aaa_base
- silence the output in the case of broken symlinks (bsc#1218232)

- fix git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  to actually apply

- replace git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  by git-47-056fc66c699a8544c7692a03c905fca568f5390b.patch
  * fix the issues from bsc#1107342 and bsc#1215434 and just
    use the settings from update-alternatives to set JAVA_HOME
bind
- Update to release 9.16.48
  Feature Changes:
  * The IP addresses for B.ROOT-SERVERS.NET have been updated to
    170.247.170.2 and 2801:1b8:10::b.
  Security Fixes:
  * Validating DNS messages containing a lot of DNSSEC signatures
    could cause excessive CPU load, leading to a denial-of-service
    condition. This has been fixed. (CVE-2023-50387)
    [bsc#1219823]
  * Preparing an NSEC3 closest encloser proof could cause excessive
    CPU load, leading to a denial-of-service condition. This has
    been fixed. (CVE-2023-50868)
    [bsc#1219826]
  * Parsing DNS messages with many different names could cause
    excessive CPU load. This has been fixed. (CVE-2023-4408)
    [bsc#1219851]
  * Specific queries could cause named to crash with an assertion
    failure when nxdomain-redirect was enabled. This has been
    fixed. (CVE-2023-5517)
    [bsc#1219852]
  * A bad interaction between DNS64 and serve-stale could cause
    named to crash with an assertion failure, when both of these
    features were enabled. This has been fixed. (CVE-2023-5679)
    [bsc#1219853]
  * Query patterns that continuously triggered cache database
    maintenance could cause an excessive amount of memory to be
    allocated, exceeding max-cache-size and potentially leading to
    all available memory on the host running named being exhausted.
    This has been fixed. (CVE-2023-6516)
    [bsc#1219854]
  Removed Features:
  * Support for using AES as the DNS COOKIE algorithm
    (cookie-algorithm aes;) has been deprecated and will be removed
    in a future release. Please use the current default,
    SipHash-2-4, instead.
cloud-netconfig
- Update to version 1.12 (bsc#1221202)
  + If token access succeeds using IPv4 do not use the IPv6 endpoint
    only use the IPv6 IMDS endpoint if IPv4 access fails.

- Add Provides/Obsoletes for dropped cloud-netconfig-nm
- Install dispatcher script into /etc/NetworkManager/dispatcher.d
  on older distributions
- Add BuildReqires: NetworkManager to avoid owning dispatcher.d
  parent directory

- Update to version 1.11:
  + Revert address metadata lookup in GCE to local lookup (bsc#1219454)
  + Fix hang on warning log messages
  + Check whether getting IPv4 addresses from metadata failed and abort
    if true
  + Only delete policy rules if they exist
  + Skip adding/removing IPv4 ranges if metdata lookup failed
  + Improve error handling and logging in Azure
  + Set SCRIPTDIR when installing netconfig wrapper

- Update to version 1.10:
  + Drop cloud-netconfig-nm sub package and include NM dispatcher
    script in main packages (bsc#1219007)
  + Spec file cleanup

- Update to version 1.9:
  + Drop package dependency on sysconfig-netconfig
  + Improve log level handling
  + Support IPv6 IMDS endpoint in EC2 (bsc#1218069)
cloud-regionsrv-client
- Update to version 10.1.7 (bsc#1220164, bsc#1220165)
  + Fix the failover path to a new target update server. At present a new
    server is not found since credential validation fails. We targeted
    the server detected in down condition to verify the credentials instead
    of the replacement server.

- Update EC2 plugin to 1.0.4 (bsc#1219156, bsc#1219159)
  + Fix the algorithm to determine the region from the availability zone
    information retrieved from IMDS.
- Update to version 10.1.6
  + Support specifying an IPv6 address for a manually configured target
    update server.

- Update to version 10.1.5 (bsc#1217583)
  + Fix fallback path when IPv6 network path is not usable
  + Enable an IPv6 fallback path in IMDS access if it cannot be accessed
    over IPv4
  + Enable IMDS access over IPv6

- Update to version 10.1.4 (bsc#1217451)
  + Fetch cert for new update server during failover
containerd
- Add patch for bsc#1217952:
  + 0002-shim-Create-pid-file-with-0644-permissions.patch

- Update to containerd v1.7.10. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.10>
- Rebase patches:
  * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
cpio
- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
  * fix-bsc1219238.patch

- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
  * fix-CVE-2023-7207.patch
gcc7
- Add gcc7-pr88345-min-func-alignment.diff to add support for
  - fmin-function-alignment.  [bsc#1214934]

- Use %{_target_cpu} to determine host and build.

- Add gcc7-pr87723.patch to avoid ICE when hitting a broken pattern
  in the s390 backend.

- Add gcc7-bsc1216488.patch to avoid creating recursive DIE references
  through DW_AT_abstract_origin when using LTO.  [bsc#1216488]
curl
- Fix: libssh: Implement SFTP packet size limit (bsc#1216987)
  * Add curl-libssh_Implement_SFTP_packet_size_limit.patch
docker
- Vendor latest buildkit v0.11:
  Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that
  vendors in the latest v0.11 buildkit branch including bugfixes for the following:
  * bsc#1219438: CVE-2024-23653
  * bsc#1219268: CVE-2024-23652
  * bsc#1219267: CVE-2024-23651
- rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- switch from %patchN to %patch -PN syntax
- remove unused rpmlint filters and add filters to silence pointless bash & zsh
  completion warnings

- Update to Docker 24.0.7-ce. See upstream changelong online at
  <https://docs.docker.com/engine/release-notes/24.0/#2407>. bsc#1217513
  * Deny containers access to /sys/devices/virtual/powercap by default.
  - CVE-2020-8694 bsc#1170415
  - CVE-2020-8695 bsc#1170446
  - CVE-2020-12912 bsc#1178760
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch

- Add a patch to fix apparmor on SLE-12, reverting the upstream removal of
  version-specific templating for the default apparmor profile. bsc#1213500
  + 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch

- Update to Docker 24.0.6-ce. See upstream changelong online at
  <https://docs.docker.com/engine/release-notes/24.0/#2406>. bsc#1215323
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch
- Switch from disabledrun to manualrun in _service.
- Add a docker.socket unit file, but with socket activation effectively
  disabled to ensure that Docker will always run even if you start the socket
  individually. Users should probably just ignore this unit file. bsc#1210141
glibc
- qsort-invalid-cmp.patch: qsort: handle degenerated compare function
  (bsc#1218866)

- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
  EAI_MEMORY (bsc#1217589, BZ #31163)

- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr
  (bsc#1217445, BZ #31113)
google-guest-agent
- Add explicit versioned dependency on google-guest-oslogin (bsc#1219642)

- Update to version 20231031.01 (bsc#1216547, bsc#1216751)
  * Add prefix to scheduler logs (#325)
- from version 20231030.00
  * Test configuration files are loaded in the documented
    order. Fix initial integration test. (#324)
  * Enable mTLS by default (#323)
- from version 20231026.00
  * Rotate MDS root certificate (#322)
- from version 20231020.00
  * Update response struct, add tests (#315)
  * Don't try to schedule mTLS job twice (#317)
- from version 20231019.00
  * snapshot: Add context cancellation handling (#318)

- Bump the golang compiler version to 1.21 (bsc#1216546)

- Update to version 20231016.00
  * instance setup: trust/rely on metadata package's retry (#316)
- from version 20231013.01
  * Update known cert dirs for updaters (#314)
- from version 20231011.00
  * Verify cert refresher is enabled before running (#312)
- from version 20231009.00
  * Add support for the SSH key options (#296)
- from version 20231006.01
  * Events interface improvement (#290)
- from version 20231006.00
  * Refactor script runner to use common metadata package (#311)
  * Schedule MTLS job before notifying systemd (#310)
  * Refactor authorized keys to use metadata package (#300)
- from version 20231005.00
  * docs update: add configuration and event manager's docs. (#309)
- from version 20231004.01
  * Fix license header (#301)
  * packaging(deb): add epoch to oslogin dep declaration (#308)
- from version 20231004.00
  * packaging(deb): ignore suffix of version (#306)
  * packaging: force epoch and ignore suffix of version (#305)
- from version 20231003.01
  * oslogin: declare explicitly dependency (#304)
  * oslogin: remove Unstable.pamless_auth_stack feature flag (#303)
- from version 20231003.00
  * oslogin: resort ssh configuration keys (#299)
- from version 20230925.00
  * oslogin: introduce a feature flag to cert auth (#298)
- from version 20230923.00
  * gitignore: unify ignore in the root dir (#297)
- from version 20230921.01
  * managers: we accidentally disabled addressMgr, bring it back (#295)
  * cfg: fix typos (#294)
  * cfg: config typos (#293)
  * cfg: introduce a configuration management package (#288)
- from version 20230921.00
  * mtls: bring it back (#292)
- from version 20230920.01
  * Fix permissions on file created by SaferWriteFile() (#291)
- from version 20230920.00
  * sshca: re-enable the event watcher & handler (#289)
- from version 20230919.01
  * oslogin: add PAMless Authorization Stack configuration (#285)
- from version 20230919.00
  * Preparing it for review (#287)
  * sshca: make sure to restore SELinux context of the pipe (#286)
  * remove deprecated usage, fix warnings (#282)
  * Update system store (#278)
  * Update workload certificate endpoints, use metadata package (#275)
  * metadata: use url package to form metadata URLs (#284)
- from version 20230913.00
  * release prep: disable ssh trusted ca module (#281)
- from version 20230912.00
  * New Guest Agent Release (#280)
- from version 20230909.00
  * Revert "service: remove the use of the service library (#273)" (#276)
  * service: remove the use of the service library (#273)
- from version 20230906.01
  * Store keys to machine keyset (#272)
- from version 20230905.00
  * restorecon: first try to determine if it's installed (#271)
  * run: change all commands to use CommandContext (#268)
  * Notify systemd after scheduling required jobs (#270)
  * Store certs in ProgramData instead of Program Files (#269)
  * metadata watcher: remove local retry & implement unit tests (#267)
  * run: split command running utilities into its own package (#265)

- Update to version 20230828.00
  * snapshot: Use main context rather than create its own (#266)
- from version 20230825.01
  * Verify if cert was successfully added to certpool (#264)
- from version 20230825.00
  * Find previous cert for cleanup using one stored on disk (#263)
- from version 20230823.00
  * Revert "sshtrustedca: configure selinux context
    for sshtrustedca pipe (#256)" (#262)
  * Update credentials directory on Linux (#260)
- from version 20230821.00
  * Update owners (#261)
- from version 20230819.00
  * Revert "guest-agent: prepare for public release (#258)" (#259)
- from version 20230817.00
  * guest-agent: prepare for public release (#258)
- from version 20230816.01
  * Enable telemetry collection by default (#253)
- from version 20230816.00
  * Add pkcs12 license and update retry logic (#257)
  * sshtrustedca: Configure selinux context for sshtrustedca pipe (#256)
  * Store windows certs in certstore (#255)
  * events: Multiplex event watchers (#250)
  * Scheduler fixes (#254)
  * Update license files (#251)
  * Run telemetry every 24 hours, record pretty name on linux (#248)

- Update to version 20230811.00
  * sshca: move the event handler to its own package (#247)
- from version 20230809.02
  * Move scheduler package to google_guest_agent (#249)
- from version 20230809.01
  * Add scheduler utility to run jobs at interval (#244)
- from version 20230809.00
  * sshca: transform the format from json to openssh (#246)
- from version 20230803.00
  * Add support for reading UEFI variables on windows (#243)
- from version 20230801.03
  * sshtrustedca watcher: fix concurrency error (#242)
- from version 20230801.02
  * metadata: add a delta between http client timeout and hang (#241)
- from version 20230801.00
  * metadata: properly set request config (#240)
  * main: bring back the mds client initialization (#239)
  * metadata: don't try to use metadata before agentInit() is done (#238)
  * Add (disabled) telemetry logic to GuestAgent (#219)
  * metadata event handler: updates and bug fixes (#235)
  * Verify client credentials are signed by root CA before writing on disk (#236)
  * metadata: properly handle context cancelation (#234)
  * metadata: fix context cancelation error check (#233)
  * metadata: remove the sleep around metadata in instance setup (#232)
  * metadata: implement backoff strategy (#231)
  * Decrypt and store client credentials on disk (#230)
  * Upgrade Go version 1.20 (#228)
  * Fetch guest credentials and add MDS response proto (#226)
  * metadata: pass main context to WriteGuestAttributes() (#227)
  * Support for reading & writing Root CA cert from UEFI variable (#225)
  * ssh_trusted_ca: enable the feature (#224)
  * sshTrustedCA: add pipe event handler (#222)
  * events: start using events layer (#223)
- from version 20230726.00
  * events: introducing a events handling subsystem (#221)
- from version 20230725.00
  * metadata: add metadata client interface (#220)
- from version 20230711.00
  * metadata: moving to its own package (#218)
- from version 20230707.00
  * snapshot: fix request handling error (#217)
- Bump Go API version to 1.20
google-guest-oslogin
- Add explicit versioned dependency on google-guest-agent (bsc#1219642)

- Update to version 20231101.00 (bsc#1216548, bsc#1216750)
  * Fix HTTP calls retry logic (#117)

- Update to version 20231004
  * packaging: Make the dependency explicit (#120)

- update to 20230926.00:
  * fix suse build
  * selinux: fix selinux build (#114)
  * test: align CXX Flags
  * sshca: Make the implementation more C++ like
  * sshca: Add a SysLog wrapper
  * oslogin_utils: introduce AuthorizeUser() API
  * sshca: move it out of pam dir
  * pam: start disabling the use of oslogin_sshca
  * sshca: consider sshca API to assume a cert only
  * authorized principals: introduce the new command
  * authorize keys: update to use new APIs
  * pam modules: remove pam_*_admin and update pam_*_login
  * cache_refresh: should be catching by reference.

- Update to version 20230823.00
  * selinux: Add sshd_key_t type enforcement to trusted user ca (#113)
- from version 20230822.00
  * sshca: Add tests with fingerprint and multiple extensions (#111)
- from version 20230821.01
  * sshca: Support method token and handle multi line (#109)
- from version 20230821.00
  * Update owners (#110)

- Update to version 20230808.00
  * byoid: extract and apply the ca fingerprint to policy call (#106)

- Update to version 20230502.00
  * Improve the URL in 2fa prompt (#104)
- from version 20230406.02
  * Check open files (#101)
- from version 20230406.01
  * Initialize variables (#100)
  * Fix formatting (#102)
- from version 20230406.00
  * PAM cleanup: remove duplicates (#97)
- from version 20230405.00
  * NSS cleanup (#98)
- from version 20230403.01
  * Cleanup Makefiles (#95)
- from version 20230403.00
  * Add anandadalton to the owners list (#96)

- Update to version 20230217.00
  * Update OWNERS (#91)
- from version 20230202.00
  * Update owners file (#89)
grub2
- Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg
  (bsc#1219248) (bsc#1181762)
  * grub2-xen-pv-firmware.cfg
  * 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch

- Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to
  SLE-15-SP2 (bsc#1217102)
  * add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch
  * add 0002-ofdisk-add-early_log-support.patch
java-1_8_0-ibm
- Update to Java 8.0 Service Refresh 8 Fix Pack 20: [bsc#1219843]
  * www.ibm.com/support/pages/java-sdk-security-vulnerabilities
  * Security fixes in IBM Security Update February 2024:
  - [bsc#1219843, CVE-2023-33850]
  * Security fixes in Oracle January 16 2024 CPU:
  - [bsc#1218908, CVE-2024-20932] OpenJDK: incorrect handling of ZIP
    files with duplicate entries (8276123)
  - [bsc#1218911, CVE-2024-20952] OpenJDK: RSA padding issue and
    timing side-channel attack against TLS (8317547)
  - [bsc#1218907, CVE-2024-20918] OpenJDK: array out-of-bounds access
    due to missing range check in C1 compiler (8314468)
  - [bsc#1218905 , CVE-2024-20921] OpenJDK: range check loop
    optimization issue (8314307)
  - [bsc#1218903, CVE-2024-20919] OpenJDK: JVM class file verifier
    flaw allows unverified bytecode execution (8314295)
  - [bsc#1218906, CVE-2024-20926] OpenJDK: arbitrary Java code
    execution in Nashorn (8314284)
  - [bsc#1218909, CVE-2024-20945] OpenJDK: logging of digital
    signature private keys (8316976)
  * Defect Fixes:
  - IJ48866 Java JIT: Crash due to stale data running on power
    or aarch64 cpus
  - IJ49451 Service, Build, Packaging and Deliver:
    The /usr/lpp/java/current symlink is not created when the
    semeru17 or 11 ptf package is installed on Z/OS
  - IJ50007 Java 8/Integration: Unable to launch applet while
    using java8 windows MSI
  - IJ49634 Class Libraries: Remove the com.ibm.disableludclrefresh
    system property
  - IJ49047 JIT Compiler: Reordering code with a call to
    currenttimemillis() can result in inaccurate results
  - IJ49741 JIT Compiler: Unexpected nullpointerexception
  - IJ49090 Security: +JAZZ-150121 JGSS: Error bad tgs server
    instance due to invalid cross-realm referral tgt in krb5.ccache
  - IJ49974 Security: Add password based encryption (PBE) to IBMJCEPlus
  - IJ48865 Security: Always upper case the XDH curve names X448 and X25519
  - IJ49126 Security: Cached exception was not cleared while creating sslcontext
  - IJ48893 Security: EC named curve not disabled when specified on the
    jdk.disabled.namedcurves or jdk.tls.disabledalgorithms security property
  - IJ49480 Security: Encrypting and decrypting empty string with RSA key fails
  - IJ49450 Security: Increase minimum legacy ephemeral DH
  - IJ49514 Security: Print debug statement if FIPS 140-3 enabled
  - IJ49116 Security: Use server cipher suites preference by default
kdump
- dracut: always create fstab, even if empty (bsc#1218494)
- fix NOSPLIT option
- Honor the KDUMP_VERBOSE setting in kdump-save
kernel-default
- KVM: x86: Export RFDS_NO and RFDS_CLEAR to guests (bsc#1213456 CVE-2023-28746).
- commit 7f00c86

- x86/rfds: Mitigate Register File Data Sampling (RFDS) (bsc#1213456 CVE-2023-28746).
- commit ee70608

- Documentation/hw-vuln: Add documentation for RFDS (bsc#1213456 CVE-2023-28746).
- commit c955133

- bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  (bsc#1220254 CVE-2024-26591).
- commit fc948d3

- selftests/bpf: Add test for alu on PTR_TO_FLOW_KEYS (bsc#1220255
  CVE-2024-26589).
- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255
  CVE-2024-26589).
- commit 8a833ce

- tls: fix race between tx work scheduling and socket close
  (CVE-2024-26585 bsc#1220187).
- commit 1306bff

- kabi: restore return type of dst_ops::gc() callback
  (CVE-2023-52340 bsc#1219295).
- ipv6: remove max_size check inline with ipv4 (CVE-2023-52340
  bsc#1219295).
- commit b8eec42

- netfilter: nf_tables: fix 64-bit load issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit e095cd0

- netfilter: nft_set_pipapo: skip inactive elements during set
  walk (CVE-2023-6817 bsc#1218195).
- commit 4032aa7

- tomoyo: fix UAF write bug in tomoyo_write_control() (bsc#1220825
  CVE-2024-26622).
- commit c8e5b38

- btrfs: fix double free of anonymous device after snapshot
  creation failure (bsc#1219126 CVE-2024-23850).
- commit 257a534

- btrfs: do not ASSERT() if the newly created subvolume already
  got read (bsc#1219126 CVE-2024-23850).
- commit a2ac581

- bpf: Minor cleanup around stack bounds (bsc#1220257
  CVE-2023-52452).
- bpf: Fix accesses to uninit stack slots (bsc#1220257
  CVE-2023-52452).
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Fix verification of indirect var-off stack access
  (git-fixes).
- bpf: Minor cleanup around stack bounds (bsc#1220257
  CVE-2023-52452).
- bpf: Fix accesses to uninit stack slots (bsc#1220257
  CVE-2023-52452).
- bpf: Add some comments to stack representation (bsc#1220257
  CVE-2023-52452).
- Refresh patches.kabi/kABI-fix-bpf-Tighten-ptr_to_btf_id-checks.patch
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Fix verification of indirect var-off stack access
  (git-fixes).
- bpf: Minor logging improvement (bsc#1220257).
- commit 7d03125

- serial: 8250: omap: Don't skip resource freeing if
  pm_runtime_resume_and_get() failed (bsc#1220350 CVE-2023-52457).
- commit c82f528

- serial: imx: fix tx statemachine deadlock (bsc#1220364
  CVE-2023-52456).
- commit cd9f92c

- powerpc/pseries/memhp: Fix access beyond end of drmem array
  (bsc#1220250,CVE-2023-52451).
- commit fdc7254

- Update patch reference for input fix (CVE-2021-46932 bsc#1220444)
- commit e44e0b1

- usb: dwc3: gadget: Ignore End Transfer delay on teardown
  (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Add-1ms-delay-after-end-transfer-com.patch.
- commit 251cd08

- tomoyo: fix UAF write bug in tomoyo_write_control() (git-fixes).
- wifi: nl80211: reject iftype change with mesh ID change
  (git-fixes).
- usb: dwc3: gadget: Don't disconnect if not started (git-fixes).
- wifi: mac80211: adding missing drv_mgd_complete_tx() call
  (git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen
  (git-fixes).
- usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- spi: sh-msiof: avoid integer overflow in constants (git-fixes).
- wifi: mac80211: fix race condition on enabling fast-xmit
  (git-fixes).
- wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
- usb: dwc3: gadget: Queue PM runtime idle on disconnect event
  (git-fixes).
- usb: dwc3: gadget: Handle EP0 request dequeuing properly
  (git-fixes).
- usb: hub: Replace hardcoded quirk value with BIT() macro
  (git-fixes).
- tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
  (git-fixes).
- watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for
  IT8784/IT8786 (git-fixes).
- wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
  (git-fixes).
- wifi: cfg80211: free beacon_ies when overridden from hidden BSS
  (git-fixes).
- wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
  (git-fixes).
- wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
  (git-fixes).
- wifi: ath9k: Fix potential array-index-out-of-bounds read in
  ath9k_htc_txstatus() (git-fixes).
- wifi: rt2x00: restart beacon queue when hardware reset
  (git-fixes).
- wifi: iwlwifi: mvm: avoid baid size integer overflow
  (git-fixes).
- wifi: wext-core: Fix -Wstringop-overflow warning in
  ioctl_standard_iw_point() (git-fixes).
- wifi: ath11k: fix registration of 6Ghz-only phy without the
  full channel range (git-fixes).
- usb: dwc3: gadget: Refactor EP0 forced stall/restart into a
  separate API (git-fixes).
- usb: dwc3: gadget: Submit endxfer command if delayed during
  disconnect (git-fixes).
- commit 8b4f9a3

- power: supply: bq27xxx-i2c: Do not free non existing IRQ
  (git-fixes).
- mmc: sdhci-xenon: add timeout for PHY init complete (git-fixes).
- mmc: sdhci-xenon: fix PHY init clock stability (git-fixes).
- mmc: core: Fix eMMC initialization with 1-bit bus connection
  (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read
  (git-fixes).
- mtd: spinand: gigadevice: Fix the get ecc status issue
  (git-fixes).
- nouveau: fix function cast warnings (git-fixes).
- media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
- media: rc: bpf attach/detach requires write permission
  (git-fixes).
- mmc: slot-gpio: Allow non-sleeping GPIO ro (git-fixes).
- regulator: pwm-regulator: Add validity checks in continuous
  .get_voltage (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the TECLAST X16
  Plus tablet (git-fixes).
- spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were
  detected (git-fixes).
- PCI: switchtec: Fix stdev_release() crash after surprise hot
  remove (git-fixes).
- PCI: Fix 64GT/s effective data rate calculation (git-fixes).
- PCI: Only override AMD USB controller if required (git-fixes).
- PCI/AER: Decode Requester ID when no error info found
  (git-fixes).
- media: ddbridge: fix an error code problem in ddb_probe
  (git-fixes).
- mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes).
- mmc: core: Use mrq.sbc in close-ended ffu (git-fixes).
- PCI: Add no PM reset quirk for NVIDIA Spectrum devices
  (git-fixes).
- pstore/ram: Fix crash when setting number of cpus to an odd
  number (git-fixes).
- PNP: ACPI: fix fortify warning (git-fixes).
- regulator: core: Only increment use_count when enable_count
  changes (git-fixes).
- PM: core: Remove unnecessary (void *) conversions (git-fixes).
- serial: 8250: Remove serial_rs485 sanitization from em485
  (git-fixes).
- PM: runtime: Have devm_pm_runtime_enable() handle
  pm_runtime_dont_use_autosuspend() (git-fixes).
- commit 9894050

- gpio: fix resource unwinding order in error path (git-fixes).
- commit f4d7f82

- gpiolib: Fix the error path order in
  gpiochip_add_data_with_key() (git-fixes).
- commit 9367441

- Update patches.suse/i2c-Fix-a-potential-use-after-free.patch
  (git-fixes bsc#1220409 CVE-2019-25162).
  Add bug and CVE references.
- commit 6df4ebd

- Input: iqs269a - switch to DEFINE_SIMPLE_DEV_PM_OPS() and
  pm_sleep_ptr() (git-fixes).
- Refresh
  patches.suse/Input-iqs269a-do-not-poll-during-suspend-or-resume.patch.
- commit 7360a05

- i2c: imx: Add timer for handling the stop condition (git-fixes).
- Refresh
  patches.suse/i2c-imx-Make-sure-to-unregister-adapter-on-remove.patch.
- commit 3a3d0f8

- gpio: 74x164: Enable output pins after registers are reset
  (git-fixes).
- efi/capsule-loader: fix incorrect allocation size (git-fixes).
- fbcon: always restore the old font data in fbcon_do_set_font()
  (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no
  EEPROM is detected (git-fixes).
- i2c: imx: when being a target, mark the last read as processed
  (git-fixes).
- i2c: i801: Fix block process call transactions (git-fixes).
- iio: hid-sensor-als: Return 0 for
  HID_USAGE_SENSOR_TIME_TIMESTAMP (git-fixes).
- firewire: core: send bus reset promptly on gap count error
  (git-fixes).
- efi: Don't add memblocks for soft-reserved memory (git-fixes).
- hwmon: (coretemp) Enlarge per package core count limit
  (git-fixes).
- Input: xpad - add Lenovo Legion Go controllers (git-fixes).
- gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
  (git-fixes).
- fbdev: sis: Error out if pixclock equals zero (git-fixes).
- fbdev: savage: Error out if pixclock equals zero (git-fixes).
- libsubcmd: Fix memory leak in uniq() (git-fixes).
- iio: adc: ad7091r: Set alert bit in config register (git-fixes).
- i3c: master: cdns: Update maximum prescaler value for i2c clock
  (git-fixes).
- leds: trigger: panic: Don't register panic notifier if creating
  the trigger failed (git-fixes).
- media: rockchip: rga: fix swizzling for RGB formats (git-fixes).
- media: stk1160: Fixed high volume of stk1160_dbg messages
  (git-fixes).
- i2c: i801: Remove i801_set_block_buffer_mode (git-fixes).
- HID: apple: Add 2021 magic keyboard FN key mapping (git-fixes).
- HID: apple: Add support for the 2021 Magic Keyboard (git-fixes).
- commit 0f0032c

- dmaengine: ptdma: use consistent DMA masks (git-fixes).
- dmaengine: fsl-qdma: init irq after reg initialization
  (git-fixes).
- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
  (git-fixes).
- Revert "drm/amd/pm: resolve reboot exception for si oland"
  (git-fixes).
- drm/buddy: fix range bias (git-fixes).
- drm/amd/display: Fix memory leak in dm_sw_fini() (git-fixes).
- drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE
  flag is set (git-fixes).
- drm/ttm: Fix an invalid freeing on already freed page in error
  path (git-fixes).
- drm/amd/display: Preserve original aspect ratio in create stream
  (git-fixes).
- Revert "drm/amd/display: increased min_dcfclk_mhz and
  min_fclk_mhz" (git-fixes).
- drm/prime: Support page array >= 4GB (git-fixes).
- efi: runtime: Fix potential overflow of soft-reserved region
  size (git-fixes).
- drm/amd/display: Increase frame-larger-than for all
  display_mode_vba files (git-fixes).
- drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
- drm/amdgpu: skip to program GFXDEC registers for suspend abort
  (git-fixes).
- dmaengine: fsl-qdma: Fix a memory leak related to the queue
  command DMA (git-fixes).
- dmaengine: ti: edma: Add some null pointer checks to the
  edma_probe (git-fixes).
- drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz
  (git-fixes).
- dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
- dmaengine: shdma: increase size of 'dev_id' (git-fixes).
- commit 61b82a0

- ALSA: Drop leftover snd-rtctimer stuff from Makefile
  (git-fixes).
- ALSA: firewire-lib: fix to check cycle continuity (git-fixes).
- Bluetooth: qca: Fix wrong event type for patch config command
  (git-fixes).
- Bluetooth: Enforce validation on max value of connection
  interval (git-fixes).
- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
  (git-fixes).
- Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
  (git-fixes).
- Bluetooth: hci_sync: Fix accept_list when attempting to suspend
  (git-fixes).
- Bluetooth: Avoid potential use-after-free in hci_error_reset
  (git-fixes).
- Bluetooth: hci_sync: Check the correct flag before starting
  a scan (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED For HP mt645
  (git-fixes).
- ALSA: hda/conexant: Add quirk for SWS JS201D (git-fixes).
- ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
  (git-fixes).
- ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (git-fixes).
- bus: moxtet: Add spi device table (git-fixes).
- Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes).
- crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
- crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes).
- crypto: api - Disallow identical driver names (git-fixes).
- commit a409ffd

- ALSA: usb-audio: Ignore clock selector errors for single
  connection (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
  (git-fixes).
- ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287
  thinkpads (git-fixes).
- ALSA: usb-audio: Check presence of valid altsetting control
  (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
  (git-fixes).
- ALSA: hda/realtek: Fix the external mic not being recognised
  for Acer Swift 1 SF114-32 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power
  (git-fixes).
- ahci: asm1166: correct count of reported ports (git-fixes).
- ACPI: extlog: fix NULL pointer dereference check (git-fixes).
- ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on
  synchronous events (git-fixes).
- ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
  (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1
  and iMac12,2 (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad
  X131e (3371 AMD version) (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
  (git-fixes).
- ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
  (git-fixes).
- ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
  (git-fixes).
- ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
  (git-fixes).
- ACPI: resource: Add ASUS model S5402ZA to quirks (git-fixes).
- commit 728134a

- efivarfs: force RO when remounting if SetVariable is not
  supported (bsc#1220328 CVE-2023-52463).
- commit 6239d33

- kABI: bpf: map_fd_put_ptr() signature kABI workaround
  (bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
  CVE-2023-52447).
- selftests/bpf: Test outer map update operations in syscall
  program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
  CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
  CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
  map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
  (bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
  helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
  CVE-2023-52447).
- commit b7359fc

- btrfs: fix double free of anonymous device after snapshot
  creation failure (bsc#1219126 CVE-2024-23850).
- commit f8ba729

- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
  (bsc#1220238 CVE-2023-52449).
- commit c132b67

- fs/mount_setattr: always cleanup mount_kattr (bsc#1220457
  CVE-2021-46923).
- commit 89afe2f

- kABI: bpf: map_fd_put_ptr() signature kABI workaround
  (bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
  CVE-2023-52447).
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
  (bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
  CVE-2023-52447).
- commit bec1c61

- selftests/bpf: Test outer map update operations in syscall
  program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
  CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
  CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
  map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
  (bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
  helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
  CVE-2023-52447).
- selftests/bpf: Test outer map update operations in syscall
  program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
  CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
  CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
  map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
  (bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
  helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
  CVE-2023-52447).
- commit aa6db76

- Update patch reference for HID fix (CVE-2023-52478 bsc#1220796)
- commit 4aec836

- Update patch reference for input fix (CVE-2023-52475 bsc#1220649)
- commit 00a87c8

- topology/sysfs: Add PPIN in sysfs under cpu topology  (jsc#PED-7618).
- Refresh
  patches.suse/drivers-base-fix-userspace-break-from-using-bin_attr.patch.
- commit e74360b

- topology/sysfs: Add format parameter to macro defining "show"  functions for proc (jsc#PED-7618).
- Refresh
  patches.suse/drivers-base-fix-userspace-break-from-using-bin_attr.patch.
- commit 978a12d

- x86/cpu: X86_FEATURE_INTEL_PPIN finally has a CPUID bit (jsc#PED-7618).
- Refresh patches.suse/x86-speculation-disable-rrsba-behavior.patch.
- commit f7bed0d

- KVM: arm64: vgic-its: Avoid potential UAF in LPI translation
  cache (bsc#1220326, CVE-2024-26598).
- commit 74fd0dd

- scsi: lpfc: Replace deprecated strncpy() with strscpy()
  (bsc#1220021).
- scsi: lpfc: Copyright updates for 14.4.0.0 patches
  (bsc#1220021).
- scsi: lpfc: Update lpfc version to 14.4.0.0 (bsc#1220021).
- scsi: lpfc: Change lpfc_vport load_flag member into a bitmask
  (bsc#1220021).
- scsi: lpfc: Change lpfc_vport fc_flag member into a bitmask
  (bsc#1220021).
- scsi: lpfc: Protect vport fc_nodes list with an explicit spin
  lock (bsc#1220021).
- scsi: lpfc: Change nlp state statistic counters into atomic_t
  (bsc#1220021).
- scsi: lpfc: Remove shost_lock protection for fc_host_port
  shost APIs (bsc#1220021).
- scsi: lpfc: Move handling of reset congestion statistics events
  (bsc#1220021).
- scsi: lpfc: Save FPIN frequency statistics upon receipt of
  peer cgn notifications (bsc#1220021).
- scsi: lpfc: Add condition to delete ndlp object after sending
  BLS_RJT to an ABTS (bsc#1220021).
- scsi: lpfc: Fix failure to delete vports when discovery is in
  progress (bsc#1220021).
- scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN
  processing for ndlps (bsc#1220021).
- scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute
  for Fabric nodes (bsc#1220021).
- scsi: lpfc: Remove D_ID swap log message from trace event logger
  (bsc#1220021).
- scsi: lpfc: Use sg_dma_len() API to get struct scatterlist's
  length (bsc#1220021).
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
  (bsc#1220021).
- scsi: lpfc: Initialize status local variable in
  lpfc_sli4_repost_sgl_list() (bsc#1220021).
- scsi: lpfc: Use PCI_HEADER_TYPE_MFD instead of literal
  (bsc#1220021).
- PCI: Add PCI_HEADER_TYPE_MFD definition (bsc#1220021).
- commit 41ec061

- x86/fpu: Stop relying on userspace for info to fault in xsave buffer (bsc#1220335, CVE-2024-26603).
- commit 4cbbdbf

- Update patch reference for NFC fix (CVE-2021-46924 bsc#1220459)
- commit 8ac32a8

- RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (git-fixes).
- commit 71868f2

- media: pvrusb2: fix use after free on context disconnection
  (CVE-2023-52445 bsc#1220241).
- commit e4643a5

- RAS: Introduce a FRU memory poison manager (jsc#PED-7618).
- commit 62d6d3a

- RAS/AMD/ATL: Add MI300 row retirement support (jsc#PED-7618).
- Delete patches.suse/EDAC-amd64-Add-MI300-row-retirement-support.patch.
- commit 3cc5727

- uio: Fix use-after-free in uio_open (bsc#1220140
  CVE-2023-52439).
- commit fbf52b1

- apparmor: avoid crash when parsed profile name is empty
  (CVE-2023-52443 bsc#1220240).
- commit 732bc93

- ntfs: check overflow when iterating ATTR_RECORDs (git-fixes).
- commit c9fe433

- ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
- commit 6df2cbb

- xfs: short circuit xfs_growfs_data_private() if delta is zero
  (git-fixes).
- commit fcba050

- xfs: remove unused fields from struct xbtree_ifakeroot
  (git-fixes).
- commit 86da8f9

- fs: dlm: fix build with CONFIG_IPV6 disabled (git-fixes).
- commit 595274a

- nilfs2: replace WARN_ONs for invalid DAT metadata block requests
  (git-fixes).
- commit 8b6113c

- nilfs2: fix data corruption in dsync block recovery for small
  block sizes (git-fixes).
- commit 3bf00f7

- jfs: fix array-index-out-of-bounds in diNewExt (git-fixes).
- commit 95bef1f

- jfs: fix uaf in jfs_evict_inode (git-fixes).
- commit d7a8248

- jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes).
- commit e676b4f

- jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes).
- commit fc7d276

- UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes).
- commit bcf9251

- FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree (git-fixes).
- commit 9b22efe

- afs: Increase buffer size in afs_update_volume_status()
  (git-fixes).
- commit dd84cc3

- afs: Hide silly-rename files from userspace (git-fixes).
- commit 3ff836d

- afs: fix the usage of read_seqbegin_or_lock() in
  afs_find_server*() (git-fixes).
- commit c7a2b9c

- afs: fix the usage of read_seqbegin_or_lock() in
  afs_lookup_volume_rcu() (git-fixes).
- commit 4fa847b

- btrfs: do not ASSERT() if the newly created subvolume already
  got read (bsc#1219126 CVE-2024-23850).
- commit 087f1fb

- Update
  patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
  (git-fixes, bsc1220398, CVE-2024-26602).
- commit 7349e3e

- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
- commit edd994d

- i2c: i801: Fix block process call transactions (bsc#1220009
  CVE-2024-26593).
- commit 1b64da9

- RDMA/core: Fix uninit-value access in ib_get_eth_speed()
  (bsc#1219934).
- commit 3ebf8e4

- mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243
  CVE-2024-26586).
- mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in
  error path (bsc#1220344 CVE-2024-26595).
- commit 6e8b589

- EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330, CVE-2023-52464)
- commit 369d1fd

- RDMA/core: Get IB width and speed from netdev (bsc#1219934).
- commit 24279f3

- KVM: s390: vsie: fix race during shadow creation (git-fixes
  bsc#1220393).
- commit 72fd28e

- Update config files.
  Cleanup with run_oldconfig.sh
- commit ef734e5

- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392).
- commit 8d2ffe7

- supported.conf: remove external flag from IBM supported modules.
  (bsc#1209412)
- commit a25e99f

- arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata (git-fixes)
- commit 7e2b55c

- arm64: irq: set the correct node for shadow call stack (git-fixes)
- commit b343796

- arm64: irq: set the correct node for VMAP stack (git-fixes)
- commit f682ae8

- blacklist.conf: ("arm64: lib: Import latest version of Arm Optimized Routines' strncmp")
- commit 88ead84

- Refresh sorted patches.
- commit 9f45380

- powerpc/pseries: Set CPU_FTR_DBELL according to ibm,pi-features
  (bsc#1220348).
- powerpc/pseries: Add a clear modifier to ibm,pa/pi-features
  parser (bsc#1220348).
- commit 7e988f6

- usb: gadget: ncm: Avoid dropping datagrams of properly parsed
  NTBs (git-fixes).
- usb: cdns3: fix memory double free when handle zero packet
  (git-fixes).
- usb: cdns3: fixed memory use after free at
  cdns3_gadget_ep_disable() (git-fixes).
- usb: roles: don't get/set_role() when usb_role_switch is
  unregistered (git-fixes).
- usb: roles: fix NULL pointer issue when put module's reference
  (git-fixes).
- usb: cdnsp: fixed issue with incorrect detecting CDNSP family
  controllers (git-fixes).
- usb: cdnsp: blocked some cdns3 specific code (git-fixes).
- USB: serial: option: add Fibocom FM101-GL variant (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
  (git-fixes).
- USB: serial: cp210x: add ID for IMST iM871A-USB (git-fixes).
- commit 6aacbee

- s390: use the correct count for __iowrite64_copy() (git-fixes
  bsc#1220317).
- commit 3d0908e

- md: bypass block throttle for superblock update (bsc#1220154,
  CVE-2023-52437).
- commit 3b94bb4

- cachefiles: fix memory leak in cachefiles_add_cache()
  (bsc#1220267).
- commit 9bb720c

- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
  (bsc#1220253 CVE-2023-52448).
- commit 12cdab5

- platform/x86: thinkpad_acpi: Only update profile if successfully
  converted (git-fixes).
- platform/x86: touchscreen_dmi: Allow partial (prefix) matches
  for ACPI names (git-fixes).
- commit d153a3a

- USB: gadget: core: adjust uevent timing on gadget unbind
  (git-fixes).
- commit e3b30d8

- blacklist.conf: entry for usb/gadget/udc/core that has been reverted
- commit 50292b0

- mm,page_owner: Update Documentation regarding page_owner_stacks
  (jsc-PED#7423).
- commit 96f4587

- mm,page_owner: Filter out stacks by a threshold (jsc-PED#7423).
- commit e683246

- mm,page_owner: Display all stacks and their count
  (jsc-PED#7423).
- commit cfad590

- mm,page_owner: Implement the tracking of the stacks count
  (jsc-PED#7423).
- commit 4c2de65

- mm,page_owner: Maintain own list of stack_records structs
  (jsc-PED#7423).
- commit 91e49cb

- scsi: ibmvfc: Open-code reset loop for target reset
  (bsc#1220106).
- commit 8ab46b6

- scsi: ibmvfc: Limit max hw queues by num_online_cpus()
  (bsc#1220106).
- commit 648a1af

- lib/stackdepot: Move stack_record struct definition into the
  header (jsc-PED#7423).
- commit 6077ffb

- lib/stackdepot: Fix first entry having a 0-handle
  (jsc-PED#7423).
- commit 992fd7d

- lib/stackdepot: add refcount for records (jsc-PED#7423).
- commit 714c529

- sched/membarrier: reduce the ability to hammer on sys_membarrier
  (git-fixes).
- commit 050cced

- lib/stackdepot: add depot_fetch_stack helper (jsc-PED#7423).
- commit 2786362

- RDMA/srpt: fix function pointer cast warnings (git-fixes)
- commit dac438c

- RDMA/qedr: Fix qedr_create_user_qp error flow (git-fixes)
- commit b146859

- RDMA/srpt: Support specifying the srpt_service_guid parameter (git-fixes)
- commit 8d48d24

- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (git-fixes)
- commit da3f72a

- RDMA/irdma: Add AE for too many RNRS (git-fixes)
- commit f63a394

- RDMA/irdma: Set the CQ read threshold for GEN 1 (git-fixes)
- commit 3b512eb

- RDMA/irdma: Validate max_send_wr and max_recv_wr (git-fixes)
- commit 98f2343

- RDMA/irdma: Fix KASAN issue with tasklet (git-fixes)
- commit 83211d5

- RDMA/bnxt_re: Add a missing check in bnxt_qplib_query_srq (git-fixes)
- commit 675dc2d

- RDMA/bnxt_re: Return error for SRQ resize (git-fixes)
- commit c51f388

- IB/hfi1: Fix a memleak in init_credit_return (git-fixes)
- commit 2afc750

- x86/mm: Fix memory encryption features advertisement (bsc#1206453).
- commit 143c33b

- rpm/check-for-config-changes: add GCC_ASM_GOTO_OUTPUT_WORKAROUND to IGNORED_CONFIGS_RE
  Introduced by commit 68fb3ca0e408 ("update workarounds for gcc "asm
  goto" issue").
- commit be1bdab

- net: openvswitch: limit the number of recursions from action
  sets (bsc#1219835 CVE-2024-1151).
- commit ed2fd55

- scsi: core: Move scsi_host_busy() out of host lock if it is
  for per-command (git-fixes).
- commit 65a3d05

- mfd: syscon: Fix null pointer dereference in
  of_syscon_register() (git-fixes).
- commit ac6a500

- powerpc/64: Set task pt_regs->link to the LR value on scv entry
  (bsc#1194869).
- powerpc: add crtsavres.o to always-y instead of extra-y
  (bsc#1194869).
- powerpc/watchpoints: Annotate atomic context in more places
  (bsc#1194869).
- powerpc/watchpoint: Disable pagefaults when getting user
  instruction (bsc#1194869).
- powerpc/watchpoints: Disable preemption in thread_change_pc()
  (bsc#1194869).
- powerpc/pseries: Rework lppaca_shared_proc() to avoid
  DEBUG_PREEMPT (bsc#1194869).
- powerpc: Don't include lppaca.h in paca.h (bsc#1194869).
- powerpc/powernv: Fix fortify source warnings in opal-prd.c
  (bsc#1194869).
- commit 148ec5a

- modpost: trim leading spaces when processing source files list
  (git-fixes).
- kbuild: Fix changing ELF file type for output of gen_btf for
  big endian (git-fixes).
- irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (git-fixes).
- irqchip/irq-brcmstb-l2: Add write memory barrier before exit
  (git-fixes).
- driver core: Fix device_link_flag_is_sync_state_only()
  (git-fixes).
- iio: accel: bma400: Fix a compilation problem (git-fixes).
- staging: iio: ad5933: fix type mismatch regression (git-fixes).
- iio: magnetometer: rm3100: add boundary check for the value
  read from RM3100_REG_TMRC (git-fixes).
- iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
- commit 55c0c3a

- compute-PATCHVERSION: Do not produce output when awk fails
  compute-PATCHVERSION uses awk to produce a shell script that is
  subsequently executed to update shell variables which are then printed
  as the patchversion.
  Some versions of awk, most notably bysybox-gawk do not understand the
  awk program and fail to run. This results in no script generated as
  output, and printing the initial values of the shell variables as
  the patchversion.
  When the awk program fails to run produce 'exit 1' as the shell script
  to run instead. That prevents printing the stale values, generates no
  output, and generates invalid rpm spec file down the line. Then the
  problem is flagged early and should be easier to diagnose.
- commit 8ef8383

- Drop bcm5974 input patch causing a regression (bsc#1220030)
- commit cdfe144

- nvme-fabrics: fix I/O connect error handling (git-fixes).
- commit 1cf32dd

- scsi: fnic: Move fnic_fnic_flush_tx() to a work queue (git-fixes
  bsc#1219141).
- scsi: Revert "scsi: fcoe: Fix potential deadlock on
  &fip->ctlr_lock" (git-fixes bsc#1219141).
- scsi: core: Move scsi_host_busy() out of host lock for waking
  up EH handler (git-fixes).
- scsi: isci: Fix an error code problem in isci_io_request_build()
  (git-fixes).
- scsi: mpi3mr: Refresh sdev queue depth after controller reset
  (git-fixes).
- commit bb93e52

- scsi: hisi_sas: Prevent parallel FLR and controller reset
  (git-fixes).
- Refresh
  patches.suse/scsi-hisi_sas-Replace-with-standard-error-code-return-value.patch.
- commit 90473ca

- drm/amdgpu/display: Initialize gamma correction mode variable
  in dcn30_get_gamcor_current() (git-fixes).
- drm/amd/display: Fix possible NULL dereference on device
  remove/driver unload (git-fixes).
- Revert "drm/amd: flush any delayed gfxoff on suspend entry"
  (git-fixes).
- drm/amd/display: Fix possible buffer overflow in
  'find_dcfclk_for_voltage()' (git-fixes).
- drm/crtc: fix uninitialized variable use even harder
  (git-fixes).
- nouveau/svm: fix kvcalloc() argument order (git-fixes).
- can: j1939: Fix UAF in j1939_sk_match_filter during
  setsockopt(SO_J1939_FILTER) (git-fixes).
- wifi: iwlwifi: uninitialized variable in
  iwl_acpi_get_ppag_table() (git-fixes).
- wifi: iwlwifi: Fix some error codes (git-fixes).
- spi-mxs: Fix chipselect glitch (git-fixes).
- spi: ppc4xx: Drop write-only variable (git-fixes).
- HID: wacom: generic: Avoid reporting a serial of '0' to
  userspace (git-fixes).
- HID: wacom: Do not register input devices until after
  hid_hw_start (git-fixes).
- hwmon: (coretemp) Fix bogus core_id to attr name mapping
  (git-fixes).
- hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes).
- hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
- drm/msm/dpu: check for valid hw_pp in
  dpu_encoder_helper_phys_cleanup (git-fixes).
- drm/msm/dp: return correct Colorimetry for
  DP_TEST_DYNAMIC_RANGE_CEA case (git-fixes).
- drm/msms/dp: fixed link clock divider bits be over written in
  BPC unknown case (git-fixes).
- drm/i915/gvt: Fix uninitialized variable in handle_mmio()
  (git-fixes).
- atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
- crypto: ccp - Fix null pointer dereference in
  __sev_platform_shutdown_locked (git-fixes).
- commit 8c41a3a

- ALSA: usb-audio: More relaxed check of MIDI jack names
  (git-fixes).
- ASoC: SOF: IPC3: fix message bounds on ipc ops (git-fixes).
- ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
  (git-fixes).
- ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks
  table (git-fixes).
- ALSA: hda/realtek: cs35l41: Fix device ID / model name
  (git-fixes).
- ALSA: usb-audio: Sort quirk table entries (git-fixes).
- ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes).
- ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision
  (git-fixes).
- ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter
  (git-fixes).
- commit 4ee9775

- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- commit 515312a

- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
  Also add mds_user_clear to kABI severities since it's strictly
  mitigation related so should be low risk.
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- commit f298aab

- netfs, fscache: Prevent Oops in fscache_put_cache()
  (bsc#1220003).
- commit 70831f5

- mm: memory-failure: fix potential unexpected return value from
  unpoison_memory() (git-fixes).
- commit 4c346fc

- netfilter: nf_tables: disallow rule removal from chain binding
  (bsc#1218216 CVE-2023-5197).
- commit dcfc62f

- netfilter: nf_tables: skip bound chain in netns release path
  (bsc#1218216 CVE-2023-5197).
- commit 29d741f

- netfilter: nf_tables: disallow rule removal from chain binding
  (bsc#1218216 CVE-2023-5197).
- commit d7a1a4d

- netfilter: nf_tables: skip bound chain in netns release path
  (bsc#1218216 CVE-2023-5197).
- commit af879c8

- mm/hwpoison: fix unpoison_memory() (bsc#1218663).
- commit e5b6bde

- mm/hwpoison: remove MF_MSG_BUDDY_2ND and MF_MSG_POISONED_HUGE
  (bsc#1218663).
- commit d6fa958

- mm/hwpoison: mf_mutex for soft offline and unpoison
  (bsc#1218663).
- commit 177fcfa

- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
  (bsc#1219127 CVE-2024-23849).
- commit 43577c1

- Refresh
  patches.suse/scsi-lpfc-use-unsigned-type-for-num_sge.patch.
- commit 6b5c8aa

- USB: hub: check for alternate port before enabling
  A_ALT_HNP_SUPPORT (bsc#1218527).
- Delete patches.suse/usb-otg-numberpad-exception.patch.
  Removal of temporary work around
- commit 51410f7

- blacklist.conf: irrelevant in our configs
- commit 011570e

- dm: limit the number of targets and parameter size area
  (bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851).
- commit 26dc83e

- usb: cdns3: Modify the return value of cdns_set_active ()
  to void when CONFIG_PM_SLEEP is disabled (git-fixes).
- Refresh patches.kabi/usb-cdns-readd-old-API.patch.
- commit f63fe1f

- usb: cdns: readd old API (git-fixes).
- commit e63cfaf

- usb: gadget: f_hid: fix report descriptor allocation
  (git-fixes).
- commit b1aee6d

- Refresh
  patches.suse/USB-dwc2-write-HCINT-with-INTMASK-applied.patch.
  moved into sorted section
- commit 19ade31

- usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
  (git-fixes).
- commit e5f0b82

- usb: cdns3: Put the cdns set active part outside the spin lock
  (git-fixes).
- commit 86f2eb0

- USB: Gadget: core: Help prevent panic during UVC unconfigure
  (git-fixes).
- commit 00fdbf2

- usb: gadget: core: remove unbalanced mutex_unlock in
  usb_gadget_activate (git-fixes).
- commit 4803ff6

- usb: gadget: udc: Handle gadget_connect failure during bind
  operation (git-fixes).
- commit 70218de

- USB: gadget: core: Add missing kerneldoc for vbus_work
  (git-fixes).
- commit 25e9543

- usb: gadget: udc: core: Prevent soft_connect_store() race
  (git-fixes).
- commit eb5f8ac

- usb: gadget: udc: core: Offload usb_udc_vbus_handler processing
  (git-fixes).
- commit 7a7bf5a

- blacklist.conf: changed reason
  The old reason applied only to SP4. However
  this patch by coincidence still needs to be blacklisted in SP5
  for a completely different reason
- commit 5f8bebe

- USB: gadget: Fix obscure lockdep violation for udc_mutex
  (git-fixes).
- Refresh
  patches.suse/USB-gadget-Fix-use-after-free-during-usb-config-swit.patch.
- commit a8658e1

- USB: gadget: Fix use-after-free Read in usb_udc_uevent()
  (git-fixes).
- commit 6205e50

- s390/qeth: Fix potential loss of L3-IP@ in case of network
  issues (git-fixes bsc#1219840).
- commit 4987d16

- KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219839).
- commit 47fbb44

- Add reference to recently released CVE
- Update
  patches.suse/x86-entry-convert-int-0x80-emulation-to-idtentry.patch
  (bsc#1217927 CVE-2024-25744).
- Update
  patches.suse/x86-entry-do-not-allow-external-0x80-interrupts.patch
  (bsc#1217927 CVE-2024-25744).
- commit 1dc32d2

- nvme-host: fix the updating of the firmware version (git-fixes).
- commit 27cca59

- arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (bsc#1219443)
- commit 8b0cea9

- arm64: entry: Simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
- commit 713244d

- arm64: entry: Preserve/restore X29 even for compat tasks (bsc#1219443)
- commit 2aa2cc1

- Refresh patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
  Fix following error when building kvmsmall config by removing left over
  declaration:
  [  216s] In file included from ../arch/x86/kernel/cpu/mce/core.c:52:0:
  [  216s] ../arch/x86/include/asm/mce.h:366:1: error: duplicate 'static'
  [  216s]  static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
  [  216s]  ^~~~~~
  [  216s] ../arch/x86/include/asm/mce.h:366:15: error: two or more data types in declaration specifiers
  [  216s]  static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
  [  216s]                ^~~~
  [  216s] ../arch/x86/include/asm/mce.h: In function 'mce_hygon_feature_init':
  [  216s] ../arch/x86/include/asm/mce.h:366:75: error: void value not ignored as it ought to be
  [  216s]  static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
  [  216s]                                                                            ^~~~~~~~~~~~~~~~~~~~~~~
  [  216s] ../arch/x86/include/asm/mce.h:366:50: error: control reaches end of non-void function [-Werror=return-type]
  [  216s]  static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
- commit 7015e17

- arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443)
  Enable workaround.
- commit 72bb690

- arm64: Rename ARM64_WORKAROUND_2966298 (bsc#1219443)
- Update config files.
- Refresh caps file
- commit 12d16a6

- arm64: errata: Add Cortex-A520 speculative unprivileged load (bsc#1219443)
  Enable workaround without kABI break.
- Update config files.
- Refresh patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
- commit 2067234

- arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2 (git-fixes)
  Enable AMPERE_ERRATUM_AC03_CPU_38 workaround without kABI break
- Update config files
- Refresh patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
- commit 4d24e79

- Refresh patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
  Fix build due to incomplete line removal
- commit 720d084

- vhost: use kzalloc() instead of kmalloc() followed by memset()
  (CVE-2024-0340, bsc#1218689).
- commit 4c5a740

- README.BRANCH: Update cve/linux-5.14 maintainers
  Add myself to match SLE15-SP5 consumer + fix typo in branch name.
- commit da26653

- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
  Accidentally removed nfs4_get_stateowner
- commit ad106c0

- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
  (git-fixes bsc#1219608 CVE-2024-24860).
- commit a1186fd

- Update
  patches.suse/Bluetooth-Fix-atomicity-violation-in-min-max-_key_si.patch
  (git-fixes bsc#1219608 CVE-2024-24860).
- commit dedfe8a

- README.BRANCH: update branch name to cve/linux-5.14, update maintainers
  as requested
- commit 8e34879

- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config
  (bsc#1219653)
  They are put into -devel subpackage. And a proper link to
  /usr/share/gdb/auto-load/ is created.
- commit 1dccf2a

- EDAC/amd64: Add MI300 row retirement support (jsc#PED-7618).
- commit fb688f3

- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (jsc#PED-7618).
- commit a26a502

- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (jsc#PED-7618).
- commit 83df5af

- RAS/AMD/ATL: Add MI300 support (jsc#PED-7618).
- commit 761e3c8

- Documentation: RAS: Add index and address translation section (jsc#PED-7618).
- commit d6e1334

- EDAC/amd64: Use new AMD Address Translation Library (jsc#PED-7618).
- commit f1baba4

- RAS: Introduce AMD Address Translation Library (jsc#PED-7618).
- commit d6ad6ba

- netfilter: nf_tables: check if catch-all set element is active
  in next generation (CVE-2024-1085 bsc#1219429).
- commit 7b3f4c4

- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  (CVE-2024-1086 bsc#1219434).
- commit 5f917ff

- fs: indicate request originates from old mount API (git-fixes).
- commit 8ccbbb1

- tracefs: Add missing lockdown check to tracefs_create_dir()
  (git-fixes).
- commit 36d0f04

- fs: Fix error checking for d_hash_and_lookup() (git-fixes).
- commit b1a5e63

- attr: block mode changes of symlinks (git-fixes).
- commit c0d7be1

- eventfd: prevent underflow for eventfd semaphores (git-fixes).
- commit 3a099ca

- kernfs: fix missing kernfs_idr_lock to remove an ID from the
  IDR (git-fixes).
- commit 5156b80

- shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based
  tmpfs (git-fixes).
- commit a75bdfb

- fs: drop peer group ids under namespace lock (git-fixes).
- commit b6028f3

- nsfs: add compat ioctl handler (git-fixes).
- commit 38694b2

- aio: fix mremap after fork null-deref (git-fixes).
- commit 22e33d9

- fs: don't audit the capability check in simple_xattr_list()
  (git-fixes).
- commit 5b6e2cc

- mm: fs: initialize fsdata passed to write_begin/write_end
  interface (git-fixes).
- commit af45b4c

- fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
- commit 088d52b

- vfs: make freeze_super abort when sync_filesystem returns error
  (git-fixes).
- commit 6a3b59b

- fs/mount_setattr: always cleanup mount_kattr (git-fixes).
- commit 113e698

- Update
  patches.suse/drm-amdgpu-Fix-potential-fence-use-after-free-v2.patch
  (bsc#1219128 CVE-2023-51042 git-fixes).
- commit 4b937fc

- drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()'
  (git-fixes).
- drm/amdkfd: Fix 'node' NULL check in
  'svm_range_get_range_boundaries()' (git-fixes).
- drm/amdgpu: Release 'adev->pm.fw' before return in
  'amdgpu_device_need_post()' (git-fixes).
- drm/amdgpu: Fix with right return code '-EIO' in
  'amdgpu_gmc_vram_checking()' (git-fixes).
- drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table'
  in 'get_platform_power_management_table()' (git-fixes).
- drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
- drm/amdkfd: Fix lock dependency warning (git-fixes).
- ALSA: hda/conexant: Fix headset auto detect fail in cx8070
  and SN6140 (git-fixes).
- ALSA: hda: Refer to correct stream index at loops (git-fixes).
- drm/amdkfd: Fix iterator used outside loop in
  'kfd_add_peer_prop()' (git-fixes).
- drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
  (git-fixes).
- drm/amdgpu: Fix '*fw' from request_firmware() not released in
  'amdgpu_ucode_request()' (git-fixes).
- drm/amdgpu: Let KFD sync with VM fences (git-fixes).
- drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
- drm/amd/display: make flip_timestamp_in_us a 64-bit variable
  (git-fixes).
- drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
- drm/msm/dpu: fix writeback programming for YUV cases
  (git-fixes).
- drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
- drm/msm/dsi: Enable runtime PM (git-fixes).
- drm/amdgpu: fix ftrace event amdgpu_bo_move always move on
  same heap (git-fixes).
- drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
  time (git-fixes).
- drm/framebuffer: Fix use of uninitialized variable (git-fixes).
- drm/panel-edp: Add override_edid_mode quirk for generic edp
  (git-fixes).
- drm/amd/display: Fix tiled display misalignment (git-fixes).
- commit 3c1f8a7

- rpm/mkspec: sort entries in _multibuild
  Otherwise it creates unnecessary diffs when tar-up-ing. It's of course
  due to readdir() using "random" order as served by the underlying
  filesystem.
  See for example:
  https://build.opensuse.org/request/show/1144457/changes
- commit d1155de

- Revert "tracing: Increase trace array ref count on enable and
  filter files" (bsc#1219490).
  Deleted:
  patches.suse/tracing-Increase-trace-array-ref-count-on-enable-and-filter-files.patch
  patches.suse/tracing-Fix-uaf-issue-when-open-the-hist-or-hist_debug-file.patch
  patches.suse/tracing-Have-event-inject-files-inc-the-trace-array-ref-count.patch
  Backported commit f5ca233e2e66 ("tracing: Increase trace array ref count
  on enable and filter files") causes a kernel panic and its upstream
  fix-up bb32500fb9b7 ("tracing: Have trace_event_file have ref counters")
  cannot be easily backported because it affects kABI. Revert the commit
  and its two related + dependent patches, at least for now.
- commit b75b68d

- fs: Move notify_change permission checks into may_setattr
  (git-fixes).
- commit 9c54f53

- blacklist.conf: add 'nvme: fix error-handling for io_uring
  nvme-passthrough'
- commit 580a5ab

- nvme-rdma: Fix transfer length when write_generate/read_verify
  are 0 (git-fixes).
- commit b0bd240

- nvme: trace: avoid memcpy overflow warning (git-fixes).
- nvmet: re-fix tracing strncpy() warning (git-fixes).
- nvme: fix max_discard_sectors calculation (git-fixes).
- nvme-pci: fix sleeping function called from interrupt context
  (git-fixes).
- nvme: introduce helper function to get ctrl state (git-fixes).
- nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
- commit 45d7afe

- scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
- scsi: lpfc: Move determination of vmid_flag after VMID
  reinitialization completes (bsc#1219582).
- scsi: lpfc: Reinitialize an NPIV's VMID data structures after
  FDISC (bsc#1219582).
- scsi: lpfc: Change VMID driver load time parameters to read only
  (bsc#1219582).
- commit bb7c841

- ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
- commit 5e28675

- misc: fastrpc: Mark all sessions as invalid in cb_remove
  (git-fixes).
- serial: max310x: fail probe if clock crystal is unstable
  (git-fixes).
- serial: max310x: improve crystal stable clock detection
  (git-fixes).
- serial: max310x: set default value when reading clock ready bit
  (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget
  (git-fixes).
- usb: ucsi_acpi: Fix command completion handling (git-fixes).
- usb: ucsi: Add missing ppm_lock (git-fixes).
- usb: host: xhci-plat: Add support for
  XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- dmaengine: fix is_slave_direction() return false when
  DMA_DEV_TO_DEV (git-fixes).
- dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
  (git-fixes).
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
  (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix returning wrong error code
  (git-fixes).
- dmaengine: idxd: Protect int_handle field in hw descriptor
  (git-fixes).
- commit 4d4442b

- Input: atkbd - do not skip atkbd_deactivate() when skipping
  ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping
  ATKBD_CMD_GETID (git-fixes).
- Input: bcm5974 - check endpoint type before starting traffic
  (git-fixes).
- ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
- ASoC: codecs: lpass-wsa-macro: fix compander volume hack
  (git-fixes).
- ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
- ASoC: codecs: wcd938x: fix headphones volume controls
  (git-fixes).
- ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
  (git-fixes).
- nfc: nci: free rx_data_reassembly skb on NCI device cleanup
  (git-fixes).
- HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
- firewire: core: correct documentation of fw_csr_string()
  kernel API (git-fixes).
- commit 2100750

- md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
- commit a1a4e04

- perf/x86/uncore: Use u64 to replace unsigned for the uncore
  offsets array (bsc#1219512).
- commit 1425233

- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780
  bsc#1218730).
- commit 658d424

- fbdev: Only disable sysfb on the primary device (bsc#1216441)
  Update an existing patch to fix bsc#1216441.
- commit 1c5c5fe

- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838,
  XSA-448, bsc#1218836).
- commit 9a897ff

- drm/amdgpu/pm: Fix the power source flag error (git-fixes).
- commit fe7e152

- nouveau/vmm: don't set addr on the fail path to avoid warning
  (git-fixes).
- drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable
  W/A (git-fixes).
- drm: Don't unref the same fb many times by mistake due to
  deadlock handling (git-fixes).
- drm/amd/display: pbn_div need be updated for hotplug event
  (git-fixes).
- commit 962c8b3

- Update
  patches.suse/ext4-fix-kernel-BUG-in-ext4_write_inline_data_end.patch
  (CVE-2021-33631 bsc#1219412 bsc#1206894).
- commit 2260246

- kabi, vmstat: skip periodic vmstat update for isolated CPUs
  (bsc#1217895).
- commit 8cb5798

- sched/isolation: add cpu_is_isolated() API (bsc#1217895).
- trace,smp: Add tracepoints around remotelly called functions
  (bsc#1217895).
- vmstat: skip periodic vmstat update for isolated CPUs
  (bsc#1217895).
- Refresh
  patches.suse/0002-kernel-smp-make-csdlock-timeout-depend-on-boot-param.patch.
- commit 668c0e0

- kernel-source: Fix description typo
- commit 8abff35

- nvmet-tcp: Fix the H2C expected PDU len calculation
  (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356).
- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988
  bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356).
- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987
  bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356).
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C
  PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535
  CVE-2023-6536 CVE-2023-6356).
- commit d968940

- clocksource: disable watchdog checks on TSC when TSC is watchdog
  (bsc#1215885).
- commit b33ffd8

- nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968
  bsc#1219349).
- commit e7c782d

- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  (CVE-2023-47233 bsc#1216702).
- commit 433859d

- rpm/constraints.in: set jobs for riscv to 8
  The same workers are used for x86 and riscv and the riscv builds take
  ages. So align the riscv jobs count to x86.
- commit b2c82b9

- blacklist.conf: add a not-relevant module commit
- commit d1799c4

- tracing/trigger: Fix to return error if failed to alloc snapshot
  (git-fixes).
- commit 6a3a4f2

- blacklist.conf: Add bunch of uclamp fixups
  244226035a1f sched/uclamp: Fix fits_capacity() check in feec()
  b759caa1d9f6 sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
  c56ab1b3506b sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
  d81304bc6193 sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit condition
  6b00a4014765 sched/uclamp: Set max_spare_cap_cpu even if max_spare_cap is 0
- commit 6be119f

- platform/x86: ISST: Reduce noise for missing numa information
  in logs (bsc#1219285).
- commit 017b316

- tracing: Ensure visibility when inserting an element into
  tracing_map (git-fixes).
- commit 95dfb0f

- bpf: Limit the number of kprobes when attaching program to
  multiple kprobes (git-fixes).
- commit ecd4878

- ring-buffer: Do not record in NMI if the arch does not support
  cmpxchg in NMI (git-fixes).
- commit 2ced0ce

- tracing: Fix uaf issue when open the hist or hist_debug file
  (git-fixes).
- commit 8c95da9

- tracing: Add size check when printing trace_marker output
  (git-fixes).
- commit ea9dc7e

- tracing: Have large events show up as '[LINE TOO BIG]' instead of
  nothing (git-fixes).
- commit 57bb6f3

- asix: Add check for usbnet_get_endpoints (git-fixes).
- commit ce1c3e3

- r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250
  (git-fixes).
- commit a726891

- drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in
  the error case (git-fixes).
- commit b1d3207

- clocksource: Skip watchdog check for large watchdog intervals
  (git-fixes).
- drm/bridge: anx7625: Ensure bridge is suspended in disable()
  (git-fixes).
- drm/bridge: parade-ps8640: Ensure bridge is suspended in
  .post_disable() (git-fixes).
- drm: panel-simple: add missing bus flags for Tianma
  tm070jvhg[30/33] (git-fixes).
- drm/bridge: parade-ps8640: Wait for HPD when doing an AUX
  transfer (git-fixes).
- drm/exynos: gsc: minor fix for loop iteration in
  gsc_runtime_resume (git-fixes).
- drm/exynos: fix accidental on-stack copy of exynos_drm_plane
  (git-fixes).
- gpio: eic-sprd: Clear interrupt after set the interrupt type
  (git-fixes).
- commit 0576231

- net: sched: sch_qfq: Use non-work-conserving warning handler
  (CVE-2023-4921 bsc#1215275).
- commit b50ba0e

- mkspec: Use variant in constraints template
  Constraints are not applied consistently with kernel package variants.
  Add variant to the constraints template as appropriate, and expand it
  in mkspec.
- commit cc68ab9

- kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol
  It's an internal function that shouldn't have been exported
- commit eb24ddf

- net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
- uio: Fix use-after-free in uio_open (git-fixes).
- parport: parport_serial: Add Brainboxes device IDs and geometry
  (git-fixes).
- parport: parport_serial: Add Brainboxes BAR details (git-fixes).
- pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
- pwm: stm32: Use hweight32 in stm32_pwm_detect_channels
  (git-fixes).
- media: rkisp1: Fix media device memory leak (git-fixes).
- wifi: rtlwifi: rtl8192se: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8192ee: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8192de: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8192ce: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8192cu: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8192c: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift()
  (git-fixes).
- wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
- pstore: ram_core: fix possible overflow in
  persistent_ram_init_ecc() (git-fixes).
- wifi: iwlwifi: pcie: avoid a NULL pointer dereference
  (git-fixes).
- reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
  (git-fixes).
- wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
- pwm: stm32: Use regmap_clear_bits and regmap_set_bits where
  applicable (git-fixes).
- media: rkisp1: Read the ID register at probe time instead of
  streamon (git-fixes).
- commit d4f3c53

- fjes: fix memleaks in fjes_hw_setup (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5
  (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic
  boost on HP ZBook (git-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx
  (git-fixes).
- drm/amdkfd: fixes for HMM mem allocation (git-fixes).
- Input: atkbd - use ab83 as id when skipping the getid command
  (git-fixes).
- drivers: clk: zynqmp: update divider round rate logic
  (git-fixes).
- drm/tidss: Fix dss reset (git-fixes).
- drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
- drm/tidss: Return error value from from softreset (git-fixes).
- drm/tidss: Move reset to the end of dispc_init() (git-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
  (git-fixes).
- Input: xpad - add Razer Wolverine V2 support (git-fixes).
- Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
- Input: atkbd - skip ATKBD_CMD_GETID in translated mode
  (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab
  S10346 (git-fixes).
- i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
- clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
- hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
- ASoC: ops: add correct range check for limiting volume
  (git-fixes).
- ASoC: da7219: Support low DC impedance headset (git-fixes).
- ASoC: rt5650: add mutex to avoid the jack detection failure
  (git-fixes).
- ASoC: cs43130: Fix incorrect frame delay configuration
  (git-fixes).
- ASoC: cs43130: Fix the position of const qualifier (git-fixes).
- ASoC: Intel: Skylake: mem leak in skl register function
  (git-fixes).
- ASoC: nau8822: Fix incorrect type in assignment and cast to
  restricted __be16 (git-fixes).
- ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
- ASoC: wm8974: Correct boost mixer inputs (git-fixes).
- drm/amdkfd: Use resource_size() helper function (git-fixes).
- clk: zynqmp: Add a check for NULL pointer (git-fixes).
- clk: zynqmp: make bestdiv unsigned (git-fixes).
- media: rkisp1: Disable runtime PM in probe error path
  (git-fixes).
- commit f91e3c6

- Drop clk imx patch that was reverted in the stable tree
- commit ab74263

- Drop ASoC atmel patch that was reverted on stable tree
- commit 7e99407

- rpm/constraints.in: add static multibuild packages
  Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
  constraints on multibuild) added "kernel-source:" prefix to the
  dynamically generated kernels. But there are also static ones like
  kernel-docs. Those fail to build as the constraints are still not
  applied.
  So add the prefix also to the static ones.
  Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
  will ever be multibuilt...
- commit c2e0681

- Update
  patches.suse/drm-atomic-Fix-potential-use-after-free-in-nonblocki.patch
  (bsc#1219120 CVE-2023-51043 git-fixes).
- commit d004027

- Revert "Limit kernel-source build to architectures for which the kernel binary"
  This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
  The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a

- mkspec: Include constraints for both multibuild and plain package always
  There is no need to check for multibuild flag, the constraints can be
  always generated for both cases.
- commit 308ea09

- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
  Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b

- scsi: hisi_sas: Correct the number of global debugfs registers
  (git-fixes).
- scsi: hisi_sas: Rollback some operations if FLR failed
  (git-fixes).
- commit 2336743

- scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT
  (git-fixes).
- Refresh
  patches.suse/scsi-hisi_sas-Add-more-logs-for-runtime-suspend-resume.patch.
- Refresh
  patches.suse/scsi-hisi_sas-Fix-rescan-after-deleting-a-disk.
- Refresh
  patches.suse/scsi-hisi_sas-Replace-with-standard-error-code-return-value.patch.
- Refresh
  patches.suse/scsi-hisi_sas-Use-libsas-internal-abort-support.patch.
- Refresh
  patches.suse/scsi-libsas-Don-t-always-drain-event-workqueue-for-HA-resume.patch.
- commit 6d49430

- kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
- commit afe2033

- rpm/kernel-source.rpmlintrc: add action-ebpf
  Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
  plugin) added this precompiled binary blob. Adapt rpmlintrc for
  kernel-source.
- commit b5ccb33

- Update config files: enable ASoC AMD PS drivers (bsc#1219136)
- commit ef8225f

- ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA
  (bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13
  (bsc#1219136).
- ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
- ASoC: amd: acp: Add kcontrols and widgets per-codec in common
  code (bsc#1219136).
- commit 4161e83

- Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL
  (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming
  Laptop 15-fb0xxx (8A3E) (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting
  Line Out (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols
  (bsc#1219136).
- ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols
  (bsc#1219136).
- ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies
  (bsc#1219136).
- ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
- ASoC: amd: acp: clean up some inconsistent indentings
  (bsc#1219136).
- ASoC: amd: acp: add pm ops support for rembrandt platform
  (bsc#1219136).
- ASoC: amd: acp: move pdm macros to common header file
  (bsc#1219136).
- ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
- ASoC: amd: acp: export config_acp_dma() and
  config_pte_for_stream() symbols (bsc#1219136).
- ASoC: amd: acp: store xfer_resolution of the stream
  (bsc#1219136).
- ASoC: amd: acp: add pm ops support for acp pci driver
  (bsc#1219136).
- ASoC: amd: acp: store platform device reference created in
  pci probe call (bsc#1219136).
- ASoC: amd: acp: remove the redundant acp enable/disable
  interrupts functions (bsc#1219136).
- ASoC: amd: acp: add acp i2s master clock generation for
  rembrandt platform (bsc#1219136).
- ASoC: amd: acp: refactor the acp init and de-init sequence
  (bsc#1219136).
- ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
- commit 120d62d

- ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table
  (bsc#1219136).
- commit 150a883

- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12
  (bsc#1219136).
- commit c977ecd

- ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
- ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x
  (bsc#1219136).
- ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
- ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
- ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
- ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG
  (bsc#1219136).
- ASoC: amd: vangogh: Add check for acp config flags in vangogh
  platform (bsc#1219136).
- ASoC: amd: ps: refactor acp power on and reset functions
  (bsc#1219136).
- ASoC: amd: ps: remove the register read and write wrappers
  (bsc#1219136).
- ASoC: amd: ps: Update copyright notice (bsc#1219136).
- ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x
  (bsc#1219136).
- ASoC: amd: ps: fix for acp_lock access in pdm driver
  (bsc#1219136).
- ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the
  quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
- ASoC: amd: Add check for acp config flags (bsc#1219136).
- ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x
  (bsc#1219136).
- ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx
  (8A42) (bsc#1219136).
- ASoC: amd: ps: update the acp clock source (bsc#1219136).
- ASoC: amd: acp: rembrandt: Drop if blocks with always false
  condition (bsc#1219136).
- ASoC: amd: vangogh: Remove unnecessary init function
  (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop
  16-e1xxx (8A22) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx
  (8A43) (bsc#1219136).
- ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks
  (bsc#1219136).
- ASoC: amd: ps: Add a module parameter to influence pdm_gain
  (bsc#1219136).
- ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: renoir: Add a module parameter to influence pdm_gain
  (bsc#1219136).
- ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: yc: Add a module parameter to influence pdm_gain
  (bsc#1219136).
- ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
- ASoC: amd: acp: Enable i2s tdm support for skyrim platforms
  (bsc#1219136).
- ASoC: amd: acp: Add i2s tdm support in machine driver
  (bsc#1219136).
- ASoC: amd: acp: Refactor i2s clocks programming sequence
  (bsc#1219136).
- ASoC: amd: acp: Refactor dai format implementation
  (bsc#1219136).
- ASoC: amd: acp: Add new cpu dai's in machine driver
  (bsc#1219136).
- ASoC: amd: ps: Fix uninitialized ret in
  create_acp64_platform_devs() (bsc#1219136).
- ASoC: amd: ps: use static function (bsc#1219136).
- ASoC: amd: ps: remove unused variable (bsc#1219136).
- ASoC: amd: ps: use acp_lock to protect common registers in
  pdm driver (bsc#1219136).
- ASoC: amd: ps: add mutex lock for accessing common registers
  (bsc#1219136).
- ASoC: amd: Drop empty platform remove function (bsc#1219136).
- ASoC: amd: ps: move irq handler registration (bsc#1219136).
- ASoC: amd: ps: update dev index value in irq handler
  (bsc#1219136).
- ASoC: amd: ps: refactor platform device creation logic
  (bsc#1219136).
- ASoC: amd: ps: implement api to retrieve acp device config
  (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table
  (bsc#1219136).
- ASoC: amd: yc: Add DMI support for new acer/emdoor platforms
  (bsc#1219136).
- ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table
  (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table
  (bsc#1219136).
- ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
- ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver
  (bsc#1219136).
- ASoC: amd: ps: update macros with ps platform naming convention
  (bsc#1219136).
- ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
- ASoC: amd: fix ACP version typo mistake (bsc#1219136).
- ASoC: amd: acp: Add setbias level for rt5682s codec in machine
  driver (bsc#1219136).
- ASoC: amd: acp: Add TDM slots setting support for ACP I2S
  controller (bsc#1219136).
- ASoC: amd: Update Pink Sardine platform ACP register header
  (bsc#1219136).
- ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table
  (bsc#1219136).
- ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks
  table (bsc#1219136).
- ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo
  ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136).
- ASoC: amd: acp: use function devm_kcalloc() instead of
  devm_kzalloc() (bsc#1219136).
- ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc()
  (bsc#1219136).
- ASoC: amd: fix spelling mistake: "i.e" -> "i.e." (bsc#1219136).
- ASoC: amd: enable Pink sardine platform machine driver build
  (bsc#1219136).
- ASoC: amd: add Pink Sardine machine driver using dmic
  (bsc#1219136).
- ASoC: amd: create platform device for acp6.2 machine driver
  (bsc#1219136).
- ASoC: amd: enable Pink Sardine acp6.2 drivers build
  (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
- ASoC: amd: add acp6.2 irq handler (bsc#1219136).
- ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
- ASoC: amd: add platform devices for acp6.2 pdm driver and dmic
  driver (bsc#1219136).
- ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
- ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
- ASoC: amd: add Pink Sardine platform ACP IP register header
  (bsc#1219136).
- ASoC: amd: acp: Modify dai_id macros to be more generic
  (bsc#1219136).
- ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
- ASoC: amd: acp: add a label to make error path more clean
  (bsc#1219136).
- ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
- ASoC: amd: acp: Add TDM support for acp i2s stream
  (bsc#1219136).
- ASoC: amd: acp: Initialize list to store acp_stream during
  pcm_open (bsc#1219136).
- commit 14632ae

- arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes)
- commit 3eba4f6

- arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
- commit ee809a9

- xhci: track port suspend state correctly in unsuccessful resume
  cases (git-fixes).
- commit 5f8b948

- arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
- commit a7b727f

- arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
- commit f3c4bfe

- arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
- commit 7e17ca6

- arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
- commit ed0fb4a

- blacklist.conf: ("arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer")
- commit 76fd77c

- scsi: mpt3sas: Fix loop logic (bsc#1219067).
- commit 872bee1

- scsi: hisi_sas: Replace with standard error code return value
  (git-fixes).
- scsi: fnic: Return error if vmalloc() failed (git-fixes).
- scsi: mpt3sas: Fix an outdated comment (git-fixes).
- scsi: core: Always send batch on reset or error handling command
  (git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
  (git-fixes).
- commit 3a87f07

- blacklist.conf: add commit that breaks kabi
- commit 4ab1644

- scsi: qla2xxx: Fix system crash due to bad pointer access
  (git-fixes).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from
  3 to 30 for selected registers (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in
  fc_lport_ptp_setup() (git-fixes).
- scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall
  return code (git-fixes).
- scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing
  debugfs (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: pm80xx: Avoid leaking tags when processing
  OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
- scsi: pm80xx: Use phy-specific SAS address when sending
  PHY_START command (git-fixes).
- scsi: megaraid_sas: Fix deadlock on firmware crashdump
  (git-fixes).
- scsi: hisi_sas: Fix normally completed I/O analysed as failed
  (git-fixes).
- scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
- scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
  (git-fixes).
- scsi: hisi_sas: Modify v3 HW SATA completion error processing
  (git-fixes).
- commit d038b1c

- xhci: pass port pointer as parameter to xhci_set_port_power()
  (git-fixes).
- xhci: cleanup xhci_hub_control port references (git-fixes).
- commit b297848

- USB: xhci: workaround for grace period (git-fixes).
- commit 66e1fb8

- xhci: Add grace period after xHC start to prevent premature
  runtime suspend (git-fixes).
- blacklist.conf: I wanted to avoid the kABI workaround for this, but it
  is needed; reinstate it.
- Refresh
  patches.suse/xhci-remove-unused-command-member-from-struct-xhci_h.patch.
- commit e6ea339

- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
  The previous change added the manual entry from kernel-sources.change.old
  to old_changelog.txt unnecessarily.  Let's fix it.
- commit fb033e8

- Update
  patches.suse/ext4-improve-error-recovery-code-paths-in-__ext4_rem.patch
  (bsc#1213017 bsc#1219053 CVE-2024-0775).
- commit 97ea702

- RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
- commit e0e972e

- blacklist.conf: add 4fbc3a52cd4d ("RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz")
- commit 294e9b8

- RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
- commit 345f1ff

- RDMA/irdma: Refactor error handling in create CQP (git-fixes)
- commit 4a6aa38

- RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
- commit 281db3f

- RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
- commit 63679fd

- RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes)
- commit 3c73c12

- RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes)
- commit 8cc2bd1

- RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
- commit 8d9fb90

- RDMA/rtrs-clt: Start hb after path_up (git-fixes)
- commit e242a3d

- RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
- commit 29a41f7

- RDMA/irdma: Add wait for suspend on SQD (git-fixes)
- commit 538f2e3

- RDMA/irdma: Do not modify to SQD on error (git-fixes)
- commit 263fc9c

- RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes)
- commit 59ab729

- rpm/kernel-docs.spec.in: fix build with 6.8
  Since upstream commit f061c9f7d058 (Documentation: Document each netlink
  family), the build needs python yaml.
- commit 6a7ece3

- scsi: hisi_sas: Modify v3 HW SSP underflow error processing
  (git-fixes).
- Refresh
  patches.suse/scsi-hisi_sas-Handle-NCQ-error-when-IPTT-is-valid.patch.
- commit 44aa3a5

- blacklist.conf: kABI
- commit d83f18a

- blacklist.conf: kABI
- commit 59ff7e1

- Update patch reference for ax88179 fix (bsc#1218948)
- commit 5a21b74

- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize
  hv_nmi_unknown() (git-fixes).
- x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM
  (git-fixes).
- commit 7633c65

- drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel
  null pointer (git-fixes).
- commit 3bf351b

- dmaengine: fix NULL pointer in channel unregistration function
  (git-fixes).
- libapi: Add missing linux/types.h header to get the __u64 type
  on io.h (git-fixes).
- ALSA: oxygen: Fix right channel of capture volume mixer
  (git-fixes).
- power: supply: cw2015: correct time_to_empty units in sysfs
  (git-fixes).
- power: supply: bq256xx: fix some problem in bq256xx_hw_init
  (git-fixes).
- apparmor: avoid crash when parsed profile name is empty
  (git-fixes).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360
  13-ay0xxx (git-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models
  (git-fixes).
- drm/amd/display: get dprefclk ss info from integration info
  table (git-fixes).
- drm/crtc: fix uninitialized variable use (git-fixes).
- drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
- drm/exynos: fix a wrong error checking (git-fixes).
- drm/exynos: fix a potential error pointer dereference
  (git-fixes).
- drm/amdgpu: Add NULL checks for function pointers (git-fixes).
- nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
- ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32
  bps format (git-fixes).
- drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
- commit 091325f

- net: usb: ax88179_178a: avoid two consecutive device resets
  (bsc#1218948).
- net: usb: ax88179_178a: Bind only to vendor-specific interface
  (bsc#1218948).
- net: usb: ax88179_178a: restore state on resume (bsc#1218948).
- commit d91b154

- nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
- commit ad625bb

- badblocks: avoid checking invalid range in badblocks_check()
  (bsc#1174649).
- badblocks: switch to the improved badblock handling code
  (bsc#1174649).
- badblocks: improve badblocks_check() for multiple ranges
  handling (bsc#1174649).
- badblocks: improve badblocks_clear() for multiple ranges
  handling (bsc#1174649).
- badblocks: improve badblocks_set() for multiple ranges handling
  (bsc#1174649).
- badblocks: add helper routines for badblock ranges handling
  (bsc#1174649).
- badblocks: add more helper structure and routines in badblocks.h
  (bsc#1174649).
- commit 6a46786

- dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
- commit 4ac18f0

- perf/x86/intel/uncore: Factor out topology_gidnid_map()
  (bsc#1218958).
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in
  upi_fill_topology() (bsc#1218958).
- commit fe3658c

- net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
- Refresh
  patches.suse/net-usb-ax88179_178a-wol-optimizations.patch.
- commit 8b1488e

- s390/vfio-ap: let on_scan_complete() callback filter matrix
  and update guest's APCB (git-fixes bsc#1219014).
- commit b83db20

- s390/vfio-ap: loop over the shadow APCB when filtering guest's
  AP configuration (git-fixes bsc#1219013).
- commit 0f291d1

- s390/vfio-ap: always filter entire AP matrix (git-fixes
  bsc#1219012).
- commit a461bd5

- s390/pci: fix max size calculation in zpci_memcpy_toio()
  (git-fixes bsc#1219006).
- commit 18b0ac3

- modpost: move __attribute__((format(printf, 2, 3))) to modpost.h
  (git-fixes).
- kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
- i2c: s3c24xx: fix transferring more than one message in polling
  mode (git-fixes).
- i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
- pwm: jz4740: Don't use dev_err_probe() in .request()
  (git-fixes).
- pwm: Fix out-of-bounds access in of_pwm_single_xlate()
  (git-fixes).
- dma-debug: fix kernel-doc warnings (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault
  (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs
  (git-fixes).
- usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer
  (git-fixes).
- usb: phy: mxs: remove CONFIG_USB_OTG condition for
  mxs_phy_is_otg_host() (git-fixes).
- usb: chipidea: wait controller resume finished for wakeup irq
  (git-fixes).
- usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg
  enabled (git-fixes).
- usb: cdns3: fix uvc failure work since sg support enabled
  (git-fixes).
- usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart
  (git-fixes).
- Revert "usb: dwc3: don't reset device side if dwc3 was
  configured as host-only" (git-fixes).
- Revert "usb: dwc3: Soft reset phy on probe for host"
  (git-fixes).
- Revert "usb: typec: class: fix typec_altmode_put_partner to
  put plugs" (git-fixes).
- serial: sc16is7xx: set safe default SPI clock frequency
  (git-fixes).
- serial: sc16is7xx: add check for unsupported SPI modes during
  probe (git-fixes).
- serial: imx: Correct clock error message in function probe()
  (git-fixes).
- serial: imx: fix tx statemachine deadlock (git-fixes).
- serial: sccnxp: Improve error message if regulator_disable()
  fails (git-fixes).
- serial: 8250: omap: Don't skip resource freeing if
  pm_runtime_resume_and_get() failed (git-fixes).
- software node: Let args be NULL in
  software_node_get_reference_args (git-fixes).
- acpi: property: Let args be NULL in
  __acpi_node_get_property_reference (git-fixes).
- iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
- iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
- iio: adc: ad9467: don't ignore error codes (git-fixes).
- iio: adc: ad9467: fix reset gpio handling (git-fixes).
- bus: mhi: host: Drop chan lock before queuing buffers
  (git-fixes).
- bus: mhi: host: Add spinlock to protect WP access when queueing
  TREs (git-fixes).
- bus: mhi: host: Add alignment check for event ring read pointer
  (git-fixes).
- PCI: keystone: Fix race condition when initializing PHYs
  (git-fixes).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
- PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
- pinctrl: intel: Revert "Unexport intel_pinctrl_probe()"
  (git-fixes).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate
  (git-fixes).
- leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
- mfd: intel-lpss: Fix the fractional clock divider flags
  (git-fixes).
- firewire: ohci: suppress unexpected system reboot in AMD Ryzen
  machines and ASM108x/VT630x PCIe cards (git-fixes).
- mmc: core: Cancel delayed work before releasing host
  (git-fixes).
- net: usb: ax88179_178a: remove redundant init code (git-fixes).
- commit 050b9b3

- blacklist.conf: documentation fix
- commit 056879c

- KVM: s390: vsie: Fix STFLE interpretive execution identification
  (git-fixes bsc#1218997).
- commit a78caf7

- nvme: move nvme_stop_keep_alive() back to original position
  (bsc#1211515).
- commit d640b69

- netfilter: nf_tables: Reject tables of unsupported family
  (bsc#1218752 CVE-2023-6040).
- commit e03f1d3

- nvme: start keep-alive after admin queue setup (bsc#1211515).
- nvme-loop: always quiesce and cancel commands before destroying
  admin q (bsc#1211515).
- nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue()
  (bsc#1211515).
- commit f407c87

- fbdev: Only disable sysfb on the primary device (bsc#1216441)
- commit 79783f0

- ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
  (git-fixes).
- commit cc469c7

- ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under
  @c->lp_mutex (git-fixes).
- commit d5d1991

- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
  CVE-2024-0641).
- commit d898738

- Drop PCI vmd patches that caused a regression (bsc#1218005)
  Deleted:
  patches.suse/PCI-vmd-Fix-secondary-bus-reset-for-Intel-bridges.patch
  patches.suse/PCI-vmd-Fix-uninitialized-variable-usage-in-vmd_enab.patch
- commit 1697177

- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
  CVE-2024-0641).
- commit 7953be2

- Update metadata
- commit c015ae2

- smb: client: fix OOB in receive_encrypted_standard()
  (bsc#1218832 CVE-2024-0565).
- commit 3cac9c2

- smb: client: fix OOB in receive_encrypted_standard()
  (bsc#1218832 CVE-2024-0565).
- commit e9083ae

- x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
- commit b54373d

- x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
- commit 69805de

- x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
- commit 17233cd

- IB/iser: Prevent invalidating wrong MR (git-fixes)
- commit 3e4d18d

- RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
- commit c22413e

- RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
- commit 366f439

- RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
- commit bb70cd4

- Documentation: Begin a RAS section (jsc#PED-7622).
- commit b55cb06

- x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
- commit 2a68e97

- EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
- commit 44e51c1

- EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622).
- commit 05504bb

- EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
- commit ea69eb6

- x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
- Refresh
  patches.suse/PCI-Prevent-xHCI-driver-from-claiming-AMD-VanGogh-US.patch.
- commit 7126e83

- ida: Fix crash in ida_free when the bitmap is empty (bsc#1218804
  CVE-2023-6915).
- commit 7caa324

- platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
- commit 12e7799

- platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
- commit 1360d63

- platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
- commit 289eab7

- platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
- commit ac44ea2

- platform/x86: use PLATFORM_DEVID_NONE instead of -1  (jsc#PED-7620).
- Refresh
  patches.suse/platform-x86-amd-pmc-remove-CONFIG_DEBUG_FS-checks.patch.
- commit 9b51c97

- EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
- commit 58aa5aa

- EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616).
- commit f30c55c

- EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
- commit ffa78e3

- x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
- commit cfe246e

- x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
- Refresh
  patches.suse/PCI-Prevent-xHCI-driver-from-claiming-AMD-VanGogh-US.patch.
- commit cb392fd

- EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
- Refresh
  patches.suse/edac-add-rddr5-and-lrddr5-memory-types.patch.
- commit eca21a4

- usb: otg numberpad exception (bsc#1218527).
- commit 3d70e84

- EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
- commit 16c2c66

- EDAC/amd64: Remove module version string (jsc#PED-7615).
- commit b84231c

- EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
- commit b7d2f10

- EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
- commit ea43a00

- EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
- commit 2c6263f

- EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
- commit 375eb6a

- EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615).
- commit 2903760

- EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
- commit 9071635

- EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615).
- commit 21842b7

- EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
- commit 93157a0

- EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
- commit 01c4123

- EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615).
- commit 59d41b9

- EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
- commit ddb7d7a

- EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
- commit cb412ef

- EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
- commit f32e3e6

- EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615).
- commit e87aae6

- EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615).
- commit 555ada3

- EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
- commit 8839a23

- EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615).
- commit 9f0bb93

- EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
- commit 13890aa

- EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false  positive (jsc#PED-7615).
- commit 78d7b48

- EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
- commit a00b2ae

- EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
- commit 49bc10d

- EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
- commit c2e9755

- EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615).
- commit 320ccbc

- EDAC/amd64: Don't set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
- commit 85a16a7

- EDAC/amd64: Add context struct (jsc#PED-7615).
- commit 98c3472

- EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
- commit d8a1ed8

- x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
- commit deabf4e

- x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
- commit c071d82

- s390: vfio-ap: tighten the NIB validity check (git-fixes)
  blacklist.conf: the reason for valid for SLE15-SP4, not so much for SP5
- commit fbc62d2

- coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779)
- commit 854c05d

- blacklist.conf: not a fix
- commit e48ddb7

- Delete
  patches.suse/s390-sles15sp2-kdump-fix-out-of-memory-with-PCI.patch.
  Patch obsoleted by 73045a08cf55 ("s390: unify identity mapping limits
  handling")
- commit efb62ac

- s390/dasd: fix double module refcount decrement (bsc#1141539).
- commit 3b938a7

- coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
- commit a6bc99c

- coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
- commit 36e1498

- coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779)
- commit aa5d7f2

- coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
- commit cf6ac73

- coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
- commit 1e7e6ff

- coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779)
- commit 86846ee

- PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
- commit 6ecb7b5

- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
- Fix crash in vmw_context_cotables_unref when 3d support is enabled
  (bsc#1218738)
- commit 99a9f67

- of: unittest: Fix of_count_phandle_with_args() expected value
  message (git-fixes).
- drm/bridge: nxp-ptn3460: simplify some error checking
  (git-fixes).
- drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS
  irq (git-fixes).
- commit e43eec3

- drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
- commit 29695c1

- of: Fix double free in of_parse_phandle_with_args_map
  (git-fixes).
- HID: wacom: Correct behavior when processing some confidence ==
  false touches (git-fixes).
- fbdev: flush deferred IO before closing (git-fixes).
- fbdev: flush deferred work in fb_deferred_io_fsync()
  (git-fixes).
- fbdev: mmp: Fix typo and wording in code comment (git-fixes).
- fbdev: imxfb: fix left margin setting (git-fixes).
- media: dt-bindings: ov8856: decouple lanes and link frequency
  from driver (git-fixes).
- media: dvb-frontends: m88ds3103: Fix a memory leak in an error
  handling path of m88ds3103_probe() (git-fixes).
- media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
- media: videobuf2-dma-sg: fix vmap callback (git-fixes).
- media: ov9734: Enable runtime PM before registering async
  sub-device (git-fixes).
- media: imx355: Enable runtime PM before registering async
  sub-device (git-fixes).
- media: pvrusb2: fix use after free on context disconnection
  (git-fixes).
- watchdog: rti_wdt: Drop runtime pm reference count when watchdog
  is unused (git-fixes).
- watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling
  (git-fixes).
- watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
- watchdog: set cdev owner before adding (git-fixes).
- drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init
  (git-fixes).
- drm/amdkfd: Confirm list is non-empty before utilizing
  list_first_entry in kfd_topology.c (git-fixes).
- drm/mediatek: Return error if MDP RDMA failed to enable the
  clock (git-fixes).
- drm/msm/dpu: Drop enable and frame_count parameters from
  dpu_hw_setup_misr() (git-fixes).
- drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match
  its functionality (git-fixes).
- drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt
  leaks (git-fixes).
- drm/msm/mdp4: flush vblank event on disable (git-fixes).
- drm/amd/pm: fix a double-free in
  amdgpu_parse_extended_power_table (git-fixes).
- gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
- drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
- drm/amdgpu/debugfs: fix error code when smc register accessors
  are NULL (git-fixes).
- drm/radeon/trinity_dpm: fix a memleak in
  trinity_parse_power_table (git-fixes).
- drm/radeon/dpm: fix a memleak in sumo_parse_power_table
  (git-fixes).
- drm/radeon: check the alloc_workqueue return value in
  radeon_crtc_init() (git-fixes).
- drm/bridge: tc358767: Fix return value on error case
  (git-fixes).
- drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable
  (git-fixes).
- drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
  (git-fixes).
- drm/drv: propagate errors from drm_modeset_register_all()
  (git-fixes).
- drm/tidss: Fix atomic_flush check (git-fixes).
- drm/bridge: Fix typo in post_disable() description (git-fixes).
- drm/radeon: check return value of radeon_ring_lock()
  (git-fixes).
- drm/radeon/r100: Fix integer overflow issues in
  r100_cs_track_check() (git-fixes).
- drm/radeon/r600_cs: Fix possible int overflows in
  r600_cs_check_reg() (git-fixes).
- drm/tilcdc: Fix irq free on unload (git-fixes).
- commit 10ca9c4

- drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
- clk: qcom: videocc-sm8150: Add missing PLL config property
  (git-fixes).
- clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config
  (git-fixes).
- clk: samsung: Fix kernel-doc comments (git-fixes).
- clk: si5341: fix an error code problem in
  si5341_output_clk_set_rate (git-fixes).
- ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[]
  (git-fixes).
- ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common
  (git-fixes).
- ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION
  (git-fixes).
- ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch
  (git-fixes).
- ASoC: cs35l33: Fix GPIO name and drop legacy include
  (git-fixes).
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table
  (git-fixes).
- drm/bridge: tpd12s015: Drop buggy __exit annotation for remove
  function (git-fixes).
- drm/nouveau/fence:: fix warning directly dereferencing a rcu
  pointer (git-fixes).
- drm/panel-elida-kd35t133: hold panel in reset for unprepare
  (git-fixes).
- drm/panfrost: Really power off GPU cores in
  panfrost_gpu_power_off() (git-fixes).
- drm/panel: nt35510: fix typo (git-fixes).
- Revert "drm/omapdrm: Annotate dma-fence critical section in
  commit path" (git-fixes).
- Revert "drm/tidss: Annotate dma-fence critical section in
  commit path" (git-fixes).
- commit 335f137

- ubifs: ubifs_link: Fix wrong name len calculating when UBIFS
  is encrypted (git-fixes).
- commit 8930a6f

- exfat: support handle zero-size directory (git-fixes).
- commit aa8d54f

- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
  (git-fixes).
- commit eabf8a7

- exfat: fix reporting fs error when reading dir beyond EOF
  (git-fixes).
- commit 006310e

- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
  (git-fixes).
- commit bd29027

- gfs2: low-memory forced flush fixes (git-fixes).
- commit 7520dfb

- gfs2: Switch to wait_event in gfs2_logd (git-fixes).
- commit de4f7d3

- gfs2: Always check inode size of inline inodes (git-fixes).
- commit 6a40877

- gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
- Refresh
  patches.suse/gfs2-Fix-inode-height-consistency-check.patch.
- commit 2086607

- gfs2: Disable page faults during lockless buffered reads
  (git-fixes).
- commit 083a438

- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
- commit 4875ffd

- gfs2: release iopen glock early in evict (git-fixes).
- Refresh patches.suse/gfs2-fix-an-oops-in-gfs2_permission.patch.
- commit c3246bf

- gfs2: Eliminate ip->i_gh (git-fixes).
- commit c0a896f

- gfs2: Move the inode glock locking to gfs2_file_buffered_write
  (git-fixes).
- commit 25a5c4c

- gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
- commit fb547d4

- gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
- commit 4f703a1

- gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
- commit e22854c

- Update patch reference for rose fix (CVE-2023-51782 bsc#1218757)
- commit da9f8e9

- ring-buffer/Documentation: Add documentation on buffer_percent
  file (git-fixes).
- kernel-doc: handle a void function without producing a warning
  (git-fixes).
- scripts/kernel-doc: restore warning for Excess struct/union
  (git-fixes).
- firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create()
  (git-fixes).
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
  (git-fixes).
- Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
- wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
- wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request
  (git-fixes).
- wifi: ath11k: Defer on rproc_get failure (git-fixes).
- wifi: mwifiex: configure BSSID consistently when starting AP
  (git-fixes).
- wifi: mt76: mt7921s: fix workqueue problem causes STA
  association fail (git-fixes).
- wifi: mt76: fix broken precal loading from MTD for mt7915
  (git-fixes).
- wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors
  (git-fixes).
- wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable
  code (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift
  behavior (git-fixes).
- selftests/net: fix grep checking for fib_nexthop_multiprefix
  (git-fixes).
- wifi: libertas: stop selecting wext (git-fixes).
- wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
- crypto: scomp - fix req->dst buffer overflow (git-fixes).
- crypto: sahara - do not resize req->src when doing hash
  operations (git-fixes).
- crypto: sahara - fix processing hash requests with req->nbytes <
  sg->length (git-fixes).
- crypto: sahara - improve error handling in sahara_sha_process()
  (git-fixes).
- crypto: sahara - fix wait_for_completion_timeout() error
  handling (git-fixes).
- crypto: sahara - fix ahash reqsize (git-fixes).
- crypto: sahara - handle zero-length aes requests (git-fixes).
- crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng
  (git-fixes).
- crypto: sahara - fix processing requests with cryptlen <
  sg->length (git-fixes).
- crypto: sahara - fix ahash selftest failure (git-fixes).
- crypto: sahara - fix cbc selftest failure (git-fixes).
- crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
- crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
- crypto: sa2ul - Return crypto_aead_setkey to transfer the error
  (git-fixes).
- drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
- drm/amd/display: add nv12 bounding box (git-fixes).
- commit bb694d9

- powerpc/powernv: Add a null pointer check to
  scom_debug_init_one() (bsc#1194869).
- powerpc/pseries: fix potential memory leak in
  init_cpu_associativity() (bsc#1194869).
- powerpc/xive: Fix endian conversion size (bsc#1194869).
- powerpc/fadump: reset dump area size if fadump memory reserve
  fails (bsc#1194869).
- powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
  (bsc#1194869).
- commit 0f8bc2c

- powerpc/pseries/iommu: enable_ddw incorrectly returns direct
  mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
- commit f1ad417

- powerpc/powernv: Add a null pointer check in
  opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
- powerpc/powernv: Add a null pointer check in opal_event_init()
  (bsc#1065729).
- powerpc/pseries/memhp: Fix access beyond end of drmem array
  (bsc#1065729).
- commit 960ba4e

- s390/vfio-ap: unpin pages on gisc registration failure
  (git-fixes bsc#1218723).
- commit e07d25b

- series.conf: the patch is not in git and breaks series_insert.py
- commit fae10c6

- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
- commit c8d4ebe

- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377)
- commit b7954e5

- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
- commit 78d747c

- Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
  The old entries are found in kernel-docs/old_changelog.txt in docdir.
  rpm/old_changelog.txt can be an optional file that stores the similar
  info like rpm/kernel-sources.changes.old.  It can specify the commit
  range that have been truncated.  scripts/tar-up.sh expands from the
  git log accordingly.
- commit c9a2566

- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- commit 8afebed

- ipmi: Use regspacings passed as a module parameter (git-fixes).
- PM: hibernate: Enforce ordering during image
  compression/decompression (git-fixes).
- ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
- ACPI: extlog: Clear Extended Error Log status when RAS_CEC
  handled the error (git-fixes).
- ACPI: video: check for error while searching for backlight
  device parent (git-fixes).
- ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
- mtd: rawnand: rockchip: Add missing title to a kernel doc
  comment (git-fixes).
- mtd: rawnand: rockchip: Rename a structure (git-fixes).
- mtd: rawnand: pl353: Fix kernel doc (git-fixes).
- mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller
  response (git-fixes).
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
  (git-fixes).
- spi: spi-zynqmp-gqspi: fix driver kconfig dependencies
  (git-fixes).
- usr/Kconfig: fix typos of "its" (git-fixes).
- usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static
  (git-fixes).
- EDAC/thunderx: Fix possible out-of-bounds string access
  (git-fixes).
- ACPI: property: Allow _DSD buffer data only for byte accessors
  (git-fixes).
- efi/libstub: Disable PCI DMA before grabbing the EFI memory map
  (git-fixes).
- commit 7e9a91a

- io_uring/af_unix: disable sending io_uring over sockets
  (bsc#1218447 CVE-2023-6531).
  Requires a kABI fix due to the following:
  net/core/scm.c:135: warning: __scm_destroy: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:217: warning: __scm_send: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:266: warning: put_cmsg: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:280: warning: put_cmsg_scm_timestamping64: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:294: warning: put_cmsg_scm_timestamping: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:353: warning: scm_detach_fds: modversion changed because of changes in struct io_uring_cmd (became defined)
  net/core/scm.c:373: warning: scm_fp_dup: modversion changed because of changes in struct io_uring_cmd (became defined)
- commit aa4f175

- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
  (bsc#1218659).
- commit 4ee6819

- swiotlb-xen: provide the "max_mapping_size" method (git-fixes).
- commit a036bcf

- xen/events: fix delayed eoi list handling (git-fixes).
- commit eb0149c

- xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
  (git-fixes).
- commit f6ed3e4

- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- commit a41e3fe

- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
  (jsc#PED-7167 bsc#1218643).
- commit f781e3d

- vsock/virtio: Fix unsigned integer wrap around in
  virtio_transport_has_space() (git-fixes).
- commit db5c328

- vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE
  (git-fixes).
- commit ad9e29a

- virtio_balloon: Fix endless deflation and inflation on arm64
  (git-fixes).
- commit 6583f74

- virtio-mmio: fix memory leak of vm_dev (git-fixes).
- commit d624528

- swiotlb: use the calculated number of areas (git-fixes).
- swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).
- commit b9aedb4

- KVM: SVM: Update EFER software model on CR0 trap for SEV-ES
  (git-fixes).
- commit 8696527

- KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
- commit 146bca2

- io_uring/af_unix: disable sending io_uring over sockets
  (bsc#1218447, CVE-2023-6531).
- commit fdc256b

- swiotlb: reduce the number of areas to match actual memory
  pool size (git-fixes).
- swiotlb: always set the number of areas before allocating the
  pool (git-fixes).
- swiotlb: fix debugfs reporting of reserved memory pools
  (git-fixes).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).
- swiotlb: reduce the swiotlb buffer size on allocation failure
  (git-fixes).
- swiotlb: don't panic! (git-fixes).
- Revert "swiotlb: panic if nslabs is too small" (git-fixes).
- commit 1b89825

- smb: client: fix potential OOB in smb2_dump_detail()
  (bsc#1217946 CVE-2023-6610).
- commit cfca7f7

- x86/purgatory: Remove LTO flags (git-fixes).
- commit bbd4f84

- x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes).
- commit 46d60b3

- x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).
- commit 7686df9

- x86/cpu: Fix amd_check_microcode() declaration (git-fixes).
- Refresh patches.suse/x86-srso-set-cpuid-feature-bits-independently-of-bug-or-mitigation-status.patch.
- commit c22f4b4

- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).
- commit d74349c

- vsprintf/kallsyms: Prevent invalid data when printing symbol
  (bsc#1217602).
- commit 8dab9cc

- Limit kernel-source build to architectures for which the kernel binary
  is built (bsc#1108281).
- commit 08a9e44

- x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).
- commit fdc98a7

- x86/boot/compressed: Reserve more memory for page tables  (git-fixes).
- commit 6bf16e1

- gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
  (git-fixes).
- commit 3929c70

- x86/alternatives: Sync core before enabling interrupts (git-fixes).
- commit 4a0b72a

- x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).
- commit 7029135

- x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).
- commit 8087b92

- x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).
- commit 7b8dfd1

- x86/srso: Fix SBPB enablement for (possible) future fixed HW   (git-fixes).
- Refresh
  patches.suse/x86-srso-fix-vulnerability-reporting-for-missing-microcode.patch.
- commit b121d1d

- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
- commit 43e31d9

- x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).
- commit 98085ae

- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
- commit 270b9c8

- x86/alternatives: Disable interrupts and sync when optimizing NOPs in  place (git-fixes).
- commit 1bd102b

- gfs2: fix an oops in gfs2_permission (git-fixes).
- commit 60a8e84

- iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes).
- commit a2dd84b

- gfs2: ignore negated quota changes (git-fixes).
- commit c2a4d43

- x86/resctrl: Fix kernel-doc warnings (git-fixes).
- commit 50de71c

- gfs2: Fix possible data races in gfs2_show_options()
  (git-fixes).
- commit 7592b99

- gfs2: Fix inode height consistency check (git-fixes).
- commit 935054a

- gfs2: jdata writepage fix (git-fixes).
- commit e5f9516

- gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).
- commit 86c44aa

- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
- commit 130df3d

- gfs2: Switch from strlcpy to strscpy (git-fixes).
- commit 3054547

- gfs2: use i_lock spin_lock for inode qadata (git-fixes).
- commit 4e4b75a

- gfs2: Fix filesystem block deallocation for short writes
  (git-fixes).
- commit 87cd867

- gfs2: Make sure FITRIM minlen is rounded up to fs block size
  (git-fixes).
- commit 62669a7

- gfs2: gfs2_setattr_size error path fix (git-fixes).
- commit d0e789c

- gfs2: Fix gfs2_release for non-writers regression (git-fixes).
- commit 1a34aa3

- gfs2: Fix length of holes reported at end-of-file (git-fixes).
- commit 09da26e

- gfs2: Clean up function may_grant (git-fixes).
- commit ce33b14

- gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).
- commit e045f1b

- locks: fix KASAN: use-after-free in
  trace_event_raw_event_filelock_lock (git-fixes).
- commit 4758492

- fs: avoid empty option when generating legacy mount string
  (git-fixes).
- commit 00945db

- statfs: enforce statfs[64] structure initialization (git-fixes).
- commit d4a18c5

- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
  (git-fixes).
- commit b9e9b76

- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
  (git-fixes).
- commit 1d47e4a

- orangefs: Fix sysfs not cleanup when dev init failed
  (git-fixes).
- commit f7a82d1

- fs/remap: constrain dedupe of EOF blocks (git-fixes).
- commit e861bd6

- fs: fix an infinite loop in iomap_fiemap (git-fixes).
- commit 41989d9

- orangefs: Fix the size of a memory allocation in
  orangefs_bufmap_alloc() (git-fixes).
- commit 6623b23

- iomap: Fix iomap_dio_rw return value for user copies
  (git-fixes).
- commit 2b65ea1

- ubifs: Fix memory leak of bud->log_hash (git-fixes).
- commit dfe9a1f

- ubifs: fix possible dereference after free (git-fixes).
- commit 971dae9

- fs: ocfs2: namei: check return value of ocfs2_add_entry()
  (git-fixes).
- commit 63eae38

- jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).
- commit 8906b9a

- jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).
- commit 28815ad

- fs/jfs: Add validity check for db_maxag and db_agpref
  (git-fixes).
- commit 39d5b5e

- fs/jfs: Add check for negative db_l2nbperpage (git-fixes).
- commit f831778

- jfs: validate max amount of blocks before allocation
  (git-fixes).
- commit 4be1419

- jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
  (git-fixes).
- commit 5b4b023

- fs/jfs: prevent double-free in dbUnmount() after failed
  jfs_remount() (git-fixes).
- commit 51a993a

- reiserfs: Replace 1-element array with C99 style flex-array
  (git-fixes).
- commit 6ad83f4

- reiserfs: Check the return value from __getblk() (git-fixes).
- commit 0e912c9

- afs: Fix use-after-free due to get/remove race in volume tree
  (git-fixes).
- commit f4a57bf

- afs: Fix overwriting of result of DNS query (git-fixes).
- commit fe0f4c6

- afs: Fix dynamic root lookup DNS check (git-fixes).
- commit 1e86064

- afs: Fix the dynamic root's d_delete to always delete unused
  dentries (git-fixes).
- commit 3d5b3d7

- afs: Fix refcount underflow from error handling race
  (git-fixes).
- commit 0a9c8bb

- afs: Fix file locking on R/O volumes to operate in local mode
  (git-fixes).
- commit 5431cb3

- afs: Return ENOENT if no cell DNS record can be found
  (git-fixes).
- commit 863355b

- afs: Make error on cell lookup failure consistent with OpenAFS
  (git-fixes).
- commit 5fcd2cf

- afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).
- commit 8fc4f69

- remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
- commit 6bd8135

- i2c: core: Fix atomic xfer check for non-preempt config
  (git-fixes).
- commit 1b8a296

- Bluetooth: MGMT/SMP: Fix address type when using SMP over
  BREDR/LE (git-fixes).
- commit ea51a70

- net: usb: ax88179_178a: clean up pm calls (git-fixes).
- Refresh
  patches.suse/net-usb-ax88179_178a-fix-failed-operations-during-ax.patch.
- commit 10095df

- mmc: sdhci-sprd: Fix eMMC init failure after hw reset
  (git-fixes).
- mmc: rpmb: fixes pause retune on all RPMB partitions
  (git-fixes).
- mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).
- USB: serial: option: add Quectel EG912Y module support
  (git-fixes).
- USB: serial: ftdi_sio: update Actisense PIDs constant names
  (git-fixes).
- USB: serial: option: add Quectel RM500Q R13 firmware support
  (git-fixes).
- USB: serial: option: add Foxconn T99W265 with new baseline
  (git-fixes).
- net: usb: ax88179_178a: avoid failed operations when device
  is disconnected (git-fixes).
- Input: soc_button_array - add mapping for airplane mode button
  (git-fixes).
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf
  (git-fixes).
- Bluetooth: L2CAP: Send reject on command corrupted request
  (git-fixes).
- Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has
  been sent (git-fixes).
- wifi: cfg80211: fix certs build to not depend on file order
  (git-fixes).
- wifi: cfg80211: Add my certificate (git-fixes).
- net: usb: ax88179_178a: wol optimizations (git-fixes).
- commit 8fe75c7

- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
  (CVE-2023-51779 bsc#1218559).
- commit b8b3309

- ALSA: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).
- ALSA: hda - Fix speaker and headset mic pin config for CHUWI
  CoreBook XPro (git-fixes).
- commit a14754c

- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook
  440 G6 (git-fixes).
- ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable
  (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ZBook
  (git-fixes).
- ALSA: hda/realtek: enable SND_PCI_QUIRK for hp pavilion
  14-ec1xxx series (git-fixes).
- commit 379d8d1

- r8169: Fix PCI error on system resume (git-fixes).
- wifi: iwlwifi: pcie: don't synchronize IRQs from IRQ
  (git-fixes).
- nfc: llcp_core: Hold a ref to llcp_local->dev when holding a
  ref to llcp_local (git-fixes).
- ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux
  (git-fixes).
- ASoC: meson: g12a-toacodec: Fix event generation (git-fixes).
- ASoC: meson: g12a-tohdmitx: Validate written enum values
  (git-fixes).
- ASoC: meson: g12a-toacodec: Validate written enum values
  (git-fixes).
- drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV,
  G200SE (git-fixes).
- drm/bridge: ps8640: Fix size mismatch warning w/ len
  (git-fixes).
- drm/bridge: ti-sn65dsi86: Never store more than msg->size
  bytes in AUX xfer (git-fixes).
- drm/bridge: parade-ps8640: Never store more than msg->size
  bytes in AUX xfer (git-fixes).
- drm/i915/dp: Fix passing the correct DPCD_REV for
  drm_dp_set_phy_test_pattern (git-fixes).
- commit eecc30f

- Delete doc/config-options.changes (jsc#PED-5021)
  Following on adedbd2a5c6 ("kernel-source: Remove config-options.changes
  (jsc#PED-5021)"), remove the now unused file from the tree.
- commit d1b9e97

- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- commit f6f3907

- ring-buffer: Fix wake ups when buffer_percent is set to 100
  (git-fixes).
- commit 21c1070

- tracing / synthetic: Disable events after testing in
  synth_event_gen_test_init() (git-fixes).
- commit e21c29f

- tracing/synthetic: fix kernel-doc warnings (git-fixes).
- commit 62cdcf8

- powerpc/pseries/vas: Migration suspend waits for no in-progress
  open windows (bsc#1218397 ltc#204523).
- commit 26a4d82

- net: mana: select PAGE_POOL (git-fixes).
- net: ena: Fix XDP redirection error (git-fixes).
- net: ena: Fix xdp drops handling due to multibuf packets
  (git-fixes).
- net: ena: Destroy correct number of xdp queues upon failure
  (git-fixes).
- qed: Fix a potential use-after-free in qed_cxt_tables_alloc
  (jsc#PED-1526).
- bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic
  (jsc#PED-1495).
- bnxt_en: Fix wrong return value check in bnxt_close_nic()
  (jsc#PED-1495).
- bnxt_en: Clear resource reservation during resume
  (jsc#PED-1495).
- RDMA/bnxt_re: Correct module description string (jsc#PED-1495).
- i40e: Fix unexpected MFS warning message (jsc#PED-372).
- net: bnxt: fix a potential use-after-free in bnxt_init_tc
  (jsc#PED-1495).
- gve: Fixes for napi_poll when budget is 0 (git-fixes).
- gve: Use size_add() in call to struct_size() (git-fixes).
- i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).
- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
  (jsc#PED-372).
- igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).
- igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
  (jsc#PED-370).
- i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).
- qed: fix LL2 RX buffer allocation (jsc#PED-1526).
- i40e: prevent crash on probe if hw registers have invalid values
  (jsc#PED-372).
- qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
  (jsc#PED-1526).
- igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).
- bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
  (jsc#PED-1495).
- net: ena: Flush XDP packets on error (git-fixes).
- i40e: Fix VF VLAN offloading when port VLAN is configured
  (jsc#PED-372).
- igc: Fix infinite initialization loop with early XDP redirect
  (jsc#PED-375).
- igb: clean up in all error paths when enabling SR-IOV
  (jsc#PED-370).
- igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
  (jsc#PED-370).
- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64
  and 80 (jsc#PED-370).
- igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
  (jsc#PED-375).
- igb: disable virtualization features on 82580 (jsc#PED-370).
- i40e: fix potential NULL pointer dereferencing of pf->vf
  i40e_sync_vsi_filters() (jsc#PED-372).
- igc: Fix the typo in the PTM Control macro (jsc#PED-375).
- igb: Avoid starting unnecessary workqueues (jsc#PED-370).
- i40e: fix misleading debug logs (jsc#PED-372).
- qede: fix firmware halt over suspend and resume (jsc#PED-1526).
- bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).
- bnxt_en: Fix page pool logic for page size >= 64K
  (jsc#PED-1495).
- bnxt: don't handle XDP in netpoll (jsc#PED-1495).
- commit 64a4c85

- Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"
  (git-fixes).
- commit 9be35d2

- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184)
  When MULTIBUILD option in config.sh is enabled generate a _multibuild
  file listing all spec files.
- commit f734347

- Build in the correct KOTD repository with multibuild
  (JSC-SLE#5501, boo#1211226, bsc#1218184)
  With multibuild setting repository flags is no longer supported for
  individual spec files - see
  https://github.com/openSUSE/open-build-service/issues/3574
  Add ExclusiveArch conditional that depends on a macro set up by
  bs-upload-kernel instead. With that each package should build only in
  one repository - either standard or QA.
  Note: bs-upload-kernel does not interpret rpm conditionals, and only
  uses the first ExclusiveArch line to determine the architectures to
  enable.
- commit aa5424d

- blacklist.conf: Add c98c18270be1 sched, cgroup: Restore meaning to hierarchical_quota
- commit 6115840

- mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
  (bsc#1218515).
- commit 00f113e

- blacklist.conf: e63a57303599 blk-cgroup: bypass blkcg_deactivate_policy after destroying
- commit 895355e

- ring-buffer: Fix slowpath of interrupted event (git-fixes).
- commit dbe7edd

- ring-buffer: Remove useless update to write_stamp in
  rb_try_to_discard() (git-fixes).
- commit 64ff947

- RDMA/hfi1: Workaround truncation compilation error (git-fixes)
- commit 2302fb3

- RDMA/hns: The UD mode can only be configured with DCQCN (git-fixes)
- commit ca9d38d

- RDMA/hns: Add check for SL (git-fixes)
- commit cf9e8e3

- RDMA/hns: Fix signed-unsigned mixed comparisons (git-fixes)
- commit 34178f4

- RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)
- commit 47c4074

- RDMA/hns: Fix printing level of asynchronous events (git-fixes)
- commit 892f8ec

- IB/mlx5: Fix rdma counter binding for RAW QP (git-fixes)
- commit ffaf04e

- RDMA/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)
- commit 4b8aeed

- RDMA/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)
- commit 605983a

- usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate
  3.0 G3 (git-fixes).
- ALSA: usb-audio: Increase delay in MOTU M quirk (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).
- drm/i915: Reject async flips with bigjoiner (git-fixes).
- Bluetooth: hci_event: shut up a false-positive warning
  (git-fixes).
- Bluetooth: Fix deadlock in vhci_send_frame (git-fixes).
- wifi: mac80211: mesh: check element parsing succeeded
  (git-fixes).
- drm/amdgpu: fix tear down order in amdgpu_vm_pt_free
  (git-fixes).
- drm/i915: Fix intel_atomic_setup_scalers() plane_state handling
  (git-fixes).
- drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).
- drm/mediatek: Add spinlock for setting vblank event in
  atomic_begin (git-fixes).
- drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).
- drm/i915/dpt: Only do the POT stride remap when using DPT
  (git-fixes).
- drm/i915/mtl: limit second scaler vertical scaling in ver >=
  14 (git-fixes).
- commit 6c0ae87

- drm/amdgpu/sdma5.2: add begin/end_use ring callbacks
  (bsc#1212139).
- commit a070291

- Bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921
  (bsc#1218461).
- commit 456e758

- uapi: propagate __struct_group() attributes to the container
  union (jsc#SLE-18978).
- commit 3b553e2

- dm verity: initialize fec io before freeing it (git-fixes).
- dm-verity: don't use blocking calls from tasklets (git-fixes).
- dm: don't attempt to queue IO under RCU protection (git-fixes).
- null_blk: fix poll request timeout handling (git-fixes).
- dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter
  (git-fixes).
- dm: fix __send_duplicate_bios() to always allow for splitting IO
  (bsc#1215952).
- dm: fix improper splitting for abnormal bios (bsc#1215952).
- md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).
- dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).
- commit 09d4263

- Update References
  patches.suse/Bluetooth-Reject-connection-with-the-device-which-ha.patch
  (git-fixes bsc#1215237 CVE-2020-26555).
- commit 0b8be40

- Update References
  patches.suse/Bluetooth-hci_event-Ignore-NULL-link-key.patch
  (git-fixes bsc#1215237 CVE-2020-26555).
- commit 3386934

- iio: adc: ti_am335x_adc: Fix return value check of
  tiadc_request_dma() (git-fixes).
- iio: triggered-buffer: prevent possible freeing of wrong buffer
  (git-fixes).
- iio: imu: inv_mpu6050: fix an error code problem in
  inv_mpu6050_read_raw (git-fixes).
- iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion
  time table (git-fixes).
- interconnect: Treat xlate() returning NULL node as an error
  (git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup
  (git-fixes).
- lib/vsprintf: Fix %pfwf when current node refcount == 0
  (git-fixes).
- ASoC: hdmi-codec: fix missing report for jack initial status
  (git-fixes).
- i2c: aspeed: Handle the coalesced stop conditions with the
  start conditions (git-fixes).
- pinctrl: at91-pio4: use dedicated lock class for IRQ
  (git-fixes).
- wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).
- net: rfkill: gpio: set GPIO direction (git-fixes).
- wifi: iwlwifi: pcie: add another missing bh-disable for
  rxq->lock (git-fixes).
- ARM: OMAP2+: Fix null pointer dereference and memory leak in
  omap_soc_device_init (git-fixes).
- spi: atmel: Fix clock issue when using devices with different
  polarities (git-fixes).
- soundwire: stream: fix NULL pointer dereference for multi_link
  (git-fixes).
- Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
  (git-fixes).
- PCI: loongson: Limit MRRS to 256 (git-fixes).
- ALSA: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).
- ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170
  variants (git-fixes).
- ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
  (git-fixes).
- net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
- usb: aqc111: check packet for fixup for true limit (git-fixes).
- commit ed00079

- Drop PCI AER patch that has been reverted on stable trees
  Deleted:
  patches.suse/PCI-portdrv-Don-t-disable-AER-reporting-in-get_port_.patch
- commit 43c7676

- Drop drm/bridge lt9611uxc patches that have been reverted on stable trees
- commit b9351c7

- Rename before merging SLE15-SP4
- commit 0506236

- smb: client: fix OOB in smbCalcSize() (bsc#1217947
  CVE-2023-6606).
- commit 97b24d1

- Update References
  patches.suse/tty-n_gsm-fix-the-UAF-caused-by-race-condition-in-gs.patch
  (git-fixes bsc#1218335 CVE-2023-6546).
- commit ad12641

- perf: Fix perf_event_validate_size() lockdep splat
  (CVE-2023-6931 bsc#1218258).
- perf: Fix perf_event_validate_size() (CVE-2023-6931
  bsc#1218258).
- commit f91848d

- perf: Fix perf_event_validate_size() lockdep splat
  (CVE-2023-6931 bsc#1218258).
- perf: Fix perf_event_validate_size() (CVE-2023-6931
  bsc#1218258).
- commit 00427a6

- nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
  (git-fixes).
- commit 6c500e1

- s390/vx: fix save/restore of fpu kernel context (git-fixes
  bsc#1218357).
- commit 4f47f85

- blacklist.conf: add nvme entries
- commit 9216151

- nvme-pci: Add sleep quirk for Kingston drives (git-fixes).
- nvmet-auth: complete a request only after freeing the dhchap
  pointers (git-fixes).
- nvme: sanitize metadata bounce buffer for reads (git-fixes).
- nvme-rdma: do not try to stop unallocated queues (git-fixes).
- nvme-pci: do not set the NUMA node of device if it has none
  (git-fixes).
- nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).
- nvme-pci: factor the iod mempool creation into a helper
  (git-fixes).
  Refresh:
  - patches.suse/nvme-pci-fix-page-size-checks.patch
- commit 19bc755

- Rename to
  patches.suse/nvme-auth-use-chap-s2-to-indicate-bidirectional-auth.patch.
  and move the patch into the sorted section
- commit 633cfe2

- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- commit 513a67c

- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- commit a8b1f21

- bus: ti-sysc: Flush posted write only after srst_udelay
  (git-fixes).
- commit c942b7c

- reset: Fix crash when freeing non-existent optional resets
  (git-fixes).
- commit 6de5ad5

- HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
  (git-fixes).
- commit 60dd723

- HID: hid-asus: reset the backlight brightness level on resume
  (git-fixes).
- commit 79eff80

- HID: hid-asus: add const to read-only outgoing usb buffer
  (git-fixes).
- commit 1c939ed

- HID: add ALWAYS_POLL quirk for Apple kb (git-fixes).
- commit d088123

- restore renamed device IDs for USB HID devices (git-fixes).
- commit 5519e39

- HID: glorious: fix Glorious Model I HID report (git-fixes).
- commit ad69d7e

- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
- commit 95f41ac

- scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
- commit 513fc35

- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
- commit 3ae518f

- r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
  (git-fixes).
- commit d714a95

- r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
  (git-fixes).
- commit ad9ad0d

- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
- commit 697b74c

- ipv4: igmp: fix refcnt uaf issue when receiving igmp query
  packet (bsc#1218253 CVE-2023-6932).
- commit 87dfb84

- Refresh patches.suse/gve-Tx-path-for-DQO-QPL.patch.
  Fix backport.
- commit f5531ee

- Input: xpad - add HyperX Clutch Gladiate Support (git-fixes).
- commit 6d0690b

- Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
  (git-fixes).
- commit 8fa7ef8

- ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
  (git-fixes).
- commit a4fe241

- ring-buffer: Do not try to put back write_stamp (git-fixes).
- commit df9fac1

- ring-buffer: Have saved event hold the entire event (git-fixes).
- commit 5347597

- ring-buffer: Do not update before stamp when switching
  sub-buffers (git-fixes).
- commit 9c594ba

- tracing: Update snapshot buffer on resize if it is allocated
  (git-fixes).
- commit d5996f1

- ring-buffer: Fix memory leak of free page (git-fixes).
- commit ee5f869

- ring-buffer: Fix writing to the buffer with max_data_size
  (git-fixes).
- commit bb90d48

- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
- Fix drm gem object underflow (bsc#1218092)
- Fix crash on screen resize (bsc#1218229)
- commit b7258e7

- blacklist.conf: cleanup
- commit 16dcb62

- usb: hub: Guard against accesses to uninitialized BOS
  descriptors (git-fixes).
- commit 573da1a

- kABI: restore void return to typec_altmode_attention
  (git-fixes).
- commit 9821aa3

- usb: typec: bus: verify partner exists in
  typec_altmode_attention (git-fixes).
- commit 5fea3d2

- blacklist.conf: it changes only logging
- commit 3cbbd08

- r8152: Add RTL8152_INACCESSIBLE checks to more loops
  (git-fixes).
- commit f62163f

- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
  (git-fixes).
- commit 064cc95

- Refresh
  patches.suse/dm_blk_ioctl-implement-path-failover-for-SG_IO.patch. (bsc#1216776, bsc#1220277)
- commit c790172

- Documentation: drop more IDE boot options and ide-cd.rst
  (git-fixes).
- commit 7993dcc

- Update patches.suse/spi-tegra210-quad-Fix-duplicate-resource-error.patch (git-fixes, jsc#PED-3459
  Add reference to PED-3459
- commit c4a5ea6

- Update patches.suse/spi-tegra210-quad-Multi-cs-support.patch (bsc#1212584, jsc#PED-3459
  Add reference to PED-3459.
- commit fc374a4

- Update patches.suse/spi-tegra210-quad-Fix-combined-sequence.patch (bsc#1212584, jsc#PED-3459)
  Add reference to PED-3459.
- commit bff7fca

- Drop Documentation/ide/ (git-fixes).
- commit d3eb72d

- padata: Fix refcnt handling in padata_free_shell() (git-fixes).
- commit 5219779

- arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
- commit bc081b4

- tracing: Set actual size after ring buffer resize (git-fixes).
- commit b915dbf

- tracing/perf: Add interrupt_context_level() helper (git-fixes).
- commit 9da609b

- tracing: Reuse logic from perf's get_recursion_context()
  (git-fixes).
- commit adc2c65

- tracing: relax trace_event_eval_update() execution with
  cond_resched() (git-fixes).
- commit 017c09c

- rethook: Use __rcu pointer for rethook::handler (git-fixes).
- kABI: Preserve the type of rethook::handler (git-fixes).
- commit 8b953cc

- rethook: Fix to use WRITE_ONCE() for rethook:: Handler
  (git-fixes).
- commit 7981c03

- fprobe: Fix to ensure the number of active retprobes is not zero
  (git-fixes).
- commit fe2f6d2

- ALSA: hda/realtek: Add Framework laptop 16 to quirks
  (git-fixes).
- ALSA: hda/realtek: add new Framework laptop to quirks
  (git-fixes).
- drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS
  (git-fixes).
- drm/amdgpu: Update EEPROM I2C address for smu v13_0_0
  (git-fixes).
- drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).
- drm/i915/sdvo: stop caching has_hdmi_monitor in struct
  intel_sdvo (git-fixes).
- drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).
- drm/amdgpu: Return from switch early for EEPROM I2C address
  (git-fixes).
- drm/amdgpu: Remove second moot switch to set EEPROM I2C address
  (git-fixes).
- drm/i915/lvds: Use REG_BIT() & co (git-fixes).
- drm/i915/display: Drop check for doublescan mode in modevalid
  (git-fixes).
- drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).
- drm/amdgpu: Decouple RAS EEPROM addresses from chips
  (git-fixes).
- drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).
- drm/amdgpu: Add EEPROM I2C address support for ip discovery
  (git-fixes).
- drm/amdgpu: Update ras eeprom support for smu v13_0_0 and
  v13_0_10 (git-fixes).
- commit 27aa9c9

- ring-buffer: Force absolute timestamp on discard of event
  (git-fixes).
- commit 703d47b

- tracing: Disable snapshot buffer when stopping instance tracers
  (git-fixes).
- commit ea1804c

- tracing: Stop current tracer when resizing buffer (git-fixes).
- commit 416045c

- tracing: Always update snapshot buffer size (git-fixes).
- commit ab3ac02

- kprobes: consistent rcu api usage for kretprobe holder
  (git-fixes).
- commit bd133f6

- tracing/kprobes: Fix the order of argument descriptions
  (git-fixes).
- commit 4822ad0

- tracing: Have the user copy of synthetic event address use
  correct context (git-fixes).
- commit ee4a2b2

- nvme-core: check for too small lba shift (bsc#1214117).
- commit 5f6e755

- KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
- commit 5b3fa66

- kabi/severities: ignore kABI for asus-wmi drivers
  Tolerate the kABI changes, as used only locally for asus-wmi stuff
- commit 42dad1e

- platform/x86: asus-wmi: Add support for ROG X13 tablet mode
  (git-fixes).
- commit 1640ab2

- serial: sc16is7xx: address RX timeout interrupt errata
  (git-fixes).
- parport: Add support for Brainboxes IX/UC/PX parallel cards
  (git-fixes).
- hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe()
  (git-fixes).
- hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).
- ALSA: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).
- ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
  (git-fixes).
- ALSA: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).
- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
  (git-fixes).
- nilfs2: fix missing error check for sb_set_blocksize call
  (git-fixes).
- platform/x86: wmi: Skip blocks with zero instances (git-fixes).
- platform/x86: asus-wmi: Move i8042 filter install to shared
  asus-wmi code (git-fixes).
- drm/amdgpu: correct the amdgpu runtime dereference usage count
  (git-fixes).
- kconfig: fix memory leak from range properties (git-fixes).
- i2c: designware: Fix corrupted memory seen in the ISR
  (git-fixes).
- drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).
- drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c
  (git-fixes).
- platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch
  reporting (git-fixes).
- platform/x86: wmi: Allow duplicate GUIDs for drivers that use
  struct wmi_driver (git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch handling
  (git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch probing
  (git-fixes).
- platform/x86: asus-wmi: Adjust tablet/lidflip handling to use
  enum (git-fixes).
- commit e47d99c

- tracing/kprobes: Fix the description of variable length
  arguments (git-fixes).
- commit ee78d8b

- x86/cpu: Don't write CSTAR MSR on Intel CPUs (jsc#PED-7167).
- commit a99a85b

- neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
  (git-fixes).
- commit 946e077

- netfilter: nf_tables: bail out on mismatching dynset and set
  expressions (bsc#1217938 CVE-2023-6622).
- commit de1dd10

- HID: lenovo: Restrict detection of patched firmware only to
  USB cptkbd (git-fixes).
- commit 1bd99d4

- mm/pgtable: Fix multiple -Wstringop-overflow warnings
  (jsc#PED-7167).
- commit f790208

- ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
  (git-fixes).
- Bluetooth: hci_qca: Fix the teardown problem for real
  (git-fixes).
- Documentation: qat: Use code block for qat sysfs example
  (git-fixes).
- commit c75f6d8

- ALSA: hda/realtek: Add supported ALC257 for ChromeOS
  (git-fixes).
- ALSA: hda/realtek: Headset Mic VREF to 100% (git-fixes).
- ALSA: hda: intel-dsp-cfg: add LunarLake support (git-fixes).
- ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
  (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad
  Z470 (git-fixes).
- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).
- ALSA: seq: oss: Fix racy open/close of MIDI devices (git-fixes).
- commit 200c0a2

- blacklist.conf: add two ceph commits
- commit d8d4641

- ceph: fix type promotion bug on 32bit systems (bsc#1217982).
- libceph: use kernel_connect() (bsc#1217981).
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
  (bsc#1217980).
- commit e3e482f

- arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes)
- commit 794f0e7

- arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)
- commit 4dcfded

- arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)
- commit 0fd1b8d

- arm64: dts: arm: add missing cache properties (git-fixes)
- commit 710ea40

- blacklist.conf: ("arm64: dts: broadcom: bcmbca: bcm4908: fix LED nodenames")
- commit 37fe1b1

- netfilter: nf_tables: bail out on mismatching dynset and set
  expressions (bsc#1217938 CVE-2023-6622).
- commit a69497c

- arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)
- commit 8cd5213

- Update metadata
- commit 17c3e48

- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
- commit 68db0d6

- IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes)
- commit afc5184

- tracing: Fix a possible race when disabling buffered events
  (bsc#1217036).
- commit 26540da

- tracing: Fix a warning when allocating buffered events fails
  (bsc#1217036).
- commit ec57b73

- tracing: Fix incomplete locking when disabling buffered events
  (bsc#1217036).
- commit 2d81a3a

- tracing: Disable preemption when using the filter buffer
  (bsc#1217036).
- commit 0ade134

- tracing: Use __this_cpu_read() in
  trace_event_buffer_lock_reserver() (bsc#1217036).
- commit 8aa5d9a

- tracing: Fix warning in trace_buffered_event_disable()
  (git-fixes, bsc#1217036).
- commit b71b6ff

- qla2xxx: add debug log for deprecated hw detected (bsc#1216032).
- commit e923023

- usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325
  (git-fixes).
- commit 19f2446

- nvmet: nul-terminate the NQNs passed in the connect command
  (bsc#1217250 CVE-2023-6121).
- commit e359ed1

- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes
  bsc#1217933).
- commit e39e7a6

- x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).
- commit d94a391

- x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).
- commit 66b3050

- gpiolib: sysfs: Fix error handling on failed export (git-fixes).
- Revert "xhci: Loosen RPM as default policy to cover for AMD
  xHC 1.1" (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs
  (git-fixes).
- ARM: PL011: Fix DMA support (git-fixes).
- serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit
  (git-fixes).
- serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt
  (git-fixes).
- misc: mei: client.c: fix problem of return '-EOVERFLOW' in
  mei_cl_write (git-fixes).
- misc: mei: client.c: return negative error code in mei_cl_write
  (git-fixes).
- commit 09a57bf

- md/raid5-cache: fix null-ptr-deref for
  r5l_flush_stripe_to_raid() (git-fixes).
- md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).
- md/md-bitmap: remove unnecessary local variable in
  backlog_store() (git-fixes).
- md: don't update recovery_cp when curr_resync is ACTIVE
  (git-fixes).
- commit 0812db6

- md/raid1: fix error: ISO C90 forbids mixed declarations
  (git-fixes).
- md: raid0: account for split bio in iostat accounting
  (git-fixes).
- md/raid1: hold the barrier until handle_read_error() finishes
  (git-fixes).
- md/raid1: free the r1bio before waiting for blocked rdev
  (git-fixes).
- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
- md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
  (git-fixes).
- md/md-bitmap: remove unnecessary local variable in
  backlog_store() (git-fixes).
- md/raid10: use dereference_rdev_and_rrdev() to get devices
  (git-fixes).
- md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).
- md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
- Revert "md: unlock mddev before reap sync_thread in
  action_store" (git-fixes).
- md/raid0: add discard support for the 'original' layout
  (git-fixes).
- md/raid10: fix the condition to call bio_end_io_acct()
  (git-fixes).
- md/raid10: prevent soft lockup while flush writes (git-fixes).
- md/raid10: fix io loss while replacement replace rdev
  (git-fixes).
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
  (git-fixes).
- md/raid10: fix wrong setting of max_corr_read_errors
  (git-fixes).
- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
- md/raid5: fix miscalculation of 'end_sector' in
  raid5_read_one_chunk() (git-fixes).
- md/raid10: don't call bio_start_io_acct twice for bio which
  experienced read error (git-fixes).
- md/raid10: fix memleak of md thread (git-fixes).
- md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
- md/raid10: fix leak of 'r10bio->remaining' for recovery
  (git-fixes).
- md/raid10: fix null-ptr-deref in raid10_sync_request
  (git-fixes).
- commit 75c9e76

- md/raid10: fix task hung in raid10d (git-fixes).
- Refresh patches.suse/md-display-timeout-error.patch for the above change.
- commit 90d12ef

- md: avoid signed overflow in slot_store() (git-fixes).
- md/raid10: factor out code from wait_barrier() to
  stop_waiting_barrier() (git-fixes).
- commit c35659b

- md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).
- Update patches.suse/md-display-timeout-error.patch for the above change.
- commit 77abf5c

- md: raid10 add nowait support (git-fixes).
- md: drop queue limitation for RAID1 and RAID10 (git-fixes).
- md/bitmap: don't set max_write_behind if there is no write
  mostly device (git-fixes).
- commit 44a1c08

- blacklist.conf: add non-backport commits
- commit 731fcaa

- kernel-source: Remove config-options.changes (jsc#PED-5021)
  The file doc/config-options.changes was used in the past to document
  kernel config changes. It was introduced in 2010 but haven't received
  any updates on any branch since 2015. The file is renamed by tar-up.sh
  to config-options.changes.txt and shipped in the kernel-source RPM
  package under /usr/share/doc. As its content now only contains outdated
  information, retaining it can lead to confusion for users encountering
  this file.
  Config changes are nowadays described in associated Git commit messages,
  which get automatically collected and are incorporated into changelogs
  of kernel RPM packages.
  Drop then this obsolete file, starting with its packaging logic.
  For branch maintainers: Upon merging this commit on your branch, please
  correspondingly delete the file doc/config-options.changes.
- commit adedbd2

- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
  Reduce indentation in the list of references, make the style consistent
  with README.md.
- commit 70e3c33

- regmap: fix bogus error on regcache_sync success (git-fixes).
- platform/surface: aggregator: fix recv_buf() return value
  (git-fixes).
- commit e5d6930

- doc/README.SUSE: Add how to update the config for module signing
  (jsc#PED-5021)
  Configuration files for SUSE kernels include settings to integrate with
  signing support provided by the Open Build Service. This creates
  problems if someone tries to use such a configuration file to build
  a "standalone" kernel as described in doc/README.SUSE:
  * Default configuration files available in the kernel-source repository
  unset CONFIG_MODULE_SIG_ALL to leave module signing to
  pesign-obs-integration. In case of a "standalone" build, this
  integration is not available and the modules don't get signed.
  * The kernel spec file overrides CONFIG_MODULE_SIG_KEY to
  ".kernel_signing_key.pem" which is a file populated by certificates
  provided by OBS but otherwise not available. The value ends up in
  /boot/config-$VERSION-$RELEASE-$FLAVOR and /proc/config.gz. If someone
  decides to use one of these files as their base configuration then the
  build fails with an error because the specified module signing key is
  missing.
  Add information on how to enable module signing and where to find the
  relevant upstream documentation.
- commit a699dc3

- efi/unaccepted: Fix off-by-one when checking for overlapping
  ranges (jsc#PED-7167).
- commit cbbb7d9

- blacklist.conf: Cleanup entries that are backported
- commit d22e603

- doc/README.SUSE: Remove how to build modules using kernel-source
  (jsc#PED-5021)
  Remove the first method how to build kernel modules from the readme. It
  describes a process consisting of the kernel-source installation,
  configuring this kernel and then performing an ad-hoc module build.
  This method is not ideal as no modversion data is involved in the
  process. It results in a module with no symbol CRCs which can be wrongly
  loaded on an incompatible kernel.
  Removing the method also simplifies the readme because only two main
  methods how to build the modules are then described, either doing an
  ad-hoc build using kernel-devel, or creating a proper Kernel Module
  Package.
- commit 9285bb8

- blacklist.conf: just in case fix for a corner case
- commit a3fc582

- xhci: Clear EHB bit only at end of interrupt handler
  (git-fixes).
- commit d5adf2a

- usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
  (git-fixes).
- commit 5cdcb2d

- usb: host: xhci-plat: fix possible kernel oops while resuming
  (git-fixes).
- commit b0504f4

- NFS: More fixes for nfs_direct_write_reschedule_io()
  (bsc#1211162).
- NFS: Use the correct commit info in nfs_join_page_group()
  (bsc#1211162).
- NFS: More O_DIRECT accounting fixes for error paths
  (bsc#1211162).
- NFS: Fix O_DIRECT locking issues (bsc#1211162).
- NFS: Fix error handling for O_DIRECT write scheduling
  (bsc#1211162).
- NFS: Fix a potential data corruption (bsc#1211162).
- NFS: Fix a use after free in nfs_direct_join_group()
  (bsc#1211162).
- nfs: only issue commit in DIO codepath if we have uncommitted
  data (bsc#1211162).
- NFS: Fix a few more clear_bit() instances that need release
  semantics (bsc#1211162).
- commit e61bcf9

- md: Put the right device in md_seq_next (bsc#1217822).
- commit 99a688a

- xfs: make sure maxlen is still congruent with prod when rounding
  down (git-fixes).
- commit 2b9fc44

- xfs: fix units conversion error in xfs_bmap_del_extent_delay
  (git-fixes).
- commit 95e2620

- xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).
- commit bfb62b0

- xfs: return EINTR when a fatal signal terminates scrub
  (git-fixes).
- commit e6f4fe7

- xfs: fix a bug in the online fsck directory leaf1 bestcount
  check (git-fixes).
- commit e328537

- xfs: fix incorrect unit conversion in scrub tracepoint
  (git-fixes).
- Refresh
  patches.suse/xfs-standardize-AG-block-number-formatting-in-ftrace-output.patch.
- Refresh
  patches.suse/xfs-standardize-AG-number-formatting-in-ftrace-output.patch.
- commit e256630

- xfs: decode scrub flags in ftrace output (git-fixes).
- commit d1fe7f7

- xfs: remove the xfs_dsb_t typedef (git-fixes).
- commit 4e9f379

- xfs: fix uninit warning in xfs_growfs_data (git-fixes).
- commit e9c4821

- xfs: convert flex-array declarations in struct xfs_attrlist*
  (git-fixes).
- commit e33e297

- xfs: remove the xfs_dinode_t typedef (git-fixes).
- commit c807e19

- xfs: convert flex-array declarations in xfs attr shortform
  objects (git-fixes).
- commit 757cbc7

- xfs: convert flex-array declarations in xfs attr leaf blocks
  (git-fixes).
- commit 1823624

- xfs: use swap() to make dabtree code cleaner (git-fixes).
- commit d160cc2

- xfs: fix silly whitespace problems with kernel libxfs
  (git-fixes).
- commit d822e52

- xfs: rename xfs_has_attr() (git-fixes).
- commit fe8702c

- xfs: Rename __xfs_attr_rmtval_remove (git-fixes).
- commit 6ea2cef

- xfs: sysfs: use default_groups in kobj_type (git-fixes).
- commit 74d9b5c

- xfs: replace snprintf in show functions with sysfs_emit
  (git-fixes).
- commit 84db35d

- xfs: simplify two-level sysctl registration for xfs_table
  (git-fixes).
- commit 0321d28

- xfs: add selinux labels to whiteout inodes (git-fixes).
- commit 8dc479c

- xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).
- Refresh
  patches.suse/xfs-reject-crazy-array-sizes-being-fed-to-XFS_IOC_GE.patch.
- commit 89900e3

- xfs: clean up "%Ld/%Lu" which doesn't meet C standard
  (git-fixes).
- commit dbcc289

- xfs: aborting inodes on shutdown may need buffer lock
  (git-fixes).
- commit 8b202be

- xfs: remove the xfs_dqblk_t typedef (git-fixes).
- commit 4747a77

- xfs: dump log intent items that cannot be recovered due to
  corruption (git-fixes).
- commit 6f8c678

- xfs: sb verifier doesn't handle uncached sb buffer (git-fixes).
- commit c0c7079

- xfs: remove kmem_alloc_io() (git-fixes).
- commit 831b642

- x86/platform/uv: Use alternate source for socket to node data
  (bsc#1215696 bsc#1217790).
- commit ec7f699
avahi
- Add avahi-CVE-2023-38472.patch: Fix reachable assertion in
  avahi_rdata_parse (bsc#1216853, CVE-2023-38472).
util-linux
- Add upstream patch
  util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
  bsc#1207987 gh#util-linux/util-linux@1d98827edde4
libxcrypt
- fix variable name for datamember in 'struct crypt_data' [bsc#1215496]
- added patches
  fix https://github.com/besser82/libxcrypt/commit/b212d601549a0fc84cbbcaf21b931f903787d7e2
  + libxcrypt-man-fix-variable-name.patch
duktape
- Ship libduktape206-32bit: needed by libproxy since version 0.5.
mozilla-nss
- update to NSS 3.90.2
  * bmo#1780432 - (CVE-2023-5388) Timing attack against RSA
    decryption in TLS. (bsc#1216198)
  * bmo#1867408 - add a defensive check for large ssl_DefSend
    return values.

- update to NSS 3.90.1
  * bmo#1813401 - regenerate NameConstraints test certificates.
  * bmo#1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
- Remove nss-fix-bmo1813401.patch which is now upstream.

- Add nss-fix-bmo1813401.patch to fix bsc#1214980
gnustep-base
- use pkgconfig(icu-i18n) to select current icu (jsc#PED-6193)
- gnustep-icu-truefalse.patch: NULL now not provided by icu includes
gnutls
- Security fix: [bsc#1218862, CVE-2024-0567]
  * gnutls: rejects certificate chain with distributed trust
  * Cockpit (which uses gnuTLS) rejects certificate chain with
    distributed trust.
  * Add gnutls-CVE-2024-0567.patch

- Security fix: [bsc#1218865, CVE-2024-0553]
  * Incomplete fix for CVE-2023-5981.
  * The response times to malformed ciphertexts in RSA-PSK
    ClientKeyExchange differ from response times of ciphertexts
    with correct PKCS#1 v1.5 padding.
  * Add gnutls-CVE-2024-0553.patch

- Security fix: [bsc#1217277, CVE-2023-5981]
  * Fix timing side-channel inside RSA-PSK key exchange.
  * auth/rsa_psk: side-step potential side-channel
  * Add curl-CVE-2023-5981.patch
icu73_2
- icu4c-73_c-ICU-22512-Fix-broken-TestHebrewCalendarInTemporalLeapYear.patch
  Fix testsuite issue in hebrew calendar (bsc#1217479)
jbigkit
- security update
- added patches
  fix CVE-2022-1210 [bsc#1198146], Malicious file leads to a denial of service in TIFF File Handler
  + jbigkit-CVE-2022-1210.patch
ncurses
- Add patch bsc1218014-cve-2023-50495.patch
  * Fix CVE-2023-50495: segmentation fault via _nc_wrap_entry()

- Add patch boo1201384.patch
  * Do not fully reset serial lines
nftables
- port python-single-spec logic from Factory package to allow shipment of
  python311 modules as well (bsc#1219253).
openssl-1_1
- Security fix: [bsc#1219243, CVE-2024-0727]
  * Add NULL checks where ContentInfo data can be NULL
  * Add openssl-CVE-2024-0727.patch
procps
- Submit latest procps 3.3.17 to SLE-15 tree for jira#PED-3244
  and jira#PED-6369
- The patches now upstream had been dropped meanwhile
  * procps-vmstat-1b9ea611.patch (bsc#1185417)
  - For support up to 2048 CPU as well
  * bsc1209122-a6c0795d.patch (bnc#1209122)
  - allow `-´ as leading character to ignore possible errors
    on systctl entries
  * patch procps-ng-3.3.9-bsc1121753-Cpus.patch (bsc#1121753)
  - was a backport of an upstream fix to get the first CPU
    summary correct
- Enable pidof for SLE-15 as this is provided by sysvinit-tools
- Use a check on syscall __NR_pidfd_open to decide if
  the pwait tool and its manual page will be build

- Modify patches
  * procps-ng-3.3.9-w-notruncate.diff
  * procps-ng-3.3.17-logind.patch
  to real to not truncate output of w with option -n

- procps-ng-3.3.17-logind.patch: Backport from 4.x git, prefer
  logind over utmp (jsc#PED-3144)
python3
- (bsc#1219666, CVE-2023-6597) Add
  CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
  gh#python/cpython!99930) fixing symlink bug in cleanup of
  tempfile.TemporaryDirectory.
- Merge together bpo-36576-skip_tests_for_OpenSSL-111.patch into
  skip_SSL_tests.patch, and make them include all conditionals.

- Refresh CVE-2023-27043-email-parsing-errors.patch to
  gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
libsolv
- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28

- add zstd support for the installcheck tool
- add putinowndirpool cache to make file list handling in
  repo_write much faster
- bump version to 0.7.27

- fix evr roundtrip in testcases
- do not use deprecated headerUnload with newer rpm versions
- bump version to 0.7.26

- support complex deps in SOLVABLE_PREREQ_IGNOREINST
- fix minimization not prefering installed packages in some cases
- reduce memory usage in repo_updateinfoxml
- fix lock-step interfering with architecture selection
- fix choice rule handing for package downgrades
- fix complex dependencies with an "else" part sometimes leading
  to unsolved dependencies
- bump version to 0.7.25
libssh
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
  * Added libssh-fix-ipv6-hostname-regression.patch

- Update to version 0.9.8
  * Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209)
  * Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126)
  * Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186)
  * Allow @ in usernames when parsing from URI composes
- Update to version 0.9.7
  * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm
    guessing (bsc#1211188)
  * Fix CVE-2023-2283: a possible authorization bypass in
    pki_verify_data_signature under low-memory conditions (bsc#1211190)
  * Fix several memory leaks in GSSAPI handling code
libssh2_org
- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com"
  when configuring custom method list. [bsc#1218971, CVE-2023-48795]
  * The strict-kex extension is announced in the list of available
    KEX methods. However, when the default KEX method list is modified
    or replaced, the extension is not added back automatically.
  * Add libssh2_org-CVE-2023-48795-ext.patch

- Security fix: [bsc#1218127, CVE-2023-48795]
  * Add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack"
  * Add libssh2_org-CVE-2023-48795.patch
suseconnect-ng
- Update to version 1.7.0~git0.5338270
  * Allow SUSEConnect on read write transactional systems (bsc#1219425)

- Update to version 1.6.0
  * Disable EULA display for addons (bsc#1218649 and bsc#1217961)

- Update to version 1.5.0
  * Configure docker credentials for registry authentication
  * Feature: Support usage from Agama + Cockpit for ALP Micro system registration (bsc#1218364)
  * Add --json output option
systemd
- Import commit 2cb4d40f1c6a388706af8a83d5344fc0de3c6f4d (merge of v249.17)
  c8578cef7f resolved: actually check authenticated flag of SOA transaction

- Import commit 86f0670d3a01c1a2d4df17f1c68d03f1586195e3
  ba7f1df7a5 vconsole-setup: simplify error handling
  94f4eaea77 Introduce RET_GATHER and use it in src/shared/
  e02406fcc1 mount: replace UNIT_DEPENDENCY_MOUNTINFO_OR_FILE with UNIT_DEPENDENCY_MOUNTINFO/UNIT_DEPENDENCY_MOUNT_FILE
  0b8db54511 mount: drop UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT and UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
  98ba536bd1 mount: always use UNIT_DEPENDENCY_FILE in mount_add_quota_dependencies()
  73c7b2bb48 core/mount: make device deps from /proc/self/mountinfo and .mount unit file exclusive
  ba585a28d7 core: Add trace logging to mount_add_device_dependencies()
  36e0a4f80f core/mount: also remove default deps from /proc/self/mountinfo when it is updated (bsc#1217460)
  bc107c86c3 core/mount: set Mount.from_proc_self_mountinfo flag before adding default dependencies
  ce4907c7c3 core: wrap some long comment

- Import commit e677079182c975ecdad88a76f657fecb4de523d9
  7692c5bda8 utmp-wtmp: handle EINTR gracefully when waiting to write to tty
  29c3eb4681 utmp-wtmp: fix error in case isatty() fails
  98970eb90b homed: handle EINTR gracefully when waiting for device node
  0305809edd resolved: handle -EINTR returned from fd_wait_for_event() better
  40db4d6abe sd-netlink: handle EINTR from poll() gracefully, as success
  5e681711c6 varlink: also handle EINTR gracefully when waiting for EIO via ppoll()
  6bbd70f092 stdio-bridge: don't be bothered with EINTR
  f978feb591 sd-bus: handle -EINTR return from bus_poll() (bsc#1215241)
  746962ff40 core: replace slice dependencies as they get added (bsc#1214668)

- systemd.spec: add missing `%tmpfiles_create systemd-resolve.conf`

- Rename 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch into
  1013-strip-the-domain-part-from-etc-hostname-when-setting.patch
- Rename 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch into
  1014-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
- Rename 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch into
  1015-networkd-make-network.service-an-alias-of-systemd-ne.patch
- Rename 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch into
  1016-core-disable-session-keyring-per-system-sevice-entir.patch
- Rename 0011-core-disable-session-keyring-per-system-sevice-entir.patch into
  1017-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
  Hence these patch files can be easily identified as SLE specific ones.
tiff
- security update:
  * CVE-2023-52356 [bsc#1219213]
    Fix segfault in TIFFReadRGBATileExt()
    + tiff-CVE-2023-52356.patch

- security update:
  * CVE-2023-2731 [bsc#1211478]
    Fix null pointer deference in LZWDecode()
    This patch also contains a required commit which is marked
    to fix CVE-2022-1622 [bsc#1199483] but we are not vulnerable
    to that CVE because relevant code is not present.
    + tiff-CVE-2023-2731.patch
  * CVE-2023-26965 [bsc#1212398]
    Fix heap-based use after free in loadImage()
    + tiff-CVE-2023-26965.patch
  * CVE-2022-40090 [bsc#1214680]
    Fix infinite loop in TIFFReadDirectory()
    + tiff-CVE-2022-40090.patch
  * CVE-2023-1916 [bsc#1210231]
    Fix out-of-bounds read in extractImageSection()
    + tiff-CVE-2023-1916.patch
libxml2
- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader
  * Added libxml2-CVE-2024-25062.patch
libzypp
- tui: allow to access the underlying ostream of out::Info.
- Add MLSep: Helper to produce not-NL-terminated multi line
  output.
- version 17.31.31 (22)

- applydeltaprm: Create target directory if it does not exist
  (bsc#1219442)
- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514)
- Fix problems with EINTR in ExternalDataSource::getline (fixes
  bsc#1215698)
- version 17.31.30 (22)

- CheckAccessDeleted: fix running_in_container detection
  (bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime
  (bsc#1218831)
- Make Wakeup class EINTR safe.
- Add a way to cancel media operations on shutdown
  (openSUSE/zypper#522)
  This patch adds a mechanism to signal libzypp that a shutdown was
  requested, usually when CTRL+C was pressed by the user. Currently
  only the media backend will utilize this, but can be extended to
  all code paths that use g_poll() to wait for events.
- Manually poll fds for curl in MediaCurl.
  Using curl_easy_perform does not give us the required control on
  when we want to cancel a download. Switching to the MultiCurl
  implementation with a external poll() event loop will give us
  much more freedom and helps us to improve our Ctrl+C handling.
- Move reusable curl poll code to curlhelper.h.
- version 17.31.29 (22)

- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)

- CheckAccessDeleted: fix 'running in container' filter
  (bsc#1218291)
- version 17.31.27 (22)

- Call zypp commit plugins during transactional update (fixes #506)
- Add support for loongarch64 (fixes #504)
- Teach MediaMultiCurl to download HTTP Multibyte ranges.
- Teach zsync downloads to MultiCurl.
- Expand RepoVars in URLs downloading a .repo file (bsc#1212160)
  Convenient and helps documentation as it may refer to a single
  command for a bunch of distributions. Like e.g. "zypper ar
  'https://server.my/$releasever/my.repo'".
- version 17.31.26 (22)

- Fix build issue with zchunk build flags (fixes #500)
- version 17.31.25 (22)

- Open rpmdb just once during execution of %posttrans scripts
  (bsc#1216412)
- Avoid using select() since it does not support fd numbers >
  1024 (fixes #447)
- tools/DownloadFiles: use standard zypp progress bar (fixes #489)
- Revert "Color download progress bar" (fixes #475)
  Cyan is already used for the output of RPM scriptlets. Avoid this
  colorific collision between download progress bar and scriptlet
  output.
- Fix ProgressBar's calculation of the printed tag position (fixes #494)
- Switch zypp::Digest to Openssl 3.0 Provider API (fixes #144)
- Fix usage of deprecated CURL features (fixes #486)
- version 17.31.24 (22)

- Stop using boost version 1 timer library (fixes #489,
  bsc#1215294)
- version 17.31.23 (22)
netcfg
- Add krb-prop entry, fix for bsc#1211886.
openssh
- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385).
  This limits the use of shell metacharacters in host- and
  user names.

- Added openssh-cve-2023-48795.patch (bsc#1217950, CVE-2023-48795).
  This mitigates a prefix truncation attack that could be used to
  undermine channel security.

- Enhanced SELinux functionality. Added
  * openssh-7.8p1-role-mls.patch
    Proper handling of MLS systems and basis for other SELinux
    improvements
  * openssh-6.6p1-privsep-selinux.patch
    Properly set contexts during privilege separation
  * openssh-6.6p1-keycat.patch
    Add ssh-keycat command to allow retrival of authorized_keys
    on MLS setups with polyinstantiation
  * openssh-6.6.1p1-selinux-contexts.patch
    Additional changes to set the proper context during privilege
    separation
  * openssh-7.6p1-cleanup-selinux.patch
    Various changes and putting the pieces together
  For now we don't ship the ssh-keycat command, but we need the patch
  for the other SELinux infrastructure
  This change fixes issues like bsc#1214788, where the ssh daemon
  needs to act on behalf of a user and needs a proper context for this
pam
- Add missing O_DIRECTORY flag in `protect_dir()` for pam_namespace module.
  [bsc#1218475, pam-bsc1218475-pam_namespace-O_DIRECTORY-flag.patch]

- pam_lastlog: check localtime_r() return value (bsc#1217000)
  * Added: pam-bsc1217000-pam_lastlog-check-localtime_r-return-value.patch
python-instance-billing-flavor-check
- Version 0.0.6 (bsc#1218561)
  Support proxy setup on the client to access the update infrastructure
  API

- Version 0.0.5
  Add IPv6 support (bsc#1218739)

- Version 0.0.4
  Run the command as sudo only (bsc#1217696, bsc#1217695)

- Version 0.0.3
  Handle exception for Python 3.4
python3-M2Crypto
- Disable broken tests with openssl 3.2, bsc#1217782

- add timeout_300hz.patch to accept a small deviation from time
  in the testsuite (bsc#1212757)

- Adapt tests for OpenSSL v3.1.0
  * Add openssl-adapt-tests-for-3.1.0.patch

- add openssl-stop-parsing-header.patch (bsc#1205042)
- add m2crypto-0.38-ossl3-tests.patch
python-chardet
- Fix update-alternative in %postun, bsc#1218765
python3-cryptography
- Add CVE-2023-49083.patch to fix A null-pointer-dereference and
  segfault could occur when loading certificates from a PKCS#7 bundle.
  bsc#1217592
release-notes-sles
- 15.5.20231213 (tracked in bsc#933411)
- Added note about vncserver removal (bsc#1211550)
rpm
- backport lua support for rpm.execute to ease migrating [bnc#1216752]
  * new patch: luaexecute.diff
rsyslog
- suppress installation errors when systemd is not running
  (bsc#1218799)

- restart daemon after modules packages have been updated
  (bsc#1217292)
runc
- Update to runc v1.1.12. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.12>. bsc#1218894
  * This release fixes a container breakout vulnerability (CVE-2024-21626). For
    more details, see the upstream security advisory:
    <https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
  * Remove upstreamed patches:
  - CVE-2024-21626.patch
  * Update runc.keyring to match upstream changes.

[ This was only ever released for SLES. ]
- Add upstream patch to fix embargoed issue CVE-2024-21626. bsc#1218894
  <https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
  + CVE-2024-21626.patch

- Update to runc v1.1.11. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.11>.
samba
- Add new idmap_nss option 'use_upn' for those NSS modules able to
  handle UPNs or DOMAIN/user name format; (bsc#1215369);
- Avoid unnecessary locking in idmap parent setup; (bsc#1215369);

- Add "net offlinejoin composeodj" command; (bsc#1214076);
000release-packages:sle-module-basesystem-release
n/a
000release-packages:sle-module-containers-release
n/a
000release-packages:sle-module-desktop-applications-release
n/a
000release-packages:sle-module-development-tools-release
n/a
000release-packages:sle-module-public-cloud-release
n/a
000release-packages:sle-module-python3-release
n/a
000release-packages:sle-module-server-applications-release
n/a
000release-packages:sle-module-web-scripting-release
n/a
000release-packages:SLES-release
n/a
sudo
- Fix NOPASSWD issue introduced by patches for CVE-2023-42465
  [bsc#1221151, bsc#1221134]
  * Update sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
  * Enable running regression selftests during build time.

- Security fix: [bsc#1219026, bsc#1220389, CVE-2023-42465]
  * Try to make sudo less vulnerable to ROWHAMMER attacks.
  * Add sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
supportutils-plugin-suse-public-cloud
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
  + Remove duplicate data collection for the plugin itself
  + Collect archive metering data when available
  + Query billing flavor status
supportutils
- Additional changes in version 3.1.28
  + ipset - List entries for all sets
  + ipvsadm - Inspect the virtual server table (pr#185)
  + Correctly detects Xen Dom0 (bsc#1218201)
  + Fixed smart disk error (bsc#1218282)

- Changes in version 3.1.28
  + Inhibit the conversion of port numbers to port names for network files (cherry picked from commit 55f5f716638fb15e3eb1315443949ed98723d250)
  + powerpc: collect rtas_errd.log and lp_diag.log files (pr#175)
  + Get list of pam.d file (cherry picked from commit eaf35c77fd4bc039fd7e3d779ec1c2c6521283e2)
  + Remove supportutils requires for util-linux-systemd and kmod (bsc#1193173)
  + Added missing klp information to kernel-livepatch.txt (bsc#1216390)
  + Fixed plugins creating empty files when using supportconfig.rc (bsc#1216388)
  + Provides long listing for /etc/sssd/sssd.conf (bsc#1211547)
  + Optimize lsof usage (bsc#1183663)
  + Added mokutil commands for secureboot (pr#179)
  + Collects chrony or ntp as needed (bsc#1196293)

- Changes in version 3.1.27
  + Fixed podman display issue (bsc#1217287)
  + Added nvme-stas configuration to nvme.txt (bsc#1216049)
  + Added timed command to fs-files.txt (bsc#1216827)
  + Collects zypp history file issue#166 (bsc#1216522)
  + Changed -x OPTION to really be exclude only (issue#146)
  + Collect HA related rpm package versions in ha.txt (pr#169)
suse-build-key
- Switch container key to be default RSA 4096bit. (jsc#PED-2777)

- run rpm commands in import script only when libzypp is not
  active. bsc#1219189 bsc#1219123

- run import script also in %posttrans section, but only when
  libzypp is not active. bsc#1219189 bsc#1219123
suse-module-tools
- Update to version 15.5.4:
  * rpm-script: add symlink /boot/.vmlinuz.hmac (bsc#1217775)
tar
- Fix CVE-2023-39804, Incorrectly handled extension attributes in
  PAX archives can lead to a crash, bsc#1217969
  * fix-CVE-2023-39804.patch
timezone
- update to 2024a:
  * Kazakhstan unifies on UTC+5.  This affects Asia/Almaty and
    Asia/Qostanay which together represent the eastern portion of the
    country that will transition from UTC+6 on 2024-03-01 at 00:00 to
    join the western portion.  (Thanks to Zhanbolat Raimbekov.)
  * Palestine springs forward a week later than previously predicted
    in 2024 and 2025.  (Thanks to Heba Hamad.)  Change spring-forward
    predictions to the second Saturday after Ramadan, not the first;
    this also affects other predictions starting in 2039.
  * Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
    not 00:00.  (Thanks to Đoàn Trần Công Danh.)
  * From 1947 through 1949, Toronto's transitions occurred at 02:00
    not 00:00.  (Thanks to Chris Walton.)
  * In 1911 Miquelon adopted standard time on June 15, not May 15.
  * The FROM and TO columns of Rule lines can no longer be "minimum"
    or an abbreviation of "minimum", because TZif files do not support
    DST rules that extend into the indefinite past - although these
    rules were supported when TZif files had only 32-bit data, this
    stopped working when 64-bit TZif files were introduced in 1995.
    This should not be a problem for realistic data, since DST was
    first used in the 20th century.  As a transition aid, FROM columns
    like "minimum" are now diagnosed and then treated as if they were
    the year 1900; this should suffice for TZif files on old systems
    with only 32-bit time_t, and it is more compatible with bugs in
    2023c-and-earlier localtime.c.  (Problem reported by Yoshito
    Umaoka.)
  * localtime and related functions no longer mishandle some
    timestamps that occur about 400 years after a switch to a time
    zone with a DST schedule.  In 2023d data this problem was visible
    for some timestamps in November 2422, November 2822, etc. in
    America/Ciudad_Juarez.  (Problem reported by Gilmore Davidson.)
  * strftime %s now uses tm_gmtoff if available.  (Problem and draft
    patch reported by Dag-Erling Smørgrav.)
  * The strftime man page documents which struct tm members affect
    which conversion specs, and that tzset is called.  (Problems
    reported by Robert Elz and Steve Summit.)

- update to 2023d:
  * Ittoqqortoormiit, Greenland changes time zones on
    2024-03-31.
  * Vostok, Antarctica changed time zones on 2023-12-18.
  * Casey, Antarctica changed time zones five times since
    2020.
  * Code and data fixes for Palestine timestamps starting in
    2072.
  * A new data file zonenow.tab for timestamps starting now.
  * Fix predictions for DST transitions in Palestine in
    2072-2075, correcting a typo introduced in 2023a.
  * Vostok, Antarctica changed to +05 on 2023-12-18.  It had
    been at +07 (not +06) for years.
  * Change data for Casey, Antarctica to agree with
    timeanddate.com, by adding five time zone changes since 2020.
    Casey is now at +08 instead of +11.
  * Much of Greenland, represented by America/Nuuk, changed
    its standard time from -03 to -02 on 2023-03-25, not on
    2023-10-28.
  * localtime.c no longer mishandles TZif files that contain
    a single transition into a DST regime.  Previously,
    it incorrectly assumed DST was in effect before the transition
    too.
  * tzselect no longer creates temporary files.
  * tzselect no longer mishandles the following:
  * Spaces and most other special characters in BUGEMAIL,
    PACKAGE, TZDIR, and VERSION.
  * TZ strings when using mawk 1.4.3, which mishandles
    regular expressions of the form /X{2,}/.
  * ISO 6709 coordinates when using an awk that lacks the
    GNU extension of newlines in -v option-arguments.
  * Non UTF-8 locales when using an iconv command that
    lacks the GNU //TRANSLIT extension.
  * zic no longer mishandles data for Palestine after the
    year 2075.
- Refresh tzdata-china.diff
wicked
- update to version 0.6.74
  + team: add new options like link_watch_policy (jsc#PED-7183)
  + Fix memory leaks in dbus variant destroy and fsm free (gh#openSUSE/wicked#1001)
  + xpath: allow underscore in node identifier (gh#openSUSE/wicked#999)
  + vxlan: don't format unknown rtnl attrs (bsc#1219751)
- removed patches included in the source archive:
  [- 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
  [- 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
  [- 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
  [- 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
  [- 0005-duid-fix-comment-for-v6time.patch]
  [- 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
  [- 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
  [- 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
  [- 0001-fix_arp_notify_loop_and_burst_sending.patch]

- ifreload: VLAN changes require device deletion (bsc#1218927)
  [+ 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
- ifcheck: fix config changed check (bsc#1218926)
  [+ 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
- client: fix exit code for no-carrier status (bsc#1219265)
  [+ 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
- dhcp6: omit the SO_REUSEPORT option (bsc#1215692)
  [+ 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
- duid: fix comment for v6time
  (https://github.com/openSUSE/wicked/pull/989)
  [+ 0005-duid-fix-comment-for-v6time.patch]
- rtnl: fix peer address parsing for non ptp-interfaces
  (https://github.com/openSUSE/wicked/pull/987,
  https://github.com/openSUSE/wicked/pull/988)
  [+ 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
  [+ 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
- system-updater: Parse updater format from XML configuration to
  ensure install calls can run.
  (https://github.com/openSUSE/wicked/pull/985)
  [+ 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
xen
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
  exceptions from emulation stubs (XSA-451)
  xsa451.patch

- Upstream bug fixes (bsc#1027519)
  65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
  65a7a0a4-x86-Intel-GPCC-setup.patch
  65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
  65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
  assigned to incorrect contexts (XSA-449)
  65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
  quarantine devices in !HVM builds (XSA-450)
  65b8f9ab-VT-d-else-vs-endif-misplacement.patch
- Patches replaced by newer upstream versions
  xsa449.patch
  xsa450.patch

- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
  quarantine devices in !HVM builds (XSA-450)
  xsa450.patch

- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
  assigned to incorrect contexts (XSA-449)
  xsa449.patch

- Update to Xen 4.17.3 bug fix release (bsc#1027519)
  xen-4.17.3-testing-src.tar.bz2
  * No upstream changelog found in sources or webpage
- Dropped patches contained in new tarball
  64763137-x86-AutoIBRS-definitions.patch
  64e5b4ac-x86-AMD-extend-Zenbleed-check.patch
  64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch
  64eef7e9-x86-reporting-spurious-i8259-interrupts.patch
  64f71f50-Arm-handle-cache-flush-at-top.patch
  65084ba5-x86-AMD-dont-expose-TscFreqSel.patch
  65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch
  65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch
  65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch
  65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch
  65087004-x86-entry-restore_all_xen-stack_end.patch
  65087005-x86-entry-track-IST-ness-of-entry.patch
  65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch
  65087007-x86-AMD-Zen-1-2-predicates.patch
  65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch
  650abbfe-x86-shadow-defer-PV-top-level-release.patch
  65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch
  65263471-libfsimage-xfs-remove-dead-code.patch
  65263472-libfsimage-xfs-amend-mask32lo.patch
  65263473-libfsimage-xfs-sanity-check-superblock.patch
  65263474-libfsimage-xfs-compile-time-check.patch
  65263475-pygrub-remove-unnecessary-hypercall.patch
  65263476-pygrub-small-refactors.patch
  65263477-pygrub-open-output-files-earlier.patch
  65263478-libfsimage-function-to-preload-plugins.patch
  65263479-pygrub-deprivilege.patch
  6526347a-libxl-allow-bootloader-restricted-mode.patch
  6526347b-libxl-limit-bootloader-when-restricted.patch
  6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch
  6526347d-x86-PV-auditing-of-guest-breakpoints.patch
  652fef4f-x86-AMD-erratum-1485.patch
  65319724-VT-d-SAGAW-parsing.patch
  6532858d-x86-DOITM.patch
  654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
  65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
  65536847-AMD-IOMMU-correct-level-for-quarantine-pt.patch
  65536848-x86-spec-ctrl-remove-conditional-IRQs-on-ness.patch
  655b2ba9-fix-sched_move_domain.patch
  xsa440.patch

- Upstream bug fixes (bsc#1027519)
  64763137-x86-AutoIBRS-definitions.patch
  652fef4f-x86-AMD-erratum-1485.patch
  65319724-VT-d-SAGAW-parsing.patch
  6532858d-x86-DOITM.patch
  654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
  65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
  655b2ba9-fix-sched_move_domain.patch
- bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in
  IOMMU quarantine page table levels (XSA-445)
  65536847-AMD-IOMMU-correct-level-for-quarantine-pt.patch
- bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not
  fully effective (XSA-446)
  65536848-x86-spec-ctrl-remove-conditional-IRQs-on-ness.patch
- Patches replaced by newer upstream versions
  xsa445.patch
  xsa446.patch
xorg-x11-server
- U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch
  * SELinux unlabeled GLX PBuffer (CVE-2024-0408, bsc#1218845)
- U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch
  * SELinux context corruption (CVE-2024-0409, bsc#1218846)

- bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
    (CVE-2023-6816, bsc#1218582)
- bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * Reattaching to different master device may lead to out-of-bounds memory
    access ((CVE-2024-0229, bsc#1218583)
- bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * Heap buffer overflow in XISendDeviceHierarchyEvent
    (CVE-2024-21885, bsc#1218584)
- bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
  * Heap buffer overflow in DisableDevice (CVE-2024-21886, bsc#1218585)

- u_miCloseScreen_check_for_null_pScreen_dev_private.patch
  * miCloseScreen check for null pScreen dev private (bsc#1218176);
    another regression introduced by
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch

- n_xserver-optimus-autoconfig-hack.patch
  u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)

- Add missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  (bsc#1217765).
xrdp
- Update xrdp-CVE-2023-42822.patch
  + fix bsc#1217759: xrdp login screen does not show any text
yast2-firewall
- In case of autoinstallation keep the firewall service state in
  the Installation::SecuritySettings for not conflicting with the
  proposal (bsc#1216615)
- 4.5.1
yast2-http-server
- bsc#1218943
  - followup of previous fix - fixed internal issue which caused
    Server modules not to be displayed at all.
  - 4.5.2
yast2-installation
- Enclose IPv6 addresses within square brackets when calling
  the mount command (bsc#1217637).
- 4.5.19
yast2
- Allow host/domain names starting with an underscore (bsc#1219920)
- 4.5.26
yast2-network
- Consider firmware configured interfaces as non bridgeable
  (bsc#1218595).
- 4.5.23

- Read all the driver modules from hwinfo instead of just the first
  driver ones (bsc#1217652).
- 4.5.22
yast2-packager
- Fixed ERB template loading in self update, if the template
  cannot be found using a relative path then fallback to the
  absolute path (bsc#1219174)
- 4.5.19

- After installation disable the empty installation repository
  from the SLE15 Online medium (bsc#1182303)
- 4.5.18
yast2-pkg-bindings
- Fixed repository and service probing with libzypp 7.31.26
  and newer, fixes broken repository handling (bsc#1218977,
  bsc#1218399)
- 4.5.3
yast2-security
- Do not load the security settings from the security policy until
  needed (bsc#1216615).
- 4.5.7
zypper
- Fix search/info commands ignoring --ignore-unknown (bsc#1217593)
  The switch makes search commands return 0 rather than 104 for
  empty search results.
- version 1.14.68

- patch: Make sure reboot-needed is remembered until next boot
  (bsc#1217873)
- version 1.14.67