- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
  drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
  make sure the script does not exit with 1 if a file
  with content is found (bsc#1222547)

- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
  home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- Fix plugin termination when using systemd service units (bsc#1215377)
  * add auditd.service-fix-plugin-termination.patch
- autofs-5.1.8-dont-use-initgroups-at-spawn.patch
  Don't use initgroups at spawn (bsc#1214710, bsc#1221181)
- Update to version 2+git20240416.98ae794 (bsc#1221184):
  * Use flock to serialize calls (boo#1188500)
  * Make container friendly
  * Create /var/lib/ca-certificates if needed
- Add cairo-fix-infinite-loop-bsc1122321-CVE-2019-6462.patch: This
  fixes a potentially infinite loop (bsc#1122321, CVE-2019-6462,
- Update to catatonit v0.2.0.
  * Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
  - 99bb9048f.patch
- Update to version 1.14
  + Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)

- Add version settings to Provides/Obsoletes
- ls: avoid triggering automounts (bsc#1221632)
  - add coreutils-ls-avoid-triggering-automounts.patch

- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
  - add coreutils-tail-fix-tailing-sysfs-files-where-PAGE_SIZE-BUFSIZ.patch
- Remove '--enable-debug-printfs' from configure options, see
- Security fix: [bsc#1221665, CVE-2024-2004]
  * Usage of disabled protocol
  * Add curl-CVE-2024-2004.patch

- Security fix: [bsc#1221667, CVE-2024-2398]
  * curl: HTTP/2 push headers memory-leak
  * Add curl-CVE-2024-2398.patch
- Add patch to fix bsc#1220339
  * 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch

- Allow to disable apparmor support (ALP supports only SELinux)
- Update to version 055+suse.382.g80b55af2:
  * fix(dracut): correct regression with multiple `rd.break=` options (bsc#1221675)
  * fix(dracut-util): do not call `strcmp` if the `value` argument is NULL (bsc#1219841)
  * fix(zfcp_rules): correct shellcheck regression when parsing ccw args (bsc#1220485)
  * fix( skip README for AMD microcode generation (bsc#1217083)
EA Inode handling fixes:
- ext2fs-avoid-re-reading-inode-multiple-times.patch: ext2fs: avoid re-reading
  inode multiple times (bsc#1223596)
- e2fsck-fix-potential-out-of-bounds-read-in-inc_ea_in.patch: e2fsck: fix
  potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
- e2fsck-add-more-checks-for-ea-inode-consistency.patch: e2fsck: add more
  checks for ea inode consistency (bsc#1223596)
- e2fsck-fix-golden-output-of-several-tests.patch: e2fsck: fix golden output of
  several tests (bsc#1223596)
- Security fix (boo#1221289, CVE-2024-28757): XML Entity Expansion
  attack when there is isolated use of external parsers.
  * Added expat-CVE-2024-28757.patch

- Security fix:
  * (CVE-2023-52425, bsc#1219559) denial of service (resource
    consumption) caused by processing large tokens.
  - Added patch expat-CVE-2023-52425-1.patch
  - Added patch expat-CVE-2023-52425-2.patch
  - Added patch expat-CVE-2023-52425-backport-parser-changes.patch
  - Added patch expat-CVE-2023-52425-fix-tests.patch
- Add patches to fix CVE-2024-34397 (boo#1224044):
  glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
  glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
  writes when writing escape sequence (CVE-2024-2961, bsc#1222992)

- duplocale-global-locale.patch: duplocale: protect use of global locale
  (bsc#1220441, BZ #23970)
- Update to version 20240314.00 (bsc#1221900, bsc#1221901)
  * NetworkManager: only set secondary interfaces as up (#378)
  * address manager: make sure we check for oldMetadata (#375)
  * network: early setup network (#374)
  * NetworkManager: fix ipv6 and ipv4 mode attribute (#373)
  * Network Manager: make sure we clean up ifcfg files (#371)
  * metadata script runner: fix script download (#370)
  * oslogin: avoid adding extra empty line at the end of /etc/security/group.conf (#369)
  * Dynamic vlan (#361)
  * Check for nil response (#366)
  * Create NetworkManager implementation (#362)
  * Skip interface manager on Windows (#363)
  * network: remove ignore setup (#360)
  * Create wicked network service implementation and its respective unit (#356)
  * Update metadata script runner, add tests (#357)
  * Refactor guest-agent to use common retry util (#355)
  * Flush logs before exiting #358 (#359)
- Refresh patches for new version
  * dont_overwrite_ifcfg.patch

- No need for double %setup.

- Use %patch -P N instead of deprecated %patchN.
- Update to version 20240307.00 (bsc#1221146, bsc#1221900, bsc#1221901)
  * Support dot in NVMe device ids (#68)
- from version 20240304.00
  * google_set_hostname: Extract rsyslog service name
    with a regexp for valid systemd unit names (#67)
- from version 20240228.00
  * Remove quintonamore from OWNERS (#64)
- from version 20240119.00
  * Setup smp affinity for IRQs and XPS on A3+ VMs (#63)

- Update to version 20231214.00
  * set multiqueue: A3 check set timeout the MDS call in 1s (#62)
- from version 20231103.00
  * Update owners (#61)
  * Update owners (#58)

- Update to version 20230929.00
  * Update multinic filter to pick only pci devices (#59)
- Fix file permissions for google_authorized_principals binary (bsc#1222171)

- Update to version 20240311.00 (bsc#1218548, bsc#1221900, bsc#1221901)
  * pam: Bring back pam's account management implementation (#133)
  * Change error messages when checking login policy (#129)
  * Remove quintonamore from OWNERS (#128)
- Update to version 20240320.00 (bsc#1221900, bsc#1221901)
  * Enable OSConfig agent to read GPG keys files with multiple entities (#537)
- from version 20240314.00
  * Update OWNERS file to replace mahmoudn GitHub
    username by personal email GitHub username (#534)
- from version 20240313.01
  * Bump from 1.30.0 to 1.33.0 in /e2e_tests (#535)
- from version 20240313.00
  * Adds a console and gcloud example policies (#533)
- from version 20240228.00
  * GuestPolicies e2e: Remove ed package if exist for zypper
    startup_script in recipe-steps tests (#532)
- from version 20240126.00
  * Fix Enterprise Linux Recipe-Steps tests to install
    info dependency package in the startup-script (#530)
- from version 20240125.01
  * Fix SUSE pkg-update and pkg-no-update e2e tests (#529)
- from version 20240125.00
  * Fix zypper patch info parser to consider conflicts-pkgs float versions (#528)
- from version 20240123.01
  * Fix SUSE package update e2e tests to use another existing package (#527)
- from version 20240123.00
  * Update cis-exclude-check-once-a-day.yaml (#526)

- Update to version 20231219.00
  * Bump from 0.14.0 to 0.17.0 (#524)
- from version 20231207.01
  * Some change to create an agent release (#523)
- from version 20231207.00
  * Some change to create an agent release (#522)
- from version 20231205.00
  * Some change to create an agent release (#521)
- from version 20231130.02
  * Merge pull request #519 from Gulio/just-release
  * Merge branch 'master' into just-release
  * Some change to create an agent release
  * Some change to create an agent release
- from version 20231130.00
  * Some change to create an agent release (#518)
- from version 20231129.00
  * Fix parse yum updates to consider the packages under
    installing-dependencies keyword (#502)
  * Update feature names in the README file (#517)
- from version 20231128.00
  * Updating owners (#508)
- from version 20231127.00
  * Move OS policy CIS examples under the console folder (#514)
- from version 20231123.01
  * Adds three more OS Policy examples to CIS folder (#509)
  * Added ekrementeskii and MahmoudNada0 to OWNERS (#505)
- from version 20231123.00
  * docs(osconfig):add OS policy examples for CIS scanning (#503)
- from version 20231121.02
  * Added SCODE to Windows error description (#504)
- from version 20231121.01
  * Update OWNERS (#501)
  * Update go version to 1.21 (#507)
- from version 20231121.00
  * Call fqdn (#481)
- from version 20231116.00
  * Removing obsolete MS Windows 2019 images (#500)
- from version 20231107.00
  * Update owners. (#498)
- from version 20231103.02
  * Increasing test timeouts (#499)
  * Update OWNERS (#497)
- from version 20231103.01
  * Bump from 1.53.0 to 1.56.3 in /e2e_tests (#493)
  * Bump from 1.53.0 to 1.56.3 (#494)
- from version 20231103.00
  * Removing deprecated Win for containers OSs (#496)
- from version 20231027.00
  * Shortening the reported image names (#495)
- from version 20231025.00
  * Merge pull request #492 from GoogleCloudPlatform/michaljankowiak-patch-1
  * Merge branch 'master' into michaljankowiak-patch-1
  * Fixing name changes
  * Fixing rename issue
  * Fixed formatting
  * Fixed formatting
  * Fixing formatting
  * Removing support for RHEL 6, adding RHEL 9
  * Removing support for RHEL 6, adding for RHEL 9
  * Removing support for RHEL 6 and adding for RHEL 9
  * Removing step needed for RHEL 6
  * Fixing build issues
  * Removing nonexistent images and adding new ones
- from version 20231024.00
  * Removing obsolete OS images and adding new ones (#491)
- from version 20231020.00
  * Change debug messages when parsing zypper patch output (#490)
- from version 20231013.00
  * Bump from 0.7.0 to 0.17.0 (#489)
- from version 20231010.00
  * Revert "Added [main] section with gpgcheck to
    the agent-managed repo file (#484)" (#488)
- from version 20231003.00
  * Bump from 1.42.0 to 1.53.0 in /e2e_tests (#478)
- from version 20230920.00
  * Update OWNERS (#485)
- from version 20230912.00
  * Added [main] section with gpgcheck to the agent-managed repo file (#484)
  * Migrate empty interface to any (#483)

- Bump the golang compiler version to 1.21 (bsc#1216546)

- Update to version 20230829.00
  * Added burov, dowgird, paulinakania and Gulio to OWNERS (#482)
  >>>>>>> ./
- Update to version 1.0.7 (bsc#1219941)
  + Support root to be in a btrfs snapshot
  + 1.0.6 had different implementation for btrfs in snapshot support
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
  * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch

- Fix memdisk becomes the default boot entry, resolving no graphic display
  device error in guest vnc console (bsc#1221779)
  * grub2-xen-pv-firmware.cfg
- Fix build with latest kernel, bsc#1223370
  * bsc1223370.patch
- spec: return success from pre, post, preun and postun scriplets
  (bsc#1222228, bsc#1191410)
- spec: differentiate between uninstall and upgrade in postun/preun
- Update
  (jsc#PED-7167, bsc#1224169).
- commit a57eb93

- Update
  (git-fixes bsc#1223858).
- commit e50ed21

- netfilter: nft_ct: fix l3num expectations with inet pseudo
  family (git-fixes).
- commit 87e8a80

- Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
- commit 8f3269f

- Update
  (jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
  jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
  CVE-2022-48698 bsc#1223956).
- commit a0e3008

- Update patches.suse/ice-Fix-DMA-mappings-leak.patch (jsc#PED-376
  CVE-2022-48690 bsc#1223960).
- commit 7e1bf3d

- Update
  (git-fixes CVE-2022-48702 bsc#1223923).
- Update
  (git-fixes CVE-2022-48701 bsc#1223921).
- Update
  (jsc#SLE-18383 CVE-2022-48694 bsc#1223964).
- Update
  (git-fixes CVE-2022-48692 bsc#1223962).
- Update
  (bsc#1196869 CVE-2022-48671 bsc#1223929).
- Update
  (git-fixes CVE-2022-48704 bsc#1223932).
- Update
  (jsc#SLE-18378 CVE-2022-48688 bsc#1223953).
- Update
  (bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- Update
  (git-fixes CVE-2022-48673 bsc#1223934).
- Update
  (bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- Update patches.suse/nvmet-fix-a-use-after-free.patch (git-fixes
  CVE-2022-48697 bsc#1223922).
- Update
  (git-fixes CVE-2022-48672 bsc#1223931).
- Update
  (git-fixes CVE-2022-48695 bsc#1223941).
- Update
  (git-fixes CVE-2022-48693 bsc#1223963).
- Update
  (bsc#1201308 CVE-2022-48703 bsc#1223924).
- Update patches.suse/vfio-type1-Unpin-zero-pages.patch (git-fixes
  CVE-2022-48700 bsc#1223957).
- commit c8677b5

- packet: annotate data-races around ignore_outgoing
  (CVE-2024-26862 bsc#1223111).
- commit 6e591e7

- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
  (CVE-2024-0639 bsc#1218917).
- commit 517d4f7

- Update
  (CVE-2022-48662 bsc#1223505).
  Unbreak metadata (References: collides with our internal tracking,
  switch to Fixes: when referencing a commit).
- commit cd38265

- netfilter: nft_ct: sanitize layer 3 and 4 protocol number in
  custom expectations (bsc#1222368 CVE-2024-26673).
- commit 785b7d0

- igc: avoid returning frame twice in XDP_REDIRECT (bsc#1223061
- commit 021db33

- net: sparx5: Fix use after free inside sparx5_del_mact_entry
  (bsc#1223052 CVE-2024-26856).
- commit fc5c6ad

- fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993 bsc#1223693)
- commit b0c9830

- Update
  (git-fixes CVE-2022-48675 bsc#1223894).
- Update
  (git-fixes CVE-2022-48634 bsc#1223501).
- Update
  (CVE-2022-48662 bsc#1223505a4e7ccdac38e ("drm/i915: Move
  context management under GEM") bsc#1223505).
- Update
  (git-fixes CVE-2022-48632 bsc#1223481).
- Update
  (git-fixes CVE-2022-48652 bsc#1223520).
- Update
  (git-fixes CVE-2022-48636 bsc#1223512).
- commit 523501c

- blacklist.conf: add a not-relevant module-loader patch
- commit 90c64db

- ring-buffer: Only update pages_touched when a new page is
  touched (git-fixes).
- commit b42aba1

- kprobes: Fix possible use-after-free issue on kprobe
  registration (git-fixes).
- commit e007447

- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page
  in concurrent environment (git-fixes).
- commit 118cfcd

- tracing/net_sched: Fix tracepoints that save qdisc_dev()
  as a string (git-fixes).
- commit a272f90

- tracing: Show size of requested perf buffer (git-fixes).
- commit f8d068b

- Bluetooth: Add new quirk for broken read key length on ATS2851
- commit 9ac913a

- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE
- commit 83cd609

- fuse: don't unhash root (bsc#1223951).
- fuse: fix root lookup with nonzero generation (bsc#1223950).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal
- commit fdf9216

- RDMA/cm: Print the old state when cm_destroy_id gets timeout
- commit 9b2934b

- nouveau: lock the client object tree. (bsc#1223834 CVE-2024-27062)
- commit e828498

- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
- commit 5647172

- drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() (CVE-2024-27041 bsc#1223714)
- commit ae6f7a9

- tun: limit printing rate when illegal packet received by tun
  dev (bsc#1223745 CVE-2024-27013).
- net/mlx5e: Prevent deadlock while disabling aRFS (bsc#1223735
- octeontx2-af: Use separate handlers for interrupts (bsc#1223790
- wireguard: netlink: access device through ctx instead of peer
  (bsc#1223661 CVE-2024-26950).
- wireguard: netlink: check for dangling peer via is_dead instead
  of empty list (bsc#1223660 CVE-2024-26951).
- wireguard: receive: annotate data-race around
  receiving_counter.counter (bsc#1223076 CVE-2024-26861).
- nfp: flower: handle acti_netdevs allocation failure (bsc#1223827
- commit b495510

- drm/amd/display: Add a dc_state NULL check in dc_state_release (CVE-2024-26948 bsc#1223664)
- commit 211db77

- slimbus: qcom-ngd-ctrl: Add timeout for wait operation
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- usb: typec: tcpm: Check for port partner validity before
  consuming it (git-fixes).
- usb: typec: tcpm: unregister existing source caps before
  re-registration (bsc#1220569).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual
  SuperSpeed device (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup
  packets (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic
- commit d9cff03

- pstore: inode: Only d_invalidate() is needed (bsc#1223705
- commit bbe965a

- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops
- commit 86753e0

- ASoC: meson: axg-tdm-interface: manage formatters in trigger
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of
  device_get_named_child_node() (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move()
  v2 (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers
  in debugfs (git-fixes).
- commit 79c4a57

- wifi: iwlwifi: mvm: ensure offloading TID queue exists
  (CVE-2024-27056 bsc#1223822).
- wifi: iwlwifi: mvm: protect TXQ list manipulation
  (CVE-2024-27056 bsc#1223822).
- commit 5895d13

- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
- commit e3d9ce5

- clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
  (CVE-2024-27039 bsc#1223821).
- commit 70ad74a

- clk: Fix clk_core_get NULL dereference (CVE-2024-27038
- commit bcf8ce4

- Rename to
- commit e953a9a

- s390/qeth: Fix kernel panic after setting hsuid (git-fixes
- commit 1b0c7f2

- s390/mm: Fix storage key clearing for guest huge pages
  (git-fixes bsc#1223878).
- commit fc57acc

- s390/mm: Fix clearing storage keys for huge pages (git-fixes
- commit c73273d

- s390/vdso: Add CFI for RA register to asm macro vdso_func
  (git-fixes bsc#1223876).
- commit 15b93ff

- s390/cio: Ensure the copied buf is NUL terminated (git-fixes
- commit c670b5d

- NTB: fix possible name leak in ntb_register_device()
  (CVE-2023-52652 bsc#1223686).
- commit 206337a

- mm: swap: fix race between free_swap_and_cache() and swapoff()
  (CVE-2024-26960 bsc#1223655).
- commit b6bee56

- swap: comments get_swap_device() with usage rule (CVE-2024-26960
- commit 15510e4

- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
- commit 2ecdc0a

- clk: qcom: mmcc-msm8974: fix terminating of frequency table
  arrays (CVE-2024-26965 bsc#1223648).
- commit 1dd34df

- clk: qcom: mmcc-apq8084: fix terminating of frequency table
  arrays (CVE-2024-26966 bsc#1223646).
- commit a12a96e

- clk: qcom: gcc-ipq8074: fix terminating of frequency table
  arrays (CVE-2024-26969 bsc#1223645).
- commit 8dca0be

- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
- commit f5401a7

- ipv6/addrconf: fix a potential refcount underflow for idev
- commit cdd225e

- net: fix skb leak in __skb_tstamp_tx() (git-fixes).
- commit 87fa6a6

- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp
- commit 77fb94f

- net: stream: purge sk_error_queue in sk_stream_kill_queues()
- commit cb9fa4c

- netfilter: br_netfilter: Drop dst references before setting
- commit 28508ef

- net: mld: fix reference count leak in mld_{query |
  report}_work() (git-fixes).
- commit 389c7c7

- net: ipv6: ensure we call ipv6_mc_down() at most once
- commit e46b1a5

- net: fix a memleak when uncloning an skb dst and its metadata
- commit 9e895dd

- net: bridge: vlan: fix memory leak in __allowed_ingress
- commit 26122cb

- Update patches.suse/nfsd-use-__fput_sync-to-avoid-delayed-closing-of-fil.patch
  (bsc#1223380 bsc#1217408 bsc#1223640).
- commit 48bb894

- netfilter: ipt_CLUSTERIP: fix refcount leak in
  clusterip_tg_check() (git-fixes).
- commit 014c7bb

- net: vlan: fix underflow for the real_dev refcnt (git-fixes).
- commit f6e1f81

- x86/sev: Skip ROM range scans and validation for SEV-SNP guests
  (jsc#PED-7167 git-fixes).
- Refresh
- Refresh
- commit 8eb012f

- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit
  type (jsc#PED-7167 git-fixes).
- commit 554f303

- Update
  (bsc#1206881 bsc#1223475 CVE-2022-48631).
- commit 718df1c

- clk: qcom: gcc-ipq6018: fix terminating of frequency table
  arrays (CVE-2024-26970 bsc#1223644).
- commit 0c0dddd

- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
- drm/amdgpu: Fix leak when GPU memory allocation fails
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
- serial: core: Provide port lock wrappers (stable-fixes).
- drm-print: add drm_dbg_driver to improve namespace symmetry
- commit ac12ea7

- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
  (CVE-2024-26852 bsc#1223057)
- commit d89430d

- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- commit 4bfffd4

- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- commit 1d62037

- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- commit 93fb4e2

- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- commit 5fec238

- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- commit 8f27cd5

- md/raid5: fix atomicity violation in raid5_cache_count
  (bsc#1219169, CVE-2024-23307).
- commit d2d22f0

- s390/decompressor: fix misaligned symbol build error (git-fixes
- commit 47fb728

- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- commit c7b5bd6

- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- commit a134662

- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
- commit bb84f10

- kABI workaround for cec_adapter (CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid recursive cec_claim_log_addrs
  (CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid confusing "transmit timed out" message
  (CVE-2024-23848 bsc#1219104).
- media: cec: cec-api: add locking in cec_release()
  (CVE-2024-23848 bsc#1219104).
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
  (CVE-2024-23848 bsc#1219104).
- commit 70ecf73

- mm/slub: fix to return errno if kmalloc() fails (CVE-2022-48659
- commit d72759d

- drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() (CVE-2023-52585 bsc#1221080).
- commit cde7c84

- bonding: fix NULL deref in bond_rr_gen_slave_id (bsc#1223499
- commit 9f14266

- media: cec: abort if the current transmit was canceled
  (CVE-2024-23848 bsc#1219104).
- commit e51b978

- Squashfs: check the inode number is not the invalid value of
  zero (bsc#1223634 CVE-2024-26982).
- commit 8ad2647

- Update
  (git-fixes CVE-2024-26972 bsc#1223643).
- commit c1d0983

- Update
  (git-fixes CVE-2024-26955 bsc#1223657).
- commit 59db655

- Update
  (git-fixes CVE-2024-26956 bsc#1223663).
- commit b968ba7

- Update patches.suse/nilfs2-fix-OOB-in-nilfs_set_de_type.patch
  (git-fixes CVE-2024-26981 bsc#1223668).
- commit 7b2eba5

- ASoC: SOF: Add some bounds checking to firmware data
  (CVE-2024-26927 bsc#1223525).
- commit 797ef67

- Update
  (git-fixes CVE-2022-48663 bsc#1223523).
- commit fb50f4d

- Update
  (bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 1b1d545

- Update
  (git-fixes CVE-2022-48647 bsc#1223519).
- commit 2df3009

- Update
  (bsc#1193629 CVE-2022-48667 bsc#1223518).
- commit 2544640

- Update
  (jsc#SLE-18978 CVE-2022-48637 bsc#1223517).
- commit 8af9f52

- Update
  (bsc#1193629 CVE-2022-48668 bsc#1223516).
- commit ea57df6

- drm/i915/gem: Really move under ref
  protection (CVE-2022-48662 bsc#1223505).
- commit 1ea0422

- Update
  (bsc#1207361 CVE-2022-48644 bsc#1223511).
- commit 32036dc

- Update
  (jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
  jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
  jsc#PED-2849a4e7ccdac38e ("drm/i915: Move context management
  under GEM") CVE-2022-48662 bsc#1223505).
- commit 16b0082

- netfilter: nf_tables: disallow timeout for anonymous sets
  (CVE-2023-52620 bsc#1221825).
- commit 19a9222

- Update
  (bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit a4b4019

- Update
  (bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit ecd523c

- Update
  (git-fixes CVE-2022-48648 bsc#1223503).
- commit 2cd307a

- Update
  (jsc#PED-1565 CVE-2022-48646 bsc#1223502).
- commit 54704c0

- Update
  (bsc#1207361 CVE-2022-48639 bsc#1223490).
- commit 1b88973

- Update
  (git-fixes CVE-2022-48660 bsc#1223487).
- commit 30d7811

- Update
  (git-fixes CVE-2022-48657 bsc#1223484).
- commit d7e1659

- Update
  (bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit a8a2952

- Update
  (git-fixes CVE-2022-48656 bsc#1223479).
- commit 90546f3

- netfilter: nf_tables: fix percpu memory leak at
  nf_tables_addchain() (bsc#1223478 CVE-2022-48642).
- commit 839888a

- blacklist.conf: code refactoring
- commit f72ed44

- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
- commit 15c6bc2

- printk: Avoid non-panic CPUs writing to ringbuffer
- commit d14ad8e

- Update
  (git-fixes CVE-2022-48653 bsc#1223474).
- commit dba84ad

- blacklist.conf: refactoring, not a fix
- commit ef0f94f

- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
- commit ed11fe0

- printk: Disable passing console lock owner completely during
  panic() (bsc#1223574).
- commit d98358d

- s390/zcrypt: fix reference counting on zcrypt card objects
  (git-fixes bsc#1223595).
- commit 0483eb1

- Update
  (git-fixes CVE-2024-26875 bsc#1223118).
- commit fd5a947

- printk: ringbuffer: Skip non-finalized records in panic
- commit c9df6e3

- printk: Wait for all reserved records with pr_flush()
- commit d04f93d

- Update
  (git-fixes CVE-2024-26872 bsc#1223115).
- commit 66d99f5

- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
- commit a92ce86

- printk: Add this_cpu_in_panic() (bsc#1223574).
- commit 0b039ad

- quota: Fix potential NULL pointer dereference (bsc#1223060
- commit 93c484c

- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
  (bsc#1223198 CVE-2024-26901).
- commit a397ff1

- blk-mq: fix IO hang from sbitmap wakeup race (bsc#1222357
- commit 9908e06

- ext4: avoid allocating blocks from corrupted group in
  ext4_mb_find_by_goal() (bsc#1222613 CVE-2024-26772).
- commit be73fd6

- printk: Rename abandon_console_lock_in_panic() to
  other_cpu_in_panic() (bsc#1223574).
- commit 6336c25

- Update
  (bsc#1141539 git-fixes).
- commit 111a038

- printk: Drop console_sem during panic (bsc#1223574).
- commit 725427c

- clk: meson: Add missing clocks to axg_clk_regmaps
  (CVE-2024-26879 bsc#1223066).
- commit 46eee50

- printk: ringbuffer: Clarify special lpos values (bsc#1223574).
- commit 0f13b5c

- printk: ringbuffer: Do not skip non-finalized records with
  prb_next_seq() (bsc#1223574).
- commit 28b403a

- printk: ringbuffer: Improve prb_next_seq() performance
- commit 6a93375

- Update
  (git-fixes CVE-2024-26820 bsc#1223078).
- commit d0bb689

- Update
  (git-fixes CVE-2024-26825 bsc#1223065).
- commit 4685711

- wifi: wfx: fix memory leak when starting AP (CVE-2024-26896
- commit f3e25cb

- Update
  (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
- commit f3895d7

- printk: Use prb_first_seq() as base for 32bit seq macros
- commit e3b59e0

- printk: Adjust mapping for 32bit seq macros (bsc#1223574).
- commit 6dcabeb

- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
- commit c13f8d3

- PM / devfreq: Fix buffer overflow in trans_stat_show
  (CVE-2023-52614 bsc#1221617).
- commit 43b7d5b

- Update
  (git-fixes CVE-2024-26891 bsc#1223037).
- commit 7b52ba2

- Update
  (git-fixes CVE-2024-26833 bsc#1223036).
- commit 6c18411

- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
  (bsc#1223513 CVE-2022-48651).
- commit c96a663

- net: hns3: fix kernel crash when 1588 is received on HIP08
  devices (bsc#1223041 CVE-2024-26881).
- net: ice: Fix potential NULL pointer dereference in
  ice_bridge_setlink() (bsc#1223051 CVE-2024-26855).
- geneve: make sure to pull inner header in geneve_rx()
  (bsc#1223058 CVE-2024-26857).
- ppp_async: limit MRU to 64K (bsc#1222379 CVE-2024-26675).
- commit 61a60e2

- Update
  (git-fixes CVE-2024-26843 bsc#1223014).
- commit 3f9577f

- net: usb: ax88179_178a: stop lying about skb->truesize
- commit 416a90a

- Update
  (git-fixes CVE-2024-26897 bsc#1223323).
- commit 938950f

- drm/amd/display: Fix MST Null Ptr for RV (CVE-2021-47200 bsc#1222838)
- commit 3d0cc91

- Update
  (git-fixes CVE-2024-26895 bsc#1223197).
- commit 73cb93c

- amdkfd: use calloc instead of kzalloc to avoid integer overflow (CVE-2024-26817 bsc#1222812)
- commit 5946a4f

- Update patches.suse/firmware-arm_scmi-Harden-accesses-to-the-reset-domai.patch (git-fixes CVE-2022-48655 bsc#1223477)
- commit 2dabafb

- mm: slub: fix flush_cpu_slab()/__free_slab() invocations in
  task context (CVE-2022-48658 bsc#1223496).
- commit 3480d23

- firmware: arm_scmi: Fix double free in SMC transport cleanup
  path (CVE-2024-26893 bsc#1223196).
- commit 689202d

- nfsd: use __fput_sync() to avoid delayed closing of files
  (bsc#1223380 bsc#1217408).
- commit aa925bb

- Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)." (bsc#1223275)
  This reverts commit b92b60703522e3531f77c5af2f34b4b165007b3a.
  This commit was reverted upstream by commit 0ecff05e6c59dd82dbcb9706db911f7fd9f40fb8
  with note:
  ice_check_vf_ready_for_cfg() already contain waiting for reset.
  New condition in ice_check_vf_ready_for_reset() causing only problems.
- commit 33e8bb2

- Update patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch
  (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
- commit 29ca2f7

- livepatch: Fix missing newline character in
  klp_resolve_symbols() (bsc#1223539).
- commit ccf2afb

- blacklist.conf: cosmetic; kind of code documentation
- commit 6c8cbf7

- blacklist.conf: workqueue: prevent false circular dependency by lockdep,
  code churn, primary useful when developing new code, lockdep is
  disabled on production kernels (bsc#1223536)
- commit 6ab7164

- Update
  (git-fixes CVE-2021-47047 bsc#1220761).
- commit 1f6461d

- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
  (CVE-2023-52616 bsc#1221612).
- commit 6fa74bc

- mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone
  index (bsc#1222615 CVE-2024-26783).
- commit d2a6383

- mm/vmscan: make sure wakeup_kswapd with managed zone
- commit c954567

- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 9c9dbbd

- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit 9bcfc48

- hugetlb, userfaultfd: fix reservation restore on userfaultfd
  error (bsc#1222710 CVE-2021-47214).
- commit 4a75d88

- drm/amdgpu: fix use-after-free bug (CVE-2024-26656 bsc#1222307)
- commit 2c0e8cb

- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
- dma: xilinx_dpdma: Fix locking (git-fixes).
- idma64: Don't try to serve interrupts when device is powered
  off (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions
- USB: serial: option: add Rolling RW101-GL and RW135-GL support
- USB: serial: option: add Lonsung U8300/U9300 product
- USB: serial: option: add support for Fibocom FM650/FG650
- USB: serial: option: support Quectel EM060K sub-models
- USB: serial: option: add Fibocom FM135-GL variants
- thunderbolt: Avoid notify PM core about runtime PM resume
- thunderbolt: Fix wake configurations after device unplug
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb
  ep transport error (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- arm64: hibernate: Fix level3 translation fault in swsusp_save()
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with
  ALC269VC (stable-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/amd/display: Do not recursively call manual trigger
  programming (stable-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11
- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support
- ALSA: scarlett2: Add correct product series name to messages
- ALSA: scarlett2: Add support for Clarett 8Pre USB
- ALSA: scarlett2: Move USB IDs out from device_info struct
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- clk: Print an info line before disabling unused clocks
- drm/amdgpu: fix incorrect active rb bitmap for gfx11
- clk: remove extra empty line (stable-fixes).
- clk: Mark 'all_lists' as const (stable-fixes).
- commit 2a4676e

- i40e: Fix VF MAC filter removal (git-fixes).
- commit 03f8d56

- mmc: sdhci-msm: pervent access to suspended controller
- fbdev: fix incorrect address computation in deferred IO
- wifi: nl80211: don't free NULL coalescing rule (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
- wifi: iwlwifi: mvm: remove old PASN station when adding a new
  one (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized
  dev->devc (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer
- commit eb0d29c

- blacklist.conf: Add 246f80a0b17f8 ("sh: push-switch: Reorder cleanup operations to avoid use-after-free bug")
- commit 701f2ea

- Update
  (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 5a56f33

- i40e: Do not allow untrusted VF to remove administratively
  set MAC (git-fixes CVE-2024-26830 bsc#1223012).
- commit 67a5cff

- net: ip_tunnel: make sure to pull inner header in
  ip_tunnel_rcv() (git-fixes CVE-2024-26882 bsc#1223034).
- commit 1915836

- PM / devfreq: Synchronize devfreq_monitor_[start/stop]
  (CVE-2023-52635 bsc#1222294).
- commit 6f88f1b

- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369
- powerpc/rtas: define pr_fmt and convert printk call sites
  (bsc#1223369 ltc#205888).
- commit 13f68b5

- Update
  (bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- commit 1a4ee0a

- Renamepatches before cve/linux-5.14-LTSS
- commit 0b096bb

- PCI: rpaphp: Error out on busy status from get-sensor-state
  (bsc#1223369 ltc#205888).
- commit f9716ef

- bpf: Fix stackmap overflow check on 32-bit arches (bsc#1223035
- bpf: Fix hashtab overflow check on 32-bit arches (bsc#1223189
- bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
  (bsc#1223190 CVE-2024-26885).
- commit c435af8

- Update
  (bsc#1222596 cve-2024-26760), updating CVE number.
- commit 0b78c9a

- powerpc/kasan: Don't instrument non-maskable or raw interrupts
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
  - Refresh patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
- commit 8a00767

- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt
  (bsc#1221645 ltc#205739 bsc#1223191).
- commit caf6e20

- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
- serial: mxs-auart: add spinlock around changing cts state
- Revert "usb: cdc-wdm: close race between read and workqueue"
- usb: dwc2: host: Fix dereference issue in DDMA completion flow
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- commit 28e1f50

- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- commit e92aa40

- blacklist.conf: We don't support FRED
- commit ce7dd35

- clk: Remove prepare_lock hold assertion in __clk_release()
- commit 7812d3f

- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit 236cddf

- drm/panel: visionox-rm69299: don't unregister DSI device
- drm/vmwgfx: Sort primary plane formats by order of preference
- drm: nv04: Fix out of bounds access (git-fixes).
- nouveau: fix instmem race condition around ptr stores
- drm/amdgpu: validate the parameters of bo mapping operations
  more clearly (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit d2ecf52

- pmdomain: mediatek: fix race conditions with genpd
  (CVE-2023-52645 bsc#1223033).
- commit 9a65bfe

- spi: spi-fsl-lpspi: remove redundant spi_controller_put call
  (CVE-2024-26866 bsc#1223024).
- commit 1408e84

- spi: lpspi: Avoid potential use-after-free in probe()
  (CVE-2024-26866 bsc#1223024).
- commit 233d8aa

- platform/x86: think-lmi: Fix password opcode ordering for
  workstations (CVE-2024-26836 bsc#1222968).
- platform/x86: think-lmi: Enable opcode support on BIOS settings
  (CVE-2024-26836 bsc#1222968).
- commit 13fd3e3

- net: usb: ax88179_178a: avoid writing the mac address before
  first reading (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed()
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex
- nouveau: fix function cast warning (git-fixes).
- Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used
- drm/i915/cdclk: Fix CDCLK programming order when pipes are
  active (git-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input
- Bluetooth: L2CAP: Fix not validating setsockopt user input
- Bluetooth: RFCOMM: Fix not validating setsockopt user input
- Bluetooth: SCO: Fix not validating setsockopt user input
- Bluetooth: Fix memory leak in hci_req_sync_complete()
- batman-adv: Avoid infinite loop trying to resize local TT
- platform/x86: intel-vbtn: Update tablet mode switch at end of
  probe (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn
  establishes (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not
  attached (stable-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
  changes (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode()
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
- ASoC: soc-core.c: Skip dummy codec when adding platforms
- speakup: Fix 8bit characters from direct synth (git-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and
  MM0110113M (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product
- USB: serial: cp210x: add ID for MGP Instruments PDS100
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
- phy: tegra: xusb: Add API to retrieve the port number of phy
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is
  defined (stable-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible
- ahci: asm1064: asm1166: don't limit reported ports (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for
  "phys" fails (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: cec: core: remove length check of Timer Status
- ALSA: firewire-lib: handle quirk to calculate payload quadlets
  as data block counter (stable-fixes).
- Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle
  by default" (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant
  of the Chuwi Vi8 tablet (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided
  IDs (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini
- drm/vc4: don't check if plane->state->fb == state->fb
- hwmon: (amc6821) add of_match table (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version
- wifi: ath9k: fix LNA selection in ath_ant_try_scan()
- pstore/zone: Add a null pointer check to the psz_kmsg_read
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- Documentation: Add missing documentation for EXPORT_OP flags
- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running
- docs: Document the FAN_FS_ERROR event (stable-fixes).
- commit 5f4b68d

- Update
  (git-fixes CVE-2024-26798 bsc#1222798).
- commit 3f5154a

- Update
  (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
  (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
- Update
  (CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit ac0df3e

- Update
  (git-fixes CVE-2021-47207 bsc#1222790).
- Update
  (bsc#1192354 CVE-2021-47211 bsc#1222869).
- Update
  (jsc#SLE-19249 CVE-2021-47196 bsc#1222773).
- Update
  (git-fixes CVE-2021-47187 bsc#1222703).
- Update
  (git-fixes CVE-2021-47194 bsc#1222829).
- Update
  (git-fixes CVE-2021-47205 bsc#1222888).
- Update
  (git-fixes CVE-2021-47200 bsc#1222838).
- Update
  (jsc#SLE-18378 CVE-2021-47184 bsc#1222666).
- Update
  (jsc#SLE-18385 CVE-2021-47201 bsc#1222792).
- Update
  (git-fixes CVE-2021-47217 bsc#1222836).
- Update
  (git-fixes CVE-2021-47204 bsc#1222787).
- Update
  (jsc#SLE-19253 CVE-2021-47212 bsc#1222709).
- Update
  (jsc#SLE-19253 CVE-2021-47199 bsc#1222785).
- Update
  (jsc#SLE-19253 CVE-2021-47215 bsc#1222704).
- Update
  (jsc#SLE-19253 CVE-2021-47197 bsc#1222776).
- Update
  (bsc#1192837 CVE-2021-47209 bsc#1222796).
- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
  (git-fixes CVE-2021-47216 bsc#1222876).
- Update
  (git-fixes CVE-2021-47192 bsc#1222867).
- Update
  (bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
  (bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
  (git-fixes CVE-2021-47193 bsc#1222879).
- Update
  (git-fixes CVE-2021-47191 bsc#1222866).
- Update
  (git-fixes CVE-2021-47219 bsc#1222824).
- Update patches.suse/scsi-ufs-core-Improve-SCSI-abort-handling
  (git-fixes CVE-2021-47188 bsc#1222671).
- Update
  (git-fixes CVE-2021-47218 bsc#1222791).
- Update
  (stable-5.14.21 CVE-2021-47202 bsc#1222878).
- Update
  (git-fixes CVE-2021-47185 bsc#1222669).
- Update
  (git-fixes CVE-2021-47206 bsc#1222894).
- Update
  (git-fixes CVE-2021-47210 bsc#1222901).
- commit 48b69db

- iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
- Refresh
- commit d93f0f0

- Update
  (git-fixes CVE-2024-26779 bsc#1222772).
- commit c8c8675

- wifi: wfx: fix possible NULL pointer dereference in
  wfx_set_mfp_ap() (CVE-2023-52593 bsc#1221042).
- commit 846e85e

- iommu/mediatek: Flush IOTLB completely only if domain has
  been attached (git-fixes).
- commit 623c929

- media: rkisp1: Fix IRQ disable race issue (CVE-2023-52589
- commit e4627b0

- iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
- commit b3bdbef

- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
- commit 9b2027c

- iommu/amd: Don't block updates to GATag if guest mode is on
- commit 9ffdfc7

- iommu/rockchip: Fix unwind goto issue (git-fixes).
- commit c8c9239

- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
- commit e7967c5

- iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
- commit 6d1aa27

- iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c
- commit 452d862

- iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if  any
- commit 161366f

- x86/xen: add CPU dependencies for 32-bit build (git-fixes).
- commit b3ada40

- xen/events: close evtchn after mapping cleanup (CVE-2024-26687,
- commit eb41ab9

- xen/xenbus: document will_handle argument for
  xenbus_watch_path() (git-fixes).
- commit c749895

- blacklist.conf: Append 'drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()''
- commit f765ec7

- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit b98055d

- blacklist.conf: Append 'drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()''
- commit 182dade

- ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
- libceph: init the cursor when preparing sparse read in msgr2
  (bsc#1222247 CVE-2023-52636).
- ceph: switch to corrected encoding of max_xattr_size in mdsmap
- libceph: just wait for more data to be available on the socket
  (bsc#1222247 CVE-2023-52636).
- libceph: rename read_sparse_msg_*() to
  read_partial_sparse_msg_*() (bsc#1222247 CVE-2023-52636).
- commit c683288

- serial: sc16is7xx: convert from _raw_ to _noinc_ regmap
  functions for FIFO (bsc#1221162 CVE-2023-52488).
- commit 0ac4803

- iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
- commit aa65491

- Refresh patches.kabi/kabi-allow-extra-bugints.patch. (bsc#1222952)
- commit a04a1a9

- iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
  configuration in IRTE (git-fixes).
- commit 9b574c1

- afs: Fix endless loop in directory parsing (bsc#1223030
- commit 38522d0

- iommu/vt-d: Allow zero SAGAW if second-stage not supported
- commit 9bb9de0

- ext4: regenerate buddy after block freeing failed if under fc
  replay (bsc#1220342 CVE-2024-26601).
- commit c12e20f

- iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
- commit f532194

- iommu/amd: Add a length limitation for the ivrs_acpihid
  command-line parameter (git-fixes).
- commit 8f23b5e

- x86/xen: fix percpu vcpu_info allocation (git-fixes).
- commit 87554ac

- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- commit 6fc55b4

- blacklist.conf: Blacklist 83e80a6e3543f3
- commit 62a580e

- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
  (bsc#1222721 CVE-2024-26764).
- commit b81d662

- fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via
  libaio (bsc#1222721 CVE-2024-26764).
- commit 6f0ed6e

- ext4: avoid allocating blocks from corrupted group in
  ext4_mb_try_best_found() (bsc#1222618 CVE-2024-26773).
- commit 821043d

- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- commit 78b0780

- xen-netback: properly sync TX responses (git-fixes).
- commit b347f75

- xen/gntdev: Fix the abuse of underlying struct page in DMA-buf
  import (git-fixes).
- commit 78d5534

- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (stable-5.14.21 CVE-2021-47202 bsc#1222878)
- commit 9b2ed28

- drm/amd/display: Implement bounds check for stream encoder creation (bsc#1222266 CVE-2024-26660)
- commit 3a8faf0

- iommu/amd: Fix error handling for pdev_pri_ats_enable()
- commit 9598a5a

- Update
  (bsc#1222609 CVE-2024-26747).
  Added CVE reference
- commit c356fce

- iommu/vt-d: Fix error handling in sva enable/disable paths
- commit a7d0d80

- iommu/iova: Fix alloc iova overflows issue (git-fixes).
- commit 997077c

- iommu/vt-d: Allocate local memory for page request queue
- commit 29949ff

- powerpc/pseries/iommu: LPAR panics when rebooted with a frozen
  PE (bsc#1222011 ltc#205900).
- commit 92932bc

- Update references in
  (bsc#1221044 bsc#1221088 CVE-2023-52591 CVE-2023-52590).
- commit 6a6852e

- Update patches.suse/spi-fix-use-after-free-of-the-add_lock-mutex.patch (git-fixes CVE-2021-47195 bsc#1222832)
- commit e8d48f1

- mm/vmalloc: huge vmalloc backing pages should be split rather
  than compound (bsc#1217829).
- commit 539be83

- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
  (bsc#1222630 CVE-2024-26805).
- commit 62396b0

- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (bsc#1222726 CVE-2024-26766)
- commit dc4bba0

- spi: cadence-qspi: fix pointer reference in runtime PM hooks (CVE-2024-26807 bsc#1222801)
- commit 4dd5f9f

- Update
  (git-fixes CVE-2024-26769 bsc#1222727).
- commit fb3505a

- Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch
  (git-fixes bsc#1222449 CVE-2024-26744)
- Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch
  (git-fixes bsc#1222677 CVE-2024-26743)
- Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch
  (git-fixes bsc#1222726 CVE-2024-26766)
- commit c5a8a5e

- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- commit 1af9c1e

- NFS: avoid spurious warning of lost lock that is being unlocked
- commit 1efde72

- gtp: fix use-after-free and null-ptr-deref in
  gtp_genl_dump_pdp() (bsc#1222428 CVE-2024-26793 bsc#1222632
- commit eebe79d

- Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781)
- commit 3445a30

- Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784)
- commit fa581a2

- Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764)
- commit 97121f5

- iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. (CVE-2023-52627 bsc#1222051)
- commit e5bef1f

- dm: don't lock fs when the map is NULL during suspend or resume
- commit 78ef342

- blacklist.conf: add a commit for bcache typo fix.
- commit 22e6069

- dm integrity: fix out-of-range warning (git-fixes).
- dm: call the resume method on internal suspend (git-fixes).
- dm raid: fix false positive for requeue needed during reshape
- dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes).
- md: don't clear MD_RECOVERY_FROZEN for new dm-raid until resume
- md/raid1: fix choose next idle in read_balance() (git-fixes).
- md: Don't clear MD_CLOSING when the raid is about to stop
- dm-verity, dm-crypt: align "struct bvec_iter" correctly
- dm-crypt: don't modify the data when using authenticated
  encryption (bsc#1222720, CVE-2024-26763).
- dm-crypt, dm-verity: disable tasklets (bsc#1222416, CVE-2024-26718).
- dm-integrity: don't modify bio's immutable bio_vec in
  integrity_metadata() (git-fixes).
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm verity: don't perform FEC for failed readahead IO
- bcache: avoid NULL checking to c->root in run_cache_set()
- bcache: add code comments for bch_btree_node_get() and
  __bch_btree_node_alloc() (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
  btree_gc_coalesce() (git-fixes).
- bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up
  race (git-fixes).
- bcache: fixup lock c->root error (git-fixes).
- bcache: fixup init dirty data errors (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: remove redundant assignment to variable cur_idx
- bcache: check return value from btree_node_alloc_replacement()
- bcache: avoid oversize memory allocation by small stripe_size
- dm-delay: fix a race between delay_presuspend and delay_bio
- nd_btt: Make BTT lanes preemptible (git-fixes).
- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and
  check its return value (git-fixes).
- dm zoned: free dmz->ddev array in dmz_put_zoned_devices
- nvdimm: Fix dereference after free in register_nvdimm_pmu()
- nvdimm: Fix memleak of pmu attr_groups in
  unregister_nvdimm_pmu() (git-fixes).
- dm cache policy smq: ensure IO doesn't prevent cleaner policy
  progress (git-fixes).
- dm raid: clean up four equivalent goto tags in raid_ctr()
- dm raid: fix missing reconfig_mutex unlock in raid_ctr()
  error paths (git-fixes).
- dm integrity: reduce vmalloc space footprint on 32-bit
  architectures (git-fixes).
- dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client
- bcache: fixup btree_cache_wait list damage (git-fixes).
- bcache: Fix __bch_btree_node_alloc to make the failure behavior
  consistent (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations
- bcache: Remove dead references to cache_readaheads (git-fixes).
- dm thin metadata: check fail_io before using data_sm
- dm: don't lock fs when the map is NULL in process of resume
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init()
  error path (git-fixes).
- dm clone: call kmem_cache_destroy() in dm_clone_init() error
  path (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC
- dm stats: check for and propagate alloc_percpu failure
- dm crypt: avoid accessing uninitialized tasklet (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- commit 876bda1

- dm thin: fix deadlock when swapping to thin device
- Use above upstream patch, delete in-house patch,
- commit f651b2e

- dm cache: add cond_resched() to various workqueue loops
- dm thin: add cond_resched() to various workqueue loops
- dm: add cond_resched() to dm_wq_work() (git-fixes).
- dm: remove flush_scheduled_work() during local_exit()
- dm: send just one event on resize, not two (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
- dm flakey: don't corrupt the zero page (git-fixes).
- dm init: add dm-mod.waitfor to wait for asynchronously probed
  block devices (git-fixes).
- libnvdimm/region: Allow setting align attribute on regions
  without mappings (git-fixes).
- bcache:: fix repeated words in comments (git-fixes).
- bcache: bset: Fix comment typos (git-fixes).
- bcache: remove unused bch_mark_cache_readahead function def
  in stats.h (git-fixes).
- bcache: remove unnecessary flush_workqueue (git-fixes).
- nvdimm/namespace: drop nested variable in
  create_namespace_pmem() (git-fixes).
- bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous
  device registration' (git-fixes).
- nvdimm: Fix badblocks clear off-by-one error (git-fixes).
- nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
- nvdimm: Allow overwrite in the presence of disabled dimms
- bcache: use default_groups in kobj_type (git-fixes).
- bcache: fixup bcache_dev_sectors_dirty_add() multithreaded
  CPU false sharing (git-fixes).
- bcache: use bvec_kmap_local in bio_csum (git-fixes).
- bcache: fix NULL pointer reference in cached_dev_detach_finish
- bcache: replace snprintf in show functions with sysfs_emit
- bcache: move uapi header bcache.h to bcache code directory
- bcache: remove bch_crc64_update (git-fixes).
- bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
- commit fd7b7d9

- bcache: remove the backing_dev_name field from struct cached_dev
- Rebased for the above change,
- commit fddbf12

- bcache: remove the cache_dev_name field from struct cache
- bcache: move calc_cached_dev_sectors to proper place on backing
  device detach (git-fixes).
- bcache: fix error info in register_bcache() (git-fixes).
- commit b239072

- scsi: target: pscsi: Fix bio_put() for error case (bsc#1222596
- commit 54b96d8

- arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as (CVE-2023-52561 bsc#1220935)
- commit 003c2c9

- selftests/bpf: Test racing between bpf_timer_cancel_and_free
  and bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- bpf: Fix racing between bpf_timer_cancel_and_free and
  bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- commit 141641a

- iio: adc: ad7091r: Allow users to configure device events (CVE-2023-52627 bsc#1222051)
- commit 4afaad3

- ARM: ep93xx: Add terminator to gpiod_lookup_table (CVE-2024-26751 bsc#1222724)
- commit 9f7da20

- Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610)
- commit fb21423

- Update
  (git-fixes CVE-2021-47189 bsc#1222706).
- commit 95bc72d

- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
  Properly check whether the feature we are patching in the alternatives
  is a feature or a bug. This was broken because in apply_alternative()
  boot_cpu_has is used and if we have an alternative that depends on a bug
  bit (such as X86_BUG_SYSRET_SS_ATTRS) the boot_cpu_has will erroneously
  check if this bit is set in the feature ints rather than the bug ints.
  While at it ensure that static_cpu_has isn't called with extended
  bugs features as those aren't supported right now.
- commit 793068f

- Refresh
  Drop a bogus hunk. It was introduced by mistake.
  Fixes: acf0d9920aee
- commit 3a754ef

- Update
  (git-fixes CVE-2024-26749 bsc#1222680).
- commit 515d996

- Update
  (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678).
- commit 3731b61

- blacklist.conf: Add f7ec1cd5cc7e getrusage: use sig->stats_lock rather than lock_task_sighand()
  and its prereqs
- commit 0650209

- tee: amdtee: fix use-after-free vulnerability in
  amdtee_close_session (bsc#1220915 CVE-2023-52503).
- commit 926b64b

- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- Delete
- commit bf0e61f

- Update
  (git-fixes CVE-2021-47185).
- commit de9e1db

- Update
  (bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit 720685d

- blacklist.conf: Add d9b3ce8769e3 mm: writeback: ratelimit stat flush from mem_cgroup_wb_stats
- commit 3201b4c

- Update
  (git-fixes CVE-2021-47182 bsc#1222662).
- commit 641c737

- Update
  (git-fixes CVE-2021-47181 bsc#1222660).
- commit 27da195

- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
- commit c307f9b

- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
- commit 3d3186c

- PCI/PM: Drain runtime-idle callbacks before driver removal
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
- PCI/AER: Block runtime suspend when handling errors (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
- PCI/DPC: Quirk PIO log size for certain Intel Root Ports
- Refresh
- PCI: Drop pci_device_remove() test of pci_dev->driver
- commit 1625155

- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
- commit aed9764

- net/sched: act_mirred: don't override retval if we already
  lost the skb (CVE-2024-26733 bsc#1222585).
- commit 57213f3

- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- commit aa158b4

- kprobes: Fix double free of kretprobe_holder (bsc#1220901).
- commit 7ab1530

- Update
  (git-fixes CVE-2024-26736 bsc#1222586).
- commit 95b873b

- Update
  (bsc#1219126 CVE-2024-23850 CVE-2024-26727 bsc#1222536).
- commit 9619dfe

- Update
  (git-fixes CVE-2024-26697 bsc#1222550).
- commit a10bcda

- nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
  (bsc#1222549 CVE-2024-26696).
- commit b7a4096

- Update
  (git-fixes CVE-2024-26722 bsc#1222520).
- commit 227851b

- blacklist.conf: kABI
- commit b7c2dcf

- blacklist.conf: kABI
- commit 4fed026

- blacklist.conf: kABI
- commit 9643918

- ring-buffer: Make wake once of ring_buffer_wait() more robust
- commit 9369b70

- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- commit 0c26abb

- ext4: fix double-free of blocks due to wrong extents moved_len
  (bsc#1222422 CVE-2024-26704).
- commit 4e96ad3

- net: stmmac: xgmac: use #define for string constants
  (bsc#1222445 CVE-2024-26684).
- net: stmmac: xgmac: fix a typo of register name in DPP safety
  handling (bsc#1222445 CVE-2024-26684).
- commit d142965

- netdevsim: avoid potential loop in nsim_dev_trap_report_work()
  (git-fixes CVE-2024-26681 bsc#1222431).
- commit 6e625f6

- References update
- commit e2989ce

- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit 4edf006

- net: stmmac: xgmac: fix handling of DPP safety error for DMA
  channels (bsc#1222445 CVE-2024-26684).
- commit f5bac1a

- gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
  (bsc#1222428 CVE-2024-26793).
- net: atlantic: Fix DMA mapping for PTP hwts ring (bsc#1222427
- commit 8477f57

- ring-buffer: Use wait_event_interruptible() in
  ring_buffer_wait() (git-fixes).
- commit a852b18

- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- commit a44bf56

- ring-buffer: Do not set shortest_full when full target is hit
- commit 4381c01

- tracing: Use .flush() call to wake up readers (git-fixes).
- commit d993c13

- ring-buffer: Fix resetting of shortest_full (git-fixes).
- commit 966f555

- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- commit 676cf24

- tracing: Remove precision vsnprintf() check from print event
- commit 6b7c133

- tracing: Have saved_cmdlines arrays all in one allocation
- commit 49f31e7

- blacklist.conf: We don't have annotate_noendbr in this kernel
  So shut up the warning.
- commit f6d75ac

- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- commit eb744cd

- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
  (bsc#1219264 CVE-2024-0841).
- commit fe3c052

- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
  (bsc#1219264 CVE-2024-0841).
- commit aa8204a

- nilfs2: fix potential bug in end_buffer_async_write (bsc#1222437
- commit dafe6fe

- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
- commit a849be1

- blacklist.conf: kABI
- commit 94d8026

- net: usb: ax88179_178a: avoid the interface always configured
  as random address (git-fixes).
- commit c53377c

- pci_iounmap(): Fix MMIO mapping leak (git-fixes).
- commit 629693d

- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- Drivers: hv: vmbus: Calculate ring buffer size for more
  efficient use of memory (git-fixes).
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER
  missed (git-fixes).
- hv_netvsc: Fix race condition between netvsc_probe and
  netvsc_remove (git-fixes).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not
  4 Kbytes (git-fixes).
- commit 82617ea

- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- commit 22061fc

- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- commit a61527a

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card")
- commit 4b90502

- arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
- commit b828266

- blacklist.conf: add a couple of PCI git-fixes
- commit 37743ca

- ata: sata_mv: Fix PCI device ID table declaration compilation
  warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
- ASoC: amd: acp: fix for acp_init function error handling
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support
  headset with microphone (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the
  CCS (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- commit 56ef24f

- scsi: pm80xx: Avoid leaking tags when processing
  OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
- commit fc88013

- KVM: x86: Add BHI_NO (bsc#1217339 CVE-2024-2201).
- commit c0e1ffe

- Update
  (git-fixes CVE-2024-26654 bsc#1222304).
- Update
  (git-fixes CVE-2024-26717 bsc#1222360).
- Update
  (bsc#1219443 CVE-2024-26670 bsc#1222356).
- Update
  (git-fixes CVE-2024-26695 bsc#1222373).
- Update
  (git-fixes CVE-2024-26667 bsc#1222331).
- Update
  (git-fixes CVE-2024-26664 bsc#1222355).
- Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch
  (bsc#1218968 CVE-2024-26629 bsc#1221379).
- Update
  (git-fixes CVE-2024-26599 bsc#1220365).
- Update
  (git-fixes bsc1220398 CVE-2024-26602 bsc#1220398).
- Update
  (git-fixes CVE-2024-26627 bsc#1221090).
- Update
  (git-fixes CVE-2024-26651 bsc#1221337).
- Update
  (git-fixes CVE-2024-26645 bsc#1222056).
- Update
  (git-fixes CVE-2024-26659 bsc#1222317).
- commit bd16cf6

- Update
  (git-fixes CVE-2023-52518 bsc#1221056).
- Update
  (git-fixes CVE-2023-52604 bsc#1221067).
- Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch
  (git-fixes CVE-2023-52587 bsc#1221082).
- Update
  (git-fixes bsc#1220393 CVE-2023-52639 bsc#1222300).
- Update
  (git-fixes CVE-2023-52617 bsc#1221613).
- Update
  (git-fixes CVE-2023-52623 bsc#1222060).
- Update
  (git-fixes CVE-2023-52603 bsc#1221066).
- Update
  (git-fixes CVE-2023-52494 bsc#1221273).
- Update
  (git-fixes CVE-2023-52493 bsc#1221274).
- Update
  (git-fixes CVE-2023-52637 bsc#1222291).
- Update
  (git-fixes CVE-2023-52612 bsc#1221616).
- Update
  (git-fixes CVE-2023-52486 bsc#1221277).
- Update
  (git-fixes CVE-2023-52632 bsc#1222274).
- Update
  (git-fixes CVE-2023-52563 bsc#1220937).
- Update
  (git-fixes CVE-2023-52615 bsc#1221614).
- Update
  (bsc#1215921 CVE-2023-52484 bsc#1220797).
- Update
  (git-fixes CVE-2023-52601 bsc#1221068).
- Update
  (git-fixes CVE-2023-52599 bsc#1221062).
- Update
  (git-fixes CVE-2023-52602 bsc#1221070).
- Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch
  (git-fixes CVE-2023-52600 bsc#1221071).
- Update
  (bsc#1218958 CVE-2023-52450 bsc#1220237).
- Update
  (git-fixes CVE-2023-52619 bsc#1221618).
- Update
  (git-fixes CVE-2023-52500 bsc#1220883).
- Update
  (git-fixes CVE-2023-52594 bsc#1221045).
- Update
  (git-fixes CVE-2023-52595 bsc#1221046).
- commit b1046c1

- Update
  (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc

- mm,page_owner: Fix printing of stack records (bsc#1222366).
- commit a7b445d

- mm,page_owner: Fix accounting of pages when migrating
- commit 37b3731

- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- commit 4dc29b0

- iommu/mediatek: Fix forever loop in error handling (git-fixes).
- commit 21d467e

- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
- commit 66a189d

- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- commit b2b2b31

- mm,page_owner: fix recursion (bsc#1222366).
- commit 4517a6d

- mm,page_owner: drop unnecessary check (bsc#1222366).
- commit 0c42427

- mm,page_owner: check for null stack_record before bumping its
  refcount (bsc#1222366).
- commit 81f3531

- Update patches metadata
- commit f6df04d

- x86/bhi: Mitigate KVM by default (bsc#1217339 CVE-2024-2201).
- commit e8a52ff

- x86/bhi: Add BHI mitigation knob (bsc#1217339 CVE-2024-2201).
- Update config files.
- commit 66b3207

- x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1217339 CVE-2024-2201).
- commit 797a250

- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace  (bsc#1217339 CVE-2024-2201).
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- commit d9a50a1

- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1217339 CVE-2024-2201).
- commit c5355fd

- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
  Extend existing functionality to allow adding extra feature words in
  addition to extra bug words. This code is adjusted from SLE12-SP5 patch.
- commit 44177f4

- x86/bhi: Add support for clearing branch history at syscall entry (bsc#1217339 CVE-2024-2201).
- commit 7297553

- x86/cpufeature: Add missing leaf enumeration (bsc#1217339 CVE-2024-2201).
- commit 72a3a61

- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
- drm/i915/bios: Tolerate devdata==NULL in
  intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2
- drm/amd/display: Return the correct HDCP error code
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
- drm/exynos: do not return negative values from .get_modes()
- drm/panel: do not return negative error codes from
  drm_panel_get_modes() (stable-fixes).
- drm/probe-helper: warn about negative .get_modes()
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
- drm/amd/display: handle range offsets in VRR ranges
- commit 9310237

- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
  (bsc#1209657 CVE-2023-0160).
- blacklist.conf: omit previous incomplete sockmap fix
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t
- commit 9a86a18

- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- commit f738a42

- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
  (bsc#1209657 CVE-2023-0160).
- commit 989b8c6

- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e

- netfilter: nf_tables: disallow anonymous set with timeout flag
  (CVE-2024-26642 bsc#1221830).
- commit 02a907f

- netfilter: ctnetlink: fix possible refcount leak in
  ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032

- usb: typec: ucsi: Check for notifications after init
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
- usb: typec: Return size of buffer if pd_set operation succeeds
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface()
- staging: vc04_services: fix information leak in
  create_component() (git-fixes).
- commit 74f6b3e

- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/qxl: remove unused variable from
  `qxl_process_single_command()` (git-fixes).
- drm/qxl: remove unused `count` variable from
  `qxl_surface_id_alloc()` (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if
  needed (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object()
  in acpi_db_walk_for_fields() (git-fixes).
- commit 22f136e

- README.BRANCH: Remove copy of branch name
- commit 4834fba

- README.BRANCH: Remove copy of branch name
- commit 9b22290

- thermal: intel: hfi: Add syscore callbacks for system-wide PM
  (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Disable an HFI instance when all its CPUs
  go offline (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Enable an HFI instance from its first
  online CPU (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Refactor enabling code into helper
  functions (CVE-2024-26646 bsc#1222070).
- commit 8d3563b

- ASoC: meson: t9015: fix function pointer type mismatch
- drm/tegra: hdmi: Fix some error handling paths in
  tegra_hdmi_probe() (git-fixes).
- drm/tegra: dsi: Fix some error handling paths in
  tegra_dsi_probe() (git-fixes).
- net/x25: fix incorrect parameter validation in the
  x25_getsockopt() function (git-fixes).
- Bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- lib/cmdline: Fix an invalid format specifier in an assertion
  msg (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio
- firewire: core: use long bus reset on gap count error
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
- drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
- commit 2335ed9

- ACPI: resource: Add Infinity laptops to
  irq1_edge_low_force_override (stable-fixes).
- Refresh
- commit a322c3a

- ASoC: meson: aiu: fix function pointer type mismatch
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono
  mode (stable-fixes).
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi
  Vi8 tablet (stable-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise
- ASoC: meson: Use dev_err_probe() helper (stable-fixes).
- commit 8f94a4d

- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- ALSA: aoa: avoid false-positive format truncation warning
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
- wifi: iwlwifi: fw: don't always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
- net: ll_temac: platform_get_resource replaced by wrong function
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
- commit a43d7a1

- ipv6: init the accept_queue's spinlocks in inet6_create
  (bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f

- net/bnx2x: Prevent access to a freed page in page_pool
- commit 6d39ac9

- tcp: make sure init the accept_queue's spinlocks once
  (bsc#1221293 CVE-2024-26614).
- commit 943f002

- powerpc/boot: Disable power10 features after BOOTAFLAGS
  assignment (bsc#1194869).
- commit 17f8de7

- powerpc/boot: Fix boot wrapper code generation with
  CONFIG_POWER10_CPU (bsc#1194869).
- commit 9b67460

- powerpc/lib: Validate size for vector operations (bsc#1194869 CVE-2023-52606 bsc#1221069).
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
  (CVE-2023-52607 bsc#1221061).
- powerpc: add compile-time support for lbarx, lharx
- Update config files.
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- Update config files.
- powerpc/sstep: Use bitwise instead of arithmetic operator for
  flags (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
- powerpc/lib/sstep: Don't use __{get/put}_user() on kernel
  addresses (bsc#1194869).
- commit b17389a

- RDMA/mlx5: Relax DEVX access upon modify commands (git-fixes)
- commit 9423a91

- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (git-fixes)
- commit 16e4eca

- Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
  This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d.
  This fixes bsc#1221814
- commit bc3a73c

- Update
  (git-fixes CVE-2023-52519 bsc#1220920).
- Update
  (git-fixes CVE-2023-52529 bsc#1220929).
- Update
  (git-fixes CVE-2023-52474 bsc#1220445).
- Update
  (git-fixes CVE-2023-52513 bsc#1221022).
- Update
  (git-fixes CVE-2023-52515 bsc#1221048).
- Update
  (git-fixes CVE-2023-52564 bsc#1220938).
- Update
  (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
  (git-fixes CVE-2023-52510 bsc#1220898).
- Update
  (git-fixes CVE-2023-52524 bsc#1220927).
- Update
  (git-fixes CVE-2023-52528 bsc#1220843).
- Update
  (git-fixes CVE-2023-52507 bsc#1220833).
- Update
  (git-fixes CVE-2023-52566 bsc#1220940).
- Update
  (bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
  (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
  (git-fixes CVE-2023-52520 bsc#1220921).
- Update
  (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
  (git-fixes CVE-2023-52501 bsc#1220885).
- Update
  (git-fixes CVE-2023-52567 bsc#1220839).
- Update
  (git-fixes CVE-2023-52517 bsc#1221055).
- Update
  (git-fixes CVE-2023-52511 bsc#1221012).
- Update
  (git-fixes CVE-2023-52525 bsc#1220840).
- Update
  (git-fixes CVE-2023-52504 bsc#1221553).
- Update
  (git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0

- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
  (bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
  (git-fixes CVE-2022-48629 bsc#1220989).
- Update
  (git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886

- Update
  (git-fixes CVE-2021-46926 bsc#1220478).
- Update
  (git-fixes CVE-2021-47096 bsc#1220981).
- Update
  (git-fixes CVE-2021-47104 bsc#1220960).
- Update
  (git-fixes CVE-2021-47097 bsc#1220982).
- Update
  (git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
  (git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
  (git-fixes CVE-2021-47101 bsc#1220987).
- Update
  (git-fixes CVE-2021-47108 bsc#1220986).
- Update
  (git-fixes CVE-2021-47098 bsc#1220983).
- Update
  (git-fixes CVE-2021-47100 bsc#1220985).
- Update
  (bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
  (git-fixes CVE-2021-47091 bsc#1220959).
- Update
  (bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
  (git-fixes CVE-2021-47102 bsc#1221009).
- Update
  (git-fixes CVE-2021-46925 bsc#1220466).
- Update
  (git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
  (git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
  (CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
  (jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
  (bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
- Update
  (git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
  (git-fixes CVE-2021-46930 bsc#1220484).
- Update
  (git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e

- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- commit 1bac2ee

- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- commit 0a6b09b

- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- commit 11123f1

- selftests/bpf: add generic BPF program tester-loader
- Refresh patches.suse/selftests-bpf-convenience-macro-for-use-with-asm-vol.patch
- commit fac2b7e

- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - resolve race condition during AER recovery
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - fix unregistration of compression algorithms
- crypto: qat - fix unregistration of crypto algorithms
- crypto: qat - ignore subsequent state up commands (git-fixes).
- commit 57086a4

- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- commit b45a9b9

- PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
- PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
- commit 71917a0

- md/raid5: fix atomicity violation in raid5_cache_count
  (bsc#1219169, CVE-2024-23307).
- commit 30c5680

- s390/vtime: fix average steal time calculation (git-fixes
- commit dcc65eb

- s390/ptrace: handle setting of fpc register correctly
  (CVE-2023-52598 bsc#1221060 git-fixes).
- commit 997994b

- wifi: ath10k: fix NULL pointer dereference in
  ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
- commit 1784f9f

- ubi: Check for too small LEB size in VTBL code (bsc#1219834
- commit ad7e175

- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
- commit 617f4f7

- PCI: rockchip: Fix window mapping and address translation for
  endpoint (git-fixes).
- Refresh
- commit ebc378b

- PCI: qcom: Enable BDF to SID translation properly (git-fixes).
- PCI: mediatek-gen3: Fix translation window size calculation
- PCI: mediatek: Clear interrupt status before dispatching handler
- PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment
  support (git-fixes).
- PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
- Revert "PCI: tegra194: Enable support for 256 Byte payload"
- PCI: fu740: Set the number of MSI vectors (git-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL
- PCI: Add locking to RMW PCI Express Capability Register
  accessors (git-fixes).
- kABI: PCI: Add locking to RMW PCI Express Capability Register
  accessors (kabi).
- PCI: qcom: Use DWC helpers for modifying the read-only DBI
  registers (git-fixes).
- commit 150da46

- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- commit 20654b5

- wifi: ath11k: decrease MHI channel buffer length to 8KB
- commit ccda276

- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- commit 76719ba

- nvme: fix reconnection fail due to reserved tag allocation
- commit 08c50ef

- blacklist.conf: add a couple of PCI ones
- commit 37e30e0

- bpf, scripts: Correct GPL license name (git-fixes).
- commit b7a1062

- Refresh
  Add another commit id
- commit 6697f38

- blacklist.conf: add unwanted nfs commit
- commit a4cc44e

- NFSv4.2: fix wrong shrinker_id (git-fixes).
- commit 5ba59c3

- Add cherry-picked id of amdgpu patch (git-fixes)
- commit 3498702

- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
- spi: lm70llp: fix links in doc and comments (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- nouveau: reset the bo resource bus info after an eviction
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
- kconfig: fix infinite loop when expanding a macro at the end
  of file (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx()
  API (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- serial: 8250_exar: Don't remove GPIO device on suspend
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
- serial: max310x: fix syntax error in IRQ error message
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to
  net2272_probe_fin (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma
- usb: audio-v2: Correct comments for struct
  uac_clock_selector_descriptor (git-fixes).
- commit d110a91

- blacklist.conf: add usb gadget patch to be reverted later
- commit d1cbd2f

- Add cherry-picked id to amdgpu patch
- commit 2d7799f

- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a

- ubifs: Queue up space reservation tasks if retrying many times
- commit 061dcaa

- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed
- commit 493a02c

- ubifs: Remove unreachable code in dbg_check_ltab_lnum
- commit 2771652

- ubifs: fix sort function prototype (git-fixes).
- commit 6125609

- Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes bsc#1221276 CVE-2023-52492)
- commit 7007f7d

- ubifs: Set page uptodate in the correct place (git-fixes).
- commit 219703b

- iommu/vt-d: Allow to use flush-queue when first level is
  default (git-fixes).
- commit 1821f9c

- iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
- commit 23b5322

- iommu/vt-d: Set No Execute Enable bit in PASID table entry
- commit 3ba9d71

- iommu/mediatek-v1: Fix an error handling path in
  mtk_iommu_v1_probe() (git-fixes).
- commit 3b5ce5d

- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
  (bsc#1219170 CVE-2024-22099).
- commit ece27a6

- scsi: qla2xxx: Update version to (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Change debug message during driver unload
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- commit ac0c897

- scsi: lpfc: Copyright updates for patches
- scsi: lpfc: Update lpfc version to (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3
  ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr
- scsi: lpfc: Use a dedicated lock for ras_fwlog state
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
- scsi: lpfc: Replace hbalock with ndlp lock in
  lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
  (bsc#1221777 bsc#1217959).
- scsi: lpfc: Move NPIV's transport unregistration to after
  resource clean up (bsc#1221777).
- scsi: lpfc: Remove unnecessary log message in queuecommand path
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- commit 173a64c

- firmware: arm_scmi: Check mailbox/SMT channel for consistency (bsc#1221375 CVE-2023-52608)
- commit f829935

- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- commit dfc50d6

- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- commit c06fc74

- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- commit b983475

- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is
  shut down (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE
- NFSD: change LISTXATTRS cookie encoding to big-endian
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- commit 90396a4

- clk: zynq: Prevent null pointer dereference caused by kmalloc
  failure (git-fixes).
- commit 6c59283

- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
- commit c2aa41d

- iommu/dma: Trace bounce buffer usage when mapping buffers
- commit e3645be

- media: staging: ipu3-imgu: Set fields before
  media_entity_pads_init() (git-fixes).
- commit 5978536

- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- commit 936859f

- Drop temporarily amdgpu patch (to be reapplied later)
- commit 809ae8f

- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- commit 373361b

- RDMA/device: Fix a race between mad_client and cm_client init (git-fixes)
- commit 5b52744

- RDMA/hns: Fix mis-modifying default congestion control algorithm (git-fixes)
- commit 95141c0

- RDMA/srpt: Do not register event handler until srpt device is fully setup (git-fixes)
- commit 5d33595

- RDMA/irdma: Remove duplicate assignment (git-fixes)
- commit 9841c04

- blacklist.conf: cleanup only
- commit ecab69c

- blacklist.conf: kABI
- commit 94731b9

- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
- commit dc89308

- drm/amd/display: Fix possible underflow for displays with
  large vblank (git-fixes).
- drm/amd/display: Revert vblank change that causes null pointer
  crash (git-fixes).
- commit 7e422d7

- Revert "Revert "drm/amdgpu/display: change pipe policy for
  DCN 2.0"" (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty
  rectangles (git-fixes).
- commit 7922bac

- Refresh patches.suse/drm-amd-display-always-switch-off-ODM-before-committ.patch
  Add cherry-pickd id
- commit feac6cf

- Refresh patches.suse/drm-amd-display-Write-to-correct-dirty_rect.patch
  Add cherry-picked id
- commit d1b610a

- drm/amd/display: For prefetch mode > 0, extend prefetch if
  possible (git-fixes).
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
- drm/amd/display: Increase frame warning limit with KASAN or
  KCSAN in dml (git-fixes).
- drm/amd: Enable PCIe PME from D3 (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/display: fix ABM disablement (git-fixes).
- drm/amd/display: Update min Z8 residency time to 2100 for DCN314
- drm/amd/display: Remove min_dst_y_next_start check for Z8
- drm/amd/display: Use DRAM speed from validation for dummy
  p-state (git-fixes).
- drm/amdgpu: Force order between a read and write to the same
  address (git-fixes).
- drm/amd/display: Include udelay when waiting for INBOX0 ACK
- drm/i915: Call intel_pre_plane_updates() also for pipes getting
  enabled (git-fixes).
- drm/panel: auo,b101uan08.3: Fine tune the panel power sequence
- drm/amd/display: Enable fast plane updates on DCN3.2 and above
- drm/amd/display: fix a NULL pointer dereference in
  amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: Guard against invalid RPTR/WPTR being set
- drm/amdgpu: lower CS errors to debug severity (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
- drm/i915: Add missing CCS documentation (git-fixes).
- drm/amdgpu: Unset context priority is now invalid (git-fixes).
- drm/panel: Move AUX B116XW03 out of panel-edp back to
  panel-simple (git-fixes).
- Revert "drm/amd: Disable S/G for APUs when 64GB or more host
  memory" (git-fixes).
- drm/amd/display: always switch off ODM before committing more
  streams (git-fixes).
- drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for
  DCN31 (git-fixes).
- drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK
- drm/amd/display: Fix a bug when searching for insert_above_mpcc
- commit e9791f4

- Refresh patches.suse/drm-amdgpu-vcn-Disable-indirect-SRAM-on-Vangogh-brok.patch (git-fixes)
- commit 633cb3b

- Refresh patches.suse/1398-drm-i915-pass-a-pointer-for-tlb-seqno-at-vma_invalid.patch (git-fixes)
- commit 4cec8c9

- Refresh patches.suse/1866-drm-i915-ttm-fix-32b-build.patch (git-fixes)
- commit a1a2486

- drm/amd/display: ensure async flips are only accepted for fast
  updates (git-fixes).
- drm/exynos: fix a possible null-pointer dereference due to
  data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
- drm/amd/display: Fix underflow issue on 175hz timing
- drm/amd/display: dc.h: eliminate kernel-doc warnings
- drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
- drm/bridge: tc358762: Instruct DSI host to generate HSE packets
- drm/amdgpu: Match against exact bootloader status (git-fixes).
- drm/amd/display: Exit idle optimizations before attempt to
  access PHY (git-fixes).
- drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
- drm/amd/smu: use AverageGfxclkFrequency* to replace previous
  GFX Curr Clock (git-fixes).
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
- drm/ttm: Don't leak a resource on eviction error (git-fixes).
- drm/amd/display: Fix the delta clamping for shaper LUT
- Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON"
- drm/amd/display: Set minimum requirement for using PSR-SU on
  Phoenix (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
  Rembrandt (git-fixes).
- drm/amd/display: Update correct DCN314 register header
- drm/amd/display: Fix possible underflow for displays with
  large vblank (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards
- drm/amd/display: Restore rptr/wptr for DMCUB as workaround
- drm/amd/display: Add FAMS validation before trying to use it
- drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence
- drm/amd/display: add ODM case when looking for first split pipe
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.1"
- commit 5e1df8b

- drm/amd/display: Keep PHY active for dp config (git-fixes).
- drm/ttm: Don't print error message if eviction was interrupted
- Revert "drm/vc4: hdmi: Enforce the minimum rate at
  runtime_resume" (git-fixes).
- drm/amd/display: Write to correct dirty_rect (git-fixes).
- drm/amd/display: clean code-style issues in
  dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate
  modes on dcn315 (git-fixes).
- drm/amd/display: use low clocks for no plane configs
- drm/amd/display: Use min transition for all SubVP plane
  add/remove (git-fixes).
- drm/amd/display: Rework comments on dc file (git-fixes).
- drm/amd/display: Expand kernel doc for DC (git-fixes).
- drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
- drm/amd/display: Update OTG instance in the commit stream
- drm/amd/display: Handle seamless boot stream (git-fixes).
- drm/amd/display: Add function for validate and update new stream
- drm/amd/display: Handle virtual hardware detect (git-fixes).
- drm/amd/display: Include surface of unaffected streams
- drm/amd/display: Copy DC context in the commit streams
- drm/amd/display: Enable new commit sequence only for DCN32x
- drm/amd/display: Rework context change check (git-fixes).
- drm/amd/display: Check if link state is valid (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Acer Switch V 10
  (SW5-017) (git-fixes).
- drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
- drm/vc4: Add module dependency on hdmi-codec (git-fixes).
- drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
- commit 17a985c

- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
- mtd: rawnand: meson: fix scrambling mode value in command macro
- mtd: maps: physmap-core: fix flash size larger than 32-bit
- media: usbtv: Remove useless locks in usbtv_video_free()
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: remove redundant NULL check (git-fixes).
- media: go7007: add check of return value of go7007_read_addr()
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
- media: sun8i-di: Fix chroma difference threshold (git-fixes).
- media: sun8i-di: Fix power on/off sequences (git-fixes).
- media: sun8i-di: Fix coefficient writes (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: em28xx: annotate unchecked call to
  media_device_register() (git-fixes).
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
- media: staging: ipu3-imgu: Set fields before
  media_entity_pads_init() (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop
- mmc: mmci: stm32: fix DMA API overlapping mappings warning
- drm/amd/display: Wrong colorimetry workaround (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned DMA requests
- commit 6d10a8f

- blacklist.conf: kABI
- commit 6018730

- blacklist.conf: merely a cleanup
- commit f35d79c

- xhci: handle isoc Babble and Buffer Overrun events properly
- commit b33a274

- xhci: process isoc TD properly when there was a transaction
  error mid TD (git-fixes).
- commit ef9dcf9

- Refresh patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch (git-fixes)
- commit 51173ed

- Refresh patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes)
- commit 9a337ae

- Refresh patches.suse/drm-amdgpu-display-Initialize-gamma-correction-mode-.patch (git-fixes)
- commit ae35079

- Refresh patches.suse/drm-amd-display-Fix-possible-NULL-dereference-on-dev.patch (git-fixes)
- commit 968007a

- Refresh patches.suse/Revert-drm-amd-display-increased-min_dcfclk_mhz-and-.patch (git-fixes)
- commit 29d289f

- Refresh patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes)
- commit 6c8d470

- Refresh patches.suse/drm-amd-display-Fix-possible-buffer-overflow-in-find.patch (git-fixes)
- commit d66904a

- Refresh patches.suse/drm-amdgpu-Fix-missing-error-code-in-gmc_v6-7-8-9_0_.patch (git-fixes)
- commit 17a587a

- Refresh patches.suse/drm-bridge-sii902x-Fix-probing-race-issue.patch (git-fixes)
- commit 0c6bf24

- Refresh patches.suse/drm-i915-dp-Fix-passing-the-correct-DPCD_REV-for-drm.patch (git-fixes)
- commit eeb30fc

- Refresh patches.suse/drm-amd-Disable-ASPM-for-VI-w-all-Intel-systems.patch (git-fixes)
- commit 2b0efc6

- Refresh patches.suse/drm-amd-Fix-detection-of-_PR3-on-the-PCIe-root-port.patch (git-fixes)
- commit 0458ace

- Refresh patches.suse/drm-amd-display-fix-the-white-screen-issue-when-64GB.patch (git-fixes)
- commit 46ed395

- Refresh patches.suse/drm-amd-display-prevent-potential-division-by-zero-e.patch (git-fixes)
- commit b7ab8de

- Refresh patches.suse/drm-amd-display-enable-cursor-degamma-for-DCN3-DRM-l.patch (git-fixes)
- commit 885580e

- Refresh patches.suse/drm-amd-display-Remove-wait-while-locked.patch (git-fixes)
- commit 43c45c5

- Refresh patches.suse/drm-amd-display-Add-smu-write-msg-id-fail-retry-proc.patch (git-fixes)
- commit b800d81

- Refresh patches.suse/drm-amd-display-register-edp_backlight_control-for-D.patch (git-fixes)
- commit 164cdf4

- Refresh patches.suse/drm-amdgpu-fix-Null-pointer-dereference-error-in-amd.patch (git-fixes)
- commit c814bba

- Refresh patches.suse/drm-amdgpu-gfx10-Disable-gfxoff-before-disabling-pow.patch (git-fixes)
- commit e937913

- Refresh patches.suse/drm-amd-pm-parse-pp_handle-under-appropriate-conditi.patch (git-fixes)
- commit f5d987c

- Refresh patches.suse/drm-amd-display-fix-access-hdcp_workqueue-assert.patch (git-fixes)
- commit 0906f4d

- Refresh patches.suse/drm-amdgpu-nv-Apply-ASPM-quirk-on-Intel-ADL-AMD-Navi.patch (git-fixes)
- commit c25da25

- Refresh patches.suse/drm-amdgpu-Correct-the-power-calcultion-for-Renior-C.patch (git-fixes)
- commit bb8f92f

- Refresh patches.suse/0549-drm-amdgpu-enable-Vangogh-VCN-indirect-sram-mode.patch (git-fixes)
- commit aa42634

- Refresh patches.suse/drm-i915-Never-return-0-if-not-all-requests-retired.patch (git-fixes)
- commit bf8aa0c

- Refresh patches.suse/drm-i915-Fix-negative-value-passed-as-remaining-time.patch (git-fixes)
- commit 33c3117

- Refresh patches.suse/drm-display-dp_mst-Fix-drm_dp_mst_add_affected_dsc_c.patch (git-fixes)
- commit 5f0e59c

- Refresh patches.suse/ (git-fixes)
- commit ae7a01a

- Refresh patches.suse/drm-amdgpu-dm-dp_mst-Don-t-grab-mst_mgr-lock-when-co.patch (git-fixes)
- commit a480119

- Refresh patches.suse/drm-amdgpu-dm-mst-Use-the-correct-topology-mgr-point.patch (git-fixes)
- commit cfd3d6f

- Refresh patches.suse/1625-drm-i915-vdsc-Set-VDSC-PIC_HEIGHT-before-using-for-D.patch (git-fixes)
- commit 0691a9b

- Refresh patches.suse/1585-drm-i915-slpc-Let-s-fix-the-PCODE-min-freq-table-set.patch (git-fixes)
- commit b19cad4

- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
- commit fb1fad7

- Refresh patches.suse/1396-drm-i915-gt-Batch-TLB-invalidations.patch (git-fixes)
- commit 1d66c31

- Refresh patches.suse/1394-drm-i915-gt-Invalidate-TLB-of-the-OA-unit-at-TLB-inv.patch (git-fixes)
- commit 5c89722

- Refresh patches.suse/1393-drm-i915-gt-Ignore-TLB-invalidations-on-idle-engines.patch (git-fixes)
- commit 43ab4df

- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
- commit 9329ad7

- Refresh patches.suse/1859-drm-i915-selftests-fix-subtraction-overflow-bug.patch (git-fixes)
- commit 3943b71

- Refresh patches.suse/1855-drm-i915-ttm-fix-sg_table-construction.patch (git-fixes)
- commit d989f7a

- Refresh patches.suse/1644-i915-guc-reset-Make-__guc_reset_context-aware-of-gui.patch (git-fixes)
- commit 4511955

- Refresh patches.suse/1639-drm-amd-Don-t-reset-dGPUs-if-the-system-is-going-to-.patch (git-fixes)
- commit 69ca555

- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
- commit c52b506

- fs: introduce lock_rename_child() helper (bsc#1221044
  Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0

- rename(): avoid a deadlock in the case of parents having no
  common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098

- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef

- rename(): fix the locking of subdirectories (bsc#1221044
- commit 146d81f

- f2fs: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 5344280

- ext4: don't access the source subdirectory content on
  same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374

- ext2: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 2edcc11

- udf_rename(): only access the child content on cross-directory
  rename (bsc#1221044 CVE-2023-52591).
- commit 0257614

- ocfs2: Avoid touching renamed directory if parent does not
  change (bsc#1221044 CVE-2023-52591).
- commit e786f3a

- reiserfs: Avoid touching renamed directory if parent does not
  change (git-fixes bsc#1221044 CVE-2023-52591).
  Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
  Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca

- fs: don't assume arguments are non-NULL (bsc#1221044
- commit 2177893

- fs: Restrict lock_two_nondirectories() to non-directory inodes
  (bsc#1221044 CVE-2023-52591).
- commit a59a7cb

- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f

- s390/pai: fix attr_event_free upper limit for pai device drivers
  (git-fixes bsc#1221633).
- commit dcd390e

- KVM: s390: only deliver the set service event bits (git-fixes
- commit 6e3593c

- Update
  (git-fixes bsc#1219012 CVE-2024-26620 bsc#1221298).
- commit 4fb9779

- iommu/vt-d: Don't issue ATS Invalidation request when device
  is disconnected (git-fixes).
- commit 4c37f6f

- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nilfs2: fix failure to detect DAT corruption in btree and
  direct mappings (git-fixes).
- ALSA: usb-audio: Stop parsing channels bits when all channels
  are found (git-fixes).
- ALSA: aaci: Delete unused variable in aaci_do_suspend
- ASoC: meson: axg-tdm-interface: add frame rate constraint
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
- ASoC: amd: acp: Add missing error handling in sof-mach
- ALSA: seq: fix function cast warnings (git-fixes).
- ALSA: aw2: avoid casting function pointers (git-fixes).
- ALSA: ctxfi: avoid casting function pointers (git-fixes).
- PCI: dwc: endpoint: Fix advertised resizable BAR size
- PCI: switchtec: Fix an error handling path in
  switchtec_pci_probe() (git-fixes).
- PCI/P2PDMA: Fix a sleeping issue in a RCU read section
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
- PCI/DPC: Print all TLP Prefixes, not just the first (git-fixes).
- PCI/AER: Fix rootport attribute paths in ABI docs (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check
- leds: aw2013: Unlock mutex before destroying it (git-fixes).
- backlight: lp8788: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: lm3639: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: da9052: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: lm3630a: Don't set bl->props.brightness in
  get_brightness (git-fixes).
- backlight: lm3630a: Initialize backlight_properties on init
- mfd: altera-sysmgr: Call of_node_put() only when
  of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: Call of_node_put() only when of_parse_phandle()
  takes a ref (git-fixes).
- pinctrl: mediatek: Drop bogus slew rate register range for
  MT8192 (git-fixes).
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
- HID: amd_sfh: Update HPD sensor structure elements (git-fixes).
- commit d46946b

- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
  This is an optimisation patch which got added late so there's no hurry
  to merge it.
- commit 69db574

- Properly sort already upstream patches
- Refresh
- Refresh
- Refresh
- Refresh
- commit fe7e19d

- iommu/amd: Mark interrupt as managed (git-fixes).
- commit 7365cc3

- arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
- commit e4605be

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL")
- commit 037b20c

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pull resistors for SD card")
- commit a5753b4

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals")
- commit 1c17a18

- arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
- commit f4fdf95

- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- commit a51708e

- arm64: mm: fix VA-range sanity check (git-fixes)
- commit dd606ae

- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- commit 4c81404

- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- commit 59dc2f8

- arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
- commit b5996a2

- arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
- commit 499e8df

- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
  (jsc#PED-7167 bsc#1218643 bsc#1221338 bsc#1220114).
- commit 727559f

- Make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- commit d2f65b3

- drm/msm/dpu: add division of drm_display_mode's hskew parameter
- drm/etnaviv: Restore some id values (git-fixes).
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of
  atom_get_src_int() (git-fixes).
- drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
  enabled (git-fixes).
- drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
- drm/msm/dpu: improve DSC allocation (git-fixes).
- drm/mediatek: Fix a null pointer crash in
  mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
- drm/tidss: Fix sync-lost issue with two displays (git-fixes).
- drm/tidss: Fix initial plane zpos values (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
- drm/radeon/ni: Fix wrong firmware size logging in
  ni_init_microcode() (git-fixes).
- drm/amd/display: Fix a potential buffer overflow in
  'dp_dsc_clock_en_read()' (git-fixes).
- drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode()
- drm/vmwgfx: Fix possible null pointer derefence with invalid
  contexts (git-fixes).
- media: tc358743: register v4l2 async device only after
  successful setup (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- PM: suspend: Set mem_sleep_current during kernel command line
  setup (git-fixes).
- mmc: core: Fix switch on gp3 partition (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region()
  call in the .remove function (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done()
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data
- commit 7758a76

- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing
  defer (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
- drm/tegra: output: Fix missing i2c_put_adapter() in the error
  handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: rgb: Fix missing clk_put() in the error handling
  paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: Fix some error handling paths in
  tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error
  handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dpaux: Fix PM disable depth imbalance in
  tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: Add missing check for of_find_device_by_node
- ACPI: processor_idle: Fix memory leak in
  acpi_processor_power_exit() (git-fixes).
- ACPI: resource: Add MAIBENBEN X577 to
  irq1_edge_low_force_override (git-fixes).
- ACPI: scan: Fix device check notification handling (git-fixes).
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's
  return value (git-fixes).
- cpufreq: amd-pstate: Fix min_perf assignment in
  amd_pstate_adjust_perf() (git-fixes).
- commit 1cf1fe2

- RAS: Export helper to get ras_debugfs_dir (jsc#PED-7619).
- commit 2d174a0

- powerpc/pseries: Fix potential memleak in papr_get_attr()
  (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- commit 3aea930

- RAS/AMD/FMPM: Fix off by one when unwinding on error (jsc#PED-7619).
- commit b104443

- RAS/AMD/FMPM: Add debugfs interface to print record entries (jsc#PED-7619).
- commit 0fb8312

- RAS/AMD/FMPM: Save SPA values (jsc#PED-7619).
- commit 749cc57

- Sort the AMD edac patches
- Refresh
- Refresh
- Refresh
- Refresh
- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch.
- Refresh
- Refresh
- Refresh
- Refresh
- commit 9e22745

- net: phy: fix phy_get_internal_delay accessing an empty array
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
- Bluetooth: mgmt: Remove leftover queuing of power_off work
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init
  is complete (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning
  up all interfaces (git-fixes).
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures
- wifi: brcmfmac: fix copyright year mentioned in platform_data
  header (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in
  ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- can: softing: remove redundant NULL check (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for
  debugfs_create_dir() (git-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is
  disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is
  disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros
- commit 15851fa

- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
- commit 407c3c5

- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
  Add git-commit info
- commit bc859f9

- pNFS: Fix the pnfs block driver's calculation of layoutget size
- NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
- blocklayoutdriver: Fix reference leak of pnfs_device_node
- SUNRPC: Fix a suspicious RCU usage warning (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- SUNRPC: Add an IS_ERR() check back to where it was (git-fixes).
- SUNRPC: ECONNRESET might require a rebind (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same
  fs (git-fixes).
- pNFS/flexfiles: Check the layout validity in
  ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
- Revert "SUNRPC dont update timeout value on connection reset"
- NFSv4: Fix a state manager thread deadlock regression
- NFSv4: Fix a nfs4_state_manager() race (git-fixes).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
- NFS: rename nfs_client_kset to nfs_kset (git-fixes).
- commit dc5b918

- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
  Fix for kABI workaround.
- commit 6ba2f5d

- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
- commit 1a81018

- sched/rt: Disallow writing invalid values to sched_rt_period_us
- commit ee86051

- Update
  (bsc#1220003 bsc#1221291 CVE-2024-26612).
- commit 0607d13

- netfs: Only call folio_start_fscache() one time for each folio
  (CVE-2023-52582 bsc#1220878).
- commit dfd082b

- netfs: Only call folio_start_fscache() one time for each folio
  (CVE-2023-52582 bsc#1220878).
- commit b301f9c

- Refresh
  * Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
  WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01

- scsi: target: core: Silence the message about unknown VPD pages
- commit 1d550ca

- sched/rt: sysctl_sched_rr_timeslice show default timeslice
  after reset (bsc#1220176).
- commit 4ac46cd

- powerpc/pseries/iommu: IOMMU table is not initialized for
  kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 27b28f5

- Update
  (bsc#1220790 CVE-2023-52477).
- commit d33bab7

- nvmet-fc: take ref count on tgtport before delete assoc
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- commit 4d1e993

- raid1: fix use-after-free for original bio in
  raid1_write_request() (bsc#1221097).
- md: fix data corruption for raid456 when reshape restart while
  grow up (git-fixes).
- commit 35ee14b

- i2c: aspeed: Fix the dummy irq expected print (git-fixes).
- i2c: wmt: Fix an error handling path in wmt_i2c_probe()
- i2c: i801: Avoid potential double call to
  gpiod_remove_lookup_table (git-fixes).
- comedi: comedi_test: Prevent timers rescheduling during deletion
- iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS
  is enabled (git-fixes).
- vt: fix unicode buffer corruption when deleting characters
- usb: port: Don't try to peer unused USB ports based on location
- usb: gadget: ncm: Fix handling of zero block length packets
- USB: usb-storage: Prevent divide-by-0 error in
  isd200_ata_command (git-fixes).
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
- ASoC: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- ASoC: madera: Fix typo in madera_set_fll_clks shift value
- ALSA: hda/realtek - Fix headset Mic no show at resume back
  for Lenovo ALC897 platform (git-fixes).
- drm/i915/selftests: Fix dependency of some timeouts on HZ
- drm/i915: Check before removing mm notifier (git-fixes).
- commit 5e91dbb

- s390/vfio-ap: wire in the vfio_device_ops request callback
- commit dc0bc15

- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
- commit 17d9de4

- Fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775)
  Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit 8983adc

- raid1: fix use-after-free for original bio in
  raid1_write_request() (bsc#1221097).
- commit 5154c94

- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
- commit dbbf2ae

- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
- commit d4f6f9f

- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799

- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4

- coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
- commit 4473cfd

- coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit ef5cdf7

- IB/ipoib: Fix mcast list locking (git-fixes)
- commit 8d1c71a

- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (git-fixes)
- commit c54bb31

- coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
- commit fba33fc

- Quote filenames (boo#1221077).
  The kernel source now contains a file with a space in the name.
  Add quotes in to avoid splitting the filename.
  Also use -print0 / -0 when updating timestamps.
- commit a005e42

- mm,ima,kexec,of: use memblock_free_late from
  ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a

- PCI/MSI: Prevent MSI hardware interrupt number truncation (bsc#1218777)
- commit 5410859

- Update patches.suse/phy-ti-phy-omap-usb2-Fix-NULL-pointer-dereference-fo.patch (git-fixes,bsc#1220340,CVE-2024-26600)
- commit e321d5a

- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a

- erofs: fix lz4 inplace decompression (CVE-2023-52497
- commit ddeedf9

- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
- commit 635c481

- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivileged-load-workaround.patch (bsc#1219443, bsc#1220887, CVE-2023-52481)
- commit 52243ca

- kernel-binary: Fix i386 build
  Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351

- btrfs: remove BUG() after failure to insert delayed dir index
  item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
  index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d

- net: nfc: fix races in nfc_llcp_sock_get() and
  nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586

- kabi: team: Hide new member header_ops (bsc#1220870
- commit 9f49992

- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
  bsc#1221040 CVE-2023-52597).
- commit a90b87c

- tracing: Inform kmemleak of saved_cmdlines allocation
- commit bb07230

- Update
  (jsc#SES-1880 CVE-2022-48628 bsc#1220848).
- commit 187fa94

- kernel-binary: vdso: fix filelist for non-usrmerged kernel
  Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221

- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
  (bsc#1220926 CVE-2023-52523).
- commit 90d9f50

- md: Make sure md_do_sync() will set MD_RECOVERY_DONE
- md: Don't ignore suspended array in md_check_recovery()
- md: Whenassemble the array, consult the superblock of the
  freshest device (git-fixes).
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of
  md_set_readonly() (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should
  wait on the reshape (git-fixes).
- md/raid5: release batch_last before waiting for another
  stripe_head (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
- md: introduce md_ro_state (git-fixes).
- commit cef73db

- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  (bsc#1218562 CVE-2023-6270).
- commit 57a4cd4

- efivarfs: force RO when remounting if SetVariable is not
  supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0

- topology: Fix up build warning in topology_is_visible()
- commit 6c82a8d

- topology/sysfs: Hide PPIN on systems that do not support it
- commit d8d9717

- blacklist.conf: add non-backport md git-fixes commits
- commit b13564d

- iommu/vt-d: Avoid memory allocation in iommu_suspend()
  (CVE-2023-52559 bsc#1220933).
- commit c9b01ef

- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
  - update to upstream version
  - rename to same name as SLE15 SP5
- commit 1d2def1

- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
  (bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
  (bsc#1220870 CVE-2023-52574).
- commit 2cc53f5

- Update
  (jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
  (bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
  (jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
  Added CVE references.
- commit 3e396c2

- Input: pm8941-powerkey - fix debounce on gen2+ PMICs
- commit bbebd44

- Input: pm8941-pwrkey - add support for PON GEN3 base addresses
- commit 7ab5a9e

- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
  (git-fixes bsc#1220469 CVE-2021-46934).
  Add bug and CVE references.
- commit 3a04060

- bpf: fix check for attempt to corrupt spilled pointer
  (bsc#1220325 CVE-2023-52462).
- commit 34faa5d

- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- commit 6793acf
- Fix memory leaks, add patch 0010-Fix-three-memory-leaks.patch
  * CVE-2024-26458, bsc#1220770
  * CVE-2024-26461, bsc#1220771
  * CVE-2024-26462, bsc#1220772
- Fix CVE-2024-32487, mishandling of \n character in paths when
  LESSOPEN is set leads to OS command execution
  (CVE-2024-32487, bsc#1222849)
  * CVE-2024-32487.patch

- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
  metacharacters, bsc#1219901
  * CVE-2022-48624.patch
- Add gcc13-pr111731.patch to fix unwinding for JIT code.

- Revert libgccjit dependency change.  [boo#1220724]

- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.

- Use %patch -P N instead of %patchN.

- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
  crypt and crypt_r interceptors.  The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]

- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
  - fmin-function-alignment.  [bsc#1214934]

- Use %{_target_cpu} to determine host and build.

- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
  * Includes fix for building TVM.  [boo#1218492]

- Add cross-X-newlib-devel requires to newlib cross compilers.

- Package plugin in the gcc13-m2 sub-package rather than
  in gcc13-devel.  [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
  are linked against libstdc++6.

- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205

- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
  * Includes fix for building mariadb on i686.  [bsc#1217667]
  * Remove pr111411.patch contained in the update.

- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]
- Add avahi-CVE-2023-38471.patch: Extract host name using
  avahi_unescape_label (bsc#1216594, CVE-2023-38471).
- Add avahi-CVE-2023-38469.patch: Reject overly long TXT resource
  records (bsc#1216598, CVE-2023-38469).
- lscpu: Add more ARM cores (bsc#1223605,

- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,

- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
  + util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch

- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
  (bsc#1220279, CVE-2024-25629)
- Security fix: [bsc#1221747, CVE-2024-28835]
  * gnutls: certtool crash when verifying a certificate chain
  * Add gnutls-CVE-2024-28835.patch

- Security fix: [bsc#1221746, CVE-2024-28834]
  * gnutls: side-channel in the deterministic ECDSA
  * Add gnutls-CVE-2024-28834.patch

- jitterentropy: Release the memory of the entropy collector when
  using jitterentropy with phtreads as there is also a
  pre-intitization done in the main thread. [bsc#1221242]
  * Add gnutls-FIPS-jitterentropy-deinit-threads.patch
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
  * Backport from ncurses-6.4-20230615.patch
    improve checks in convert_string() for corrupt terminfo entry
- security update
- added patches
  fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-1.patch
  fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-2.patch
- Security fix: [bsc#1222548, CVE-2024-2511]
  * Fix unconstrained session cache growth in TLSv1.3
  * Add openssl-CVE-2024-2511.patch
- Change permissions for rules folders (bsc#1209282)
- update to 25.1:
  * Raise warnings for deprecated python syntax usages
  * Add support for extensions in CRuby, JRuby, and FFI Ruby
  * Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
  * Implement proto2/proto3 with editions
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add utf8_validation feature back to the global feature set.
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Merge the protobuf and upb Bazel repos
  * Editions: Introduce functionality to protoc for generating
    edition feature set defaults.
  * Editions: Migrate edition strings to enum in C++ code.
  * Create a reflection helper for ExtensionIdentifier.
  * Editions: Provide an API for C++ generators to specify their
  * Editions: Refactor feature resolution to use an intermediate
  * Publish extension declarations with declaration
  * Editions: Stop propagating partially resolved feature sets to
  * Editions: Migrate string_field_validation to a C++ feature
  * Editions: Include defaults for any features in the generated
  * Protoc: parser rejects explicit use of map_entry option
  * Protoc: validate that reserved range start is before end
  * Protoc: support identifiers as reserved names in addition to
    string literals (only in editions)
  * Drop support for Bazel 5.
  * Allow code generators to specify whether or not they support
  [#] C++
  * Update stale checked-in files
  * Apply PROTOBUF_NOINLINE to declarations of some functions
    that want it.
  * Implement proto2/proto3 with editions
  * Make JSON UTF-8 boundary check inclusive of the largest
    possible UTF-8 character.
  * Reduce `Map::size_type` to 32-bits. Protobuf containers can't
    have more than that
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Fix bug in reflection based Swap of map fields.
  * Add utf8_validation feature back to the global feature set.
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Add prefetching to arena allocations.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    repeated and map field accessors.
  * Editions: Migrate edition strings to enum in C++ code.
  * Create a reflection helper for ExtensionIdentifier.
  * Editions: Provide an API for C++ generators to specify their
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    string field accessors.
  * Editions: Refactor feature resolution to use an intermediate
  * Fixes for 32-bit MSVC.
  * Publish extension declarations with declaration
  * Export the constants in protobuf's any.h to support DLL
  * Implement AbslStringify for the Descriptor family of types.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    message field accessors.
  * Editions: Stop propagating partially resolved feature sets to
  * Editions: Migrate string_field_validation to a C++ feature
  * Editions: Include defaults for any features in the generated
  * Introduce C++ feature for UTF8 validation.
  * Protoc: validate that reserved range start is before end
  * Remove option to disable the table-driven parser in protoc.
  * Lock down ctype=CORD in proto file.
  * Support split repeated fields.
  * In OSS mode omit some extern template specializations.
  * Allow code generators to specify whether or not they support
  [#] Java
  * Implement proto2/proto3 with editions
  * Remove synthetic oneofs from Java gencode field accessor
  * Timestamps.parse: Add error handling for invalid
    hours/minutes in the timezone offset.
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Add missing debugging version info to Protobuf Java gencode
    when multiple files are generated.
  * Fix a bad cast in putBuilderIfAbsent when already present due
    to using the result of put() directly (which is null if it
    currently has no value)
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Fix a NPE in putBuilderIfAbsent due to using the result of
    put() directly (which is null if it currently has no value)
  * Update Kotlin compiler to escape package names
  * Add MapFieldBuilder and change codegen to generate it and the
    put{field}BuilderIfAbsent method.
  * Introduce recursion limit in Java text format parsing
  * Consider the protobuf.Any invalid if typeUrl.split("/")
    returns an empty array.
  * Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
  * Fixed Python memory leak in map lookup.
  * Loosen upb for json name conflict check in proto2 between
    json name and field
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Ensure Timestamp.ToDatetime(tz) has correct offset
  * Do not check required field for upb python MergeFrom
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Merge the protobuf and upb Bazel repos
  * Comparing a proto message with an object of unknown returns
  * Emit __slots__ in pyi output as a tuple rather than a list
    for --pyi_out.
  * Fix a bug that strips options from descriptor.proto in
  * Raise warings for message.UnknownFields() usages and navigate
    to the new add
  * Add protobuf python keyword support in path for stub
  * Add tuple support to set Struct
  * ### Python C-Extension (Default)
  * Comparing a proto message with an object of unknown returns
  * Check that ffi-compiler loads before using it to define
  [#] UPB (Python/PHP/Ruby C-Extension)
  * Include .inc files directly instead of through a filegroup
  * Loosen upb for json name conflict check in proto2 between
    json name and field
  * Add utf8_validation feature back to the global feature set.
  * Do not check required field for upb python MergeFrom
  * Merge the protobuf and upb Bazel repos
  * Added malloc_trim() calls to Python allocator so RSS will
    decrease when memory is freed
  * Upb: fix a Python memory leak in ByteSize()
  * Support ASAN detection on clang
  * Upb: bugfix for importing a proto3 enum from within a proto2
  * Expose methods needed by Ruby FFI using UPB_API
  * Fix `PyUpb_Message_MergeInternal` segfault

- build against modern python on sle15

- Build with source and target levels 8
  * fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
  macro resolves the variables at the install time

- update to 23.4:
  * Add dllexport_decl for generated default instance.
  * Deps: Update Guava to 32.0.1

- update to 23.3:
  * Regenerate stale files
  * Use the same ABI for static and shared libraries on non-
    Windows platforms
  * Add a workaround for GCC constexpr bug
  * Regenerate stale files
  UPB (Python/PHP/Ruby C-Extension)
  * Fixed a bug in `upb_Map_Delete()` that caused crashes in
    map.delete(k) for Ruby when string-keyed maps were in use.
  * Add missing header to Objective-c generator
  * Add a workaround for GCC constexpr bug
  * Rollback of: Simplify protobuf Java message builder by
    removing methods that calls the super class only.
  * [C#] Replace regex that validates descriptor names
- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream)

- Add patch to fix linking ThreadSafeArena:
  * 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch
- Drop the protobuf-source package, no longer used

- update to 22.5:
  * Add missing cstdint header
  * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
  * Avoid using string(JOIN..., which requires cmake 3.12
  * Explicitly include GTest package in examples
  * Bump Abseil submodule to 20230125.3 (#12660)
- update to 22.4:
  * Fix libprotoc: export useful symbols from .so
  * Fix btree issue in map tests.
  * Fix bug in _internal_copy_files where the rule would fail in
    downstream repositories.
  * Bump utf8_range to version with working pkg-config (#12584)
  * Fix declared dependencies for pkg-config
  * Update abseil dependency and reorder dependencies to ensure
    we use the version specified in protobuf_deps.
  * Turn off clang::musttail on i386

- drop python2 handling
- fix version handling and package the private libs again

- Fix confusion in versions

- Mention the rpmlintrc file in the spec.

- Make possible to build on older systems, like SLE12 that miss
  some of the used macros.

- update to v22.3
  UPB (Python/PHP/Ruby C-Extension)
  * Remove src prefix from proto import
  * Fix .gitmodules to use the correct absl branch
  * Remove erroneous dependency on googletest
- update to 22.2:
  * Add version to intra proto dependencies and add kotlin stdlib
  * Add $ back for osgi header
  * Remove $ in pom files
- update to 22.1:
  * Add visibility of plugin.proto to python directory
  * Strip "src" from file name of plugin.proto
  * Add OSGi headers to pom files.
  * Remove errorprone dependency from kotlin protos.
  * Version protoc according to the compiler version number.
- update to 22.0:
  * This version includes breaking changes to: Cpp.
    Please refer to the migration guide for information:
  * [Cpp] Migrate to Abseil's logging library.
  * [Cpp] `proto2::Map::value_type` changes to `std::pair`.
  * [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
    and DefaultFieldComparator classes.
  * [Cpp] Add a dependency on Abseil (#10416)
  * [Cpp] Remove all autotools usage (#10132)
  * [Cpp] Add C++20 reserved keywords
  * [Cpp] Dropped C++11 Support
  * [Cpp] Delete Arena::Init
  * [Cpp] Replace JSON parser with new implementation
  * [Cpp] Make RepeatedField::GetArena non-const in order to
    support split RepeatedFields.
  * long list of bindings specific fixes see
- python sub packages version is set 4.22.3 as defined in
  python/google/protobuf/ to stay compatible
- skip python2 builds by default
- drop patches:
  * 10355.patch,
  * gcc12-disable-__constinit-with-c++-11.patch (merged upstream)
- added patches:
  * add-missing-stdint-header.patch   added for compile fixes

- Enable LTO (boo#1133277).

- update to v21.12:
  * Python
  * Fix broken enum ranges (#11171)
  * Stop requiring extension fields to have a sythetic oneof (#11091)
  * Python runtime 4.21.10 not works generated code can not load valid

- update to 21.11:
  * Python
  * Add license file to pypi wheels (#10936)
  * Fix round-trip bug (#10158)

- update to 21.10:
  * Java
  * Use bit-field int values in buildPartial to skip work on unset groups of
    fields. (#10960)
  * Mark nested builder as clean after clear is called (#10984)

- update to 21.9:
  * Ruby
  * Replace libc strdup usage with internal impl to restore musl compat (#10818)
  * Auto capitalize enums name in Ruby (#10454) (#10763)
  * Other
  * Fix for #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
  * C++
  * 21.x No longer define no_threadlocal on OpenBSD (#10743)
  * Java
  * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
  * Refactoring java full runtime to reuse sub-message builders and prepare to
    migrate parsing logic from parse constructor to builder.
  * Move proto wireformat parsing functionality from the private "parsing
    constructor" to the Builder class.
  * Change the Lite runtime to prefer merging from the wireformat into mutable
    messages rather than building up a new immutable object before merging. This
    way results in fewer allocations and copy operations.
  * Make message-type extensions merge from wire-format instead of building up
    instances and merging afterwards. This has much better performance.
  * Fix TextFormat parser to build up recurring (but supposedly not repeated)
    sub-messages directly from text rather than building a new sub-message and
    merging the fully formed message into the existing field.

- update to 21.6:
  * Reduce memory consumption of MessageSet parsing

- update to 21.5:
  * Added getContainingOneof and getRealContainingOneof to descriptor.
  * fix PHP readonly legacy files for nested messages
  * Fixed comparison of maps in Python.

- add 10355.patch to fix soversioning

- update to 21.4:
  * Reduce the required alignment of ArenaString from 8 to 4

- update to 21.3:
  * C++
  * Add header search paths to Protobuf-C++.podspec (#10024)
  * Fixed Visual Studio constinit errors (#10232)
  * Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
  * UPB
  * Allow empty package names (fixes behavior regression in 4.21.0)
  * Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
  * Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
  * for x in mapping now yields keys rather than values, to match Python
    conventions and the behavior of the old library.
  * Lookup operations now correctly reject unhashable types as map keys.
  * We implement repr() to use the same format as dict.
  * Fix maps to use the ScalarMapContainer class when appropriate
  * Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
  * PHP
  * Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
  * Python
  * Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
  * Bazel
  * Add back a filegroup for :well_known_protos (#10061)

- Update to 21.2:
- C++
  - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
  - Escape GetObject macro inside protoc-generated code (#9739)
  - Update CMake configuration to add a dependency on Abseil (#9793)
  - Fix cmake install targets (#9822)
  - Use __constinit only in GCC 12.2 and up (#9936)
- Java
  - Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python
  - Increment python major version to 4 in version.json for python upb (#9926)
  - The C extension module for Python has been rewritten to use the upb library.
  - This is expected to deliver significant performance benefits, especially when
    parsing large payloads. There are some minor breaking changes, but these
    should not impact most users. For more information see:
  - [PHP] fix PHP build system (#9571)
  - Fix building packaged PHP extension (#9727)
  - fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633)
  - fix: phpdoc syntax for repeatedfield parameters (#9784)
  - fix: phpdoc for repeatedfield (#9783)
  - Change enum string name for reserved words (#9780)
  - chore: [PHP] fix phpdoc for MapField keys (#9536)
  - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby
  - Allow pre-compiled binaries for ruby 3.1.0 (#9566)
  - Implement respond_to? in RubyMessage (#9677)
  - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
  - Do not use range based UTF-8 validation in truffleruby (#9769)
  - Improve range handling logic of RepeatedField (#9799)
- Other
  - Fix invalid dependency manifest when using descriptor_set_out (#9647)
  - Remove duplicate java generated code (#9909)

- Do not use %%autosetup, but %%setup and %%patch on other line
  * Allows building on SLE-12-SP5

- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch
  that addresses gh#protocolbuffers/protobuf#9916.
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
  gh#python/cpython!16557) fixes syslog making default "ident"
  from sys.argv[0].
- Fix an issue with Encrypt-then-MAC family. [bsc#1221622]
  * Test the ETM feature in the remote end's configuration when
    receiving data. Upstream issue: #1331.
  * Add libssh2_org-ETM-remote.patch
- Update to version 1.9.0
  * Fix certificate import for Yast when using a registration proxy with
    self-signed SSL certificate (bsc#1223107)

- Update to version 1.8.0
  * Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
- security update:
  * CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
    Fix potential int overflow in raw2tiff.c and tiffcp.c
    Rename tiff-CVE-2023-38288.patch into
- add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes
  CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in
  Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary
  quote data, which would not be detected by Fapi_VerifyQuote().
- Don't try to refresh volatile media as long as raw metadata are
  present (bsc#1223094)
- version 17.32.5 (32)

- Fix creation of sibling cache dirs with too restrictive mode
  Some install workflows in YAST may lead to too restrictive (0700)
  raw cache directories in case of newly created repos. Later
  commands running with user privileges may not be able to access
  these repos.
- version 17.32.4 (32)

- Update RepoStatus fromCookieFile according to the files mtime
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)

- Fixup New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
  Fixed the name of the keyword to "support_superseded" as it was
  agreed on in jsc#OBS-301.
- version 17.32.2 (32)

- Add resolver option 'removeUnneeded' to file weak remove jobs
  for unneeded packages (bsc#1175678)
- version 17.32.1 (32)

- Add resolver option 'removeOrphaned' for distupgrade
- New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
  defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)

- ProblemSolution::skipsPatchesOnly overload to handout the
- Remove https->http redirection exceptions for
- version 17.31.32 (22)
- bsc#1176006: Fix chage date miscalculation
  Add shadow-bsc1176006-chage-date.patch
- bsc#1188307: Fix passwd segfault
  Add shadow-bsc1188307-passwd-segfault.patch
- bsc#1203823: Remove pam_keyinit from PAM config files
  Remove pam_keyinit from PAM configuration.
  This was introduced for bsc#1144060.
- Update to version 2.4+32.g2e2531a:
  * nvme-netapp: add nspath tlv handling (bsc#1220971)
- Add patches from upstream to change the default value of
  UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
  This makes ssh update the known_hosts stored keys with all
  published versions by the server (after it's authenticated
  with an existing key), which will allow to identify the
  server with a different key if the existing key is considered
  insecure at some point in the future (bsc#1222831).
  * 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
  * 0002-upstream-disable-UpdateHostkeys-by-default-if.patch

- Add patches openssh-7.7p1-seccomp_getuid.patch and
  (bsc#1216474, bsc#1218871)

- Fix hostbased ssh login failing occasionally with "signature
  unverified: incorrect signature" by fixing a typo in patch
  * openssh-7.8p1-role-mls.patch
- Fix pam_gnome_keyring module for AUTH.
  [pam-config-fix-pam_gnome_keyring.patch, bsc#1219767]
- merge gh#openSUSE/perl-bootloader#166
- log grub2-install errors correctly (bsc#1221470)
- 0.947

- merge gh#openSUSE/perl-bootloader#161
- support old grub versions (<= 2.02) that used /usr/lib
- create EFI boot fallback directory if necessary
- 0.946
- fix space calculation issues in pp_pack.c [bnc#1082216]
  * new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
  new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
  new patch: perl-net-ftp-tls13.diff
- Add CVE-2024-3651.patch, backported from upstream commit
  (bsc#1222842, CVE-2024-3651)
- implement subkey binding signature checking [bsc#1191175]
  * new patch: verifybindingsig.diff

- accept more signature subpackets marked as critical [bsc#1218686]
  * new patch: accept-crit-subpkt.diff
- backport limit support for the autopatch macro [bsc#1189495]
  * new patch: autopatch.diff

- backport signature reserved space handling from upstream
  * new patch: sigreserved.diff

- turn on imaevm file signature support and move the imaevm code
  that needs the libimaevm library into a plugin. Put this
  plugin into a new "rpm-imaevmsign" subpackage. [jsc#PED-7246]
  * new patch: imaevmsignplugin.diff
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
- Add upstream patch <> to
  properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
  + 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  + 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  + 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
-  fd_handle_destructor() panics within an smbd_smb2_close()
  if vfs_stat_fsp() fails in fd_close(); (bso#15527);

- Remove -x from bash shebang update-apparmor-samba-profile;
- add require of package sysctl-logger for 15SP4 and 15SP5 too

- version update from 5.0.6 to 5.0.7
- add require of package sysctl-logger for 15SP6
- suppress error message regarding missing systemd service file
  during posttrans script
- 0001-sed-set-correct-umask-on-temporary-files.patch
  Fix for bsc#1221218
- Changes to version 3.1.29
  + Extended scaling for performance (bsc#1214713)
  + Fixed kdumptool output error (bsc#1218632)
  + Corrected podman ID errors (bsc#1218812)
  + Duplicate non root podman entries removed (bsc#1218814)
  + Corrected get_sles_ver for SLE Micro (bsc#1219241)
  + Check nvidida-persistenced state (bsc#1219639)
- Import 0.10
  5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)

- Import 0.9
  bb859bf user@.service: Disable controllers by default (jsc#PED-2276)

- The usage of drop-ins is now the official way for configuring systemd and its
  various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
  "feature" has been abandoned.

- Import 0.8
  f34372f User priority '26' for SLE-Micro
  c8b6f0a Revert "Convert more drop-ins into early ones"

- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
  6b8dde1 Convert more drop-ins into early ones
- Enable sysctl-logger (jsc#PED-5024)
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked
  (bsc#1200731 ltc#198485
  Support both the old and new service to avoid complex version interdependency.
- Bump version to 15

- Order packages that requires systemd after systemd-sysvcompat when this part
  of the transaction (bsc#1217964)
  systemd-sysvcompat has been introduced recently and contains the compatibility
  scripts used to support SysV init scripts. Make sure that the packages ordered
  after systemd are also ordered after systemd-sysvcompat so theirs rpm
  scriptlets can still rely on the compat scripts.
  On distributions where systemd-sysvcompat doesn't exist, the new ordering
  constraint should be a nop.
- Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote
  did not check whether the magic number in the attest is equal to
  TPM2_GENERATED_VALUE, which might allow a malicious actor to generate
  arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038).
- Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch:
  tpm2_checkquote did not compare the --pcr parameter passed to the tool with
  the attest. A malicious actor might thus be able to fake a valid
  attestation (bsc#1223689, CVE-2024-29039).
- lscpu: Add more ARM cores (bsc#1223605,

- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,

- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
  + util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch

- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,

- Add upstream patch
  bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- Updated to version 9.1 with patch level 0330, fixes the following problems
  * Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see

- Updated to version 9.1 with patch level 0111, fixes the following security problems
  * Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
  * Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
  * Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
  * Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
  * Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
  * Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
  * Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
  * Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
  * Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
  * Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
- client: fix ifreload to pull UP ports/links again when the config
  of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
  [+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]

- Update to version 0.6.75:
  - cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
  - cleanup: fix overflow warnings in a socket testcase on i586
  - ifcheck: report new and deleted configs as changed (bsc#1218926)
  - man: improve ARP configuration options in the wicked-config.5
  - bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
  - cleanup: fix interface dependencies and shutdown order (bsc#1205604)
  - Remove port arrays from bond,team,bridge,ovs-bridge (redundant)
    and consistently use config and state info attached to the port
    interface as in rtnetlink(7).
  - Cleanup ifcfg parsing, schema configuration and service properties
  - Migrate ports in xml config and policies already applied in nanny
  - Remove "missed config" generation from finite state machine, which
    is completed while parsing the config or while xml config migration.
  - Issue a warning when "lower" interface (e.g. eth0) config is missed
    while parsing config depending on it (e.g. eth0.42 vlan).
  - Resolve ovs master to the effective bridge in config and wickedd
  - Implement netif-check-state require checks using system relations
    from wickedd/kernel instead of config relations for ifdown and add
    linkDown and deleteDevice checks to all master and lower references.
  - Add a `wicked <ifup|ifdown|ifreload> --dry-run …` option to show the
    system/config interface hierarchies as notice with +/- marked
    interfaces to setup and/or shutdown.
- Removed patches included in the source archive:
  [- 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
  [- 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
  [- 0003-move-all-attribute-definitions-to-compiler-h.patch]
  [- 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
  [- 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]

- client: do not convert sec to msec twice (bsc#1222105)
  [+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]

- addrconf: fix fallback-lease drop (bsc#1220996)
  [+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
  [+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
  [+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
  [+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
- Update to Xen 4.17.4 security bug fix release (bsc#1027519)
  * No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
  trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
  for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
  History Injection (XSA-456)
- Dropped patches contained in new tarball

- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
  Sampling (XSA-452)
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
  Race Conditions (XSA-453)
- Upstream bug fixes (bsc#1027519)

- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
  exceptions from emulation stubs (XSA-451)
- Upstream bug fixes (bsc#1027519)
- Patches replaced by newer upstream versions
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
  * fixes regression for security fix for CVE-2024-31083 (bsc#1222312,
    boo#1222442, gitlab xserver issue #1659)

- U_CVE-2024-31080-Xi-ProcXIGetSelectedEvents-needs-to-use-unswapped-le.patch
  * Xi: ProcXIGetSelectedEvents needs to use unswapped length
    (CVE-2024-31080, bsc#1222309)
- U_CVE-2024-31081-Xi-ProcXIPassiveGrabDevice-needs-to-use-unswapped-le.patch
  * Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply
    (CVE-2024-31081, bsc#1222310)
- U_CVE-2024-31082-Xquartz-ProcAppleDRICreatePixmap-needs-to-use-unswap.patch
  * Xquartz: ProcAppleDRICreatePixmap needs to use unswapped length to send reply
    (CVE-2024-31082, bsc#1222311)
- U_CVE-2024-31083-render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch
  * render: fix refcounting of glyphs during ProcRenderAddGlyphs
    (CVE-2024-31083, bsc#1222312)
- xterm-reset-parsing-state.patch: A bug in the parser for several
  escape sequences causes the first character following the
  sequence to be ignored (bsc#1220585). Patch backported from
  version 335n.
- Properly close nested progress callbacks (bsc#1223281)
- 4.5.27
- Guard secret attributes against leaking to the log (bsc#1221194)
- 4.5.24
- Reimplemented the hardcoded product mapping to support also the
  migration from SLE_HPC to SLES SP6+ (with the HPC module)
- 4.5.20
- Set the new product mapping when upgrading SLE_HPC to SLES SP6+
  (with the HPC module), use the old product mapping when upgrading
  from SLE_HPC-SP4 to SLE_HPC-SP5 (bsc#1220567)
- 4.5.9
- Do not try to refresh repo metadata as non-root user
  Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
  them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
  list them.
- Don't print 'reboot required' message if download-only or
  dry-run (fixes #529)
  Instead point out that a reboot would be required if the option
  was not used.
- Resepect zypper.conf option `showAlias` search commands
  Repository::asUserString (or Repository::label) respects the
  zypper.conf option, while name/alias return the property.
- version 1.14.71

- dup: New option --remove-orphaned to remove all orphaned
  packages in dup (bsc#1221525)
- version 1.14.70

- info,summary: Support VendorSupportOption flag
  VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires:  libzypp-devel >= 17.32.0.
  API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
  The problem description() is one rule out possibly many in
  completeProblemInfo() the solver has chosen to represent the
  problem. So either description or completeProblemInfo should be
  printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
  1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
  first one (bsc#1218171)
- version 1.14.69