookie denial of service
* Add curl-CVE-2022-35252.patch
- expat
-
- Security fix:
* (CVE-2022-40674, bsc#1203438) use-after-free in the doContent
function in xmlparse.c
- Added patch expat-CVE-2022-40674.patch
- freetype2
-
- disable brotli linkage / WOFF2 support for now to keep dependencies
as before.
- Added patches:
* CVE-2022-27404.patch
+ fixes bsc#1198830, CVE-2022-27404: Buffer Overflow
* CVE-2022-27405.patch
+ fixes bsc#1198832, CVE-2022-27405: Segmentation Fault
* CVE-2022-27406.patch
+ fixes bsc#1198823, CVE-2022-27406: Segmentation violation
- Update to version 2.10.4
* Fix a heap buffer overflow has been found in the handling of
embedded PNG bitmaps, introduced in FreeType version 2.6
(CVE-2020-15999 bsc#1177914)
* Minor improvements to the B/W rasterizer.
* Auto-hinter support for Medefaidrin script.
* Fix various memory leaks (mainly for CFF) and other issues that
might cause crashes in rare circumstances.
- Update to version 2.10.2
* Support for WOFF2 fonts, add BR on pkgconfig(libbrotlidec)
* Function `FT_Get_Var_Axis_Flags' returned random data for Type 1
MM fonts.
* Type 1 fonts with non-integer metrics are now supported by the new
(CFF) engine introduced in FreeType 2.9.
* Drop support for Python 2 in Freetype's API reference generator
* Auto-hinter support for Hanifi Rohingya
* Document the `FT2_KEEP_ALIVE' debugging environment variable.
- glibc
-
- x86-shared-non-temporal-threshold.patch: Reversing calculation of
__x86_shared_non_temporal_threshold (bsc#1201942)
- memcmp-power10.patch: powerpc: Optimized memcmp for power10
(jsc#PED-987)
- gnutls
-
- Security fix: [bsc#1202020, CVE-2022-2509]
* Fixed double free during verification of pkcs7 signatures
* Add gnutls-CVE-2022-2509.patch
- google-guest-agent
-
- Update to version 20220713.00 (bsc#1202100, bsc#1202101)
* try restoring module mode (#172)
* update for golang 1.16 (#171)
- from version 20220614.00
* Remove log that can break startup scripts (#170)
- from version 20220603.00
* repeat fix for arm (#169)
* no authorized keys on debian (#168)
- from version 20220527.00
* Add authorized keys command to the Windows agent package. (#167)
* Support for Windows SSH (#164)
- from version 20220523.00
* restore double slash metadata url (#166)
- from version 20220520.00
* Support .exe as an option for scripts and refactor runScript (#165)
- Update to version 20220429.00
* Move some functionality to a utils module (#162)
- Update to version 20220412.00
* enable goproxy during build (#163)
- from version 20220321.00
* enable routes for ipv6 (#160)
- google-guest-oslogin
-
- Update to version 20220721.00 (bsc#1202100, bsc#1202101)
* prune outdated info from readme (#86)
- from version 20220714.00
* strip json-c version symbol (#84)
- from version 20220622.00
* pam login: split conditions for logging (#83)
- use pam_moduledir (boo#1191036)
* Support UsrMerge project
- Update to version 20220411.00
* pam login: split conditions for logging (#83)
- google-osconfig-agent
-
- Use install command in %post section to create state file (bsc#1202826)
- Remove useless creation of state file directory in /var/lib
- avoid bashim in post install scripts (bsc#1195391)
- Update to version 20220801.00 (bsc#1202100, bsc#1202101)
* update OWNERS (#438)
* Close client when RegisterAgent fails. (#436)
- from version 20220714.00
* Add timeouts for pip/gem updates. (#433)
- from version 20220623.00
* upgrade to golang 1.16 and override deb build settings for compatibility (#432)
- from version 20220606.00
* new example policy to ensure sshd is running on windows VMs (#430)
- from version 20220531.00
* Add default timeout for pip and gem list commands (#429)
- Don't restart daemon on package upgrade, create a state file instead (bsc#1194319)
- Update to version 20220314.01
* Support COS on arm64 (#426)
- from version 20220314.00
* Fix previous PR: exec.CommandContext cannot be reused (#425)
- from version 20220304.00
* Update the error message when an exec task is run on Windows
without an interpreter (#423)
* Fix string that apt-get returns when requiring downgrade (#422)
* e2e_tests: fix patch test rerun (#421)
* Add --allow-downgrades flag to apt-get calls when it
fails because of wanting to downgrade a package (#418)
* Create e2e test that runs apt-get in a state that makes
it downgrade a package (#420)
* e2e_tests: update OS targets, adjust retries (#419)
* Create change_group.yaml (#416)
- from version 20220215.00
* Add regex support to package exclusion in OS Patch (#415)
- kdump
-
- unload.sh-support-kexec-unload-when-kexec_file_load.patch
Fix unload when secure boot enabled (bsc#1186272)
- fix-network-related-dracut-options-handling-for-fadu.patch
Fix network-related dracut options handling for fadump case
(bsc#1201051)
- kernel-default
-
- Rename colliding patches before the next origin/cve/linux-5.3 -> SLE15-SP3 merge
- commit ed68f11
- mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
(CVE-2022-39188, bsc#1203107).
- commit 84aac57
- netfilter: nf_tables: disallow binding to already bound chain
(bsc#1203117 CVE-2022-39190).
- commit 933f567
- fuse: Remove the control interface for virtio-fs (bsc#1203137).
- fuse: ioctl: translate ENOSYS (bsc#1203136).
- fuse: limit nsec (bsc#1203135).
- commit e82b600
- netfilter: nf_conntrack_irc: Tighten matching on DCC message
(CVE-2022-2663 bsc#1202097).
- netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663
bsc#1202097).
- commit a949534
- Revert "/clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"/
(git-fixes).
- Revert "/usb: gadget: udc-xilinx: replace memcpy with
memcpy_toio"/ (git-fixes).
- commit 855ba08
- gpio: pca953x: Add mutex_lock for regcache sync in PM
(git-fixes).
- Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
(git-fixes).
- Input: rk805-pwrkey - fix module autoloading (git-fixes).
- tty: serial: lpuart: disable flow control while waiting for
the transmit engine to complete (git-fixes).
- serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).
- staging: rtl8712: fix use after free bugs (git-fixes).
- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
(git-fixes).
- clk: core: Fix runtime PM sequence in clk_core_unprepare()
(git-fixes).
- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
(git-fixes).
- hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).
- drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).
- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
(git-fixes).
- drm/msm/dsi: fix the inconsistent indenting (git-fixes).
- drm/i915/reg: Fix spelling mistake "/Unsupport"/ -> "/Unsupported"/
(git-fixes).
- driver core: Don't probe devices after bus_type.match() probe
deferral (git-fixes).
- misc: fastrpc: fix memory corruption on open (git-fixes).
- misc: fastrpc: fix memory corruption on probe (git-fixes).
- iio: adc: mcp3911: use correct formula for AD conversion
(git-fixes).
- iio: adc: mcp3911: make use of the sign bit (git-fixes).
- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
(git-fixes).
- usb: dwc2: fix wrong order of phy_power_on and phy_init
(git-fixes).
- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
(git-fixes).
- thunderbolt: Use the actual buffer in tb_async_error()
(git-fixes).
- usb: typec: altmodes/displayport: correct pin assignment for
UFP receptacles (git-fixes).
- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).
- ieee802154/adf7242: defer destroy_workqueue call (git-fixes).
- Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).
- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
(git-fixes).
- wifi: mac80211: Don't finalize CSA in IBSS mode if state is
disconnected (git-fixes).
- HID: steam: Prevent NULL pointer dereference in
steam_{recv,send}_report (git-fixes).
- commit ed7b741
- ratelimit: Fix data-races in ___ratelimit() (git-fixes).
- serial: mvebu-uart: uart2 error bits clearing (git-fixes).
- tty: vt: initialize unicode screen buffer (git-fixes).
- tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).
- video: fbdev: i740fb: Check the argument of i740_calc_vclk()
(git-fixes).
- usb: renesas: Fix refcount leak bug (git-fixes).
- usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).
- usb: gadget: uvc: call uvc uvcg_warn on completed status
instead of uvcg_info (git-fixes).
- vboxguest: Do not use devm for irq (git-fixes).
- wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).
- wifi: mac80211_hwsim: add back erroneously removed cast
(git-fixes).
- wifi: mac80211_hwsim: fix race condition in pending packet
(git-fixes).
- spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).
- spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).
- commit 86912f8
- mmc: pxamci: Fix another error handling path in pxamci_probe()
(git-fixes).
- mtd: rawnand: meson: Fix a potential double free issue
(git-fixes).
- mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s
error path (git-fixes).
- mtd: partitions: Fix refcount leak in parse_redboot_of
(git-fixes).
- mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in
sm_release (git-fixes).
- mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).
- mtd: maps: Fix refcount leak in of_flash_probe_versatile
(git-fixes).
- PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- net: rose: fix netdev reference changes (git-fixes).
- commit b9934d3
- i2c: imx: Make sure to unregister adapter on remove()
(git-fixes).
- mmc: pxamci: Fix an error handling path in pxamci_probe()
(git-fixes).
- lib/list_debug.c: Detect uninitialized lists (git-fixes).
- mfd: max77620: Fix refcount leak in max77620_initialise_fps
(git-fixes).
- mfd: t7l66xb: Drop platform disable callback (git-fixes).
- HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).
- HID: wacom: Don't register pad_input for touch switch
(git-fixes).
- intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).
- intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).
- intel_th: pci: Add Meteor Lake-P support (git-fixes).
- commit f90560c
- drm/amdgpu: remove useless condition in
amdgpu_job_stop_all_jobs_on_sched() (git-fixes).
- drm/sun4i: dsi: Prevent underflow when computing packet sizes
(git-fixes).
- drm/meson: Fix refcount bugs in
meson_vpu_has_available_connectors() (git-fixes).
- drm/meson: Fix overflow implicit truncation warnings
(git-fixes).
- dmaengine: sprd: Cleanup in .remove() after
pm_runtime_get_sync() failed (git-fixes).
- HID: wacom: Only report rotation for art pen (git-fixes).
- gadgetfs: ep_io - wait until IRQ finishes (git-fixes).
- drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains (git-fixes).
- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
(git-fixes).
- commit 9b0074c
- asm-generic: sections: refactor memory_intersects (git-fixes).
- ACPI: processor: Remove freq Qos request for all CPUs
(git-fixes).
- ata: libata-eh: Add missing command name (git-fixes).
- ALSA: info: Fix llseek return value when using callback
(git-fixes).
- ASoC: tas2770: Allow mono streams (git-fixes).
- ASoC: SOF: debug: Fix potential buffer overflow by snprintf()
(git-fixes).
- ASoC: audio-graph-card: Add of_node_put() in fail path
(git-fixes).
- ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
(git-fixes).
- ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
(git-fixes).
- ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to
S8_TLV (git-fixes).
- ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).
- ASoC: mt6797-mt6351: Fix refcount leak in
mt6797_mt6351_dev_probe (git-fixes).
- clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).
- ACPI: LPSS: Fix missing check in register_device_clock()
(git-fixes).
- ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).
- ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from
DMI quirks (git-fixes).
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for
HP machine (git-fixes).
- clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks
(git-fixes).
- commit a8924db
- Rename colliding patches before the next origin/cve/linux-5.3 -> SLE15-SP3 merge
- commit f477eb5
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
(git-fixes, bsc#1203098).
kABI: Fix kABI after "/mm/rmap: Fix anon_vma->degree ambiguity
leading to double-reuse"/ (git-fixes, bsc#1203098).
- commit cfac9ee
- scsi: lpfc: Copyright updates for 14.2.0.6 patches
(bsc#1203063).
- scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).
- scsi: lpfc: Remove SANDiags related code (bsc#1203063).
- scsi: lpfc: Add warning notification period to CMF_SYNC_WQE
(bsc#1203063).
- scsi: lpfc: Rework MIB Rx Monitor debug info logic
(bsc#1203063).
- scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit
path for GFT_ID (bsc#1203063).
- scsi: lpfc: Fix unsolicited FLOGI receive handling during
PT2PT discovery (bsc#1203063).
- scsi: lpfc: Check the return value of alloc_workqueue()
(bsc#1203063).
- commit e207225
- KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for
!nested_run_pending case (git-fixes).
- commit 17df333
- blacklist.conf: add dbac14a5a05f, as it would break kabi
- commit 55dfee4
- KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
case (git-fixes).
- commit 1a5a475
- KVM: x86: accept userspace interrupt only if no event is
injected (git-fixes).
- commit b61f5d7
- KVM: VMX: Refuse to load kvm_intel if EPT and NX are disabled
(git-fixes).
- commit b27e2cd
- blacklist.conf: Add three patches
44585f7bc0cb psi: fix "/defined but not used"/ warnings when CONFIG_PROC_FS=n
5102bb1c9f82 psi: Fix "/defined but not used"/ warnings when CONFIG_PROC_FS=n
ec2444530612 psi: Fix "/no previous prototype"/ warnings when CONFIG_CGROUPS=n
- commit f8fef55
- s390/mm: do not trigger write fault when vma does not allow
VM_WRITE (git-fixes).
- s390/crash: fix incorrect number of bytes to copy to user space
(git-fixes).
- s390/crash: make copy_oldmem_page() return number of bytes
copied (git-fixes).
- s390/mm: fix 2KB pgtable release race (git-fixes).
- commit 32b8c39
- nvme: fix RCU hole that allowed for endless looping in multipath
round robin (bsc#1202636).
- commit e7e083b
- af_key: Do not call xfrm_probe_algs in parallel (bsc#1202898
CVE-2022-3028).
- commit 50479c7
- usb: dwc3: gadget: Fix IN endpoint max packet size allocation
(git-fixes).
- commit 4ad76ff
- Update patches.suse/watchdog-export-lockup_detector_reconfigure.patch (bsc#1202872 ltc#197920).
- commit 52cb092
- usb: dwc3: gadget: Store resource index of start cmd
(git-fixes).
- commit 4fd8e68
- Update patch reference for USB gadget fix (CVE-2020-27784 bsc#1202895)
- commit 8033d12
- usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).
- Refresh
patches.suse/usb-dwc3-add-cancelled-reasons-for-dwc3-requests.patch.
- commit 32c5550
- usb: dwc3: gadget: Remove unnecessary checks (git-fixes).
- Refresh
patches.suse/usb-dwc3-add-cancelled-reasons-for-dwc3-requests.patch.
- commit 7db43e6
- usb: dwc3: Switch to platform_get_irq_byname_optional()
(git-fixes).
- commit 73d1e58
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like
fallocate (bsc#1194272 CVE-2021-4155).
- commit 049d5e6
- usb: gadget: u_audio: fix race condition on endpoint stop
(git-fixes).
- commit 152ca21
- usb: dwc3: ep0: Fix delay status handling (git-fixes).
- commit af1df0f
- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
- commit 9881846
- bpf: Don't use tnum_range on array range checking for poke
descriptors (bsc#1202564 bsc#1202860 CVE-2022-2905).
- commit c59b8fc
- blacklist.conf: Add reverted patch
d11219ad53dc amdgpu: disable powerpc support for the newer display engine
c653c591789b drm/amdgpu: Re-enable DCN for 64-bit powerpc
- commit b8f5e97
- SUNRPC: Don't dereference xprt->snd_task if it's a cookie
(git-fixes).
- commit 16c3d44
- vmxnet3: do not reschedule napi for rx processing (bsc#1200431).
- vmxnet3: Implement ethtool's get_channels command (bsc#1200431).
- vmxnet3: Record queue number to incoming packets (bsc#1200431).
- vmxnet3: disable overlay offloads if UPT device does not support
(bsc#1200431).
- vmxnet3: update to version 7 (bsc#1200431).
- vmxnet3: use ext1 field to indicate encapsulated packet
(bsc#1200431).
- vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).
- vmxnet3: add command to set ring buffer sizes (bsc#1200431).
- vmxnet3: add support for out of order rx completion
(bsc#1200431).
- vmxnet3: add support for large passthrough BAR register
(bsc#1200431).
- vmxnet3: add support for capability registers (bsc#1200431).
- vmxnet3: prepare for version 7 changes (bsc#1200431).
- net: vmxnet3: fix possible NULL pointer dereference in
vmxnet3_rq_cleanup() (bsc#1200431).
- net: vmxnet3: fix possible use-after-free bugs in
vmxnet3_rq_alloc_rx_buf() (bsc#1200431).
- vmxnet3: Remove useless DMA-32 fallback configuration
(bsc#1200431).
- net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c
(bsc#1200431).
- vmxnet3: do not stop tx queues after netif_device_detach()
(bsc#1200431).
- vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).
- commit b577aa9
- kbuild: do not create built-in objects for external module
builds (jsc#SLE-24559 bsc#1202756).
- commit 56b8142
- tracing/probes: Have kprobes and uprobes use $COMM too
(git-fixes).
- commit 26bf0d1
- spmi: trace: fix stack-out-of-bound access in SPMI tracing
functions (git-fixes).
- commit 8c340f6
- tracing/histograms: Fix memory leak problem (git-fixes).
- commit 07d4ab9
- blacklist.conf: tracepoint cleanup for drivers/char/random
- commit f75eb58
- tracing/histogram: Fix a potential memory leak for kstrdup()
(git-fixes).
- commit cce24b0
- ceph: don't truncate file in atomic_open (bsc#1202811).
- ceph: don't leak snap_rwsem in handle_cap_grant (bsc#1202810).
- commit 75744b6
- blacklist.conf: blacklist fea013e020e6
- commit 2fc68a2
- tracing: Add ustring operation to filtering string pointers
(git-fixes).
- commit 3fbf519
- cgroup: Trace event cgroup id fields should be u64 (git-fixes).
- commit dade489
- blacklist.conf: not-relevant cleanup for drivers/char/random
- commit c90e359
- blktrace: fix blk_rq_merge documentation (git-fixes).
- commit c03c0ec
- hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet
info (bsc#1202701).
- commit 173844d
- tpm: fix reference counting for struct tpm_chip (CVE-2022-2977
bsc#1202672).
- commit b71aab0
- list: add "/list_del_init_careful()"/ to go with
"/list_empty_careful()"/ (bsc#1202745).
- commit 71ed084
- Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
- commit 595e8a4
- blk-iocost: clamp inuse and skip noops in __propagate_weights()
(bsc#1202722).
- commit f84d929
- blk-iocost: rename propagate_active_weights() to
propagate_weights() (bsc#1202722).
- commit 2724a56
- blacklist.conf: Blacklist aebf5db91705
- commit 578fbe5
- blk-iocost: fix operation ordering in iocg_wake_fn()
(bsc#1202720).
- commit 31b540e
- loop: Fix missing discard support when using LOOP_CONFIGURE
(bsc#1202718).
- commit c85296f
- blk-iocost: fix weight updates of inner active iocgs
(bsc#1202717).
- commit 06cf027
- mm: bdi: initialize bdi_min_ratio when bdi is unregistered
(bsc#1197763).
- commit f7b5cbd
- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when
journal aborted (bsc#1202716).
- commit d741558
- jbd2: fix outstanding credits assert in
jbd2_journal_commit_transaction() (bsc#1202715).
- commit 4df2139
- fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages
(bsc#1200873).
- commit b654d4c
- ocfs2: fix crash when initialize filecheck kobj fails
(bsc#1197920).
- commit 137054f
- ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).
- commit 24a97d8
- ocfs2: drop acl cache for directories too (bsc#1191667).
- commit d8cc34a
- reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr
(bsc#1202714).
- commit 4fc81aa
- ext4: recover csum seed of tmp_inode after migrating to extents
(bsc#1202713).
- commit 79e5db2
- ext4: add reserved GDT blocks check (bsc#1202712).
- commit e96e640
- ext4: fix bug_on in ext4_writepages (bsc#1200872).
- commit 8d9a89d
- ext4: fix use-after-free in ext4_rename_dir_prepare
(bsc#1200871).
- commit c9d1b13
- ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).
- commit f4c59a1
- ext4: force overhead calculation if the s_overhead_cluster
makes no sense (bsc#1200870).
- commit 24d5cfc
- ext4: fix overhead calculation to account for the reserved
gdt blocks (bsc#1200869).
- commit 8fa6a02
- ext4: fix use-after-free in ext4_search_dir (bsc#1202710).
- commit bc9242b
- ext4: fix symlink file size not match to file content
(bsc#1200868).
- commit 888bc97
- ext4: fix error handling in ext4_restore_inline_data()
(bsc#1197757).
- commit ed0d1f6
- ext4: don't use the orphan list when migrating an inode
(bsc#1197756).
- commit 2d21beb
- ext4: Fix BUG_ON in ext4_bread when write quota data
(bsc#1197755).
- commit 0551e1a
- ext4: fix potential infinite loop in ext4_dx_readdir()
(bsc#1191662).
- commit 26c80a3
- ext4: fix loff_t overflow in ext4_max_bitmap_size()
(bsc#1202709).
- commit bb20240
- ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()
(bsc#1202708).
- commit 070ad26
- ext4: fix invalid inode checksum (bsc#1179723).
- commit e670453
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- commit 5b945e4
- blacklist.conf: Blacklist ext2 since we don't even compile it
- commit 8f69ba8
- xfs: prevent a UAF when log IO errors race with unmount
(git-fixes).
- commit f7eb5c7
- xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).
- commit f514fcd
- xfs: make xfs_rtalloc_query_range input parameters const
(git-fixes).
- commit 0b84c2b
- xfs: only reset incore inode health state flags when reclaiming
an inode (git-fixes).
- commit a9e17d5
- xfs: bunmapi has unnecessary AG lock ordering issues
(git-fixes).
- commit a76eaaf
- xfs: mark a data structure sick if there are cross-referencing
errors (git-fixes).
- commit b0269a0
- xfs: Fix assert failure in xfs_setattr_size() (git-fixes).
- commit 1433b65
- fuse: handle kABI change in struct sock (bsc#1194535
CVE-2021-4203).
- commit 53bc420
- usb: dwc3: qcom: fix missing optional irq warnings.
- commit de0c0d4
- usb: dwc3: gadget: Remove FS bInterval_m1 limitation
(git-fixes).
- commit fff57cf
- af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
(bsc#1194535 CVE-2021-4203).
- commit 603bd9d
- powerpc/perf: Optimize clearing the pending PMI and remove
WARN_ON for PMI check in power_pmu_disable (bsc#1156395).
- commit d72c6fd
- powerpc/xive: Fix refcount leak in xive_get_max_prio
(fate#322438 git-fixess).
- commit 76798e0
- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
- commit 35df6ef
- powerpc: define get_cycles macro for arch-override
(bsc#1065729).
- commit 39ee615
- blacklist.conf: Add c26d4c5d4f0d powerpc/kvm: Remove obsolete and unneeded select
- commit b069bcf
- blacklist.conf: Add 235cee162459 KVM: PPC: Tick accounting should defer vtime accounting 'til after IRQ handling
- commit a0b9b11
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- net_sched: cls_route: remove from list when handle is 0
(CVE-2022-2588 bsc#1202096).
- commit b08a235
- KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).
- KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
(bsc#1156395).
- KVM: PPC: Book3S HV: Use GLOBAL_TOC for
kvmppc_h_set_dabr/xdabr() (bsc#1156395).
- commit b08465c
- blacklist.conf: duplicate
- commit 23a0769
- usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command
(git-fixes).
- Refresh
patches.suse/usb-dwc3-add-cancelled-reasons-for-dwc3-requests.patch.
- commit 86ac68c
- KVM: PPC: Book3S HV: Context tracking exit guest context before
enabling irqs (bsc#1065729).
- commit b7e4839
- blacklist.conf: later reverted in upstream
- commit 31b3f5b
- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
- commit f3043dc
- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
- commit 1ba1d86
- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420
ZDI-CAN-17325).
- commit 1b534db
- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).
- commit 47070d3
- ext4: Fix check for block being out of directory size
(bsc#1198577 CVE-2022-1184).
- commit e41d129
- ext4: make sure ext4_append() always allocates new block
(bsc#1198577 CVE-2022-1184).
- commit 5c3a0a2
- ext4: check if directory block is within i_size (bsc#1198577
CVE-2022-1184).
- commit d289dcd
- Refresh
patches.suse/locking-lockdep-Avoid-potential-access-of-invalid-me.patch.
Fix builds with CONFIG_LOCKDEP on.
- commit b4f11f2
- PCI: hv: Only reuse existing IRTE allocation for Multi-MSI
(bsc#1200845).
- PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
- PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
(bsc#1200845).
- PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
- PCI: hv: Fix multi-MSI to allow more than one MSI vector
(bsc#1200845).
- PCI: hv: Make the code arch neutral by adding arch specific
interfaces (bsc#1200845).
- commit 7ab7313
- ext4: fix race when reusing xattr blocks (bsc#1198971).
- commit 18b6fb8
- ext4: unindent codeblock in ext4_xattr_block_set()
(bsc#1198971).
- commit 948b7e8
- ext4: remove EA inode entry from mbcache on inode eviction
(bsc#1198971).
- commit d96ae24
- mbcache: add functions to delete entry if unused (bsc#1198971).
- commit dc90bf2
- mbcache: don't reclaim used entries (bsc#1198971).
- commit 9b2430e
- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference
stale pointer (git-fixes).
- commit 267c700
- ARM: 9077/1: PLT: Move struct plt_entries definition to header
(git-fixes).
- commit ece08bc
- ARM: 9078/1: Add warn suppress parameter to
arm_gen_branch_link() (git-fixes).
- commit 3398bca
- ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without
DYNAMIC_FTRACE (git-fixes).
- commit 1d2e217
- ARM: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).
- commit 83b5d04
- blacklist.conf: rework and optimization ftrace commits, not bug fixes
- commit e11832c
- Update config files.
- commit 7f7a8ef
- Update config files (bsc#1201361 bsc#1192968 https://github.com/rear/rear/issues/2554).
ppc64: NVRAM=y
- commit 5e8bf01
- Refresh
patches.suse/x86-speculation-Add-RSB-VM-Exit-protections.patch.
- Updated
patches.suse/x86-speculation-change-fill_return_buffer-to-work-with-objtool.patch.
Add missing objtool annotations from upstream commits and update the latter
patch to fix bsc#1202396.
- commit 8f03705
- objtool: Add support for intra-function calls (bsc#1202396).
- commit eabf007
- objtool: Remove INSN_STACK (bsc#1202396).
- commit c48377d
- objtool: Make handle_insn_ops() unconditional (bsc#1202396).
- commit ef33ad6
- objtool: Rework allocating stack_ops on decode (bsc#1202396).
- commit cd6e886
- objtool: Support multiple stack_op per instruction
(bsc#1202396).
- Refresh
patches.suse/objtool-allow-no-op-cfi-ops-in-alternatives.patch.
- Refresh
patches.suse/objtool-fix-cfi-insn_state-propagation.patch.
- Refresh patches.suse/objtool-fix-orc-vs-alternatives.patch.
- Refresh patches.suse/objtool-rename-struct-cfi_state.patch.
- commit 5c735b5
- s390/ptrace: pass invalid syscall numbers to tracing
(bsc#1192594 LTC#197522).
- commit ad9e50e
- lib: bitmap: provide devm_bitmap_alloc() and
devm_bitmap_zalloc() (git-fixes).
- commit 2469dd3
- firmware: tegra: bpmp: Do only aligned access to IPC memory area
(git-fixes).
- commit 99eaa98
- module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined
symbols (git-fixes).
- commit 35509ca
- blacklist.conf: unneeded and kABI-breaking module loader commits
- commit 3ccf763
- mm: memcontrol: fix potential oom_lock recursion deadlock
(bsc#1202447).
- commit bc21375
- blacklist.conf: Add 7b3c36fc4c23 ptrace: fix task_join_group_stop() for the case when current is traced
- commit 572eadd
- net: enetc: Use pci_release_region() to release some resources
(git-fixes).
- PCI: qcom: Fix pipe clock imbalance (git-fixes).
- net: cpsw: add missing of_node_put() in cpsw_probe_dt()
(git-fixes).
- net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
- net: enetc: report software timestamping via SO_TIMESTAMPING
(git-fixes).
- net:enetc: allocate CBD ring data memory using DMA coherent
methods (git-fixes).
- arm64: signal: nofpsimd: Do not allocate fp/simd context when
not available (git-fixes).
- dpaa2-eth: unregister the netdev before disconnecting from
the PHY (git-fixes).
- net: cpsw: Properly initialise struct page_pool_params
(git-fixes).
- pinctrl/rockchip: fix gpio device creation (git-fixes).
- spi: Fix incorrect cs_setup delay handling (git-fixes).
- random: fix crash on multiple early calls to
add_bootloader_randomness() (git-fixes).
- tee: optee: Fix incorrect page free bug (git-fixes).
- ipmi: ssif: initialize ssif_info->client early (git-fixes).
- serial: tegra: Change lower tolerance baud rate limit for
tegra20 and tegra30 (git-fixes).
- net: mscc: ocelot: correctly report the timestamping RX filters
in ethtool (git-fixes).
- net: mscc: ocelot: don't downgrade timestamping RX filters in
SIOCSHWTSTAMP (git-fixes).
- net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory
(git-fixes).
- coresight: cti: Correct the parameter for pm_runtime_put
(git-fixes).
- net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).
- enetc: Fix endianness issues for enetc_qos (git-fixes).
- commit b9e0ed7
- selftests: futex: Use variable MAKE instead of make (git-fixes).
- commit 7d8ce88
- locking/lockdep: Avoid potential access of invalid memory in
lock_class (git-fixes).
- commit 6e699d5
- Update
patches.suse/can-ems_usb-ems_usb_start_xmit-fix-double-dev_kfree_.patch
(CVE-2022-28390 bsc#1198031).
- commit 9c17688
- Update
patches.suse/can-mcba_usb-mcba_usb_start_xmit-fix-double-dev_kfre.patch
(CVE-2022-28389 bsc#1198033).
- commit 1983a37
- net: ethernet: ezchip: fix error handling (git-fixes).
- commit 5d377ed
- net: ethernet: ezchip: remove redundant check (git-fixes).
- commit cb426d4
- net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).
- commit ed56f34
- blacklist.conf: v5.16-rc2-1-gd257cc8cb8d5 introduces a rwsem regression
- commit edee2a5
- net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).
- commit f83edca
- net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).
- commit d5e4943
- perf bench: Share some global variables to fix build with gcc 10
(git-fixes).
- commit a397021
- net: moxa: Use devm_platform_get_and_ioremap_resource()
(git-fixes).
- commit d13dcd2
- ehea: fix error return code in ehea_restart_qps() (git-fixes).
- commit f14e06e
- net: pch_gbe: Propagate error from devm_gpio_request_one()
(git-fixes).
- commit 51f37b6
- net: ethernet: fix potential use-after-free in ec_bhf_remove
(git-fixes).
- commit 7175e70
- net: fec_ptp: add clock rate zero check (git-fixes).
- commit 16317aa
- net: stmmac: disable clocks in stmmac_remove_config_dt()
(git-fixes).
- commit 1bbbc9a
- net: stmmac: dwmac1000: Fix extended MAC address registers
definition (git-fixes).
- commit c6d0ccf
- ice: report supported and advertised autoneg using PHY
capabilities (git-fixes).
- commit 2243129
- ixgbevf: add correct exception tracing for XDP (git-fixes).
- commit b4db988
- net/mlx5e: Check for needed capability for cvlan matching
(git-fixes).
- commit e46f646
- net: hns: Fix kernel-doc (git-fixes).
- commit 80f2716
- net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).
- commit 99b3a0b
- net: lantiq: fix memory corruption in RX ring (git-fixes).
- commit 55781d8
- net: fec: fix the potential memory leak in fec_enet_init()
(git-fixes).
- commit 43431b4
- net: netcp: Fix an error message (git-fixes).
- commit 0432102
- qlcnic: Add null check after calling netdev_alloc_skb
(git-fixes).
- commit 9764dcc
- ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
(git-fixes).
- commit ca3de9d
- Revert "/niu: fix missing checks of niu_pci_eeprom_read"/
(git-fixes).
- commit c1a547c
- net: stmicro: handle clk_prepare() failure during init
(git-fixes).
- commit 1249947
- Revert "/net: stmicro: fix a missing check of clk_prepare"/
(git-fixes).
- commit c8483b4
- Revert "/net: fujitsu: fix a potential NULL pointer dereference"/
(git-fixes).
- commit 35e4846
- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
(git-fixes).
- commit 11b1f00
- net: davinci_emac: Fix incorrect masking of tx and rx error
channel (git-fixes).
- commit cef2ac2
- blacklist.conf: update blacklist
- commit e0f7a96
- blacklist.conf: Add 59b18a1e65b7 x86/msi: Fix msi message data shadow struct
- commit b422277
- ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).
- commit 090b87e
- ALSA: hda/realtek: Fix deadlock by COEF mutex (git-fixes).
- ALSA: hda: realtek: Fix race at concurrent COEF updates
(git-fixes).
- commit 5b77923
- ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).
- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
(git-fixes).
- ALSA: hda/realtek: Add quirk for the Framework Laptop
(git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).
- commit 8286b1b
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for
HP machines (git-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
- Refresh
patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
- commit 3b1083d
- NTB: ntb_tool: uninitialized heap data in tool_fn_write()
(git-fixes).
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
(git-fixes).
- commit e17531e
- ALSA: hda/realtek: fix mute/micmute LEDs for HP machines
(git-fixes).
- commit 6646862
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
(git-fixes).
- ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
(git-fixes).
- ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).
- commit 4dbfddf
- ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).
- commit 99b2a82
- ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
(git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SF313-51
(git-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
(git-fixes).
- commit a6cb05c
- ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).
- ALSA: usb-audio: More comprehensive mixer map for ASUS ROG
Zenith II (git-fixes).
- ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
(git-fixes).
- ALSA: hda/realtek: Add quirk for another Asus K42JZ model
(git-fixes).
- drm/gem: Properly annotate WW context on
drm_gem_lock_reservations() error (git-fixes).
- commit fc95967
- xfrm: xfrm_policy: fix a possible double xfrm_pols_put()
in xfrm_bundle_lookup() (CVE-2022-36879 bsc#1201948).
- commit 97b83f0
- devlink: Fix use-after-free after a failed reload (git-fixes).
- vsock: Set socket state back to SS_UNCONNECTED in
vsock_connect_timeout() (git-fixes).
- vsock: Fix memory leak in vsock_connect() (git-fixes).
- can: ems_usb: fix clang's -Wunaligned-access warning
(git-fixes).
- geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).
- geneve: fix TOS inheriting for ipv4 (git-fixes).
- Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
(git-fixes).
- atm: idt77252: fix use-after-free bugs caused by tst_timer
(git-fixes).
- virtio_net: fix memory leak inside XPD_TX with mergeable
(git-fixes).
- ACPI: property: Return type of acpi_add_nondev_subnodes()
should be bool (git-fixes).
- pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).
- pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
(git-fixes).
- pinctrl: nomadik: Fix refcount leak in
nmk_pinctrl_dt_subnode_to_map (git-fixes).
- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).
- Revert "/scripts/mod/modpost.c: permit '.cranges' secton for
sh64 architecture."/ (git-fixes).
- ACPI: video: Force backlight native for some TongFang devices
(git-fixes).
- thermal: Fix NULL pointer dereferences in of_thermal_ functions
(git-fixes).
- commit 4ff3e1b
- blacklist.conf: Add 5f89468e2f06 swiotlb: manipulate orig_addr when tlb_addr has offset
- commit a6010ca
- iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement (git-fixes).
- commit f1b6523
- iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).
- commit c36c19c
- iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).
- commit 34bbfc0
- iommu/exynos: Handle failed IOMMU device registration properly
(git-fixes).
- vfio/ccw: Remove UUID from s390 debug log (git-fixes).
- iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).
- iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).
- iommu/msm: Fix an incorrect NULL check on list iterator
(git-fixes).
- iommu/omap: Fix regression in probe for NULL pointer dereference
(git-fixes).
- iommu/iova: Improve 32-bit free space estimate (git-fixes).
- iommu/ipmmu-vmsa: Check for error num after setting mask
(git-fixes).
- commit 040a9c6
- blacklist.conf: add various fixes
- commit 73738d1
- net/packet: fix slab-out-of-bounds access in packet_recvmsg()
(CVE-2022-20368 bsc#1202346).
- commit e8bbbca
- media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers
across ioctls (bsc#1202347 CVE-2022-20369).
- commit 36d8575
- iommu/vt-d: avoid invalid memory access via
node_online(NUMA_NO_NODE) (git-fixes).
- iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking
out of loop (git-fixes).
- commit c88bace
- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862
git-fixes).
- commit d5191b9
- SUNRPC: Fix READ_PLUS crasher (git-fixes).
- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
- NFSD: Fix possible sleep during nfsd4_release_lockowner()
(git-fixes).
- NFSD: prevent integer overflow on 32 bit systems (git-fixes).
- NFSD: prevent underflow in nfssvc_decode_writeargs()
(git-fixes).
- NFSD: Clamp WRITE offsets (git-fixes).
- nfsd: fix use-after-free due to delegation race (git-fixes).
- SUNRPC: Prevent immediate close+reconnect (git-fixes).
- SUNRPC: Clean up scheduling of autoclose (git-fixes).
- NFSv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).
- NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP
on error (git-fixes).
- xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).
- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
- silence nfscache allocation warnings with kvzalloc (git-fixes).
- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID
flag (git-fixes).
- NFS: fix nfs_path in case of a rename retry (git-fixes).
- SUNRPC reverting d03727b248d0 ("/NFSv4 fix CLOSE not waiting
for direct IO compeletion"/) (git-fixes).
- commit a827eeb
- md/bitmap: don't set sb values if can't pass sanity check
(bsc#1197158).
- commit 3927074
- kabi/severities: add stmmac driver local sumbols
- commit 31f077f
- net: lapbether: Prevent racing when checking whether the netif
is running (git-fixes).
- commit 9af3eff
- octeontx2-af: fix infinite loop in unmapping NPC counter
(git-fixes).
- commit c88fc73
- net: mvpp2: fix interrupt mask/unmask skip condition
(git-fixes).
- commit 3584e08
- net: hdlc_x25: Return meaningful error code in x25_open
(git-fixes).
- commit 212e2be
- Update metadata references
- commit b372491
- net: dsa: b53: fix an off by one in checking "/vlan->vid"/
(git-fixes).
- commit ea4caa5
- can: m_can: process interrupt only when not runtime suspended
(git-fixes).
- commit bd4c919
- VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
- VMCI: Release notification_bitmap in error path (bsc#1199291, jsc#SLE-24635).
- VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291, jsc#SLE-24635).
- VMCI: Fix some error handling paths in vmci_guest_probe_device() (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: allocate send and receive buffers for DMA datagrams (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: register dummy IRQ handlers for DMA datagrams (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: detect DMA datagram capability (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: whitespace formatting change for vmci register defines (bsc#1199291, jsc#SLE-24635).
- VMCI: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC (bsc#1199291, jsc#SLE-24635).
- commit 834df98
- remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config
(git-fixes).
- remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).
- watchdog: armada_37xx_wdt: check the return value of
devm_ioremap() in armada_37xx_wdt_probe() (git-fixes).
- tools/thermal: Fix possible path truncations (git-fixes).
- thermal: sysfs: Fix cooling_device_stats_setup() error code path
(git-fixes).
- serial: 8250_dw: Store LSR into lsr_saved_flags in
dw8250_tx_wait_empty() (git-fixes).
- x86/olpc: fix 'logical not is only applied to the left hand
side' (git-fixes).
- kfifo: fix kfifo_to_user() return type (git-fixes).
- profiling: fix shift too large makes kernel panic (git-fixes).
- video: fbdev: s3fb: Check the size of screen before memset_io()
(git-fixes).
- video: fbdev: arkfb: Check the size of screen before memset_io()
(git-fixes).
- video: fbdev: vt8623fb: Check the size of screen before
memset_io() (git-fixes).
- video: fbdev: arkfb: Fix a divide-by-zero bug in
ark_set_pixclock() (git-fixes).
- video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).
- video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).
- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using
giveback (git-fixes).
- kfifo: fix ternary sign extension bugs (git-fixes).
- commit c5d77c5
- x86/speculation: Add LFENCE to RSB fill sequence (bsc#1201726
CVE-2022-26373).
- commit abba98d
- x86/speculation: Add RSB VM Exit protections (bsc#1201726
CVE-2022-26373).
- commit 061bcfd
- x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
(bsc#1201726 CVE-2022-26373).
- commit 16768aa
- acpi: Disable APEI error injection if the kernel is locked down
(bsc#1023051, CVE-2016-3695).
- commit 80750a7
- net: ftgmac100: Fix crash when removing driver (git-fixes).
- commit 6458cfa
- net: stmmac: Modify configuration method of EEE timers
(git-fixes).
- commit b6da91b
- net: stmmac: Use resolved link config in mac_link_up()
(git-fixes).
- commit 4dba15f
- net/sonic: Fix a resource leak in an error handling path in
'jazz_sonic_probe()' (git-fixes).
- commit 8d37be1
- blacklist.conf: update blacklist
- commit 51d7b18
- powerpc: powernv: kABI: add back powernv_get_random_long
(bsc#1065729).
- commit f61a28c
- KVM: PPC: Use arch_get_random_seed_long instead of powernv
variant (bsc#1156395).
- commit 3e6dc98
- powerpc/powernv: rename remaining rng powernv_ functions to pnv_
(bsc#1065729).
- powerpc/powernv: delay rng platform device creation until
later in boot (bsc#1065729).
- commit 74ae44c
- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9
(bsc#1065729).
- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
- commit a69b0d7
- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
- Refresh patches.suse/powerpc-64s-rename-pnv-pseries_setup_rfi_flush-to-_s.patch
- powerpc/powernv: Staticify functions without prototypes
(bsc#1065729).
- commit 98a575d
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
- commit ec6a677
- blacklist.conf: update blacklist
- commit 63fa2f9
- blacklist.conf: update blacklist
- commit cc1d04f
- mmc: cavium-thunderx: Add of_node_put() when breaking out of
loop (git-fixes).
- mmc: cavium-octeon: Add of_node_put() when breaking out of loop
(git-fixes).
- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
(git-fixes).
- memstick/ms_block: Fix a memory leak (git-fixes).
- memstick/ms_block: Fix some incorrect memory allocation
(git-fixes).
- mmc: sdhci-of-esdhc: Fix refcount leak in
esdhc_signal_voltage_switch (git-fixes).
- PCI: tegra194: Fix link up retry sequence (git-fixes).
- PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
- PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
(git-fixes).
- PCI: qcom: Power on PHY before IPQ8074 DBI register accesses
(git-fixes).
- PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
(git-fixes).
- PCI: dwc: Always enable CDM check if "/snps,enable-cdm-check"/
exists (git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
(git-fixes).
- PCI: dwc: Disable outbound windows only for controllers using
iATU (git-fixes).
- PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
(git-fixes).
- PCI: dwc: Stop link on host_init errors and de-initialization
(git-fixes).
- PCI/portdrv: Don't disable AER reporting in
get_port_device_capability() (git-fixes).
- platform/olpc: Fix uninitialized data in debugfs write
(git-fixes).
- USB: Follow-up to SPDX identifiers addition - remove now
useless comments (git-fixes).
- staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback (git-fixes).
- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command
completion (git-fixes).
- USB: serial: fix tty-port initialized comments (git-fixes).
- usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).
- usb: host: xhci: use snprintf() in xhci_decode_trb()
(git-fixes).
- usb: xhci: tegra: Fix error check (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
(git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
(git-fixes).
- iio: light: isl29028: Fix the warning in isl29028_remove()
(git-fixes).
- soundwire: bus_type: fix remove and shutdown support
(git-fixes).
- iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s1200: Fix alignment for DMA safety
(git-fixes).
- iio: proximity: as3935: Fix alignment for DMA safety
(git-fixes).
- intel_th: msu: Fix vmalloced buffers (git-fixes).
- intel_th: msu-sink: Potential dereference of null pointer
(git-fixes).
- intel_th: Fix a resource leak in an error handling path
(git-fixes).
- misc: rtsx: Fix an error handling path in rtsx_pci_probe()
(git-fixes).
- commit 2bc728a
- iio: potentiometer: mcp4131: Fix alignment for DMA safety
(git-fixes).
- iio: potentiometer: mcp41010: Fix alignment for DMA safety
(git-fixes).
- iio: potentiometer: max5481: Fix alignment for DMA safety
(git-fixes).
- iio: potentiometer: ad5272: Fix alignment for DMA safety
(git-fixes).
- iio: gyro: fxas210002c: Fix alignment for DMA safety
(git-fixes).
- iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4371: Fix alignment for DMA safety
(git-fixes).
- iio: frequency: adf4350: Fix alignment for DMA safety
(git-fixes).
- iio: frequency: ad9523: Fix alignment for DMA safety
(git-fixes).
- iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac082s085: Fix alignment for DMA safety
(git-fixes).
- iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
- iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
- commit 7981ef6
- clk: qcom: camcc-sdm845: Fix topology around titan_top power
domain (git-fixes).
- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
(git-fixes).
- clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
- clk: qcom: ipq8074: SW workaround for UBI32 PLL lock
(git-fixes).
- clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
- clk: qcom: clk-krait: unlock spin after mux completion
(git-fixes).
- clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
(git-fixes).
- HID: cp2112: prevent a buffer overflow in cp2112_xfer()
(git-fixes).
- driver core: fix potential deadlock in __driver_attach
(git-fixes).
- iio: amplifiers: ad8366: Fix alignment for DMA safety
(git-fixes).
- iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads124s08: Fix alignment for DMA safety
(git-fixes).
- iio: adc: ti-adc161s626: Fix alignment for DMA safety
(git-fixes).
- iio: adc: ti-adc128s052: Fix alignment for DMA safety
(git-fixes).
- iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc084s021: Fix alignment for DMA safety
(git-fixes).
- iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
- iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
- iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
- iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
- iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
- iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
- iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
- iio: core: Fix IIO_ALIGN and rename as it was not sufficiently
large (git-fixes).
- fpga: altera-pr-ip: fix unsigned comparison with less than zero
(git-fixes).
- commit 9bda156
- openvswitch: fix OOB access in reserve_sfa_size() (CVE-2022-2639
bsc#1202154).
- commit bfc6551
- blacklist.conf: update blacklist
- commit 847721e
- virtio-gpu: fix a missing check to avoid NULL dereference
(git-fixes).
- media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
- media: tw686x: Register the irq at the end of probe (git-fixes).
- wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()` (git-fixes).
- wifi: libertas: Fix possible refcount leak in if_usb_probe()
(git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at
iwl_mvm_mac_wake_tx_queue (git-fixes).
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
(git-fixes).
- wifi: p54: add missing parentheses in p54_flush() (git-fixes).
- wifi: p54: Fix an error handling path in p54spi_probe()
(git-fixes).
- mediatek: mt76: mac80211: Fix missing of_node_put() in
mt76_led_init() (git-fixes).
- mt76: mt76x02u: fix possible memory leak in
__mt76x02u_mcu_send_msg (git-fixes).
- can: pch_can: pch_can_error(): initialize errc before using it
(git-fixes).
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd() (git-fixes).
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
(git-fixes).
- thermal/tools/tmon: Include pthread and time headers in tmon.h
(git-fixes).
- regulator: of: Fix refcount leak bug in
of_get_regulation_constraints() (git-fixes).
- soc: fsl: guts: machine variable might be unset (git-fixes).
- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
(git-fixes).
- virtio-net: fix the race between refill work and close
(git-fixes).
- mt7601u: add USB device ID for some versions of XiaoDu WiFi
Dongle (git-fixes).
- commit 347666b
- drm/amd/display: Enable building new display engine with KCOV
enabled (git-fixes).
- drm/exynos/exynos7_drm_decon: free resources when
clk_set_parent() failed (git-fixes).
- drm/msm/mdp5: Fix global state lock backoff (git-fixes).
- drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform
(git-fixes).
- drm/mediatek: dpi: Only enable dpi after the bridge is enabled
(git-fixes).
- drm/mediatek: dpi: Remove output format of YUV (git-fixes).
- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff
function (git-fixes).
- drm: bridge: sii8620: fix possible off-by-one (git-fixes).
- drm/rockchip: Fix an error handling path rockchip_dp_probe()
(git-fixes).
- drm/rockchip: vop: Don't crash for invalid duplicate_state()
(git-fixes).
- drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
- drm/radeon: fix potential buffer overflow in
ni_set_mc_special_registers() (git-fixes).
- drm/vc4: hdmi: Correct HDMI timing registers for interlaced
modes (git-fixes).
- drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
- drm/vc4: dsi: Add correct stop condition to
vc4_dsi_encoder_disable iteration (git-fixes).
- drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
- drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
- drm/vc4: plane: Fix margin calculations for the right/bottom
edges (git-fixes).
- drm/vc4: plane: Remove subpixel positioning check (git-fixes).
- drm/doc: Fix comment typo (git-fixes).
- drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
- drm: bridge: adv7511: Add check for mipi_dsi_driver_register
(git-fixes).
- drm: adv7511: override i2c address of cec before accessing it
(git-fixes).
- drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
- drm/st7735r: Fix module autoloading for Okaya RH128128T
(git-fixes).
- i2c: mux-gpmux: Add of_node_put() when breaking out of loop
(git-fixes).
- i2c: cadence: Support PEC for SMBus block read (git-fixes).
- i2c: Fix a potential use after free (git-fixes).
- commit cce0615
- drm/bridge: tc358767: Make sure Refclk clock are enabled
(git-fixes).
- Bluetooth: hci_intel: Add check for platform_driver_register
(git-fixes).
- can: error: specify the values of data[5..7] of CAN error frames
(git-fixes).
- can: usb_8dev: do not report txerr and rxerr during bus-off
(git-fixes).
- can: kvaser_usb_leaf: do not report txerr and rxerr during
bus-off (git-fixes).
- can: kvaser_usb_hydra: do not report txerr and rxerr during
bus-off (git-fixes).
- can: sun4i_can: do not report txerr and rxerr during bus-off
(git-fixes).
- can: hi311x: do not report txerr and rxerr during bus-off
(git-fixes).
- can: sja1000: do not report txerr and rxerr during bus-off
(git-fixes).
- can: rcar_can: do not report txerr and rxerr during bus-off
(git-fixes).
- can: pch_can: do not report txerr and rxerr during bus-off
(git-fixes).
- ath10k: do not enforce interrupt trigger type (git-fixes).
- can: Break loopback loop on loopback documentation (git-fixes).
- ACPI: video: Shortening quirk list by identifying Clevo by
board_name only (git-fixes).
- ACPI: APEI: Better fix to avoid spamming the console with old
error logs (git-fixes).
- bus: hisi_lpc: fix missing platform_device_put() in
hisi_lpc_acpi_probe() (git-fixes).
- ACPI: CPPC: Do not prevent CPPC from working in the future
(git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
(git-fixes).
- ath10k: Fix error handling in ath10k_setup_msa_resources
(git-fixes).
- commit 6ee2d65
- ipv4: avoid using shared IP generator for connected sockets
(CVE-2020-36516 bsc#1196616).
- ipv4: tcp: send zero IPID in SYNACK messages (CVE-2020-36516
bsc#1196616).
- commit 6c53c05
- blacklist.conf: add "/sched: Reenable interrupts in do_sched_yield()"/
This patch caused unexplained regressions and it's not fixing any
important issue.
- commit 7b4ecae
- Revert "/Refresh patches.suse/random-fix-crash-on-multiple-early-calls..."/ (bsc#1201645)
This reverts commit f01d1a85f6c5334e324db629b3d43a8be5461b46.
- commit ef555c8
- media: smipcie: fix interrupt handling and IR timeout
(git-fixes).
- commit 72251a4
- sched/fair: Revise comment about lb decision matrix (git fixes
(sched/fair)).
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
(git fixes (kernel/time)).
- random: remove useless header comment (git fixes).
- profiling: fix shift-out-of-bounds bugs (git fixes).
- sched/membarrier: fix missing local execution of
ipi_sync_rq_state() (git fixes (sched/membarrier)).
- mm: fix page reference leak in soft_offline_page() (git fixes
(mm/memory-failure)).
- commit b0029fe
- blacklist.conf: xtensa not used
- commit c7e553d
- blacklist.conf: UML not used
- commit d38c3c3
- blacklist.conf: Cosmetic patch
- commit 137482b
- blacklist.conf: GCC-12 not used
- commit b35581e
- blacklist.conf: KASAN not configured
- commit ddca4d2
- blacklist.conf: Clang not used for build
- commit f6cb05a
- blacklist.conf: KASAN not configured
- commit db5c6ef
- blacklist.conf: 6ffbb45826f5d9ae09aa60cd88594b7816c96190
- commit ae569d4
- blacklist.conf: Build time micro-optimisation
- commit 091232d
- blacklist.conf: Build time micro-optimisation
- commit 06fea81
- blacklist.conf: Build time micro-optimisation
- commit c5a48f8
- blacklist.conf: Build fix that assumes bash does not exist
- commit a35739b
- blacklist.conf: Comment fix only
- commit 1f940f0
- blacklist.conf: Fixes pointing to misleading commit
- commit b94c0dc
- blacklist.conf: Patch has a number of high risk dependencies
- commit 58c61ac
- Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
- commit 9816878
- media: rtl28xxu: add missing sleep before probing slave demod
(git-fixes).
- commit ac926ca
- media: usb: dvb-usb-v2: rtl28xxu: convert to use
i2c_new_client_device() (git-fixes).
- commit 47f6029
- media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T
dongle (git-fixes).
- commit cf3cc2d
- media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).
- commit 27a23c1
- media: rc: increase rc-mm tolerance and add debug message
(git-fixes).
- commit 532733e
- media: v4l2-mem2mem: always consider OUTPUT queue during poll
(git-fixes).
- commit 981dce5
- media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll()
(git-fixes).
- commit 691e7d8
- PM: runtime: Remove link state checks in rpm_get/put_supplier()
(git-fixes).
- commit 2786445
- usb: dwc3: add cancelled reasons for dwc3 requests (git-fixes).
- Refresh
patches.suse/Revert-usb-dwc3-gadget-Use-list_replace_init-before-.patch.
- Refresh
patches.suse/usb-dwc3-gadget-Use-list_replace_init-before-travers.patch.
- commit de6720f
- Rename colliding patches before the next origin/cve/linux-5.3 -> SLE15-SP3 merge
- commit bafbca0
- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)
- commit a77b059
- KVM: x86: Update vCPU's hv_clock before back to guest when
tsc_offset is adjusted (git-fixes).
- commit 143ba5a
- Updated commit IDs from a rebased upstream branch:
- patches.suse/powerpc-pseries-mobility-set-NMI-watchdog-factor-dur.patch.
- patches.suse/powerpc-watchdog-introduce-a-NMI-watchdog-s-factor.patch.
- patches.suse/watchdog-export-lockup_detector_reconfigure.patch.
- commit a3cdcd5
- KVM: x86: Fix split-irqchip vs interrupt injection window
request (git-fixes).
- commit 69e8da6
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
(git-fixes).
- commit 156ec3b
- net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).
- commit 2fe0bb0
- net: usb: use eth_hw_addr_set() (git-fixes).
- commit cd08705
- KVM: VMX: Don't freeze guest when event delivery causes an
APIC-access exit (git-fixes).
- commit 13e27e5
- net: usb: ax88179_178a: add MCT usb 3.0 adapter (git-fixes).
- commit 5a414a0
- net: usb: ax88179_178a: add Toshiba usb 3.0 adapter (git-fixes).
- commit 65c08ec
- net: usb: ax88179_178a: remove redundant assignment to variable
ret (git-fixes).
- commit 75d1e2c
- ax88179_178a: add ethtool_op_get_ts_info() (git-fixes).
- commit 8bcd286
- net: usb: ax88179_178a: write mac to hardware in get_mac_addr
(git-fixes).
- commit 18afbc0
- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
(git-fixes).
- commit ad2b012
- lkdtm: Disable return thunks in rodata.c (bsc#1178134).
- commit 564965b
- x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134).
- commit 8fc5407
- netfilter: nf_queue: do not allow packet truncation below
transport header offset (bsc#1201940 CVE-2022-36946).
- commit f4f33cd
- kvm/emulate: Fix SETcc emulation function offsets with SLS
(bsc#1201930).
- commit 0a6851d
- nvme: consider also host_iface when checking ip options
(bsc#1199670).
- commit edd56ec
- drivers/net: Fix kABI in tun.c (git-fixes).
- commit 3adafd5
- FDDI: defxx: Make MMIO the configuration default except for EISA
(git-fixes).
- commit 49c7c8d
- FDDI: defxx: Bail out gracefully with unassigned PCI resource
for CSR (git-fixes).
- commit 87b1bf0
- net: tun: set tun->dev->addr_len during TUNSETLINK processing
(git-fixes).
- commit 11d0ba1
- net: macb: restore cmp registers on resume path (git-fixes).
- commit 73e4cc3
- drivers: net: fix memory leak in peak_usb_create_dev
(git-fixes).
- commit bf7b83d
- drivers: net: fix memory leak in atusb_probe (git-fixes).
- commit 1811ff5
- amd-xgbe: Update DMA coherency values (git-fixes).
- commit 58be63e
- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII
clock (git-fixes).
- commit 5683f5d
- net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes
(git-fixes).
- commit a1e8450
- ftgmac100: Restart MAC HW once (git-fixes).
- commit 9b2ea44
- net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port
(git-fixes).
- commit 74dff8e
- net/mlx5e: When changing XDP program without reset, take refs
for XSK RQs (git-fixes).
- commit 4584eb8
- net: lapbether: Remove netif_start_queue / netif_stop_queue
(git-fixes).
- commit 9195d10
- net: stmmac: fix incorrect DMA channel intr enable setting of
EQoS v4.10 (git-fixes).
- commit 3eac36a
- net: enetc: keep RX ring consumer index in sync with hardware
(git-fixes).
- commit 5b9c123
- net: enetc: fix incorrect TPID when receiving 802.1ad tagged
packets (git-fixes).
- commit d2c7696
- net: hns3: fix error mask definition of flow director
(git-fixes).
- commit e86b116
- blacklist.conf: update blacklist
- commit 545a342
- scsi: lpfc: Copyright updates for 14.2.0.5 patches
(bsc#1201956).
- scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).
- scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
- scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into
lpfc_sli_prep_abort_xri() (bsc#1201956).
- scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved
configuration (bsc#1201956).
- scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test
(bsc#1201956 bsc#1200521).
- scsi: lpfc: Fix attempted FA-PWWN usage after feature disable
(bsc#1201956).
- scsi: lpfc: Fix possible memory leak when failing to issue
CMF WQE (bsc#1201956).
- scsi: lpfc: Remove extra atomic_inc on cmd_pending in
queuecommand after VMID (bsc#1201956).
- scsi: lpfc: Set PU field when providing D_ID in
XMIT_ELS_RSP64_CX iocb (bsc#1201956).
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with
malformed user input (bsc#1201956).
- scsi: lpfc: Fix uninitialized cqe field in
lpfc_nvme_cancel_iocb() (bsc#1201956).
- commit 6e7b732
- scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
- scsi: qla2xxx: Update manufacturer details (bsc#1201958).
- scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
- scsi: qla2xxx: Fix discovery issues in FC-AL topology
(bsc#1201958).
- scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
- scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
- scsi: qla2xxx: Fix response queue handler reading stale packets
(bsc#1201958).
- scsi: qla2xxx: Zero undefined mailbox IN registers
(bsc#1201958).
- scsi: qla2xxx: Fix incorrect display of max frame size
(bsc#1201958).
- scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
(bsc#1201958).
- commit d5c3642
- Drop qla2xxx patch which prevented nvme port discovery
(bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958)
Upstream fixed the problem by reverting the offending commit.
Delete:
- patches.suse/scsi-qla2xxx-Fix-disk-failure-to-rediscover.patch.
- commit 1cb16fb
- hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
- hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).
- hv_netvsc: Fix validation in netvsc_linkstatus_callback()
(bsc#1199364).
- net, xdp: Introduce xdp_build_skb_from_frame utility routine
(bsc#1199364).
- net, xdp: Introduce __xdp_build_skb_from_frame utility routine
(bsc#1199364).
- hv_netvsc: Copy packets sent by Hyper-V out of the receive
buffer (bsc#1199364).
- hv_netvsc: Add (more) validation for untrusted Hyper-V values
(bsc#1199364).
- bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb
signature (bsc#1199364).
- commit cffae99
- KVM: emulate: do not adjust size of fastop and setcc subroutines
(bsc#1201930).
- commit 317f350
- Refresh
patches.suse/x86-prepare-asm-files-for-straight-line-speculation.patch.
- commit c513474
- Update
patches.suse/netfilter-nf_tables-disallow-non-stateful-expression.patch
references (add CVE-2022-32250).
- commit 8871b3f
- net/sched: cls_u32: fix netns refcount changes in u32_change()
(CVE-2022-29581 bsc#1199665).
- commit e1d6992
- random: fix typo in comments (git-fixes).
- commit 49bfcbe
- blacklist.conf: a cleanup that breaks kABI
- commit f8d13cb
- random: document add_hwgenerator_randomness() with other input
functions (git-fixes).
- commit 9a03f2f
- drbd: fix potential silent data corruption (git-fixes).
- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code'
explicit (git-fixes).
- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
(git-fixes).
- linux/random.h: Use false with bool (git-fixes).
- linux/random.h: Remove arch_has_random, arch_has_random_seed
(git-fixes).
- commit a9f5081
- kABI workaround for including mm.h in fs/sysfs/file.c
(bsc#1200598 cve-2022-20166).
- commit 29d7d8a
- net: stmmac: fix watchdog timeout during suspend/resume stress
test (git-fixes).
- commit b651717
- net: stmmac: stop each tx channel independently (git-fixes).
- commit 3ba5a53
- net: stmmac: fix CBS idleslope and sendslope calculation
(git-fixes).
- commit e0b11c6
- net: ag71xx: remove unnecessary MTU reservation (git-fixes).
- commit 6020ebf
- net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE
SFP (git-fixes).
- commit 858de54
- net: amd-xgbe: Reset link when the link never comes back
(git-fixes).
- commit 75c3dff
- net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout
warning (git-fixes).
- commit 2d480f1
- net: amd-xgbe: Reset the PHY rx data path when mailbox command
timeout (git-fixes).
- commit 5734e3e
- net: axienet: Handle deferred probe on clock properly
(git-fixes).
- commit c2493d6
- net: mvneta: Remove per-cpu queue mapping for Armada 3700
(git-fixes).
- commit 421a813
- igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes).
- commit f6ff8de
- macvlan: remove redundant null check on data (git-fixes).
- commit 37296a9
- net: dsa: bcm_sf2: put device node before return (git-fixes).
- commit d83cfd7
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM
(bsc#1201846 ltc#198761).
- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846
ltc#198761).
- watchdog: export lockup_detector_reconfigure (bsc#1201846
ltc#198761).
- powerpc/mobility: wait for memory transfer to complete
(bsc#1201846 ltc#198761).
- commit 4aa9f78
- net: macb: unprepare clocks in case of failure (git-fixes).
- commit 9b3aefc
- net: macb: add function to disable all macb clocks (git-fixes).
- commit e67caf5
- net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (git-fixes).
- commit 2629e74
- octeontx2-af: fix memory leak of lmac and lmac->name (git-fixes).
- commit 12700d6
- net/sonic: Fix some resource leaks in error handling paths (git-fixes).
- commit 823b92f
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- commit 3311dc2
- net: evaluate net.ipv4.conf.all.proxy_arp_pvlan (git-fixes).
- commit 0e7bc32
- net: evaluate net.ipvX.conf.all.ignore_routes_with_linkdown
(git-fixes).
- commit 0b9accc
- cxgb4: Fix the -Wmisleading-indentation warning (git-fixes).
- commit 96affe9
- net: ll_temac: Fix potential NULL dereference in temac_probe()
(git-fixes).
- commit 9f3a68c
- net: stmmac: dwmac1000: provide multicast filter fallback
(git-fixes).
- commit 173655e
- net: ll_temac: Use devm_platform_ioremap_resource_byname()
(git-fixes).
- commit bd77f60
- net: mscc: Fix OF_MDIO config check (git-fixes).
- commit 6a2a9df
- blacklist.conf: update blacklist
- commit 5495889
- blacklist.conf: update blacklist
- commit ccb0438
- i2c: cadence: Change large transfer count reset logic to be
unconditional (git-fixes).
- gpio: pca953x: use the correct register address when regcache
sync during init (git-fixes).
- gpio: pca953x: use the correct range when do regmap sync
(git-fixes).
- gpio: pca953x: only use single read/write for No AI mode
(git-fixes).
- commit 20d420c
- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
- serial: 8250: fix return error code in
serial8250_request_std_resource() (git-fixes).
- wifi: mac80211: fix queue selection for mesh/OCB interfaces
(git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
with alc221 (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
with alc671 (git-fixes).
- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3
model (git-fixes).
- ASoC: madera: Fix event generation for rate controls
(git-fixes).
- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
- ASoC: cs47l15: Fix event generation for low power mux control
(git-fixes).
- ASoC: wm5110: Fix DRE control (git-fixes).
- ASoC: ops: Fix off by one in range control validation
(git-fixes).
- soc: ixp4xx/npe: Fix unused match warning (git-fixes).
- NFC: nxp-nci: don't print header length mismatch on i2c error
(git-fixes).
- platform/x86: hp-wmi: Ignore Sanitization Mode event
(git-fixes).
- virtio_mmio: Restore guest page size on resume (git-fixes).
- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
- commit 7b686cc
- KABI: cgroup: Restore KABI of css_set (bsc#1201610).
- cgroup: Use separate src/dst nodes when preloading css_sets
for migration (bsc#1201610).
- commit fecc544
- Update patches.suse/vt-vt_ioctl-fix-race-in-VT_RESIZEX.patch
(git-fixes bsc#1200910 CVE-2020-36558).
Add references.
- commit d84e9d7
- Update
patches.suse/vt-vt_ioctl-fix-VT_DISALLOCATE-freeing-in-use-virtua.patch
(git-fixes bsc#1201429 CVE-2020-36557).
Add references.
- commit 76ab189
- lockdown: Fix kexec lockdown bypass with ima policy
(CVE-2022-21505 bsc#1201458).
- commit 5806b46
- arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes)
- commit b51a741
- Fix 1201644, 1201664, 1201672, 1201673, 1201676
All are reports of the same problem - the IBRS_* regs push/popping was
wrong but it needs
1b331eeea7b8 ("/x86/entry: Remove skip_r11rcx"/)
too.
- commit 7226005
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- commit e2263d4
- blacklist.conf: updated blacklist for new issue
- commit 93feb45
- mm: and drivers core: Convert hugetlb_report_node_meminfo to
sysfs_emit (bsc#1200598 cve-2022-20166).
- commit 6f05f26
- drivers core: Miscellaneous changes for sysfs_emit (bsc#1200598
cve-2022-20166).
- commit 6ff7ebb
- drivers core: Remove strcat uses around sysfs_emit and neaten
(bsc#1200598 cve-2022-20166).
- commit 4cafd1f
- vt: drop old FONT ioctls (bsc#1201636 CVE-2021-33656).
- commit bcf7213
- drivers core: Use sysfs_emit and sysfs_emit_at for show(device
* ...) functions (bsc#1200598 cve-2022-20166).
- commit 747b6a7
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
(bsc#1200598 cve-2022-20166).
- commit 4aaf7f0
- fbmem: Check virtual screen sizes in fb_set_var()
(CVE-2021-33655 bsc#1201635).
- fbcon: Prevent that screen size is smaller than font size
(CVE-2021-33655 bsc#1201635).
- fbcon: Disallow setting font bigger than screen size
(CVE-2021-33655 bsc#1201635).
- commit a7693d8
- Delete patches.suse/hwmon-Make-chip-parameter-for-with_info-API-mandator.patch (bsc#1201206)
The patch seems causing a regression on Mac.
- commit f885f68
- arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA (git-fixes)
- commit 036b703
- arm64: stackleak: fix current_top_of_stack() (git-fixes)
- commit 9d510a3
- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)
- commit e7722fa
- arm64: module: remove (NOLOAD) from linker script (git-fixes)
- commit 2f78693
- arm64 module: set plt* section addresses to 0x0 (git-fixes)
- commit 5213f10
- kABI workaround for rtsx_usb (git-fixes).
- commit 4ee0d92
- x86/bugs: Remove apostrophe typo (bsc#1178134).
- commit 0dca060
- power/reset: arm-versatile: Fix refcount leak in
versatile_reboot_probe (git-fixes).
- serial: stm32: Clear prev values before setting RTS delays
(git-fixes).
- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
(git-fixes).
- spi: amd: Limit max transfer and message size (git-fixes).
- drm/i915/gt: Serialize TLB invalidates with GT resets
(git-fixes).
- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
(git-fixes).
- raw: Fix a data-race around sysctl_raw_l3mdev_accept
(git-fixes).
- sysctl: Fix data-races in proc_dointvec_ms_jiffies()
(git-fixes).
- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_douintvec() (git-fixes).
- sysctl: Fix data races in proc_dointvec() (git-fixes).
- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
- ima: Fix a potential integer overflow in
ima_appraise_measurement (git-fixes).
- drm/panfrost: Fix shrinker list corruption by madvise IOCTL
(git-fixes).
- drm/panfrost: Put mapping instead of shmem obj on
panfrost_mmu_map_fault_addr() error (git-fixes).
- drm/i915: fix a possible refcount leak in
intel_dp_add_mst_connector() (git-fixes).
- ida: don't use BUG_ON() for debugging (git-fixes).
- dmaengine: pl330: Fix lockdep warning about non-static key
(git-fixes).
- misc: rtsx_usb: set return value in rsp_buf alloc err path
(git-fixes).
- misc: rtsx_usb: use separate command and response buffers
(git-fixes).
- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk
transfer (git-fixes).
- i2c: cadence: Unregister the clk notifier in error path
(git-fixes).
- memregion: Fix memregion_free() fallback definition (git-fixes).
- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
- fbcon: Prevent that screen size is smaller than font size
(git-fixes).
- fbcon: Disallow setting font bigger than screen size
(git-fixes).
- video: of_display_timing.h: include errno.h (git-fixes).
- fbdev: fbmem: Fix logo center image dx issue (git-fixes).
- r8169: fix accessing unset transport header (git-fixes).
- net: rose: fix UAF bug caused by rose_t0timer_expiry
(git-fixes).
- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
- pinctrl: sunxi: a83t: Fix NAND function name for some pins
(git-fixes).
- commit aa669e5
- ASoC: Intel: Skylake: Correct the handling of fmt_config
flexible array (git-fixes).
- ASoC: Intel: Skylake: Correct the ssp rate discovery in
skl_get_ssp_clks() (git-fixes).
- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc()
correctly (git-fixes).
- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
- dmaengine: ti: Add missing put_device in
ti_dra7_xbar_route_allocate (git-fixes).
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
(git-fixes).
- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
- ASoC: Remove unused hw_write_t type (git-fixes).
- commit 2be6c70
- arm64: fix compat syscall return truncation (git-fixes)
- commit 24bf105
- arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes)
- commit 992de8b
- arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)
- commit 867aa84
- arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes)
- commit ad8af15
- arm64: Extend workaround for erratum 1024718 to all versions of (git-fixes)
- commit 02d9d74
- arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return (git-fixes)
- commit 4265617
- arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes)
- commit 080c096
- arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes)
- commit ddc1d85
- KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)
- commit aff711b
- arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)
- commit d286e63
- arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (git-fixes)
- commit 437cb00
- usb: typec: add missing uevent when partner support PD
(git-fixes).
- commit 8f7dacd
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- commit 052f747
- blacklist.conf: will speed up booting in exchange for breaking charging
from a switched off laptop with some firmwares
- commit bd8e45d
- blacklist.conf: build fix that does not matter on a released kernel
- commit 3296a39
- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
- commit a69d674
- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
- commit 1caf14d
- Sort in RETbleed backport into the sorted section
Now that it is upstream..
- Refresh
patches.suse/KVM-VMX-Convert-launched-argument-to-flags.patch.
- Refresh
patches.suse/KVM-VMX-Fix-IBRS-handling-after-vmexit.patch.
- Refresh patches.suse/KVM-VMX-Flatten-__vmx_vcpu_run.patch.
- Refresh
patches.suse/KVM-VMX-Prevent-RSB-underflow-before-vmenter.patch.
- Refresh
patches.suse/KVM-VMX-Prevent-guest-RSB-poisoning-attacks-with-eIBRS.patch.
- Refresh
patches.suse/KVM-x86-speculation-Disable-Fill-buffer-clear-within-guests.patch.
- Refresh
patches.suse/intel_idle-Disable-IBRS-during-long-idle.patch.
- Refresh patches.suse/x86-Add-magic-AMD-return-thunk.patch.
- Refresh patches.suse/x86-Undo-return-thunk-damage.patch.
- Refresh patches.suse/x86-Use-return-thunk-in-asm-code.patch.
- Refresh patches.suse/x86-bpf-Use-alternative-RET-encoding.patch.
- Refresh
patches.suse/x86-bugs-Add-AMD-retbleed-boot-parameter.patch.
- Refresh
patches.suse/x86-bugs-Add-Cannon-lake-to-RETBleed-affected-CPU-list.patch.
- Refresh patches.suse/x86-bugs-Add-retbleed-ibpb.patch.
- Refresh
patches.suse/x86-bugs-Do-IBPB-fallback-check-only-once.patch.
- Refresh
patches.suse/x86-bugs-Do-not-enable-IBPB-on-entry-when-IBPB-is-not-supp.patch.
- Refresh patches.suse/x86-bugs-Enable-STIBP-for-JMP2RET.patch.
- Refresh
patches.suse/x86-bugs-Group-MDS-TAA-Processor-MMIO-Stale-Data-mitigations.patch.
- Refresh
patches.suse/x86-bugs-Keep-a-per-CPU-IA32_SPEC_CTRL-value.patch.
- Refresh
patches.suse/x86-bugs-Optimize-SPEC_CTRL-MSR-writes.patch.
- Refresh
patches.suse/x86-bugs-Report-AMD-retbleed-vulnerability.patch.
- Refresh
patches.suse/x86-bugs-Report-Intel-retbleed-vulnerability.patch.
- Refresh
patches.suse/x86-bugs-Split-spectre_v2_select_mitigation-and-spectre_v2.patch.
- Refresh
patches.suse/x86-common-Stamp-out-the-stepping-madness.patch.
- Refresh patches.suse/x86-cpu-amd-Add-Spectral-Chicken.patch.
- Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch.
- Refresh
patches.suse/x86-cpufeatures-Move-RETPOLINE-flags-to-word-11.patch.
- Refresh
patches.suse/x86-entry-Add-kernel-IBRS-implementation.patch.
- Refresh
patches.suse/x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch.
- Refresh patches.suse/x86-retpoline-Use-mfunction-return.patch.
- Refresh
patches.suse/x86-sev-Avoid-using-__x86_return_thunk.patch.
- Refresh
patches.suse/x86-speculation-Add-a-common-function-for-MD_CLEAR-mitigation-update.patch.
- Refresh
patches.suse/x86-speculation-Add-spectre_v2-ibrs-option-to-support-Kern.patch.
- Refresh
patches.suse/x86-speculation-Fill-RSB-on-vmexit-for-IBRS.patch.
- Refresh
patches.suse/x86-speculation-Fix-SPEC_CTRL-write-on-SMT-state-change.patch.
- Refresh
patches.suse/x86-speculation-Fix-firmware-entry-SPEC_CTRL-handling.patch.
- Refresh
patches.suse/x86-speculation-Remove-x86_spec_ctrl_mask.patch.
- Refresh
patches.suse/x86-speculation-Use-cached-host-SPEC_CTRL-value-for-guest-.patch.
- Refresh
patches.suse/x86-speculation-mmio-Add-mitigation-for-Processor-MMIO-Stale-Data.patch.
- Refresh
patches.suse/x86-speculation-mmio-Add-sysfs-reporting-for-Processor-MMIO-Stale-Data.patch.
- Refresh
patches.suse/x86-speculation-mmio-Enable-CPU-Fill-buffer-clearing-on-idle.patch.
- Refresh
patches.suse/x86-speculation-mmio-Enumerate-Processor-MMIO-Stale-Data-bug.patch.
- Refresh
patches.suse/x86-speculation-mmio-Reuse-SRBDS-mitigation-for-SBDS.patch.
- Refresh
patches.suse/x86-speculation-srbds-Update-SRBDS-mitigation-selection.patch.
- Refresh
patches.suse/x86-vsyscall_emu-64-Don-t-use-RET-in-vsyscall-emulation.patch.
- Refresh patches.suse/x86-xen-Rename-SYS-entry-points.patch.
- commit 94dfede
- arm64: dts: marvell: espressobin: add ethernet alias (git-fixes)
- commit ed82a39
- blacklist.conf: blocks a driver from building
- commit 2f8d19f
- arm64: dts: mcbin: support 2W SFP modules (git-fixes)
- commit 1950671
- arm64: lib: Use modern annotations for assembly functions (git-fixes)
Refresh patches.suse/arm64-clear_page-shouldn-t-use-DC-ZVA-when-DCZID_EL0.DZP-1.patch.
- commit fb5a868
- spi: <linux/spi/spi.h>: add missing struct kernel-doc entry
(git-fixes).
- Refresh
patches.kabi/move-devm_allocate-to-end-of-structure-for-kABI.patch.
- commit 8e36894
- arm64: asm: Add new-style position independent function annotations (git-fixes)
- commit a5d53f5
- usbnet: fix memory leak in error case (git-fixes).
- commit 988ba16
- arm64: module: rework special section handling (git-fixes)
- commit 7d368bc
- Rename colliding patches before the next origin/cve/linux-5.3 -> SLE15-SP3 merge
- commit fb0447a
- dm mirror log: round up region bitmap size to BITS_PER_LONG
(git-fixes).
- md: bcache: check the return value of kzalloc() in
detached_dev_do_request() (git-fixes).
- dm crypt: make printing of the key constant-time (git-fixes).
- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).
- dm stats: add cond_resched when looping over entries
(git-fixes).
- md/raid0: Ignore RAID0 layout if the second zone has only one
device (git-fixes).
- hex2bin: make the function hex_to_bin constant-time (git-fixes).
- dm integrity: fix memory corruption when tag_size is less than
digest size (git-fixes).
- block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes).
- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS
(git-fixes).
- block: don't delete queue kobject before its children
(git-fixes).
- block: bio-integrity: Advance seed correctly for larger interval
sizes (git-fixes).
- block: Fix wrong offset in bio_truncate() (git-fixes).
- block: Fix fsync always failed if once failed (git-fixes).
- dm btree remove: fix use after free in rebalance_children()
(git-fixes).
- dm: fix mempool NULL pointer race when completing IO
(git-fixes).
- dm crypt: Avoid percpu_counter spinlock contention in
crypt_page_alloc() (git-fixes).
- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
(git-fixes).
- blk-zoned: allow zone management send operations without
CAP_SYS_ADMIN (git-fixes).
- dm btree remove: assign new_root only when removal succeeds
(git-fixes).
- dm snapshot: properly fix a crash when an origin has no
snapshots (git-fixes).
- dm snapshot: fix crash with transient storage and zero chunk
size (git-fixes).
- dm raid: fix inconclusive reshape layout on fast raid4/5/6
table reload sequences (git-fixes).
- dm space map common: fix division bug in sm_ll_find_free_block()
(git-fixes).
- dm persistent data: packed struct should have an aligned()
attribute too (git-fixes).
- md/bitmap: wait for external bitmap writes to complete during
tear down (git-fixes).
- dm verity: fix FEC for RS roots unaligned to block size
(git-fixes).
- dm bufio: subtract the number of initial sectors in
dm_bufio_get_device_size (git-fixes).
- md: Set prev_flush_start and flush_bio in an atomic way
(git-fixes).
- dm integrity: conditionally disable "/recalculate"/ feature
(git-fixes).
- dm integrity: fix a crash if "/recalculate"/ used without
"/internal_hash"/ (git-fixes).
- dm integrity: fix the maximum number of arguments (git-fixes).
- dm snapshot: flush merged data before committing metadata
(git-fixes).
- lib/string.c: implement stpcpy (git-fixes).
- commit ab41893
- xen/netback: avoid entering xenvif_rx_next_skb() with an empty
rx queue (bsc#1201381).
- commit ae4d431
- Refresh
patches.suse/crypto-qat-remove-dma_free_coherent-for-DH.patch.
revert the effect of mainline 453431a54934d917153 on patch.
- Refresh
patches.suse/crypto-qat-remove-dma_free_coherent-for-RSA.patch.
revert the effect of mainline 453431a54934d917153 on patch.
- commit 5e710e7
- crypto: qat - remove dma_free_coherent() for DH (git-fixes).
- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
- crypto: qat - fix memory leak in RSA (git-fixes).
- crypto: qat - set to zero DH parameters before free (git-fixes).
- crypto: qat - disable registration of algorithms (git-fixes).
- commit 8d18bba
- rpm/kernel-binary.spec.in: Require dwarves >= 1.22 on SLE15-SP3 or newer
Dwarves 1.22 or newer is required to build kernels with BTF information
embedded in modules.
- commit 2dbbe9d
- scripts: dummy-tools, add pahole (jsc#SLE-24559).
- commit 6a3fc85
- pty: do tty_flip_buffer_push without port->lock in pty_write
(bsc#1198829 CVE-2022-1462).
- commit ce8f318
- tty: use new tty_insert_flip_string_and_push_buffer() in
pty_write() (bsc#1198829 CVE-2022-1462).
- tty: extract tty_flip_buffer_commit() from
tty_flip_buffer_push() (bsc#1198829 CVE-2022-1462).
- commit cbf8ad3
- bpf: Add config to allow loading modules with BTF mismatches (jsc#SLE-24559).
- Update config files:
- MODULE_ALLOW_BTF_MISMATCH=y
- commit 0660602
- bpf: Keep module's btf_data_size intact after load (jsc#SLE-24559).
- Refresh
patches.kabi/kabi-create-module-private-struct-to-hold-btf-size-data.patch.
- commit 6a4211c
- bpf: Sanitize BTF data pointer after module is loaded (jsc#SLE-24559).
- Refresh
patches.kabi/kabi-create-module-private-struct-to-hold-btf-size-data.patch.
- commit ec84a18
- kbuild: Skip module BTF generation for out-of-tree external
modules (jsc#SLE-24559).
- commit b411a90
- bpf: Load and verify kernel module BTFs (jsc#SLE-24559).
- kabi: create module private struct to hold btf size/data (jsc#SLE-24559).
- commit dd48d54
- kbuild: Build kernel module BTFs if BTF is enabled and pahole
supports it (jsc#SLE-24559).
- Update config files:
- PAHOLE_HAS_SPLIT_BTF=y
- DEBUG_INFO_BTF_MODULES=y
- commit 00469b9
- bpf: Assign ID to vmlinux BTF and return extra info for BTF
in GET_OBJ_INFO (jsc#SLE-24559).
- commit bf525c4
- bpf: Add in-kernel split BTF support (jsc#SLE-24559).
- commit de75fe3
- bpf: Provide function to get vmlinux BTF information (jsc#SLE-24559).
- Refresh
patches.suse/bpf-Add-bpf_patch_call_args-prototype-to-include-lin.patch.
- commit 97960b8
- kbuild: rename any-prereq to newer-prereqs (jsc#SLE-24559).
- commit d74c2bd
- kbuild: drop $(wildcard $^) check in if_changed* for faster
rebuild (jsc#SLE-24559).
- commit 2b23691
- kbuild: split final module linking out into Makefile.modfinal (jsc#SLE-24559).
- Refresh
patches.suse/0008-scripts-Coccinelle-script-for-namespace-dependencies.patch.
- Refresh
patches.suse/0026-modpost-do-not-invoke-extra-modpost-for-nsdeps.patch.
- Refresh
patches.suse/0028-modpost-dump-missing-namespaces-into-a-single-module.patch.
- Refresh
patches.suse/0029-scripts-nsdeps-support-nsdeps-for-external-module-bu.patch.
- commit 860eb7e
- kbuild: rebuild modules when module linker scripts are updated (jsc#SLE-24559).
- Refresh
patches.suse/kbuild-stop-filtering-out-GCC_PLUGINS_CFLAGS-from-cc.patch.
- commit e48ca3e
- kbuild: add marker for build log of *.mod.o (jsc#SLE-24559).
- commit 089d37f
- io_uring: fix fs->users overflow (CVE-2022-1116, bsc#1199647).
- commit e8dfed6
- scsi: sd: Fix potential NULL pointer dereference (git-fixes).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (git-fixes).
- scsi: core: Put LLD module refcnt after SCSI device is released
(git-fixes).
- scsi: core: Retry I/O for Notify (Enable Spinup) Required error
(git-fixes).
- scsi: core: Only put parent device if host state differs from
SHOST_CREATED (git-fixes).
- scsi: core: Put .shost_dev in failure path if host state
changes to RUNNING (git-fixes).
- scsi: core: Fix failure handling of scsi_add_host_with_dma()
(git-fixes).
- scsi: core: Fix error handling of scsi_host_alloc() (git-fixes).
- scsi: ufs: handle cleanup correctly on devm_reset_control_get
error (git-fixes).
- scsi: ufs: Release clock if DMA map fails (git-fixes).
- commit cad0d5f
- don't call utsname() after ->nsproxy is NULL (bsc#1201196).
- commit 12197a1
- mm/slub: add missing TID updates on slab deactivation
(git-fixes).
- commit af73675
- xen: detect uninitialized xenbus in xenbus_init (git-fixes).
- commit 89b5cfc
- xen: don't continue xenstore initialization in case of errors
(git-fixes).
- commit a397042
- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (git-fixes).
- commit 223f7ba
- KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in
intel_pmu_refresh() (git-fixes).
- commit 2a600a1
- KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS
GPAs (git-fixes).
- commit a048eb5
- KVM: apic: avoid calculating pending eoi from an uninitialized
val (git-fixes).
- commit bd607c6
- KVM: nVMX: handle nested posted interrupts when apicv is
disabled for L1 (git-fixes).
- commit a486b7a
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF
attacks (git-fixes).
- commit eb73c2f
- KVM: x86: Don't let userspace set host-reserved cr4 bits
(git-fixes).
- commit 404b24a
- net: hso: bail out on interrupt URB allocation failure
(git-fixes).
- commit f562212
- blacklist.conf: misattributed in upstream
- commit 202e210
- net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318
bsc#1201251).
- commit 84c7e09
- Update patch reference for rose fix (CVE-2022-2318 bsc#1201251)
- commit 4566057
- xen/netfront: force data bouncing when backend is untrusted
(bsc#1200762, CVE-2022-33741, XSA-403).
- commit 7daee4f
- xen/netfront: fix leaking data in shared pages (bsc#1200762,
CVE-2022-33740, XSA-403).
- commit bfb8cc2
- xen/blkfront: force data bouncing when backend is untrusted
(bsc#1200762, CVE-2022-33742, XSA-403).
- commit 9c6c1df
- xen/blkfront: fix leaking data in shared pages (bsc#1200762,
CVE-2022-26365, XSA-403).
- commit 7095954
- blacklist.conf: Add 6a2d90ba027a ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
- commit 272b7b1
- config: enable DEBUG_INFO_BTF
This option allows users to access the btf type information for vmlinux
but not kernel modules.
- commit fb07e10
- blacklist.conf: Add b4e00444cab4 fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
- commit b1b6d4b
- libassuan
-
- update to 2.5.5:
* Fix a crash in the logging code
* Upgrade autoconf
- update to 2.5.4:
* Fix some minor build annoyances
- Update to 2.5.3:
* Add a timeout for writing to a SOCKS5 proxy.
* Add workaround for a problem with LD_LIBRARY_PATH on newer systems.
- qemu-disable-fdpassing-test.patch: remove
-Update to 2.5.2:
* configure.ac: Bump LT version to C8/A8/R2
* include libassuan.pc in the spec file
- libtirpc
-
- fix CVE-2021-46828: libtirpc: DoS vulnerability with lots of
connections (bsc#1201680)
- add 0001-Fix-DoS-vulnerability-in-libtirpc.patch
-exclude ipv6 addresses in client protocol 2 code (bsc#1200800)
- update 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
- fix memory leak in params.r_addr assignement (bsc#1198752)
- add 0001-fix-parms.r_addr-memory-leak.patch
- libyajl
-
- add libyajl-CVE-2022-24795.patch (CVE-2022-24795, bsc#1198405)
- libzypp
-
- Resolver: Fix missing --[no]-recommends initialization in
update (fixes #openSUSE/zypper#459, bsc#1201972)
- Log ONLY_NAMESPACE_RECOMMENDED because this is what corresponds
to --[no]-recommends.
- version 17.31.2 (22)
- UsrEtc: Store logrotate files in %{_distconfdir} if defined
(fixes #402)
- Log backtrace on SIGABRT too.
- Need to explicitly enable building experimental code. Otherwise
an old Notcurses++ package which happens to be present in the
buildenv breaks the build (fixes #412).
- Work around libyui/libyui#78 on code 15.4 and older.
- Stop using std::*ary_function; deprecated and removed in c++17.
- Don't expose header files which use types not available in
c++11. In 15.3 and older, YAST and PK compile with -std=c++11.
- Remove no longer needed %post code (bsc#1203649)
- Enable zck support for SLE15-SP4 and newer. On Leap it is enabled
since 15.1 (bsc#1189282)
- version 17.31.1 (22)
- Add PoolItem::statusReinit to reset the status it's initial
state in the ResPool (might help bsc#1199895)
This may either be 'KEEP_STATE bySOLVER' or 'LOCKED byUSER' if
the PoolItem matched a hard lock defined in /etc/zypp/locks.
- Fix building with GCC 13 on i586 (fixes #407, fixes #396)
- Be prepared to receive exceptions from curl_easy_cleanup
(bsc#1201092)
- Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993)
- Remove Medianetwork and dependend code.
This commit removes the MediaNetwork tech preview and all related
code. First reason for this is that MediaNetwork was just meant
as a way to test the new CURL based downloader and second: since
the Provide API is going to completely replace the current media
backend it would be extra work to ensure that changes on the
Downloader do not break MediaNetwork.
- version 17.31.0 (22)
- Fix building with GCC 12.x release (#396)
- version 17.30.3 (22)
- oniguruma
-
- Added d3e402928b6eb3327f8f7d59a9edfa622fec557b.patch: (boo#1157805 CVE-2019-19246)
oniguruma: Heap-based buffer over-read in str_lower_case_match in regexec.c
- Added 6eb4aca6a7f2f60f473580576d86686ed6a6ebec.patch: (boo#1164569 CVE-2019-19204)
oniguruma: heap-based buffer over-read in function fetch_interval_quantifier in regparse.c
- Added aa0188eaedc056dca8374ac03d0177429b495515.patch: (boo#1164550 CVE-2019-19203)
oniguruma: heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c
- Added 4097828d7cc87589864fecf452f2cd46c5f37180.patch: (boo#1150130 CVE-2019-16163)
oniguruma: stack Exhaustion in regcomp.c because of recursion in regparse.c.
- Added cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0.patch: (boo#1177179 CVE-2020-26159)
oniguruma: Buffer overflow in concat_opt_exact_str could result in DoS
- Added 0f7f61ed1b7b697e283e37bd2d731d0bd57adb55.patch: (boo#1142847 CVE-2019-13224)
oniguruma: use-after-free in onig_new_deluxe() in regext.c
- open-iscsi
-
- Modify SPEC file so systemd unit files are mode 644 (not 755)
(bsc#1200570)
- For Tumbleweed, moved logrotate files from user-specific
directory /etc/logrotate.d to vendor-specific
/usr/etc/logrotate.d
(for Stefan Schubert <schubi@suse.com>)
- openldap2
-
- bsc#1198341 - Prevent memory reuse which may lead to instability
* 0243-Change-malloc-to-use-calloc-to-prevent-memory-reuse-.patch
- perl
-
- fix File::Path rmtree/remove_tree race condition
[bnc#1047178] [CVE-2017-6512]
new patch: perl-file_path_rmtree_fchmod.diff
- permissions
-
* chkstat: also consider group controlled paths (bsc#1203018, CVE-2022-31252)
- Update to version 20181225:
- procps
-
- Add the patches
* procps-3.3.17-library-bsc1181475.patch
* procps-3.3.17-top-bsc1181475.patch
which are backports of current newlib tree to solve bug bsc#1181475
* 'free' command reports misleading "/used"/ value
- python3
-
- Add patch CVE-2021-28861-double-slash-path.patch:
* http.server: Fix an open redirection vulnerability in the HTTP server
when an URI path starts with //. (bsc#1202624, CVE-2021-28861)
- rsyslog
-
- - fix segfault in qDeqLinkedList during shutdown (bsc#1199283)
* add 0001-queue-Add-NULL-check-in-qDeqLinkedList.patch
- ruby2
-
- Update suse.patch to 41adc98ad1:
- Cookie Prefix Spoofing in CGI::Cookie.parse (boo#1193081 CVE-2021-41819)
- add back some lost chunks to the suse.patch
- runc
-
- Update to runc v1.1.4. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.1.4.
* Fix mounting via wrong proc fd. When the user and mount namespaces are
used, and the bind mount is followed by the cgroup mount in the spec,
the cgroup was mounted using the bind mount's mount fd.
* Switch kill() in libcontainer/nsenter to sane_kill().
* Fix "/permission denied"/ error from runc run on noexec fs.
* Fix failed exec after systemctl daemon-reload. Due to a regression
in v1.1.3, the DeviceAllow=char-pts rwm rule was no longer added and
was causing an error open /dev/pts/0: operation not permitted: unknown when systemd was reloaded.
(boo#1202821)
- sqlite3
-
- update to 3.39.3:
* Use a statement journal on DML statement affecting two or more
database rows if the statement makes use of a SQL functions
that might abort.
* Use a mutex to protect the PRAGMA temp_store_directory and
PRAGMA data_store_directory statements, even though they are
decremented and documented as not being threadsafe.
- update to 3.39.2:
* Fix a performance regression in the query planner associated
with rearranging the order of FROM clause terms in the
presences of a LEFT JOIN.
* Apply fixes for CVE-2022-35737, Chromium bugs 1343348 and
1345947, forum post 3607259d3c, and other minor problems
discovered by internal testing. [boo#1201783]
- update to 3.39.1:
* Fix an incorrect result from a query that uses a view that
contains a compound SELECT in which only one arm contains a
RIGHT JOIN and where the view is not the first FROM clause term
of the query that contains the view
* Fix a long-standing problem with ALTER TABLE RENAME that can
only arise if the sqlite3_limit(SQLITE_LIMIT_SQL_LENGTH) is set
to a very small value.
* Fix a long-standing problem in FTS3 that can only arise when
compiled with the SQLITE_ENABLE_FTS3_PARENTHESIS compile-time
option.
* Fix the initial-prefix optimization for the REGEXP extension so
that it works correctly even if the prefix contains characters
that require a 3-byte UTF8 encoding.
* Enhance the sqlite_stmt virtual table so that it buffers all of
its output.
- update to 3.39.0:
* Add (long overdue) support for RIGHT and FULL OUTER JOIN
* Add new binary comparison operators IS NOT DISTINCT FROM and
IS DISTINCT FROM that are equivalent to IS and IS NOT,
respective, for compatibility with PostgreSQL and SQL standards
* Add a new return code (value "/3"/) from the sqlite3_vtab_distinct()
interface that indicates a query that has both DISTINCT and
ORDER BY clauses
* Added the sqlite3_db_name() interface
* The unix os interface resolves all symbolic links in database
filenames to create a canonical name for the database before
the file is opened
* Defer materializing views until the materialization is actually
needed, thus avoiding unnecessary work if the materialization
turns out to never be used
* The HAVING clause of a SELECT statement is now allowed on any
aggregate query, even queries that do not have a GROUP BY
clause
* Many microoptimizations collectively reduce CPU cycles by about
2.3%.
- drop sqlite-src-3380100-atof1.patch, included upstream
- add sqlite-src-3390000-func7-pg-181.patch to skip float precision
related test failures on 32 bit
- update to 3.38.5:
* Fix a blunder in the CLI of the 3.38.4 release
- includes changes from 3.38.4:
* fix a byte-code problem in the Bloom filter pull-down
optimization added by release 3.38.0 in which an error in the
byte code causes the byte code engine to enter an infinite loop
when the pull-down optimization encounters a NULL key
- update to 3.38.3:
* Fix a case of the query planner be overly aggressive with
optimizing automatic-index and Bloom-filter construction,
using inappropriate ON clause terms to restrict the size of the
automatic-index or Bloom filter, and resulting in missing rows
in the output.
* Other minor patches. See the timeline for details.
- update to 3.38.2:
* Fix a problem with the Bloom filter optimization that might
cause an incorrect answer when doing a LEFT JOIN with a WHERE
clause constraint that says that one of the columns on the
right table of the LEFT JOIN is NULL.
* Other minor patches.
- Remove obsolete configure flags
- Package the Tcl bindings here again so that we only ship one copy
of SQLite (bsc#1195773).
- update to 3.38.1:
* Fix problems with the new Bloom filter optimization that might
cause some obscure queries to get an incorrect answer.
* Fix the localtime modifier of the date and time functions so
that it preserves fractional seconds.
* Fix the sqlite_offset SQL function so that it works correctly
even in corner cases such as when the argument is a virtual
column or the column of a view.
* Fix row value IN operator constraints on virtual tables so that
they work correctly even if the virtual table implementation
relies on bytecode to filter rows that do not satisfy the
constraint.
* Other minor fixes to assert() statements, test cases, and
documentation. See the source code timeline for details.
- add upstream patch to run atof1 tests only on x86_64
sqlite-src-3380100-atof1.patch
- update to 3.38.0
* Add the -> and ->> operators for easier processing of JSON
* The JSON functions are now built-ins
* Enhancements to date and time functions
* Rename the printf() SQL function to format() for better
compatibility, with alias for backwards compatibility.
* Add the sqlite3_error_offset() interface for helping localize
an SQL error to a specific character in the input SQL text
* Enhance the interface to virtual tables
* CLI columnar output modes are enhanced to correctly handle tabs
and newlines embedded in text, and add options like "/--wrap N"/,
"/--wordwrap on"/, and "/--quote"/ to the columnar output modes.
* Query planner enhancements using a Bloom filter to speed up
large analytic queries, and a balanced merge tree to evaluate
UNION or UNION ALL compound SELECT statements that have an
ORDER BY clause.
* The ALTER TABLE statement is changed to silently ignores
entries in the sqlite_schema table that do not parse when
PRAGMA writable_schema=ON
- update to 3.37.2:
* Fix a bug introduced in version 3.35.0 (2021-03-12) that can
cause database corruption if a SAVEPOINT is rolled back while
in PRAGMA temp_store=MEMORY mode, and other changes are made,
and then the outer transaction commits
* Fix a long-standing problem with ON DELETE CASCADE and ON
UPDATE CASCADE in which a cache of the bytecode used to
implement the cascading change was not being reset following a
local DDL change
- update to 3.37.1:
* Fix a bug introduced by the UPSERT enhancements of version
3.35.0 that can cause incorrect byte-code to be generated for
some obscure but valid SQL, possibly resulting in a NULL-
pointer dereference.
* Fix an OOB read that can occur in FTS5 when reading corrupt
database files.
* Improved robustness of the --safe option in the CLI.
* Other minor fixes to assert() statements and test cases.
- SQLite3 3.37.0:
* STRICT tables provide a prescriptive style of data type
management, for developers who prefer that kind of thing.
* When adding columns that contain a CHECK constraint or a
generated column containing a NOT NULL constraint, the
ALTER TABLE ADD COLUMN now checks new constraints against
preexisting rows in the database and will only proceed if no
constraints are violated.
* Added the PRAGMA table_list statement.
* Add the .connection command, allowing the CLI to keep multiple
database connections open at the same time.
* Add the --safe command-line option that disables dot-commands
and SQL statements that might cause side-effects that extend
beyond the single database file named on the command-line.
* CLI: Performance improvements when reading SQL statements that
span many lines.
* Added the sqlite3_autovacuum_pages() interface.
* The sqlite3_deserialize() does not and has never worked
for the TEMP database. That limitation is now noted in the
documentation.
* The query planner now omits ORDER BY clauses on subqueries and
views if removing those clauses does not change the semantics
of the query.
* The generate_series table-valued function extension is modified
so that the first parameter ("/START"/) is now required. This is
done as a way to demonstrate how to write table-valued
functions with required parameters. The legacy behavior is
available using the -DZERO_ARGUMENT_GENERATE_SERIES
compile-time option.
* Added new sqlite3_changes64() and sqlite3_total_changes64()
interfaces.
* Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
* Use less memory to hold the database schema.
* bsc#1189802, CVE-2021-36690: Fix an issue with the SQLite Expert
extension when a column has no collating sequence.
- sysconfig
-
- version 0.85.9
- spec: revert to recommend wicked-service on <= 15.4
- netconfig: remove sed dependency
- netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
- netconfig: cleanup /var/run leftovers (bsc#1194557)
- netconfig: update ntp man page documentation, fix typos
- spec: drop legacy migration (from sle11) and rpm-utils
- version 0.85.8
- netconfig: revert NM default policy change change (boo#1185882)
With the change to the default policy, netconfig with NetworkManager
as network.service accepted settings from all services/programs
directly instead only from NetworkManager, where plugins/services
have to deliver their settings to apply them.
- version 0.85.7
- spec: Drop hard dependency on /sbin/ifup
- spec: Suggest instead of recommend wicked-service
- spec: Mention that the .spec file is in git as well
- Also support service(network) provides
- systemd
-
- Update 1009-Drop-or-soften-some-of-the-deprecation-warnings.patch (jsc#PED-944)
To decrease log level of messages about use of KillMode=none from warning to
debug. SAP still uses this deprecated option and the warnings emitted by PID1
confuse both SAP customers and support.
- Import commit e7211d27e1bd26b976aa74ff620cc22a0267b5b8
1300e134a0 tmpfiles: check the directory we were supposed to create, not its parent
e4bb32dc65 stat-util: replace is_dir() + is_dir_fd() by single is_dir_full() call
d8d0c083bd logind: don't delay login for root even if systemd-user-sessions.service is not activated yet (bsc#1195059)
- systemd-presets-common-SUSE
-
- enable ignition-delete-config by default (bsc#1199524)
- Modify branding-preset-states to fix systemd-presets-common-SUSE
not enabling new user systemd service preset configuration just
as it handles system service presets. By passing an (optional)
second parameter "/user"/, the save/apply-changes commands now
work with user services instead of system ones (boo#1200485)
- Add the wireplumber user service preset to enable it by default
in SLE15-SP4 where it replaced pipewire-media-session, but keep
pipewire-media-session preset so we don't have to branch the
systemd-presets-common-SUSE package for SP4 (boo#1200485)
- timezone
-
- Update to reflect new Chile DST change, bsc#1202310
* bsc1202310.patch
- util-linux
-
- su: Change owner and mode for pty (bsc#1200842,
util-linux-login-move-generic-setting-to-ttyutils.patch,
util-linux-su-change-owner-and-mode-for-pty.patch).
- mesg: use only stat() to get the current terminal status
(bsc#1200842, util-linux-mesg-use-only-stat.patch).
- agetty: Resolve tty name even if stdin is specified (bsc#1197178,
util-linux-agetty-resolve-tty-if-stdin-is-specified.patch).
- libmount: When moving a mount point, update all sub mount entries
in utab (bsc#1198731,
util-linux-libmount-moving-mount-point-sub-mounts.patch,
util-linux-libmount-fix-and-improve-utab-on-ms_move.patch).
- util-linux-systemd
-
- su: Change owner and mode for pty (bsc#1200842,
util-linux-login-move-generic-setting-to-ttyutils.patch,
util-linux-su-change-owner-and-mode-for-pty.patch).
- mesg: use only stat() to get the current terminal status
(bsc#1200842, util-linux-mesg-use-only-stat.patch).
- agetty: Resolve tty name even if stdin is specified (bsc#1197178,
util-linux-agetty-resolve-tty-if-stdin-is-specified.patch).
- libmount: When moving a mount point, update all sub mount entries
in utab (bsc#1198731,
util-linux-libmount-moving-mount-point-sub-mounts.patch,
util-linux-libmount-fix-and-improve-utab-on-ms_move.patch).
- vim
-
- Updated to version 9.0 with patch level 0313, fixes the following problems
* Fixing bsc#1200884 Vim: Error on startup
* Fixing bsc#1200902 VUL-0: CVE-2022-2183: vim: Out-of-bounds Read through get_lisp_indent() Mon 13:32
* Fixing bsc#1200903 VUL-0: CVE-2022-2182: vim: Heap-based Buffer Overflow through parse_cmd_address() Tue 08:37
* Fixing bsc#1200904 VUL-0: CVE-2022-2175: vim: Buffer Over-read through cmdline_insert_reg() Tue 08:37
* Fixing bsc#1201249 VUL-0: CVE-2022-2304: vim: stack buffer overflow in spell_dump_compl()
* Fixing bsc#1201356 VUL-1: CVE-2022-2343: vim: Heap-based Buffer Overflow in GitHub repository vim prior to 9.0.0044
* Fixing bsc#1201359 VUL-1: CVE-2022-2344: vim: Another Heap-based Buffer Overflow vim prior to 9.0.0045
* Fixing bsc#1201363 VUL-1: CVE-2022-2345: vim: Use After Free in GitHub repository vim prior to 9.0.0046.
* Fixing bsc#1201620 PUBLIC SUSE Linux Enterprise Server 15 SP4 Basesystem zbalogh@suse.com NEW --- SLE-15-SP4-Full-x86_64-GM-Media1 and vim-plugin-tlib-1.27-bp154.2.18.noarch issue
* Fixing bsc#1202414 VUL-1: CVE-2022-2819: vim: Heap-based Buffer Overflow in compile_lock_unlock()
* Fixing bsc#1202552 VUL-1: CVE-2022-2874: vim: NULL Pointer Dereference in generate_loadvar()
* Fixing bsc#1200270 VUL-1: CVE-2022-1968: vim: use after free in utf_ptr2char
* Fixing bsc#1200697 VUL-1: CVE-2022-2124: vim: out of bounds read in current_quote()
* Fixing bsc#1200698 VUL-1: CVE-2022-2125: vim: out of bounds read in get_lisp_indent()
* Fixing bsc#1200700 VUL-1: CVE-2022-2126: vim: out of bounds read in suggest_trie_walk()
* Fixing bsc#1200701 VUL-1: CVE-2022-2129: vim: out of bounds write in vim_regsub_both()
* Fixing bsc#1200732 VUL-1: CVE-2022-1720: vim: out of bounds read in grab_file_name()
* Fixing bsc#1201132 VUL-1: CVE-2022-2264: vim: out of bounds read in inc()
* Fixing bsc#1201133 VUL-1: CVE-2022-2284: vim: out of bounds read in utfc_ptr2len()
* Fixing bsc#1201134 VUL-1: CVE-2022-2285: vim: negative size passed to memmove() due to integer overflow
* Fixing bsc#1201135 VUL-1: CVE-2022-2286: vim: out of bounds read in ins_bytes()
* Fixing bsc#1201136 VUL-1: CVE-2022-2287: vim: out of bounds read in suggest_trie_walk()
* Fixing bsc#1201150 VUL-1: CVE-2022-2231: vim: null pointer dereference skipwhite()
* Fixing bsc#1201151 VUL-1: CVE-2022-2210: vim: out of bounds read in ml_append_int()
* Fixing bsc#1201152 VUL-1: CVE-2022-2208: vim: null pointer dereference in diff_check()
* Fixing bsc#1201153 VUL-1: CVE-2022-2207: vim: out of bounds read in ins_bs()
* Fixing bsc#1201154 VUL-1: CVE-2022-2257: vim: out of bounds read in msg_outtrans_special()
* Fixing bsc#1201155 VUL-1: CVE-2022-2206: vim: out of bounds read in msg_outtrans_attr()
* Fixing bsc#1201863 VUL-1: CVE-2022-2522: vim: out of bounds read via nested autocommand
* Fixing bsc#1202046 VUL-1: CVE-2022-2571: vim: Heap-based Buffer Overflow related to ins_comp_get_next_word_or_line()
* Fixing bsc#1202049 VUL-1: CVE-2022-2580: vim: Heap-based Buffer Overflow related to eval_string()
* Fixing bsc#1202050 VUL-1: CVE-2022-2581: vim: Out-of-bounds Read related to cstrchr()
* Fixing bsc#1202051 VUL-1: CVE-2022-2598: vim: Undefined Behavior for Input to API related to diff_mark_adjust_tp() and ex_diffgetput()
* Fixing bsc#1202420 VUL-1: CVE-2022-2817: vim: Use After Free in f_assert_fails()
* Fixing bsc#1202421 VUL-1: CVE-2022-2816: vim: Out-of-bounds Read in check_vim9_unlet()
* Fixing bsc#1202511 VUL-1: CVE-2022-2862: vim: use-after-free in compile_nested_function()
* Fixing bsc#1202512 VUL-1: CVE-2022-2849: vim: Invalid memory access related to mb_ptr2len()
* Fixing bsc#1202515 VUL-1: CVE-2022-2845: vim: Buffer Over-read related to display_dollar()
* Fixing bsc#1202599 VUL-1: CVE-2022-2889: vim: use-after-free in find_var_also_in_script() in evalvars.c
* Fixing bsc#1202687 VUL-1: CVE-2022-2923: vim: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240
* Fixing bsc#1202689 VUL-1: CVE-2022-2946: vim: use after free in function vim_vsnprintf_typval
* Fixing bsc#1202862 VUL-1: CVE-2022-3016: vim: Use After Free in vim prior to 9.0.0285 Mon 12:00
- xen
-
- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
take excessively long (XSA-410)
xsa410-01.patch
xsa410-02.patch
xsa410-03.patch
xsa410-04.patch
xsa410-05.patch
xsa410-06.patch
xsa410-07.patch
xsa410-08.patch
xsa410-09.patch
xsa410-10.patch
- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
transitive grant copy handling (XSA-411)
xsa411.patch
- bsc#1197081 - dom0 fails to boot with constrained vcpus and nodes
62f4cfee-sched-setup-dom0-vCPU-affinity-once.patch
- Upstream bug fixes (bsc#1027519)
62d65105-x86-spec-ctrl-MD_CLEAR-reporting.patch
62d807c1-x86-suppress-MMX.patch
62ecfc08-VMX-use-IST-RSB-protection.patch
62f27ebd-x86-expose-more-MSR_ARCH_CAPS-to-hwdom.patch
62f51e16-x86-spec-ctrl-enum-PBRSB_NO.patch
62f523da-AMD-setup_force_cpu_cap-BSP-only.patch
- bsc#1200762 - VUL-0: CVE-2022-26365,CVE-2022-33740,
CVE-2022-33741,CVE-2022-33742: xen: Linux disk/nic frontends data
leaks (XSA-403)
xsa403.patch
- bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush
for x86 PV guests in shadow mode (XSA-408)
62dfe40a-x86-mm-gpt-TLB-flush-condition.patch
- Drop patch replaced by upstream version
xsa408.patch
- bsc#1185104 - VUL-0: CVE-2021-28689: xen: x86: Speculative
vulnerabilities with bare (non-shim) 32-bit PV guests (XSA-370)
Part of already released 4.14.5 tarball
- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels
A previous change to the built-in default had a logic error,
effectively restoring the upstream limit of 1023 channels per domU.
Fix the logic to calculate the default based on the number of vcpus.
adjust libxl.max_event_channels.patch
- zlib
-
- Fix heap-based buffer over-read or buffer overflow in inflate via
large gzip header extra field (bsc#1202175, CVE-2022-37434,
CVE-2022-37434-extra-header-1.patch,
CVE-2022-37434-extra-header-2.patch).
- zypper
-
- BuildRequires: libzypp-devel >= 17.31.2.
- Fix --[no]-allow-vendor-change feedback in install command
(bsc#1201972)
- version 1.14.57
- UsrEtc: Store logrotate files in %{_distconfdir} if defined
(fixes #441, fixes #444)
- Remove unneeded code to compute the PPP status.
Since libzypp 17.23.0 the PPP status is auto established. No
extra solver run is needed.
- Make sure 'up' respects solver related CLI options (bsc#1201972)
- Fix tests to use locale "/C.UTF-8"/ rather than "/en_US"/.
- Fix man page (fixes #451)
- version 1.14.56
- lr: Allow shortening the Name column if table is wider than the
terminal (bsc#1201638)
- Don't accepts install/remove modifier without argument
(bsc#1201576)
- zypper-download: Set correct ExitInfoCode when failing to
resolve argument.
- zypper-download: Handle unresolvable arguments as error.
This commit changes zypper-download such that it behaves more
consistent to zypper-install when an argument can't be resolved.
- version 1.14.55
- Fix building with GCC 13 (fixes #448)
- Put signing key supplying repository name in quotes.
- version 1.14.54