- aaa_base
-
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
make sure the script does not exit with 1 if a file
with content is found (bsc#1222547)
- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- ca-certificates
-
- Update to version 2+git20240416.98ae794 (bsc#1221184):
* Use flock to serialize calls (boo#1188500)
* Make certbundle.run container friendly
* Create /var/lib/ca-certificates if needed
- curl
-
- Security fix: [bsc#1221665, CVE-2024-2004]
* Usage of disabled protocol
* Add curl-CVE-2024-2004.patch
- Security fix: [bsc#1221667, CVE-2024-2398]
* curl: HTTP/2 push headers memory-leak
* Add curl-CVE-2024-2398.patch
- glibc
-
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
- duplocale-global-locale.patch: duplocale: protect use of global locale
(bsc#1220441, BZ #23970)
- google-guest-agent
-
- Update to version 20240314.00 (bsc#1221900, bsc#1221901)
* NetworkManager: only set secondary interfaces as up (#378)
* address manager: make sure we check for oldMetadata (#375)
* network: early setup network (#374)
* NetworkManager: fix ipv6 and ipv4 mode attribute (#373)
* Network Manager: make sure we clean up ifcfg files (#371)
* metadata script runner: fix script download (#370)
* oslogin: avoid adding extra empty line at the end of /etc/security/group.conf (#369)
* Dynamic vlan (#361)
* Check for nil response (#366)
* Create NetworkManager implementation (#362)
* Skip interface manager on Windows (#363)
* network: remove ignore setup (#360)
* Create wicked network service implementation and its respective unit (#356)
* Update metadata script runner, add tests (#357)
* Refactor guest-agent to use common retry util (#355)
* Flush logs before exiting #358 (#359)
- Refresh patches for new version
* dont_overwrite_ifcfg.patch
- No need for double %setup.
- Use %patch -P N instead of deprecated %patchN.
- google-guest-configs
-
- Update to version 20240307.00 (bsc#1221146, bsc#1221900, bsc#1221901)
* Support dot in NVMe device ids (#68)
- from version 20240304.00
* google_set_hostname: Extract rsyslog service name
with a regexp for valid systemd unit names (#67)
- from version 20240228.00
* Remove quintonamore from OWNERS (#64)
- from version 20240119.00
* Setup smp affinity for IRQs and XPS on A3+ VMs (#63)
- Update to version 20231214.00
* set multiqueue: A3 check set timeout the MDS call in 1s (#62)
- from version 20231103.00
* Update owners (#61)
* Update owners (#58)
- Update to version 20230929.00
* Update multinic filter to pick only pci devices (#59)
- google-guest-oslogin
-
- Fix file permissions for google_authorized_principals binary (bsc#1222171)
- Update to version 20240311.00 (bsc#1218548, bsc#1221900, bsc#1221901)
* pam: Bring back pam's account management implementation (#133)
* Change error messages when checking login policy (#129)
* Remove quintonamore from OWNERS (#128)
- google-osconfig-agent
-
- Update to version 20240320.00 (bsc#1221900, bsc#1221901)
* Enable OSConfig agent to read GPG keys files with multiple entities (#537)
- from version 20240314.00
* Update OWNERS file to replace mahmoudn GitHub
username by personal email GitHub username (#534)
- from version 20240313.01
* Bump google.golang.org/protobuf from 1.30.0 to 1.33.0 in /e2e_tests (#535)
- from version 20240313.00
* Adds a console and gcloud example policies (#533)
- from version 20240228.00
* GuestPolicies e2e: Remove ed package if exist for zypper
startup_script in recipe-steps tests (#532)
- from version 20240126.00
* Fix Enterprise Linux Recipe-Steps tests to install
info dependency package in the startup-script (#530)
- from version 20240125.01
* Fix SUSE pkg-update and pkg-no-update e2e tests (#529)
- from version 20240125.00
* Fix zypper patch info parser to consider conflicts-pkgs float versions (#528)
- from version 20240123.01
* Fix SUSE package update e2e tests to use another existing package (#527)
- from version 20240123.00
* Update cis-exclude-check-once-a-day.yaml (#526)
- Update to version 20231219.00
* Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#524)
- from version 20231207.01
* Some change to create an agent release (#523)
- from version 20231207.00
* Some change to create an agent release (#522)
- from version 20231205.00
* Some change to create an agent release (#521)
- from version 20231130.02
* Merge pull request #519 from Gulio/just-release
* Merge branch 'master' into just-release
* Some change to create an agent release
* Some change to create an agent release
- from version 20231130.00
* Some change to create an agent release (#518)
- from version 20231129.00
* Fix parse yum updates to consider the packages under
installing-dependencies keyword (#502)
* Update feature names in the README file (#517)
- from version 20231128.00
* Updating owners (#508)
- from version 20231127.00
* Move OS policy CIS examples under the console folder (#514)
- from version 20231123.01
* Adds three more OS Policy examples to CIS folder (#509)
* Added ekrementeskii and MahmoudNada0 to OWNERS (#505)
- from version 20231123.00
* docs(osconfig):add OS policy examples for CIS scanning (#503)
- from version 20231121.02
* Added SCODE to Windows error description (#504)
- from version 20231121.01
* Update OWNERS (#501)
* Update go version to 1.21 (#507)
- from version 20231121.00
* Call fqdn (#481)
- from version 20231116.00
* Removing obsolete MS Windows 2019 images (#500)
- from version 20231107.00
* Update owners. (#498)
- from version 20231103.02
* Increasing test timeouts (#499)
* Update OWNERS (#497)
- from version 20231103.01
* Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /e2e_tests (#493)
* Bump google.golang.org/grpc from 1.53.0 to 1.56.3 (#494)
- from version 20231103.00
* Removing deprecated Win for containers OSs (#496)
- from version 20231027.00
* Shortening the reported image names (#495)
- from version 20231025.00
* Merge pull request #492 from GoogleCloudPlatform/michaljankowiak-patch-1
* Merge branch 'master' into michaljankowiak-patch-1
* Fixing name changes
* Fixing rename issue
* Fixed formatting
* Fixed formatting
* Fixing formatting
* Removing support for RHEL 6, adding RHEL 9
* Removing support for RHEL 6, adding for RHEL 9
* Removing support for RHEL 6 and adding for RHEL 9
* Removing step needed for RHEL 6
* Fixing build issues
* Removing nonexistent images and adding new ones
- from version 20231024.00
* Removing obsolete OS images and adding new ones (#491)
- from version 20231020.00
* Change debug messages when parsing zypper patch output (#490)
- from version 20231013.00
* Bump golang.org/x/net from 0.7.0 to 0.17.0 (#489)
- from version 20231010.00
* Revert "Added [main] section with gpgcheck to
the agent-managed repo file (#484)" (#488)
- from version 20231003.00
* Bump google.golang.org/grpc from 1.42.0 to 1.53.0 in /e2e_tests (#478)
- from version 20230920.00
* Update OWNERS (#485)
- from version 20230912.00
* Added [main] section with gpgcheck to the agent-managed repo file (#484)
* Migrate empty interface to any (#483)
- Bump the golang compiler version to 1.21 (bsc#1216546)
- Update to version 20230829.00
* Added burov, dowgird, paulinakania and Gulio to OWNERS (#482)
>>>>>>> ./google-osconfig-agent.changes.new
- grub2
-
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
* 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch
- hwdata
-
- update to 0.380:
* Update pci, usb and vendor ids
- update to 0.379:
* Update pci, usb and vendor ids
- kernel-default
-
- Refresh patches.kabi/kabi-allow-extra-bugints.patch. (bsc#1222952)
- commit a04a1a9
- mm/vmalloc: huge vmalloc backing pages should be split rather
than compound (bsc#1217829).
- commit 539be83
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Properly check whether the feature we are patching in the alternatives
is a feature or a bug. This was broken because in apply_alternative()
boot_cpu_has is used and if we have an alternative that depends on a bug
bit (such as X86_BUG_SYSRET_SS_ATTRS) the boot_cpu_has will erroneously
check if this bit is set in the feature ints rather than the bug ints.
While at it ensure that static_cpu_has isn't called with extended
bugs features as those aren't supported right now.
- commit 793068f
- Refresh
patches.kabi/PCI-Add-locking-to-RMW-PCI-Express-Capability-Regist.patch.
Drop a bogus hunk. It was introduced by mistake.
Fixes: acf0d9920aee
- commit 3a754ef
- blacklist.conf: Add f7ec1cd5cc7e getrusage: use sig->stats_lock rather than lock_task_sighand()
and its prereqs
- commit 0650209
- blacklist.conf: Add d9b3ce8769e3 mm: writeback: ratelimit stat flush from mem_cgroup_wb_stats
- commit 3201b4c
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(bsc#1222619).
- commit 3d3186c
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- commit aa158b4
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit 4edf006
- blacklist.conf: We don't have annotate_noendbr in this kernel
So shut up the warning.
- commit f6d75ac
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- commit eb744cd
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit fe3c052
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit aa8204a
- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
CVE-2023-52591).
- commit a849be1
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- Drivers: hv: vmbus: Calculate ring buffer size for more
efficient use of memory (git-fixes).
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER
missed (git-fixes).
- hv_netvsc: Fix race condition between netvsc_probe and
netvsc_remove (git-fixes).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not
4 Kbytes (git-fixes).
- commit 82617ea
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- commit 22061fc
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- commit a61527a
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card")
- commit 4b90502
- arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
- commit b828266
- blacklist.conf: add a couple of PCI git-fixes
- commit 37743ca
- ata: sata_mv: Fix PCI device ID table declaration compilation
warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
(git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling
(git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
(git-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support
headset with microphone (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the
CCS (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- commit 56ef24f
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
cve-2023-52500).
- commit fc88013
- KVM: x86: Add BHI_NO (bsc#1217339 CVE-2024-2201).
- commit c0e1ffe
- Update
patches.suse/ALSA-sh-aica-reorder-cleanup-operations-to-avoid-UAF.patch
(git-fixes CVE-2024-26654 bsc#1222304).
- Update
patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch
(git-fixes CVE-2024-26717 bsc#1222360).
- Update
patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch
(bsc#1219443 CVE-2024-26670 bsc#1222356).
- Update
patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch
(git-fixes CVE-2024-26695 bsc#1222373).
- Update
patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch
(git-fixes CVE-2024-26667 bsc#1222331).
- Update
patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch
(git-fixes CVE-2024-26664 bsc#1222355).
- Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch
(bsc#1218968 CVE-2024-26629 bsc#1221379).
- Update
patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch
(git-fixes CVE-2024-26599 bsc#1220365).
- Update
patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
(git-fixes bsc1220398 CVE-2024-26602 bsc#1220398).
- Update
patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch
(git-fixes CVE-2024-26627 bsc#1221090).
- Update
patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch
(git-fixes CVE-2024-26651 bsc#1221337).
- Update
patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch
(git-fixes CVE-2024-26645 bsc#1222056).
- Update
patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch
(git-fixes CVE-2024-26659 bsc#1222317).
- commit bd16cf6
- Update
patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch
(git-fixes CVE-2023-52518 bsc#1221056).
- Update
patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52604 bsc#1221067).
- Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch
(git-fixes CVE-2023-52587 bsc#1221082).
- Update
patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch
(git-fixes bsc#1220393 CVE-2023-52639 bsc#1222300).
- Update
patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch
(git-fixes CVE-2023-52617 bsc#1221613).
- Update
patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch
(git-fixes CVE-2023-52623 bsc#1222060).
- Update
patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch
(git-fixes CVE-2023-52603 bsc#1221066).
- Update
patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch
(git-fixes CVE-2023-52494 bsc#1221273).
- Update
patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch
(git-fixes CVE-2023-52493 bsc#1221274).
- Update
patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch
(git-fixes CVE-2023-52637 bsc#1222291).
- Update
patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch
(git-fixes CVE-2023-52612 bsc#1221616).
- Update
patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch
(git-fixes CVE-2023-52486 bsc#1221277).
- Update
patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch
(git-fixes CVE-2023-52632 bsc#1222274).
- Update
patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch
(git-fixes CVE-2023-52563 bsc#1220937).
- Update
patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch
(git-fixes CVE-2023-52615 bsc#1221614).
- Update
patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch
(bsc#1215921 CVE-2023-52484 bsc#1220797).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52601 bsc#1221068).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch
(git-fixes CVE-2023-52599 bsc#1221062).
- Update
patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch
(git-fixes CVE-2023-52602 bsc#1221070).
- Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch
(git-fixes CVE-2023-52600 bsc#1221071).
- Update
patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch
(bsc#1218958 CVE-2023-52450 bsc#1220237).
- Update
patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch
(git-fixes CVE-2023-52619 bsc#1221618).
- Update
patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
(git-fixes CVE-2023-52500 bsc#1220883).
- Update
patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch
(git-fixes CVE-2023-52594 bsc#1221045).
- Update
patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch
(git-fixes CVE-2023-52595 bsc#1221046).
- commit b1046c1
- Update
patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
(CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- commit a7b445d
- mm,page_owner: Fix accounting of pages when migrating
(bsc#1222366).
- commit 37b3731
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- commit 4dc29b0
- iommu/mediatek: Fix forever loop in error handling (git-fixes).
- commit 21d467e
- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
CVE-2023-52591).
- commit 66a189d
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- commit b2b2b31
- mm,page_owner: fix recursion (bsc#1222366).
- commit 4517a6d
- mm,page_owner: drop unnecessary check (bsc#1222366).
- commit 0c42427
- mm,page_owner: check for null stack_record before bumping its
refcount (bsc#1222366).
- commit 81f3531
- Update patches metadata
- commit f6df04d
- x86/bhi: Mitigate KVM by default (bsc#1217339 CVE-2024-2201).
- commit e8a52ff
- x86/bhi: Add BHI mitigation knob (bsc#1217339 CVE-2024-2201).
- Update config files.
- commit 66b3207
- x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1217339 CVE-2024-2201).
- commit 797a250
- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (bsc#1217339 CVE-2024-2201).
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- commit d9a50a1
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1217339 CVE-2024-2201).
- commit c5355fd
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Extend existing functionality to allow adding extra feature words in
addition to extra bug words. This code is adjusted from SLE12-SP5 patch.
- commit 44177f4
- x86/bhi: Add support for clearing branch history at syscall entry (bsc#1217339 CVE-2024-2201).
- commit 7297553
- x86/cpufeature: Add missing leaf enumeration (bsc#1217339 CVE-2024-2201).
- commit 72a3a61
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
(git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2
(stable-fixes).
- drm/amd/display: Return the correct HDCP error code
(stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
(stable-fixes).
- drm/exynos: do not return negative values from .get_modes()
(stable-fixes).
- drm/panel: do not return negative error codes from
drm_panel_get_modes() (stable-fixes).
- drm/probe-helper: warn about negative .get_modes()
(stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
(stable-fixes).
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
(stable-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
(stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges
(stable-fixes).
- commit 9310237
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- blacklist.conf: omit previous incomplete sockmap fix
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t
(git-fixes).
- commit 9a86a18
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- commit f738a42
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- commit 989b8c6
- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642 bsc#1221830).
- commit 02a907f
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032
- usb: typec: ucsi: Check for notifications after init
(git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
(git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds
(git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface()
(git-fixes).
- staging: vc04_services: fix information leak in
create_component() (git-fixes).
- commit 74f6b3e
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/qxl: remove unused variable from
`qxl_process_single_command()` (git-fixes).
- drm/qxl: remove unused `count` variable from
`qxl_surface_id_alloc()` (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if
needed (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object()
in acpi_db_walk_for_fields() (git-fixes).
- commit 22f136e
- README.BRANCH: Remove copy of branch name
- commit 4834fba
- README.BRANCH: Remove copy of branch name
- commit 9b22290
- thermal: intel: hfi: Add syscore callbacks for system-wide PM
(CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Disable an HFI instance when all its CPUs
go offline (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Enable an HFI instance from its first
online CPU (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Refactor enabling code into helper
functions (CVE-2024-26646 bsc#1222070).
- commit 8d3563b
- ASoC: meson: t9015: fix function pointer type mismatch
(git-fixes).
- drm/tegra: hdmi: Fix some error handling paths in
tegra_hdmi_probe() (git-fixes).
- drm/tegra: dsi: Fix some error handling paths in
tegra_dsi_probe() (git-fixes).
- net/x25: fix incorrect parameter validation in the
x25_getsockopt() function (git-fixes).
- Bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- lib/cmdline: Fix an invalid format specifier in an assertion
msg (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio
(stable-fixes).
- firewire: core: use long bus reset on gap count error
(stable-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
(stable-fixes).
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
(stable-fixes).
- drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
(stable-fixes).
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
(stable-fixes).
- commit 2335ed9
- ACPI: resource: Add Infinity laptops to
irq1_edge_low_force_override (stable-fixes).
- Refresh
patches.suse/ACPI-resource-Add-MAIBENBEN-X577-to-irq1_edge_low_fo.patch.
- commit a322c3a
- ASoC: meson: aiu: fix function pointer type mismatch
(git-fixes).
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
(stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
(stable-fixes).
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
(stable-fixes).
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono
mode (stable-fixes).
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
(stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi
Vi8 tablet (stable-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise
(stable-fixes).
- ASoC: meson: Use dev_err_probe() helper (stable-fixes).
- commit 8f94a4d
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- ALSA: aoa: avoid false-positive format truncation warning
(git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
(git-fixes).
- wifi: iwlwifi: fw: don't always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
(git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function
(git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
(git-fixes).
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
(stable-fixes).
- commit a43d7a1
- ipv6: init the accept_queue's spinlocks in inet6_create
(bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f
- net/bnx2x: Prevent access to a freed page in page_pool
(bsc#1215322).
- commit 6d39ac9
- tcp: make sure init the accept_queue's spinlocks once
(bsc#1221293 CVE-2024-26614).
- commit 943f002
- powerpc/boot: Disable power10 features after BOOTAFLAGS
assignment (bsc#1194869).
- commit 17f8de7
- powerpc/boot: Fix boot wrapper code generation with
CONFIG_POWER10_CPU (bsc#1194869).
- commit 9b67460
- powerpc/lib: Validate size for vector operations (bsc#1194869 CVE-2023-52606 bsc#1221069).
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
(CVE-2023-52607 bsc#1221061).
- powerpc: add compile-time support for lbarx, lharx
(bsc#1194869).
- Update config files.
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- Update config files.
- powerpc/sstep: Use bitwise instead of arithmetic operator for
flags (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__
(bsc#1194869).
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
- powerpc/lib/sstep: Don't use __{get/put}_user() on kernel
addresses (bsc#1194869).
- commit b17389a
- RDMA/mlx5: Relax DEVX access upon modify commands (git-fixes)
- commit 9423a91
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (git-fixes)
- commit 16e4eca
- Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d.
This fixes bsc#1221814
- commit bc3a73c
- Update
patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch
(git-fixes CVE-2023-52519 bsc#1220920).
- Update
patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch
(git-fixes CVE-2023-52529 bsc#1220929).
- Update
patches.suse/IB-hfi1-Fix-bugs-with-non-PAGE_SIZE-end-multi-iovec-.patch
(git-fixes CVE-2023-52474 bsc#1220445).
- Update
patches.suse/RDMA-siw-Fix-connection-failure-handling.patch
(git-fixes CVE-2023-52513 bsc#1221022).
- Update
patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch
(git-fixes CVE-2023-52515 bsc#1221048).
- Update
patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch
(git-fixes CVE-2023-52564 bsc#1220938).
- Update
patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch
(bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch
(git-fixes CVE-2023-52510 bsc#1220898).
- Update
patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch
(git-fixes CVE-2023-52524 bsc#1220927).
- Update
patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch
(git-fixes CVE-2023-52528 bsc#1220843).
- Update
patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch
(git-fixes CVE-2023-52507 bsc#1220833).
- Update
patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch
(git-fixes CVE-2023-52566 bsc#1220940).
- Update
patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
(bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch
(git-fixes CVE-2023-52520 bsc#1220921).
- Update
patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
(bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch
(git-fixes CVE-2023-52501 bsc#1220885).
- Update
patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch
(git-fixes CVE-2023-52567 bsc#1220839).
- Update
patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch
(git-fixes CVE-2023-52517 bsc#1221055).
- Update
patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch
(git-fixes CVE-2023-52511 bsc#1221012).
- Update
patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch
(git-fixes CVE-2023-52525 bsc#1220840).
- Update
patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch
(git-fixes CVE-2023-52504 bsc#1221553).
- Update
patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
(git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0
- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
(bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
patches.suse/crypto-qcom-rng-ensure-buffer-for-generate-is-comple.patch
(git-fixes CVE-2022-48629 bsc#1220989).
- Update
patches.suse/crypto-qcom-rng-fix-infinite-loop-on-requests-not-mu.patch
(git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-harden-detection-of-controll.patch
(git-fixes CVE-2021-46926 bsc#1220478).
- Update
patches.suse/ALSA-rawmidi-fix-the-uninitalized-user_pversion.patch
(git-fixes CVE-2021-47096 bsc#1220981).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(git-fixes CVE-2021-47104 bsc#1220960).
- Update
patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
(git-fixes CVE-2021-47097 bsc#1220982).
- Update
patches.suse/KVM-x86-mmu-Don-t-advance-iterator-after-restart-due.patch
(git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
(git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
(git-fixes CVE-2021-47101 bsc#1220987).
- Update
patches.suse/drm-mediatek-hdmi-Perform-NULL-pointer-check-for-mtk.patch
(git-fixes CVE-2021-47108 bsc#1220986).
- Update
patches.suse/hwmon-lm90-Prevent-integer-overflow-underflow-in-hys.patch
(git-fixes CVE-2021-47098 bsc#1220983).
- Update
patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
(git-fixes CVE-2021-47100 bsc#1220985).
- Update
patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
(bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
patches.suse/mac80211-fix-locking-in-ieee80211_start_ap-error-pat.patch
(git-fixes CVE-2021-47091 bsc#1220959).
- Update
patches.suse/net-fix-use-after-free-in-tw_timer_handler.patch
(bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
patches.suse/net-marvell-prestera-fix-incorrect-structure-access.patch
(git-fixes CVE-2021-47102 bsc#1221009).
- Update
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock
(git-fixes CVE-2021-46925 bsc#1220466).
- Update
patches.suse/nitro_enclaves-Use-get_user_pages_unlocked-call-to-handle-mmap-assert.patch
(git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
patches.suse/platform-x86-intel_pmc_core-fix-memleak-on-registrat.patch
(git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
(CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
(jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
(bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
bsc#1220969).
- Update
patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
(git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
(git-fixes CVE-2021-46930 bsc#1220484).
- Update
patches.suse/veth-ensure-skb-entering-GRO-are-not-cloned.patch
(git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- commit 1bac2ee
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- commit 0a6b09b
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- commit 11123f1
- selftests/bpf: add generic BPF program tester-loader
(bsc#1222033).
- Refresh patches.suse/selftests-bpf-convenience-macro-for-use-with-asm-vol.patch
- commit fac2b7e
- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - resolve race condition during AER recovery
(git-fixes).
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - fix unregistration of compression algorithms
(git-fixes).
- crypto: qat - fix unregistration of crypto algorithms
(git-fixes).
- crypto: qat - ignore subsequent state up commands (git-fixes).
- commit 57086a4
- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- commit b45a9b9
- PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
(git-fixes).
- PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
(git-fixes).
- commit 71917a0
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit 30c5680
- s390/vtime: fix average steal time calculation (git-fixes
bsc#1221951).
- commit dcc65eb
- s390/ptrace: handle setting of fpc register correctly
(CVE-2023-52598 bsc#1221060 git-fixes).
- commit 997994b
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
CVE-2023-7042).
- commit 1784f9f
- ubi: Check for too small LEB size in VTBL code (bsc#1219834
CVE-2024-25739).
- commit ad7e175
- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
(git-fixes).
- commit 617f4f7
- PCI: rockchip: Fix window mapping and address translation for
endpoint (git-fixes).
- Refresh
patches.suse/PCI-rockchip-Use-u32-variable-to-access-32-bit-regis.patch.
- commit ebc378b
- PCI: qcom: Enable BDF to SID translation properly (git-fixes).
- PCI: mediatek-gen3: Fix translation window size calculation
(git-fixes).
- PCI: mediatek: Clear interrupt status before dispatching handler
(git-fixes).
- PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment
support (git-fixes).
- PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
(git-fixes).
- Revert "PCI: tegra194: Enable support for 256 Byte payload"
(git-fixes).
- PCI: fu740: Set the number of MSI vectors (git-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL
(git-fixes).
- PCI: Add locking to RMW PCI Express Capability Register
accessors (git-fixes).
- kABI: PCI: Add locking to RMW PCI Express Capability Register
accessors (kabi).
- PCI: qcom: Use DWC helpers for modifying the read-only DBI
registers (git-fixes).
- commit 150da46
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- commit 20654b5
- wifi: ath11k: decrease MHI channel buffer length to 8KB
(bsc#1207948).
- commit ccda276
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- commit 76719ba
- nvme: fix reconnection fail due to reserved tag allocation
(git-fixes).
- commit 08c50ef
- blacklist.conf: add a couple of PCI ones
- commit 37e30e0
- bpf, scripts: Correct GPL license name (git-fixes).
- commit b7a1062
- Refresh
patches.suse/nfsd4-add-refcount-for-nfsd4_blocked_lock.patch.
Add another commit id
- commit 6697f38
- blacklist.conf: add unwanted nfs commit
- commit a4cc44e
- NFSv4.2: fix wrong shrinker_id (git-fixes).
- commit 5ba59c3
- Add cherry-picked id of amdgpu patch (git-fixes)
- commit 3498702
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
(git-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- nouveau: reset the bo resource bus info after an eviction
(git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
(git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
(git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end
of file (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx()
API (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- serial: 8250_exar: Don't remove GPIO device on suspend
(git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
(git-fixes).
- serial: max310x: fix syntax error in IRQ error message
(git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to
net2272_probe_fin (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma
(git-fixes).
- usb: audio-v2: Correct comments for struct
uac_clock_selector_descriptor (git-fixes).
- commit d110a91
- blacklist.conf: add usb gadget patch to be reverted later
- commit d1cbd2f
- Add cherry-picked id to amdgpu patch
- commit 2d7799f
- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a
- ubifs: Queue up space reservation tasks if retrying many times
(git-fixes).
- commit 061dcaa
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed
(git-fixes).
- commit 493a02c
- ubifs: Remove unreachable code in dbg_check_ltab_lnum
(git-fixes).
- commit 2771652
- ubifs: fix sort function prototype (git-fixes).
- commit 6125609
- Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes bsc#1221276 CVE-2023-52492)
- commit 7007f7d
- ubifs: Set page uptodate in the correct place (git-fixes).
- commit 219703b
- iommu/vt-d: Allow to use flush-queue when first level is
default (git-fixes).
- commit 1821f9c
- iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
- commit 23b5322
- iommu/vt-d: Set No Execute Enable bit in PASID table entry
(git-fixes).
- commit 3ba9d71
- iommu/mediatek-v1: Fix an error handling path in
mtk_iommu_v1_probe() (git-fixes).
- commit 3b5ce5d
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(bsc#1219170 CVE-2024-22099).
- commit ece27a6
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Change debug message during driver unload
(bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
(bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- commit ac0c897
- scsi: lpfc: Copyright updates for 14.4.0.1 patches
(bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3
ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr
(bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr
(bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state
(bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in
lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
(bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
(bsc#1221777 bsc#1217959).
- scsi: lpfc: Move NPIV's transport unregistration to after
resource clean up (bsc#1221777).
- scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
(bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- commit 173a64c
- firmware: arm_scmi: Check mailbox/SMT channel for consistency (bsc#1221375 CVE-2023-52608)
- commit f829935
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- commit dfc50d6
- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- commit c06fc74
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
(git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
(git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is
shut down (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work
(git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount
(git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE
(git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian
(git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- commit 90396a4
- clk: zynq: Prevent null pointer dereference caused by kmalloc
failure (git-fixes).
- commit 6c59283
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- commit c2aa41d
- iommu/dma: Trace bounce buffer usage when mapping buffers
(git-fixes).
- commit e3645be
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- commit 5978536
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- commit 936859f
- Drop temporarily amdgpu patch (to be reapplied later)
- commit 809ae8f
- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- commit 373361b
- RDMA/device: Fix a race between mad_client and cm_client init (git-fixes)
- commit 5b52744
- RDMA/hns: Fix mis-modifying default congestion control algorithm (git-fixes)
- commit 95141c0
- RDMA/srpt: Do not register event handler until srpt device is fully setup (git-fixes)
- commit 5d33595
- RDMA/irdma: Remove duplicate assignment (git-fixes)
- commit 9841c04
- blacklist.conf: cleanup only
- commit ecab69c
- blacklist.conf: kABI
- commit 94731b9
- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
(git-fixes).
- commit dc89308
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: Revert vblank change that causes null pointer
crash (git-fixes).
- commit 7e422d7
- Revert "Revert "drm/amdgpu/display: change pipe policy for
DCN 2.0"" (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty
rectangles (git-fixes).
- commit 7922bac
- Refresh patches.suse/drm-amd-display-always-switch-off-ODM-before-committ.patch
Add cherry-pickd id
- commit feac6cf
- Refresh patches.suse/drm-amd-display-Write-to-correct-dirty_rect.patch
Add cherry-picked id
- commit d1b610a
- drm/amd/display: For prefetch mode > 0, extend prefetch if
possible (git-fixes).
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
(git-fixes).
- drm/amd/display: Increase frame warning limit with KASAN or
KCSAN in dml (git-fixes).
- drm/amd: Enable PCIe PME from D3 (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/display: fix ABM disablement (git-fixes).
- drm/amd/display: Update min Z8 residency time to 2100 for DCN314
(git-fixes).
- drm/amd/display: Remove min_dst_y_next_start check for Z8
(git-fixes).
- drm/amd/display: Use DRAM speed from validation for dummy
p-state (git-fixes).
- drm/amdgpu: Force order between a read and write to the same
address (git-fixes).
- drm/amd/display: Include udelay when waiting for INBOX0 ACK
(git-fixes).
- drm/i915: Call intel_pre_plane_updates() also for pipes getting
enabled (git-fixes).
- drm/panel: auo,b101uan08.3: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: Enable fast plane updates on DCN3.2 and above
(git-fixes).
- drm/amd/display: fix a NULL pointer dereference in
amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: Guard against invalid RPTR/WPTR being set
(git-fixes).
- drm/amdgpu: lower CS errors to debug severity (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
- drm/i915: Add missing CCS documentation (git-fixes).
- drm/amdgpu: Unset context priority is now invalid (git-fixes).
- drm/panel: Move AUX B116XW03 out of panel-edp back to
panel-simple (git-fixes).
- Revert "drm/amd: Disable S/G for APUs when 64GB or more host
memory" (git-fixes).
- drm/amd/display: always switch off ODM before committing more
streams (git-fixes).
- drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for
DCN31 (git-fixes).
- drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK
(git-fixes).
- drm/amd/display: Fix a bug when searching for insert_above_mpcc
(git-fixes).
- commit e9791f4
- Refresh patches.suse/drm-amdgpu-vcn-Disable-indirect-SRAM-on-Vangogh-brok.patch (git-fixes)
Alt-commit
- commit 633cb3b
- Refresh patches.suse/1398-drm-i915-pass-a-pointer-for-tlb-seqno-at-vma_invalid.patch (git-fixes)
Alt-commit
- commit 4cec8c9
- Refresh patches.suse/1866-drm-i915-ttm-fix-32b-build.patch (git-fixes)
Alt-commit
- commit a1a2486
- drm/amd/display: ensure async flips are only accepted for fast
updates (git-fixes).
- drm/exynos: fix a possible null-pointer dereference due to
data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
(git-fixes).
- drm/amd/display: Fix underflow issue on 175hz timing
(git-fixes).
- drm/amd/display: dc.h: eliminate kernel-doc warnings
(git-fixes).
- drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
- drm/bridge: tc358762: Instruct DSI host to generate HSE packets
(git-fixes).
- drm/amdgpu: Match against exact bootloader status (git-fixes).
- drm/amd/display: Exit idle optimizations before attempt to
access PHY (git-fixes).
- drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
(git-fixes).
- drm/amd/smu: use AverageGfxclkFrequency* to replace previous
GFX Curr Clock (git-fixes).
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
(git-fixes).
- drm/ttm: Don't leak a resource on eviction error (git-fixes).
- drm/amd/display: Fix the delta clamping for shaper LUT
(git-fixes).
- Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON"
(git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Phoenix (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Rembrandt (git-fixes).
- drm/amd/display: Update correct DCN314 register header
(git-fixes).
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards
(git-fixes).
- drm/amd/display: Restore rptr/wptr for DMCUB as workaround
(git-fixes).
- drm/amd/display: Add FAMS validation before trying to use it
(git-fixes).
- drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: add ODM case when looking for first split pipe
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.1"
(git-fixes).
- commit 5e1df8b
- drm/amd/display: Keep PHY active for dp config (git-fixes).
- drm/ttm: Don't print error message if eviction was interrupted
(git-fixes).
- Revert "drm/vc4: hdmi: Enforce the minimum rate at
runtime_resume" (git-fixes).
- drm/amd/display: Write to correct dirty_rect (git-fixes).
- drm/amd/display: clean code-style issues in
dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off
(git-fixes).
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate
modes on dcn315 (git-fixes).
- drm/amd/display: use low clocks for no plane configs
(git-fixes).
- drm/amd/display: Use min transition for all SubVP plane
add/remove (git-fixes).
- drm/amd/display: Rework comments on dc file (git-fixes).
- drm/amd/display: Expand kernel doc for DC (git-fixes).
- drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
(git-fixes).
- drm/amd/display: Update OTG instance in the commit stream
(git-fixes).
- drm/amd/display: Handle seamless boot stream (git-fixes).
- drm/amd/display: Add function for validate and update new stream
(git-fixes).
- drm/amd/display: Handle virtual hardware detect (git-fixes).
- drm/amd/display: Include surface of unaffected streams
(git-fixes).
- drm/amd/display: Copy DC context in the commit streams
(git-fixes).
- drm/amd/display: Enable new commit sequence only for DCN32x
(git-fixes).
- drm/amd/display: Rework context change check (git-fixes).
- drm/amd/display: Check if link state is valid (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Acer Switch V 10
(SW5-017) (git-fixes).
- drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
(git-fixes).
- drm/vc4: Add module dependency on hdmi-codec (git-fixes).
- drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
(git-fixes).
- commit 17a985c
- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
(git-fixes).
- mtd: rawnand: meson: fix scrambling mode value in command macro
(git-fixes).
- mtd: maps: physmap-core: fix flash size larger than 32-bit
(git-fixes).
- media: usbtv: Remove useless locks in usbtv_video_free()
(git-fixes).
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang
(git-fixes).
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: remove redundant NULL check (git-fixes).
- media: go7007: add check of return value of go7007_read_addr()
(git-fixes).
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- media: sun8i-di: Fix chroma difference threshold (git-fixes).
- media: sun8i-di: Fix power on/off sequences (git-fixes).
- media: sun8i-di: Fix coefficient writes (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
(git-fixes).
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: em28xx: annotate unchecked call to
media_device_register() (git-fixes).
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
(git-fixes).
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop
(git-fixes).
- mmc: mmci: stm32: fix DMA API overlapping mappings warning
(git-fixes).
- drm/amd/display: Wrong colorimetry workaround (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned DMA requests
(git-fixes).
- commit 6d10a8f
- blacklist.conf: kABI
- commit 6018730
- blacklist.conf: merely a cleanup
- commit f35d79c
- xhci: handle isoc Babble and Buffer Overrun events properly
(git-fixes).
- commit b33a274
- xhci: process isoc TD properly when there was a transaction
error mid TD (git-fixes).
- commit ef9dcf9
- Refresh patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch (git-fixes)
Alt-commit
- commit 51173ed
- Refresh patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes)
Alt-commit
- commit 9a337ae
- Refresh patches.suse/drm-amdgpu-display-Initialize-gamma-correction-mode-.patch (git-fixes)
Alt-commit
- commit ae35079
- Refresh patches.suse/drm-amd-display-Fix-possible-NULL-dereference-on-dev.patch (git-fixes)
Alt-commit
- commit 968007a
- Refresh patches.suse/Revert-drm-amd-display-increased-min_dcfclk_mhz-and-.patch (git-fixes)
Alt-commit
- commit 29d289f
- Refresh patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes)
Alt-commit
- commit 6c8d470
- Refresh patches.suse/drm-amd-display-Fix-possible-buffer-overflow-in-find.patch (git-fixes)
Alt-commit
- commit d66904a
- Refresh patches.suse/drm-amdgpu-Fix-missing-error-code-in-gmc_v6-7-8-9_0_.patch (git-fixes)
Alt-commit
- commit 17a587a
- Refresh patches.suse/drm-bridge-sii902x-Fix-probing-race-issue.patch (git-fixes)
Alt-commit
- commit 0c6bf24
- Refresh patches.suse/drm-i915-dp-Fix-passing-the-correct-DPCD_REV-for-drm.patch (git-fixes)
Alt-commit
- commit eeb30fc
- Refresh patches.suse/drm-amd-Disable-ASPM-for-VI-w-all-Intel-systems.patch (git-fixes)
Alt-commit
- commit 2b0efc6
- Refresh patches.suse/drm-amd-Fix-detection-of-_PR3-on-the-PCIe-root-port.patch (git-fixes)
Alt-commit
- commit 0458ace
- Refresh patches.suse/drm-amd-display-fix-the-white-screen-issue-when-64GB.patch (git-fixes)
Alt-commit
- commit 46ed395
- Refresh patches.suse/drm-amd-display-prevent-potential-division-by-zero-e.patch (git-fixes)
Alt-commit
- commit b7ab8de
- Refresh patches.suse/drm-amd-display-enable-cursor-degamma-for-DCN3-DRM-l.patch (git-fixes)
Alt-commit
- commit 885580e
- Refresh patches.suse/drm-amd-display-Remove-wait-while-locked.patch (git-fixes)
Alt-commit
- commit 43c45c5
- Refresh patches.suse/drm-amd-display-Add-smu-write-msg-id-fail-retry-proc.patch (git-fixes)
Alt-commit
- commit b800d81
- Refresh patches.suse/drm-amd-display-register-edp_backlight_control-for-D.patch (git-fixes)
Alt-commit
- commit 164cdf4
- Refresh patches.suse/drm-amdgpu-fix-Null-pointer-dereference-error-in-amd.patch (git-fixes)
Alt-commit
- commit c814bba
- Refresh patches.suse/drm-amdgpu-gfx10-Disable-gfxoff-before-disabling-pow.patch (git-fixes)
Alt-commit
- commit e937913
- Refresh patches.suse/drm-amd-pm-parse-pp_handle-under-appropriate-conditi.patch (git-fixes)
Alt-commit
- commit f5d987c
- Refresh patches.suse/drm-amd-display-fix-access-hdcp_workqueue-assert.patch (git-fixes)
Alt-commit
- commit 0906f4d
- Refresh patches.suse/drm-amdgpu-nv-Apply-ASPM-quirk-on-Intel-ADL-AMD-Navi.patch (git-fixes)
Alt-commit
- commit c25da25
- Refresh patches.suse/drm-amdgpu-Correct-the-power-calcultion-for-Renior-C.patch (git-fixes)
Alt-commit
- commit bb8f92f
- Refresh patches.suse/0549-drm-amdgpu-enable-Vangogh-VCN-indirect-sram-mode.patch (git-fixes)
Alt-commit
- commit aa42634
- Refresh patches.suse/drm-i915-Never-return-0-if-not-all-requests-retired.patch (git-fixes)
Alt-commit
- commit bf8aa0c
- Refresh patches.suse/drm-i915-Fix-negative-value-passed-as-remaining-time.patch (git-fixes)
Alt-commit
- commit 33c3117
- Refresh patches.suse/drm-display-dp_mst-Fix-drm_dp_mst_add_affected_dsc_c.patch (git-fixes)
Alt-commit
- commit 5f0e59c
- Refresh patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch (git-fixes)
Alt-commit
- commit ae7a01a
- Refresh patches.suse/drm-amdgpu-dm-dp_mst-Don-t-grab-mst_mgr-lock-when-co.patch (git-fixes)
Alt-commit
- commit a480119
- Refresh patches.suse/drm-amdgpu-dm-mst-Use-the-correct-topology-mgr-point.patch (git-fixes)
Alt-commit
- commit cfd3d6f
- Refresh patches.suse/1625-drm-i915-vdsc-Set-VDSC-PIC_HEIGHT-before-using-for-D.patch (git-fixes)
Alt-commit
- commit 0691a9b
- Refresh patches.suse/1585-drm-i915-slpc-Let-s-fix-the-PCODE-min-freq-table-set.patch (git-fixes)
Alt-commit
- commit b19cad4
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit fb1fad7
- Refresh patches.suse/1396-drm-i915-gt-Batch-TLB-invalidations.patch (git-fixes)
Alt-commit
- commit 1d66c31
- Refresh patches.suse/1394-drm-i915-gt-Invalidate-TLB-of-the-OA-unit-at-TLB-inv.patch (git-fixes)
Alt-commit
- commit 5c89722
- Refresh patches.suse/1393-drm-i915-gt-Ignore-TLB-invalidations-on-idle-engines.patch (git-fixes)
Alt-commit
- commit 43ab4df
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit 9329ad7
- Refresh patches.suse/1859-drm-i915-selftests-fix-subtraction-overflow-bug.patch (git-fixes)
Alt-commit
- commit 3943b71
- Refresh patches.suse/1855-drm-i915-ttm-fix-sg_table-construction.patch (git-fixes)
Alt-commit
- commit d989f7a
- Refresh patches.suse/1644-i915-guc-reset-Make-__guc_reset_context-aware-of-gui.patch (git-fixes)
Alt-commit
- commit 4511955
- Refresh patches.suse/1639-drm-amd-Don-t-reset-dGPUs-if-the-system-is-going-to-.patch (git-fixes)
Alt-commit
- commit 69ca555
- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
CVE-2023-52476).
- commit c52b506
- fs: introduce lock_rename_child() helper (bsc#1221044
CVE-2023-52591).
Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0
- rename(): avoid a deadlock in the case of parents having no
common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098
- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef
- rename(): fix the locking of subdirectories (bsc#1221044
CVE-2023-52591).
- commit 146d81f
- f2fs: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 5344280
- ext4: don't access the source subdirectory content on
same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374
- ext2: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 2edcc11
- udf_rename(): only access the child content on cross-directory
rename (bsc#1221044 CVE-2023-52591).
- commit 0257614
- ocfs2: Avoid touching renamed directory if parent does not
change (bsc#1221044 CVE-2023-52591).
- commit e786f3a
- reiserfs: Avoid touching renamed directory if parent does not
change (git-fixes bsc#1221044 CVE-2023-52591).
Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca
- fs: don't assume arguments are non-NULL (bsc#1221044
CVE-2023-52591).
- commit 2177893
- fs: Restrict lock_two_nondirectories() to non-directory inodes
(bsc#1221044 CVE-2023-52591).
- commit a59a7cb
- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f
- s390/pai: fix attr_event_free upper limit for pai device drivers
(git-fixes bsc#1221633).
- commit dcd390e
- KVM: s390: only deliver the set service event bits (git-fixes
bsc#1221631).
- commit 6e3593c
- Update
patches.suse/s390-vfio-ap-always-filter-entire-AP-matrix.patch
(git-fixes bsc#1219012 CVE-2024-26620 bsc#1221298).
- commit 4fb9779
- iommu/vt-d: Don't issue ATS Invalidation request when device
is disconnected (git-fixes).
- commit 4c37f6f
- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nilfs2: fix failure to detect DAT corruption in btree and
direct mappings (git-fixes).
- ALSA: usb-audio: Stop parsing channels bits when all channels
are found (git-fixes).
- ALSA: aaci: Delete unused variable in aaci_do_suspend
(git-fixes).
- ASoC: meson: axg-tdm-interface: add frame rate constraint
(git-fixes).
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
(git-fixes).
- ASoC: amd: acp: Add missing error handling in sof-mach
(git-fixes).
- ALSA: seq: fix function cast warnings (git-fixes).
- ALSA: aw2: avoid casting function pointers (git-fixes).
- ALSA: ctxfi: avoid casting function pointers (git-fixes).
- PCI: dwc: endpoint: Fix advertised resizable BAR size
(git-fixes).
- PCI: switchtec: Fix an error handling path in
switchtec_pci_probe() (git-fixes).
- PCI/P2PDMA: Fix a sleeping issue in a RCU read section
(git-fixes).
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
(git-fixes).
- PCI/DPC: Print all TLP Prefixes, not just the first (git-fixes).
- PCI/AER: Fix rootport attribute paths in ABI docs (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check
(git-fixes).
- leds: aw2013: Unlock mutex before destroying it (git-fixes).
- backlight: lp8788: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3639: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: da9052: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3630a: Don't set bl->props.brightness in
get_brightness (git-fixes).
- backlight: lm3630a: Initialize backlight_properties on init
(git-fixes).
- mfd: altera-sysmgr: Call of_node_put() only when
of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: Call of_node_put() only when of_parse_phandle()
takes a ref (git-fixes).
- pinctrl: mediatek: Drop bogus slew rate register range for
MT8192 (git-fixes).
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
(git-fixes).
- HID: amd_sfh: Update HPD sensor structure elements (git-fixes).
- commit d46946b
- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
This is an optimisation patch which got added late so there's no hurry
to merge it.
- commit 69db574
- Properly sort already upstream patches
- Refresh
patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
patches.suse/x86-entry-ia32-Ensure-s32-is-sign-extended-to-s64.patch.
- Refresh
patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit fe7e19d
- iommu/amd: Mark interrupt as managed (git-fixes).
- commit 7365cc3
- arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
- commit e4605be
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL")
- commit 037b20c
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pull resistors for SD card")
- commit a5753b4
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals")
- commit 1c17a18
- arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
- commit f4fdf95
- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- commit a51708e
- arm64: mm: fix VA-range sanity check (git-fixes)
- commit dd606ae
- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- commit 4c81404
- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- commit 59dc2f8
- arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
- commit b5996a2
- arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
- commit 499e8df
- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
(jsc#PED-7167 bsc#1218643 bsc#1221338 bsc#1220114).
- commit 727559f
- Make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- commit d2f65b3
- drm/msm/dpu: add division of drm_display_mode's hskew parameter
(git-fixes).
- drm/etnaviv: Restore some id values (git-fixes).
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of
atom_get_src_int() (git-fixes).
- drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
enabled (git-fixes).
- drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
(git-fixes).
- drm/msm/dpu: improve DSC allocation (git-fixes).
- drm/mediatek: Fix a null pointer crash in
mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
(git-fixes).
- drm/tidss: Fix sync-lost issue with two displays (git-fixes).
- drm/tidss: Fix initial plane zpos values (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
(git-fixes).
- drm/radeon/ni: Fix wrong firmware size logging in
ni_init_microcode() (git-fixes).
- drm/amd/display: Fix a potential buffer overflow in
'dp_dsc_clock_en_read()' (git-fixes).
- drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode()
(git-fixes).
- drm/vmwgfx: Fix possible null pointer derefence with invalid
contexts (git-fixes).
- media: tc358743: register v4l2 async device only after
successful setup (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- PM: suspend: Set mem_sleep_current during kernel command line
setup (git-fixes).
- mmc: core: Fix switch on gp3 partition (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region()
call in the .remove function (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done()
(git-fixes).
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data
(git-fixes).
- commit 7758a76
- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing
defer (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
- drm/tegra: output: Fix missing i2c_put_adapter() in the error
handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: rgb: Fix missing clk_put() in the error handling
paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: Fix some error handling paths in
tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error
handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dpaux: Fix PM disable depth imbalance in
tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: Add missing check for of_find_device_by_node
(git-fixes).
- ACPI: processor_idle: Fix memory leak in
acpi_processor_power_exit() (git-fixes).
- ACPI: resource: Add MAIBENBEN X577 to
irq1_edge_low_force_override (git-fixes).
- ACPI: scan: Fix device check notification handling (git-fixes).
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
(git-fixes).
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's
return value (git-fixes).
- cpufreq: amd-pstate: Fix min_perf assignment in
amd_pstate_adjust_perf() (git-fixes).
- commit 1cf1fe2
- RAS: Export helper to get ras_debugfs_dir (jsc#PED-7619).
- commit 2d174a0
- powerpc/pseries: Fix potential memleak in papr_get_attr()
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- commit 3aea930
- RAS/AMD/FMPM: Fix off by one when unwinding on error (jsc#PED-7619).
- commit b104443
- RAS/AMD/FMPM: Add debugfs interface to print record entries (jsc#PED-7619).
- commit 0fb8312
- RAS/AMD/FMPM: Save SPA values (jsc#PED-7619).
- commit 749cc57
- Sort the AMD edac patches
- Refresh
patches.suse/Documentation-RAS-Add-index-and-address-translation-sectio.patch.
- Refresh
patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-DRAM-to-normalized-address-translati.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-row-retirement-support.patch.
- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-array-overflow-in-get_logical_coh_st_fabri.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-bit-overflow-in-denorm_addr_df4_np2.patch.
- Refresh
patches.suse/RAS-Introduce-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-Introduce-a-FRU-memory-poison-manager.patch.
- commit 9e22745
- net: phy: fix phy_get_internal_delay accessing an empty array
(git-fixes).
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
(git-fixes).
- Bluetooth: mgmt: Remove leftover queuing of power_off work
(git-fixes).
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
(git-fixes).
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init
is complete (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning
up all interfaces (git-fixes).
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
(git-fixes).
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
(git-fixes).
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices
(git-fixes).
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures
(git-fixes).
- wifi: brcmfmac: fix copyright year mentioned in platform_data
header (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- can: softing: remove redundant NULL check (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif
(git-fixes).
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
(git-fixes).
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
(git-fixes).
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is
disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is
disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros
(git-fixes).
- commit 15851fa
- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- commit 407c3c5
- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
Add git-commit info
- commit bc859f9
- pNFS: Fix the pnfs block driver's calculation of layoutget size
(git-fixes).
- NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
(git-fixes).
- blocklayoutdriver: Fix reference leak of pnfs_device_node
(git-fixes).
- SUNRPC: Fix a suspicious RCU usage warning (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
(git-fixes).
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- SUNRPC: Add an IS_ERR() check back to where it was (git-fixes).
- SUNRPC: ECONNRESET might require a rebind (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same
fs (git-fixes).
- pNFS/flexfiles: Check the layout validity in
ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
- Revert "SUNRPC dont update timeout value on connection reset"
(git-fixes).
- NFSv4: Fix a state manager thread deadlock regression
(git-fixes).
- NFSv4: Fix a nfs4_state_manager() race (git-fixes).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- NFS: rename nfs_client_kset to nfs_kset (git-fixes).
- commit dc5b918
- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
Fix for kABI workaround.
- commit 6ba2f5d
- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
CVE-2023-52583).
- commit 1a81018
- sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
- commit ee86051
- Update
patches.suse/netfs-fscache-Prevent-Oops-in-fscache_put_cache.patch
(bsc#1220003 bsc#1221291 CVE-2024-26612).
- commit 0607d13
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit dfd082b
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit b301f9c
- Refresh
patches.suse/mm-ima-kexec-of-use-memblock_free_late-from-ima_free.patch.
Fix:
* Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01
- scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
- commit 1d550ca
- sched/rt: sysctl_sched_rr_timeslice show default timeslice
after reset (bsc#1220176).
- commit 4ac46cd
- powerpc/pseries/iommu: IOMMU table is not initialized for
kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 27b28f5
- Update
patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
(bsc#1220790 CVE-2023-52477).
- commit d33bab7
- nvmet-fc: take ref count on tgtport before delete assoc
(git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- commit 4d1e993
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- md: fix data corruption for raid456 when reshape restart while
grow up (git-fixes).
- commit 35ee14b
- i2c: aspeed: Fix the dummy irq expected print (git-fixes).
- i2c: wmt: Fix an error handling path in wmt_i2c_probe()
(git-fixes).
- i2c: i801: Avoid potential double call to
gpiod_remove_lookup_table (git-fixes).
- comedi: comedi_test: Prevent timers rescheduling during deletion
(git-fixes).
- iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS
is enabled (git-fixes).
- vt: fix unicode buffer corruption when deleting characters
(git-fixes).
- usb: port: Don't try to peer unused USB ports based on location
(git-fixes).
- usb: gadget: ncm: Fix handling of zero block length packets
(git-fixes).
- USB: usb-storage: Prevent divide-by-0 error in
isd200_ata_command (git-fixes).
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
(git-fixes).
- ASoC: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- ASoC: madera: Fix typo in madera_set_fll_clks shift value
(git-fixes).
- ALSA: hda/realtek - Fix headset Mic no show at resume back
for Lenovo ALC897 platform (git-fixes).
- drm/i915/selftests: Fix dependency of some timeouts on HZ
(git-fixes).
- drm/i915: Check before removing mm notifier (git-fixes).
- commit 5e91dbb
- s390/vfio-ap: wire in the vfio_device_ops request callback
(bsc#1205316).
- commit dc0bc15
- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
(bsc#1205316).
- commit 17d9de4
- Fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775)
Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit 8983adc
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- commit 5154c94
- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
(bsc#1205316).
- commit dbbf2ae
- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
(git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
(git-fixes).
- commit d4f6f9f
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4
- coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
- commit 4473cfd
- coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit ef5cdf7
- IB/ipoib: Fix mcast list locking (git-fixes)
- commit 8d1c71a
- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (git-fixes)
- commit c54bb31
- coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
- commit fba33fc
- group-source-files.pl: Quote filenames (boo#1221077).
The kernel source now contains a file with a space in the name.
Add quotes in group-source-files.pl to avoid splitting the filename.
Also use -print0 / -0 when updating timestamps.
- commit a005e42
- mm,ima,kexec,of: use memblock_free_late from
ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a
- PCI/MSI: Prevent MSI hardware interrupt number truncation (bsc#1218777)
- commit 5410859
- Update patches.suse/phy-ti-phy-omap-usb2-Fix-NULL-pointer-dereference-fo.patch (git-fixes,bsc#1220340,CVE-2024-26600)
- commit e321d5a
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a
- erofs: fix lz4 inplace decompression (CVE-2023-52497
bsc#1220879).
- commit ddeedf9
- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
CVE-2023-52605).
- commit 635c481
- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivileged-load-workaround.patch (bsc#1219443, bsc#1220887, CVE-2023-52481)
- commit 52243ca
- kernel-binary: Fix i386 build
Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d
- net: nfc: fix races in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586
- kabi: team: Hide new member header_ops (bsc#1220870
CVE-2023-52574).
- commit 9f49992
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
bsc#1221040 CVE-2023-52597).
- commit a90b87c
- tracing: Inform kmemleak of saved_cmdlines allocation
(git-fixes).
- commit bb07230
- Update
patches.suse/ceph-drop-messages-from-MDS-when-unmounting.patch
(jsc#SES-1880 CVE-2022-48628 bsc#1220848).
- commit 187fa94
- kernel-binary: vdso: fix filelist for non-usrmerged kernel
Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221
- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
(bsc#1220926 CVE-2023-52523).
- commit 90d9f50
- md: Make sure md_do_sync() will set MD_RECOVERY_DONE
(git-fixes).
- md: Don't ignore suspended array in md_check_recovery()
(git-fixes).
- md: Whenassemble the array, consult the superblock of the
freshest device (git-fixes).
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of
md_set_readonly() (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should
wait on the reshape (git-fixes).
- md/raid5: release batch_last before waiting for another
stripe_head (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
(git-fixes).
- md: introduce md_ro_state (git-fixes).
- commit cef73db
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
(bsc#1218562 CVE-2023-6270).
- commit 57a4cd4
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0
- topology: Fix up build warning in topology_is_visible()
(jsc#PED-7618).
- commit 6c82a8d
- topology/sysfs: Hide PPIN on systems that do not support it
(jsc#PED-7618).
- commit d8d9717
- blacklist.conf: add non-backport md git-fixes commits
- commit b13564d
- iommu/vt-d: Avoid memory allocation in iommu_suspend()
(CVE-2023-52559 bsc#1220933).
- commit c9b01ef
- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
- update to upstream version
- rename to same name as SLE15 SP5
- commit 1d2def1
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
(bsc#1220870 CVE-2023-52574).
- commit 2cc53f5
- Update
patches.suse/ice-xsk-return-xsk-buffers-back-to-pool-when-cleanin.patch
(jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
(bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
(jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
Added CVE references.
- commit 3e396c2
- Input: pm8941-powerkey - fix debounce on gen2+ PMICs
(git-fixes).
- commit bbebd44
- Input: pm8941-pwrkey - add support for PON GEN3 base addresses
(git-fixes).
- commit 7ab5a9e
- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
(git-fixes bsc#1220469 CVE-2021-46934).
Add bug and CVE references.
- commit 3a04060
- bpf: fix check for attempt to corrupt spilled pointer
(bsc#1220325 CVE-2023-52462).
- commit 34faa5d
- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- commit 6793acf
- less
-
- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
metacharacters, bsc#1219901
* CVE-2022-48624.patch
- util-linux
-
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- c-ares
-
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
(bsc#1220279, CVE-2024-25629)
- expat
-
- Security fix (boo#1221289, CVE-2024-28757): XML Entity Expansion
attack when there is isolated use of external parsers.
* Added expat-CVE-2024-28757.patch
- Security fix:
* (CVE-2023-52425, bsc#1219559) denial of service (resource
consumption) caused by processing large tokens.
- Added patch expat-CVE-2023-52425-1.patch
- Added patch expat-CVE-2023-52425-2.patch
- Added patch expat-CVE-2023-52425-backport-parser-changes.patch
- Added patch expat-CVE-2023-52425-fix-tests.patch
- gcc13
-
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
[bsc#1221239]
- Revert libgccjit dependency change. [boo#1220724]
- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.
- Use %patch -P N instead of %patchN.
- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
- fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
* Includes fix for building TVM. [boo#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[boo#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
in gcc13-devel. [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
are linked against libstdc++6.
- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205
- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
* Includes fix for building mariadb on i686. [bsc#1217667]
* Remove pr111411.patch contained in the update.
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
- gnutls
-
- Security fix: [bsc#1221747, CVE-2024-28835]
* gnutls: certtool crash when verifying a certificate chain
* Add gnutls-CVE-2024-28835.patch
- Security fix: [bsc#1221746, CVE-2024-28834]
* gnutls: side-channel in the deterministic ECDSA
* Add gnutls-CVE-2024-28834.patch
- jitterentropy: Release the memory of the entropy collector when
using jitterentropy with phtreads as there is also a
pre-intitization done in the main thread. [bsc#1221242]
* Add gnutls-FIPS-jitterentropy-deinit-threads.patch
- ncurses
-
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
* Backport from ncurses-6.4-20230615.patch
improve checks in convert_string() for corrupt terminfo entry
- nghttp2
-
- security update
- added patches
fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-1.patch
fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-2.patch
- protobuf
-
- update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
[#] C++
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
[#] Java
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
currently has no value)
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of
put() directly (which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split("/")
returns an empty array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between
json name and field
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns
NotImplemented
* Emit __slots__ in pyi output as a tuple rather than a list
for --pyi_out.
* Fix a bug that strips options from descriptor.proto in
Python.
* Raise warings for message.UnknownFields() usages and navigate
to the new add
* Add protobuf python keyword support in path for stub
generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns
NotImplemented
* Check that ffi-compiler loads before using it to define
tasks.
[#] UPB (Python/PHP/Ruby C-Extension)
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between
json name and field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will
decrease when memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2
file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
- build against modern python on sle15
- Build with source and target levels 8
* fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
macro resolves the variables at the install time
- update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
- update to 23.3:
C++
* Regenerate stale files
* Use the same ABI for static and shared libraries on non-
Windows platforms
* Add a workaround for GCC constexpr bug
Objective-C
* Regenerate stale files
UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in
map.delete(k) for Ruby when string-keyed maps were in use.
Compiler
* Add missing header to Objective-c generator
* Add a workaround for GCC constexpr bug
Java
* Rollback of: Simplify protobuf Java message builder by
removing methods that calls the super class only.
Csharp
* [C#] Replace regex that validates descriptor names
- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream)
- Add patch to fix linking ThreadSafeArena:
* 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch
- Drop the protobuf-source package, no longer used
- update to 22.5:
C++
* Add missing cstdint header
* Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
* Avoid using string(JOIN..., which requires cmake 3.12
* Explicitly include GTest package in examples
* Bump Abseil submodule to 20230125.3 (#12660)
- update to 22.4:
C++
* Fix libprotoc: export useful symbols from .so
* Fix btree issue in map tests.
Python
* Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other
* Bump utf8_range to version with working pkg-config (#12584)
* Fix declared dependencies for pkg-config
* Update abseil dependency and reorder dependencies to ensure
we use the version specified in protobuf_deps.
* Turn off clang::musttail on i386
- drop python2 handling
- fix version handling and package the private libs again
- Fix confusion in versions
- Mention the rpmlintrc file in the spec.
- Make possible to build on older systems, like SLE12 that miss
some of the used macros.
- update to v22.3
UPB (Python/PHP/Ruby C-Extension)
* Remove src prefix from proto import
* Fix .gitmodules to use the correct absl branch
* Remove erroneous dependency on googletest
- update to 22.2:
Java
* Add version to intra proto dependencies and add kotlin stdlib
dependency
* Add $ back for osgi header
* Remove $ in pom files
- update to 22.1:
* Add visibility of plugin.proto to python directory
* Strip "src" from file name of plugin.proto
* Add OSGi headers to pom files.
* Remove errorprone dependency from kotlin protos.
* Version protoc according to the compiler version number.
- update to 22.0:
* This version includes breaking changes to: Cpp.
Please refer to the migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
and DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to
support split RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
- python sub packages version is set 4.22.3 as defined in
python/google/protobuf/__init__.py to stay compatible
- skip python2 builds by default
- drop patches:
* 10355.patch,
* gcc12-disable-__constinit-with-c++-11.patch (merged upstream)
- added patches:
* add-missing-stdint-header.patch added for compile fixes
- Enable LTO (boo#1133277).
- update to v21.12:
* Python
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid
proto.
- update to 21.11:
* Python
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
- update to 21.10:
* Java
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
- update to 21.9:
* Ruby
* Replace libc strdup usage with internal impl to restore musl compat (#10818)
* Auto capitalize enums name in Ruby (#10454) (#10763)
* Other
* Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
* C++
* 21.x No longer define no_threadlocal on OpenBSD (#10743)
* Java
* Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
* Refactoring java full runtime to reuse sub-message builders and prepare to
migrate parsing logic from parse constructor to builder.
* Move proto wireformat parsing functionality from the private "parsing
constructor" to the Builder class.
* Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This
way results in fewer allocations and copy operations.
* Make message-type extensions merge from wire-format instead of building up
instances and merging afterwards. This has much better performance.
* Fix TextFormat parser to build up recurring (but supposedly not repeated)
sub-messages directly from text rather than building a new sub-message and
merging the fully formed message into the existing field.
- update to 21.6:
C++:
* Reduce memory consumption of MessageSet parsing
- update to 21.5:
PHP
* Added getContainingOneof and getRealContainingOneof to descriptor.
* fix PHP readonly legacy files for nested messages
Python
* Fixed comparison of maps in Python.
- add 10355.patch to fix soversioning
- update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
- update to 21.3:
* C++
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python
conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP
* Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel
* Add back a filegroup for :well_known_protos (#10061)
- Update to 21.2:
- C++
- cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
- Escape GetObject macro inside protoc-generated code (#9739)
- Update CMake configuration to add a dependency on Abseil (#9793)
- Fix cmake install targets (#9822)
- Use __constinit only in GCC 12.2 and up (#9936)
- Java
- Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python
- Increment python major version to 4 in version.json for python upb (#9926)
- The C extension module for Python has been rewritten to use the upb library.
- This is expected to deliver significant performance benefits, especially when
parsing large payloads. There are some minor breaking changes, but these
should not impact most users. For more information see:
https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP
- [PHP] fix PHP build system (#9571)
- Fix building packaged PHP extension (#9727)
- fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633)
- fix: phpdoc syntax for repeatedfield parameters (#9784)
- fix: phpdoc for repeatedfield (#9783)
- Change enum string name for reserved words (#9780)
- chore: [PHP] fix phpdoc for MapField keys (#9536)
- Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby
- Allow pre-compiled binaries for ruby 3.1.0 (#9566)
- Implement respond_to? in RubyMessage (#9677)
- [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
- Do not use range based UTF-8 validation in truffleruby (#9769)
- Improve range handling logic of RepeatedField (#9799)
- Other
- Fix invalid dependency manifest when using descriptor_set_out (#9647)
- Remove duplicate java generated code (#9909)
- Do not use %%autosetup, but %%setup and %%patch on other line
* Allows building on SLE-12-SP5
- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch
that addresses gh#protocolbuffers/protobuf#9916.
- python3
-
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
gh#python/cpython!16557) fixes syslog making default "ident"
from sys.argv[0].
- libzypp
-
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
- Fix creation of sibling cache dirs with too restrictive mode
(bsc#1222398)
Some install workflows in YAST may lead to too restrictive (0700)
raw cache directories in case of newly created repos. Later
commands running with user privileges may not be able to access
these repos.
- version 17.32.4 (32)
- Update RepoStatus fromCookieFile according to the files mtime
(bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)
- Fixup New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
Fixed the name of the keyword to "support_superseded" as it was
agreed on in jsc#OBS-301.
- version 17.32.2 (32)
- Add resolver option 'removeUnneeded' to file weak remove jobs
for unneeded packages (bsc#1175678)
- version 17.32.1 (32)
- Add resolver option 'removeOrphaned' for distupgrade
(bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)
- ProblemSolution::skipsPatchesOnly overload to handout the
patches.
- Remove https->http redirection exceptions for
download.opensuse.org.
- version 17.31.32 (22)
- nvme-cli
-
- Update to version 2.4+32.g2e2531a:
* nvme-netapp: add nspath tlv handling (bsc#1220971)
- openssh
-
- Add patches from upstream to change the default value of
UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
This makes ssh update the known_hosts stored keys with all
published versions by the server (after it's authenticated
with an existing key), which will allow to identify the
server with a different key if the existing key is considered
insecure at some point in the future (bsc#1222831).
* 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
* 0002-upstream-disable-UpdateHostkeys-by-default-if.patch
- Add patches openssh-7.7p1-seccomp_getuid.patch and
openssh-bsc1216474-s390-leave-fds-open.patch
(bsc#1216474, bsc#1218871)
- Fix hostbased ssh login failing occasionally with "signature
unverified: incorrect signature" by fixing a typo in patch
(bsc#1221123):
* openssh-7.8p1-role-mls.patch
- python-idna
-
- Add CVE-2024-3651.patch, backported from upstream commit
gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
(bsc#1222842, CVE-2024-3651)
- rpm-ndb
-
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
- samba
-
- fd_handle_destructor() panics within an smbd_smb2_close()
if vfs_stat_fsp() fails in fd_close(); (bso#15527);
(bsc#1219937).
- Remove -x from bash shebang update-apparmor-samba-profile;
(bsc#1218431).
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-containers-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- 000release-packages:SLES-release
-
n/a
- systemd-default-settings
-
- Import 0.10
5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)
- Import 0.9
bb859bf user@.service: Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its
various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
"feature" has been abandoned.
- Import 0.8
f34372f User priority '26' for SLE-Micro
c8b6f0a Revert "Convert more drop-ins into early ones"
- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
6b8dde1 Convert more drop-ins into early ones
- util-linux-systemd
-
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- vim
-
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
- Updated to version 9.1 with patch level 0111, fixes the following security problems
* Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
* Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
* Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
* Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
* Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
* Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
* Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
* Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
* Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
* Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
- wicked
-
- client: do not convert sec to msec twice (bsc#1222105)
[+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- addrconf: fix fallback-lease drop (bsc#1220996)
[+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
[+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
[+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
[+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
- xen
-
- Update to Xen 4.17.4 security bug fix release (bsc#1027519)
xen-4.17.4-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
- Dropped patches contained in new tarball
650dac01-x86-paging-drop-update_cr3-do_locking.patch
65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
659d44da-x86-HVM-hide-SVM-VMX-when.patch
65a7a0a4-x86-Intel-GPCC-setup.patch
65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
65b8f9ab-VT-d-else-vs-endif-misplacement.patch
65c2104d-AMD-IVMD-memtype-check.patch
65cb29fe-x86-HVM-tidy-state-on-hvmemul_map_linear_addr.patch
65d7277f-build-fail-when-kconfig-fails.patch
65d727cf-x86emul-EVEX-R-checks.patch
65dca902-x86-spec-set-BRANCH_HARDEN-option-only-when.patch
65dcd66b-x86-entry-EFRAME_-constants.patch
65ddda52-x86-CET-stub-exn-recovery.patch
65ddea60-x86-spec-log-builtin-HARDEN-options.patch
65ddea7c-x86-spec-set-INDIRECT_THUNK-only-when-enabled.patch
65ddea90-x86-spec-dont-log-thunk-option-if-not.patch
65df3430-x86-Resync-intel-family-h.patch
65e02fce-libxl-SEGV-in-device_model_spawn_outcome.patch
65e2371b-x86-CP-allow-levelling-of-VERW-side-effects.patch
65eee676-x86-mm-last-L1e-detection-in-mxml.patch
65f079a1-VMX-perform-VERW-flushing-later.patch
65f079a2-x86-spec-ctrl-perform-VERW-flushing-later.patch
65f079a3-x86-spec-ctrl-rename-VERW-related-options.patch
65f079a4-x86-spec-ctrl-VERW-handling-adjustments.patch
65f079a5-x86-spec-ctrl-mitigate-RFDS.patch
65f079a6-swap-order-of-actions-in-FREE-macros.patch
65f079a7-x86-spinlock-block-speculation-into.patch
65f079a8-rwlock-block-speculation-into.patch
65f079a9-percpu-rwlock-block-speculation-into.patch
65f079aa-locking-wrappers-always-inline.patch
65f079ab-x86-mm-speculation-barriers-in-open-coded.patch
65f079ac-x86-protect-conditional-locking-from-speculative.patch
- zypper
-
- Do not try to refresh repo metadata as non-root user
(bsc#1222086)
Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
list them.
- Don't print 'reboot required' message if download-only or
dry-run (fixes #529)
Instead point out that a reboot would be required if the option
was not used.
- Resepect zypper.conf option `showAlias` search commands
(bsc#1221963)
Repository::asUserString (or Repository::label) respects the
zypper.conf option, while name/alias return the property.
- version 1.14.71
- dup: New option --remove-orphaned to remove all orphaned
packages in dup (bsc#1221525)
- version 1.14.70
- info,summary: Support VendorSupportOption flag
VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires: libzypp-devel >= 17.32.0.
API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
The problem description() is one rule out possibly many in
completeProblemInfo() the solver has chosen to represent the
problem. So either description or completeProblemInfo should be
printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
first one (bsc#1218171)
- version 1.14.69