- apparmor
-
- Allow dovecot-auth to execute unix_chkpwd from /sbin, not only from /usr/bin
(bsc#1234452)
* Update dovecot-unix_chkpwd.diff
- branding-SLE
-
- Update plymouth theme to fix splash screen element placement issue.
(bsc#1236818)
- ca-certificates-mozilla
-
- explit remove distruted certs, as the distrust does not get exported
correctly and the SSL certs are still trusted. (bsc#1240343)
- Entrust.net Premium 2048 Secure Server CA
- Entrust Root Certification Authority
- AffirmTrust Commercial
- AffirmTrust Networking
- AffirmTrust Premium
- AffirmTrust Premium ECC
- Entrust Root Certification Authority - G2
- Entrust Root Certification Authority - EC1
- GlobalSign Root E46
- GLOBALTRUST 2020
- remove-distrusted.patch: apply to certdata.txt
- Fix awk to compare (missing a =) and give the following output:
[#] NSS_BUILTINS_LIBRARY_VERSION "2.74"
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
- crash
-
- In some kernel modules such as libie.ko, the mem[MOD_TEXT].size
may be zero, currently crash will only check its value to determine
if the module is valid, otherwise it fails to load kernel module with
the following warning and error:
mod: cannot access vmalloc'd module memory
Lets count the module size to check if the module is valid, that will
avoid the current failure. (bsc#1237501)
- crash-fix-for-failing-to-load-kernel-module.patch
- crypto-policies
-
- Fix fips-mode-setup in EFI or Secure Boot mode. [bsc#1227637]
* Rebase crypto-policies-FIPS.patch
- fips-mode-setup: tolerate fips dracut module presence w/o FIPS
* Fixes the "Inconsistent state detected" warning when disabling
the FIPS mode [bsc#1236165]
* Upstream commit [gl#redhat-crypto/fedora-crypto-policies#78773542]
* Add crypto-policies-fips-mode-setup-dracut.patch
- docker
-
- Don't use the new container-selinux conditional requires on SLE-12, as the
RPM version there doesn't support it. Arguably the change itself is a bit
suspect but we can fix that later. bsc#1237367
- Add backport for golang.org/x/oauth2 CVE-2025-22868 fix. bsc#1239185
+ 0006-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
- Add backport for golang.org/x/crypto CVE-2025-22869 fix. bsc#1239322
+ 0007-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
- Refresh patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Make container-selinux requirement conditional on selinux-policy
(bsc#1237367)
- Update to Docker 27.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741> bsc#1237335
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Update to docker-buildx 0.20.1. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.20.1>
- Update to Docker 27.4.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741>
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Update to docker-buildx 0.19.3. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.19.3>
- Update to Docker 27.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#274>
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- dracut
-
- Update to version 059+suse.557.gccd6ab94:
* fix(iscsi): make sure services are shut down when switching root (bsc#1237695)
* fix(iscsi): don't require network setup for qedi
* fix(network-legacy): do not require pgrep when using wicked (bsc#1236982)
- gettext-runtime
-
- Fix crash while handling po files with malformed header and
process them properly
(0003-Fix-malformed-header-processing.patch, boo#1227316).
- google-guest-agent
-
- Update to version 20250327.01 (bsc#1239763, bsc#1239866)
* Remove error messages from gce_workload_cert_refresh and
metadata script runner (#527)
- from version 20250327.00
* Update guest-logging-go dependency (#526)
* Add 'created-by' metadata, and pass it as option to logging library (#508)
* Revert "oslogin: Correctly handle newlines at the end of
modified files (#520)" (#523)
* Re-enable disabled services if the core plugin was enabled (#522)
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
- from version 20250326.00
* Re-enable disabled services if the core plugin was enabled (#521)
- from version 20250324.00
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250317.00
* Revert "Revert bundling new binaries in the package (#509)" (#511)
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250312.00
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250305.00
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250304.01
* Fix typo in windows build script (#501)
- from version 20250214.01
* Include core plugin binary for all packages (#500)
- from version 20250214.00
* Update crypto library to fix CVE-2024-45337 (#499)
- from version 20250212.00
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
- from version 20250211.00
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250207.00
* vlan: toggle vlan configuration in debian packaging (#495)
* vlan: move config out of unstable section (#494)
* Add clarification to comments regarding invalid NICs and the
`invalid` tag. (#493)
* Include interfaces in lists even if it has an invalid MAC. (#489)
* Fix windows package build failures (#491)
* vlan: don't index based on the vlan ID (#486)
* Revert PR #482 (#488)
* Remove Amy and Zach from OWNERS (#487)
* Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
* Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250204.02
* force concourse to move version forward.
- from version 20250204.01
* vlan: toggle vlan configuration in debian packaging (#495)
- from version 20250204.00
* vlan: move config out of unstable section (#494)
* Add clarification to comments regarding invalid NICs and the
`invalid` tag. (#493)
- from version 20250203.01
* Include interfaces in lists even if it has an invalid MAC. (#489)
- from version 20250203.00
* Fix windows package build failures (#491)
* vlan: don't index based on the vlan ID (#486)
* Revert PR #482 (#488)
* Remove Amy and Zach from OWNERS (#487)
* Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
* Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250122.00
* networkd(vlan): remove the interface in addition to config (#468)
* Implement support for vlan dynamic removal, update dhclient to
remove only if configured (#465)
* Update logging library (#479)
* Remove Pat from owners file. (#478)
- Add patch to fix unexpected memory consumption during token
parsing in golang.org/x/oauth2 (bsc#1239197, CVE-2025-22868)
* CVE-2025-22868.patch
- Update to version 20250116.00: (bsc#1236403)
* networkd(vlan): remove the interface in addition to config (#468)
* Implement support for vlan dynamic removal, update dhclient to remove
only if configured (#465)
* Update logging library (#479)
* Remove Pat from owners file. (#478)
- Update to version 20241209.01: (bsc#1235664)
* readme: add notes about plugin manager (#476)
* Update metadata script runner to honor cloud logging config flag (#475)
* Fixing fallback from systemd-networkd to dhclient (#471)
* network: fix nmcli check pattern (#472)
* Update readme with guest agent manager (#469)
* Add missing packaging spec (#466)
* Bring back side-by-side packaging (#464)
* Avoid changing permissions of directory if parent is / (#463)
* network: force NetworkManager to connect to primary nic (#461)
* Revert plugin manager packaging (#460)
* Add GOPATH to PATH in debian build (#459)
* Add plugin manager to debian build (#457)
* rpm packaging: fix plugin manager assumptions (#458)
* packaging: add plugin manager to rhel packaging (#454)
- google-guest-oslogin
-
- Rework SELinux support (bsc#1232553)
* Add pkgconfig(systemd) to BuildRequires for SELinux builds
* Add policycoreutils to BuildRequires
* Build and install SELinux module on older distributions as well
to allow users to use the module with their own SELinux policies
* Make checkpolicy build dependency unconditional
* Move oslogin.pp SELinux module into %{selinuxtype} subdirectory
* Own %{_datadir}/selinux{,/packages} on older distributions
* Split SELinux support into separate -selinux package
* Use SELinux RPM macros to install and uninstall SELinux module
* Use RPM conditional builds to enable SELinux on newer distributions
- Build and install SELinux module (bsc#1232553)
- google-osconfig-agent
-
- Add patch to fix unexpected memory consumption during token
parsing in golang.org/x/oauth2 (bsc#1239197, CVE-2025-22868)
* CVE-2025-22868.patch
- grub2
-
- Fix zfs.mo not found message when booting on legacy BIOS (bsc#1237865)
* 0001-autofs-Ignore-zfs-not-found.patch
- Cherry-pick upstream XFS fixes
* 0001-fs-xfs-Add-new-superblock-features-added-in-Linux-6..patch
* 0002-fs-xfs-Fix-grub_xfs_iterate_dir-return-value-in-case.patch
- Fix "attempt to read of write outside of partition" error message (bsc#1237844)
* 0003-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch
- hwinfo
-
- merge gh#openSUSE/hwinfo#152
- avoid reporting of spurious usb storage devices (bsc#1223330)
- 21.87
- merge gh#openSUSE/hwinfo#151
- do not overdo usb device de-duplication (bsc#1239663)
- 21.86
- kdump
-
- upgrade to version kdump-2.0.6+git25.g1dbf786
* fix bonding options (bsc#1235933)
* don't use wicked to read bond and bridge config (bsc#1235933)
* prevent KDUMP_NET_TIMEOUT busy loop when DNS fails
* limit dump file permissions (bsc#1237497, bsc#1237529)
- kernel-default
-
- Revert "Merge remote-tracking branch 'origin/users/sjaeckel/SLE15-SP6/for-next' into SLE15-SP6"
This reverts commit bb7a7b2a95aa93ef5db11cca2317b7fe59e19e38, reversing
changes made to ac2aed10902386a981d430e6af9b7946722682ea.
- commit 9b78ca6
- selftests: mptcp: close fd_in before returning in main_loop
(git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop
(git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry
(git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi()
(git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire
slave device (git-fixes).
- bus: mhi: host: Fix race between unprepare and queue_buf
(git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct
mode claim fails (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching
oversampling ratio (git-fixes).
- driver core: Remove needless return in void API
device_remove_group() (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- commit 0fbd190
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
Replace our patch with the upstream version.
- Delete
patches.suse/RAS-AMD-FMPM-Fix-build-when-debugfs-is-not-enabled.patch.
- commit 9580b87
- kABI fix for RDMA/core: Don't expose hw_counters outside (git-fixes)
- commit 6079f81
- RDMA/core: Don't expose hw_counters outside of init net namespace (git-fixes)
- commit f134527
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- commit a2f9145
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- commit e2a4340
- bpf: Add tracepoints with null-able arguments (bsc#1235501
CVE-2024-56702).
- commit 60ddcfa
- net: Add rx_skb of kfree_skb to raw_tp_null_args (bsc#1235501
CVE-2024-56702).
- commit 2f246d2
- bpf: Augment raw_tp arguments with PTR_MAYBE_NULL (bsc#1235501
CVE-2024-56702).
- commit bd84127
- mm/page_alloc: fix memory accept before watermarks gets
initialized (bsc#1239600).
- commit 10a4fc6
- netfilter: allow exp not to be removed in nf_ct_find_expectation
(CVE-2023-52927 bsc#1239644).
- commit 67af0a4
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- commit c4c365f
- nvme: move error logging from nvme_end_req() to __nvme_end_req()
(git-fixes).
- commit c939fa2
- nvme-fc: rely on state transitions to handle connectivity loss
(git-fixes bsc#1222649).
- commit 0e1fcfd
- nvme: allow passthru cmd error logging (git-fixes).
Refresh:
- patches.suse/nvme-fix-multipath-batched-completion-accounting.patch
- patches.suse/nvme-use-srcu-for-iterating-namespace-list.patch
- patches.suse/nvme-split-off-tls-sysfs-attributes-into-a-separate-group.patch
- commit ca344c0
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- commit aad868b
- nvmet-fc: Remove unused functions (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection()
(git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly
ordered arch (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
(git-fixes).
- nvmet: remove old function prototype (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state
(git-fixes bsc#1222649).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv
done (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers
(git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting
(git-fixes bsc#1222649).
Refresh:
- patches.suse/nvme-fc-use-ctrl-state-getter.patch
- nvme-fc: go straight to connecting state when initializing
(git-fixes bsc#1222649).
- commit 22d62a2
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- commit bea89fa
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- commit 3224bb8
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- commit bcfde59
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- commit 4d30cdc
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- commit 49aa8a8
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- commit eb80776
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- commit b4f3b31
- idpf: fix checksums set in idpf_rx_rsc() (CVE-2025-21890
bsc#1240173).
- ice: Fix deinitializing VF in error path (CVE-2025-21883
bsc#1240189).
- ipvlan: ensure network headers are in skb linear part
(CVE-2025-21891 bsc#1240186).
- commit ac7a561
- Update
patches.suse/RDMA-bnxt_re-Fix-the-page-details-for-the-srq-create.patch
(git-fixes CVE-2025-21885 bsc#1240169).
- Update
patches.suse/RDMA-mlx5-Fix-a-WARN-during-dereg_mr-for-DM-type.patch
(git-fixes CVE-2025-21888 bsc#1240177).
- Update
patches.suse/RDMA-mlx5-Fix-implicit-ODP-hang-on-parent-deregistra.patch
(git-fixes CVE-2025-21886 bsc#1240188).
- Update
patches.suse/RDMA-mlx5-Fix-the-recovery-flow-of-the-UMR-QP.patch
(git-fixes CVE-2025-21892 bsc#1240175).
- Update
patches.suse/i2c-npcm-disable-interrupt-enable-bit-before-devm_re.patch
(git-fixes CVE-2025-21878 bsc#1240192).
- Update
patches.suse/ibmvnic-Don-t-reference-skb-after-sending-to-VIOS.patch
(CVE-2025-21858 bsc#1239468 CVE-2025-21855 bsc#1239484).
- Update patches.suse/iommu-vt-d-Fix-suspicious-RCU-usage.patch
(git-fixes CVE-2025-21876 bsc#1240179).
- Update
patches.suse/ndisc-use-RCU-protection-in-ndisc_alloc_skb.patch
(bsc#1239994 CVE-2025-21764 bsc#1237885).
- Update
patches.suse/powerpc-code-patching-Disable-KASAN-report-during-pa.patch
(bsc#1215199 CVE-2025-21869 bsc#1240182).
- Update
patches.suse/usbnet-gl620a-fix-endpoint-checking-in-genelink_bind.patch
(git-fixes CVE-2025-21877 bsc#1240172).
- commit 9c6e710
- Update
patches.suse/block-fix-integer-overflow-in-BLKSECDISCARD.patch
(git-fixes CVE-2024-49994 bsc#1225770 bsc#1237757).
- Update
patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch
(jsc#PED-12416 CVE-2024-53163 bsc#1234828).
- Update
patches.suse/crypto-qat-validate-slices-count-returned-by-FW.patch
(jsc#PED-12416 CVE-2024-38606 bsc#1226871).
- Update
patches.suse/dm-raid-Fix-WARN_ON_ONCE-check-for-sync_thread-in-ra.patch
(git-fixes CVE-2024-43820 bsc#1229311).
- Update
patches.suse/fbdev-pxafb-Fix-possible-use-after-free-in-pxafb_tas.patch
(stable-fixes CVE-2024-49924 bsc#1232364).
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(git-fixes CVE-2024-50290 bsc#1233479 bsc#1225742).
- Update
patches.suse/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch
(git-fixes CVE-2024-53063 bsc#1233557 bsc#1225742).
- commit e0b966a
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- commit 34587d0
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- commit 2fa0f31
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- commit b249c41
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- commit 0fe5ca5
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- commit e5c2137
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- commit 3634652
- power: supply: max77693: Fix wrong conversion of charge input
threshold value (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing
IRQ type (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in
intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call
(git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call
(git-fixes).
- backlight: led_bl: Hold led_access lock when calling
led_sysfs_disable() (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res
PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs
(git-fixes).
- Revert "leds-pca955x: Remove the unused function
pca95xx_num_led_regs()" (stable-fixes).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - remove access to parity register for QAT GEN4
(git-fixes).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment
(git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length
(git-fixes).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- lib: 842: Improve error handling in sw842_compress()
(git-fixes).
- commit 8ad02d4
- mfd: ene-kb3930: Fix a potential NULL pointer dereference
(git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows
(git-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Use scoped variables with memory allocators to
simplify error paths (stable-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Remove extern from function prototypes
(stable-fixes).
- commit 87db269
- ocfs2: mark dquot as inactive if failed to start trans while
releasing dquot (git-fixes).
- commit 54dc104
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- commit 73be6ce
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- commit ef7689a
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- commit cc4c3a7
- ocfs2: handle a symlink read error correctly (git-fixes).
- commit 79c2998
- dlm: prevent NPD when writing a positive value to event_done
(git-fixes).
- commit 8f717c8
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- commit bb32126
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- commit 45fdfe2
- jfs: add check read-only before truncation in
jfs_truncate_nolock() (git-fixes).
- commit 88c1bf9
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- commit 7ae1e64
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- commit fd3fbef
- Move upstreamed nfsd and sunrpc patches into sorted section
- commit 8ca9bbb
- Move upstreamed PCI and initramfs patches into sorted section
- commit 66970bb
- Move upstreamed powerpc and SCSI patches into sorted section
- commit 21807c4
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe
(git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures
(git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx
without data payload (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling
(git-fixes).
- PCI: brcmstb: Fix error path after a call to
regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Use internal register to change link capability
(git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up
(git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe()
(git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: pciehp: Don't enable HPIE when resuming in poll mode
(git-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed
(git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge()
(git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function
removal (git-fixes).
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB
(git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer()
(git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL
ptr (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member
(git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on
failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering
DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC
timing (git-fixes).
- drm/msm/dpu: don't use active in atomic_check() (git-fixes).
- drm/amd/display: fix type mismatch in
CalculateDynamicMetadataParameters() (git-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in
'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting"
(git-fixes).
- drm/repaper: fix integer overflows in repeat functions
(git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message
(git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro
(git-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register
access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables
(git-fixes).
- drm/vkms: Fix use after free and double free on init error
(git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed
correctly (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning
(git-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- mdacon: rework dependency list (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null
pointer check (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status
(git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- regulator: check that dummy regulator has been probed before
using it (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP
(git-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven
(stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size
(stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path
(git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling
(stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task()
(stable-fixes).
- commit 0b221d1
- mptcp: pm: only set fullmesh for subflow endp (CVE-2025-21706 bsc#1238528)
- commit 1499b76
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels
(git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- ioam6: improve checks on user data (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- commit 2678976
- af_unix: Remove put_pid()/put_cred() in copy_peercred()
(bsc#1240334).
- commit 3c2ac6a
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- commit 73d1c92
- Reapply "wifi: ath11k: restore country code during resume"
(bsc#1207948).
- wifi: ath11k: choose default PM policy for hibernation
(bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well
(bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume()
(bsc#1207948).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume()
(bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model
(bsc#1207948).
- commit 776bdcc
- tee: optee: Fix supplicant wait loop (CVE-2025-21871
bsc#1240183).
- ASoC: SOF: ipc4-topology: Harden loops for looking up ALH
copiers (CVE-2025-21870 bsc#1240191).
- commit d4df66d
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of
qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap()
calls (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in
exynos_chipid_probe() (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values
(git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries
(git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo()
(git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION
before comparison (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel
(git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc
(git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC
(git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format
(git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in
mt7915_muru_stats_show() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- wifi: rtw89: fw: correct debug message format in
rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data
(git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails
(git-fixes).
- wifi: ath12k: Clear affinity hint before calling
ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath11k: Clear affinity hint before calling
ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor
mode (git-fixes).
- wifi: ath11k: fix RCU stall while reaping monitor destination
ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS
Capability (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool
(git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command
(git-fixes).
- broadcom: fix supported flag check in periodic output function
(git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get()
(git-fixes).
- commit 62d1ca7
- drop_monitor: fix incorrect initialization order (CVE-2025-21862
bsc#1239474).
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
(CVE-2025-21635 bsc#1236111).
- net/smc: protect link down work from execute after lgr freed
(CVE-2024-56718 bsc#1235589).
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
(CVE-2024-54683 bsc#1235729).
- net/smc: fix LGR and link use-after-free issue (CVE-2024-56640
bsc#1235436).
- ipv6: Fix soft lockups in fib6_select_path under high next
hop churn (CVE-2024-56703 bsc#1235455).
- commit 32a040d
- kABI fix for net: ipv6: support reporting otherwise unknown
prefix flags in RTM_NEWPREFIX (git-fixes).
- commit 3656735
- net: avoid race between device unregistration and ethnl ops
(CVE-2025-21701 bsc#1237164).
- commit adae27d
- net: usb: usbnet: restore usb%d name exception for local mac
addresses (bsc#1234480).
- commit 0605bcc
- x86/entry: Add __init to ia32_emulation_override_cmdline()
(git-fixes).
- commit 98c0019
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0
(stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-various-ASUS-Laptop.patch.
- commit a9e9dbb
- ALSA: hda/realtek: Add support for various HP Laptops using
CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops
using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops
using CS35L41 HDA (stable-fixes).
- commit 249008f
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix
control names (stable-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx
(stable-fixes).
- commit 401355a
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print
(git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- HID: Enable playstation driver independently of sony driver
(git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for
CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook
X515UA (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup()
(git-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for
ti,j7200-cpb-audio compatible (git-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in
snd_pcm_format_set_silence() (git-fixes).
- commit 52d0d3b
- netfilter: nf_set_pipapo: fix initial map fill (CVE-2024-57947
bsc#1236333).
- commit 970aeca
- include: net: add static inline dst_dev_overhead() to dst.h
(git-fixes).
- commit 38a62b9
- Refresh patches.suse/tpm-send_data-Wait-longer-for-the-TPM-to-become-read.patch.
Also extend the remaining tpm_tis_send_data timeout (bsc#1235870).
- commit 4b3d91d
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- commit 5da2185
- x86/microcode: Prepare for minimal revision check (git-fixes).
- commit c420631
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- commit 392e00e
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- commit b3900fd
- cpufreq/amd-pstate: Fix max_perf updation with schedutil
(bsc#1239707).
- commit fefd3ab
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo
(git-fixes).
- commit 2b5c9da
- x86/microcode: Protect against instrumentation (git-fixes).
- commit c6912a2
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- commit 62c98c3
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- commit 918f8ee
- x86/microcode: Provide new control functions (git-fixes).
- commit 8430c04
- x86/microcode: Add per CPU control field (git-fixes).
- commit 866b0a5
- x86/microcode: Add per CPU result state (git-fixes).
- commit 579033e
- net/smc: check smcd_v2_ext_offset when receiving proposal msg
(CVE-2024-47408 bsc#1235711).
- commit 2f01046
- x86/microcode: Clarify the late load logic (git-fixes).
- commit 6230ee4
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- Refresh
patches.suse/x86-microcode-Sanitize-__wait_for_cpus.patch.
- commit dc94359
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- commit bdacddf
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- commit 6a00f9e
- x86/microcode: Mop up early loading leftovers (git-fixes).
- commit 9018df4
- kABI fix for "netfilter: nft_inner: incorrect percpu area
handling under softirq" (CVE-2024-56638 bsc#1235524).
- commit 3acf757
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- Refresh patches.suse/ipv6-prevent-UAF-in-ip6_send_skb.patch.
- Refresh patches.suse/net-fix-__dst_negative_advice-race.patch.
- commit a265247
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- Refresh
patches.suse/ipv6-sr-fix-incorrect-unregister-order.patch.
- commit ef06a22
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- Refresh
patches.suse/ipv6-prevent-NULL-dereference-in-ip6_output.patch.
- commit 97af13b
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- commit 916bc1a
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- commit 6cd5382
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- commit d0a37ed
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- commit 834a488
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- commit a5ea134
- ipv6: Set errno after ip_fib_metrics_init() in
ip6_route_info_create() (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw()
(git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- ipv6: release nexthop on device removal (CVE-2024-56751
bsc#1234936).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input
(git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- net: use unrcu_pointer() helper (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
(git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and
rpl_input() (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop
fragment (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed
(git-fixes).
- commit ae4c044
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
(git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and
router addresses (git-fixes).
- commit 3e6f7bb
- net: ipv6: support reporting otherwise unknown prefix flags
in RTM_NEWPREFIX (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- commit aab80f1
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- commit a8e1ba8
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- commit 12d10b3
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- commit 44d31ee
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- Refresh
patches.suse/x86-microcode-intel-Remove-unnecessary-cache-writeback-and.patch.
- commit fd684d8
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- commit deae801
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- commit c89162d
- x86/microcode/intel: Simplify early loading (git-fixes).
- commit 571e4fe
- x86/microcode/intel: Cleanup code further (git-fixes).
- commit 53a643e
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- commit f3beb78
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- commit f25c748
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- commit 040895c
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- commit bf7e36d
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- commit cb4b02a
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- commit 1ec4661
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- commit 1bef486
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- commit 7d2da5d
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- commit 4164fad
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- commit 842e778
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- commit d92edaf
- x86/microcode/intel: Remove debug code (git-fixes).
- commit f06da57
- x86/microcode: Move core specific defines to local header (git-fixes).
- Delete
patches.suse/x86-cpu-Fix-amd_check_microcode-declaration.patch.
- commit 68e5a18
- x86/hyperv: Fix output argument to hypercall that changes page
visibility (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory
(git-fixes).
- commit d929456
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- commit cd4315f
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- commit adc4f73
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- Refresh
patches.suse/platform-x86-intel-ifs-Gen2-scan-image-loading.patch.
- commit 9b8d381
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- Refresh
patches.suse/x86-cpu-intel-Detect-TME-keyid-bits-before-setting-MTRR-ma.patch.
- commit 4e2f346
- x86/microcode: Hide the config knob (git-fixes).
- commit d6f3245
- x86/mm: Remove unused microcode.h include (git-fixes).
- commit 88b351c
- x86/microcode: Remove microcode_mutex (git-fixes).
- commit 9723346
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- commit 36caa36
- Revert "wifi: ath11k: restore country code during resume"
(bsc#1207948).
- commit 18bdb23
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- commit 4a52b36
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- commit a5f84ff
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- commit e6ba4df
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- commit c13c7b0
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- commit 8e4bd72
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- commit 0180053
- media: vim2m: print device name after registering device
(git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init()
(git-fixes).
- media: v4l2-dv-timings: prevent possible overflow in
v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region
(git-fixes).
- media: venus: hfi: add check to handle incorrect queue size
(git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic
(git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access
(git-fixes).
- media: visl: Fix ERANGE error when setting enum controls
(git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the
error path (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field
(git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask
(git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators
and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly
in remove (git-fixes).
- media: streamzap: prevent processing IR data on URB failure
(git-fixes).
- media: streamzap: fix race between device disconnection and
urb callback (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in
rtsx_usb_ms_drv_remove (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD
(git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on
errors (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume
(git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending
the use of ARRAY_SIZE() (git-fixes).
- commit d741ce2
- smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844 bsc#1239512)
- commit 5413aee
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- commit c180144
- ipv6: mcast: extend RCU protection in igmp6_send()
(CVE-2025-21759 bsc#1238738).
- commit 400a352
- ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-21760
bsc#1238763).
- commit 156bf64
- vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791
bsc#1238512).
- commit f01aefb
- openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
(CVE-2025-21761 bsc#1238775).
- commit 742de46
- arp: use RCU protection in arp_xmit() (CVE-2025-21762
bsc#1238780).
- commit 816de2a
- neighbour: use RCU protection in __neigh_notify()
(CVE-2025-21763 bsc#1237897).
- commit f8fc7e4
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- commit d3f8de7
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
(bsc#1239994).
- commit 60e0c13
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- commit 8abe0aa
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- commit 095440f
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- commit c35924e
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- Refresh
patches.suse/x86-Fix-CPUIDLE_FLAG_IRQ_ENABLE-leaking-timer-reprogram.patch.
- commit d3998f0
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- commit 317b615
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- commit 3276cd3
- lockdep: Don't disable interrupts on RT in
disable_irq_nosync_lockdep.*() (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- commit 77968cd
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- commit 29ec493
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- commit 4c35517
- flow_dissector: use RCU protection to fetch dev_net()
(bsc#1239994).
- commit a0e50a6
- ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765
bsc#1237906).
- commit c531d1f
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- commit 48756fc
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- commit 81b29a5
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- commit 5eecff1
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
(bsc#1239994).
- commit 6188164
- ipv4: use RCU protection in __ip_rt_update_pmtu()
(CVE-2025-21766 bsc#1238754).
- commit 03eaa8b
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- commit 95bdee3
- net: add dev_net_rcu() helper (bsc#1239994).
- commit 63dac1b
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: cleanup mana struct after debugfs_remove()
(git-fixes).
- Drivers: hv: vmbus: Don't release fb_mmio resource in
vmbus_free_mmio() (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0
(git-fixes).
- commit a640830
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986)
sle_version was obsoleted for SLE16. It has to be combined with
suse_version check.
- commit cbd5de3
- kABI workaround for intel-ish-hid (git-fixes).
- commit c1e0e59
- HID: intel-ish-hid: Send clock sync message immediately after
reset (stable-fixes).
- commit bb56845
- kABI workaround for soc_mixer_control changes (git-fixes).
- commit 41b23df
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated
irq (git-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3
(stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name
(stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions
(stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B
(stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
several devices (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames
(stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
NHxxRZQ (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S
(stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir
G7 SE controllers (stable-fixes).
- ASoC: ops: Consistently treat platform_max as control value
(git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later
(stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth =
14 (stable-fixes).
- drm/amd/display: Restore correct backlight brightness after
a GPU reset (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init
(stable-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is
removed (git-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066
(git-fixes).
- drm/nouveau: Do not override forced connector status
(stable-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors
(stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE
(stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi
module (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays
(stable-fixes).
- usb: phy: generic: Use proper helper for property detection
(stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform
profiles (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad
X120e (stable-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard
(stable-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support
(stable-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards
(stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera
(stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in
doorbell (stable-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17
(stable-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show()
(stable-fixes).
- commit 3767537
- regulator: dummy: force synchronous probing (git-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- commit 74ce27f
- Refresh
patches.suse/udp-Deal-with-race-between-UDP-socket-address-change-and-r.patch.
- commit 4648743
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
Fix tools/ build breakage introduced by suse commit 3d6cb93162fd
"bitmap: introduce generic optimized bitmap_size() (git-fixes)"
- commit a17c3c2
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
Fix tools/ build breakage introduced by suse commit 3d6cb93162fd
"bitmap: introduce generic optimized bitmap_size() (git-fixes)"
- commit 2860902
- kABI: ufshcd: add ufshcd_dealloc_host back (CVE-2025-21739
bsc#1238506).
- commit 722da19
- KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
(CVE-2024-58083 bsc#1239036).
- commit bbd863b
- nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848
bsc#1239479).
- commit bd498df
- ACPI: processor: idle: Return an error if both P_LVL{2,3}
idle states are invalid (bsc#1237530).
- commit f46ae1f
- udp: Deal with race between UDP socket address change and rehash
(CVE-2024-57974 bsc#1238532).
- commit d248d8d
- drm/radeon: fix uninitialized size issue in
radeon_vce_cs_parse() (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU
(git-fixes).
- accel/qaic: Fix integer overflow in qaic_validate_req()
(git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G
(git-fixes).
- drm/v3d: Don't run jobs that have errors flagged in its fence
(git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX
(git-fixes).
- Bluetooth: hci_event: Fix connection regression between LE
and non-LE adapters (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM
(git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source
(git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops
(git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- commit fa047d8
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- commit be0fccb
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- commit 7560f3b
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- commit fae22e5
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- commit 4a61cfc
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- commit d7a5712
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- commit 1c0ffc5
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- commit fb56cee
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- commit d9ad94d
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- commit 3a68d14
- scsi: ufs: core: Fix use-after free in init error and remove
paths (CVE-2025-21739 bsc#1238506).
- commit f971898
- btrfs: use a separate end_io handler for extent_buffer writing
(bsc#1239045).
- btrfs: don't use btrfs_bio_ctrl for extent buffer writing
(bsc#1239045).
- btrfs: remove the mirror_num argument to
btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in
end_bio_subpage_eb_writepage (bsc#1239045).
- commit 5ca42b7
- ata: sata_highbank: fix OF node reference leak in
highbank_initialize_phys() (git-fixes).
- commit a7b4ac3
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- commit c17a6ef
- ata: pata_serverworks: Do not use the term blacklist
(git-fixes).
- commit cdc9008
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using
result_tf (git-fixes).
- commit cf84546
- ata: libata-scsi: Remove redundant sense_buffer memsets
(git-fixes).
- commit 3ff83f7
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- commit f3d1fc7
- ata: pata_parport: fit3: implement IDE command set registers
(git-fixes).
- commit b753758
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- commit e6786aa
- ata: pata_parport: add custom version of wait_after_reset
(git-fixes).
- commit 92ba445
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- commit d1b0425
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- commit b541e7c
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- commit 4d05cf3
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- commit cfcc878
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- commit e1ac37c
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- commit 86fe977
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- commit 9a15b23
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- commit 674715a
- mm: zswap: move allocations during CPU init outside the lock
(git-fixes).
- commit 4a03990
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
(git-fixes CVE-2025-21703 bsc#1237313).
- commit ca9c9ec
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- commit 57c0aea
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- Refresh
patches.suse/net_sched-sch_sfq-don-t-allow-1-packet-limit.patch.
- commit e8a43b7
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc
(git-fixes).
- Refresh
patches.suse/net-sched-act_api-fix-possible-infinite-loop-in-tcf_.patch.
- commit b0f7ecb
- net_sched: Prevent creation of classes with TC_H_ROOT
(git-fixes).
- net/sched: cls_api: fix error handling causing NULL dereference
(git-fixes CVE-2025-21857 bsc#1239478).
- net/sched: netem: account for backlog updates from child qdisc
(git-fixes CVE-2024-56770 bsc#1235637).
- net/sched: tbf: correct backlog statistic for GSO packets
(git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate()
(git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for
actions created by classifiers (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to
fill_sched_entry() (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped
queue at right time (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period
(git-fixes).
- net/sched: flower: Add lock protection when remove filter handle
(git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts
(git-fixes).
- commit a5cca5e
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside
CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc: Stop using no_llseek (bsc#1239573).
- commit 5b9a0f5
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is
enabled (git-fixes).
- commit 39d5ea8
- kABI fix for netlink: terminate outstanding dump on socket close
(git-fixes).
- commit b2fd571
- usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c
(bsc#1232389 CVE-2024-50056).
- commit e07e4ef
- netlink: terminate outstanding dump on socket close
(CVE-2024-53140 bsc#1234222).
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
(CVE-2024-53057 bsc#1233551).
- commit b824575
- usb: gadget: uvc: fix try format returns on uncompressed formats
(bsc#1232389 CVE-2024-50056).
- commit d2b161f
- mm: zswap: properly synchronize freeing resources during CPU
hotunplug (bsc#1237029 CVE-2025-21693).
- commit 215e0dc
- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)
- commit bc1d649
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- init: add initramfs_internal.h (bsc#1232848).
- commit f42c132
- net: stmmac: fix TSO DMA API usage causing oops (CVE-2024-56719 bsc#1235591)
- commit 66963e5
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- commit f832e33
- supported.conf: add now-included qat_420xx (external, intel)
- commit 85940df
- net: constify sk_dst_get() and __sk_dst_get() argument
(git-fixes).
- commit a24981b
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- commit 5d1d9ed
- crypto: qat - add support for device telemetry (jsc#PED-12416). - Refresh patches.suse/crypto-qat-disable-IOV-in-adf_dev_stop.patch. - Refresh patches.suse/crypto-qat-remove-check-after-debugfs_create_dir.patch.
- commit 3d131da
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- commit 8fbb076
- Update config files for PED-12416: QAT_420XX=m on x86, disable error injection.
- commit bbce3cc
- mm/zswap: change per-cpu mutex and buffer to per-acomp_ctx
(bsc#1237029 CVE-2025-21693).
- commit 0b762e3
- usb: gadget: uvc: Fix use-after-free for inflight usb_requests
(bsc#1232389 CVE-2024-50056).
- commit 2525765
- usb: gadget: uvc: move video disable logic to its own function
(bsc#1232389 CVE-2024-50056).
- commit 2ceecdc
- usb: gadget: uvc: Allocate uvc_requests one at a time
(bsc#1232389 CVE-2024-50056).
- commit 4e4b74d
- usb: gadget: uvc: prevent use of disabled endpoint (bsc#1232389
CVE-2024-50056).
- commit fe7e829
- usb: gadget: uvc: clean up comments and styling in video_pump
(bsc#1232389 CVE-2024-50056).
- commit c00889e
- Bluetooth: Improve setsockopt() handling of malformed user input
(git-fixes).
- commit b7abeef
- btrfs: drop the backref cache during relocation if we commit
(bsc#1239605).
- btrfs: check delayed refs when we're checking if a ref exists
(bsc#1239605).
- commit cfc9247
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- commit cae0f76
- Update
patches.suse/net-sched-use-RCU-read-side-critical-section-in-taprio_dump.patch
(CVE-2024-50126 bsc#1232895).
- commit 4fbfb83
- xhci: dbc: Replace custom return value with proper Linux error
code (git-fixes).
- commit 8f2f3fe
- xhci: dbc: Check for errors first in xhci_dbc_stop()
(git-fixes).
- commit 393eaad
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- commit c847619
- xhci: dbc: Use sysfs_emit() to instead of scnprintf()
(git-fixes).
- commit fdc638e
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- commit de56eef
- xhci: dbc: Drop duplicate checks for dma_free_coherent()
(git-fixes).
- commit b4ff421
- Update
patches.suse/xhci-Combine-two-if-statements-for-Etron-xHCI-host.patch
(git-fixes).
- Update
patches.suse/xhci-Don-t-issue-Reset-Device-command-to-Etron-xHCI-.patch
(git-fixes).
Fix false references introduced by reusing patches for SP7 needed
for a feature
- commit f1a52b1
- ila: serialize calls to nf_register_net_hooks() (CVE-2024-57900
bsc#1235973).
- commit a940895
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32
(bsc#1239349).
- commit 4c2eac0
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows
(git-fixes).
- commit e3c259b
- ubi: Add a check for ubi_num (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is
empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking
LEB failed (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create()
(git-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Don't reserve PEB if fm_anchor
exists (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap
data block (git-fixes).
- commit 123f0f1
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- commit cbadc13
- tcp: introduce tcp_clock_ms() (git-fixes).
- commit ef89ad4
- include/linux/mmzone.h: clean up watermark accessors
(bsc#1239600).
- commit 9cc8558
- mm: create promo_wmark_pages and clean up open-coded sites
(bsc#1239600).
- commit 9684a94
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP
(git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- commit 3bc54d8
- mm: accept to promo watermark (bsc#1239600).
- commit 1ee3b42
- mm: fix endless reclaim on machines with unaccepted memory
(bsc#1239600).
- commit 2f9ff68
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte
feature (git-fixes).
- commit a688092
- kABI fix for tcp: drop secpath at the same time as we currently
drop (CVE-2025-21864 bsc#1239482).
- commit 79a237f
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805
(git-fixes).
- commit f5ad85e
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- Refresh
patches.suse/xhci-pci-Fix-indentation-in-the-PCI-device-ID-defini.patch.
- commit 6e83d36
- xhci: Don't perform Soft Retry for Etron xHCI host (git-fixes).
- commit 9beb310
- xhci: Don't issue Reset Device command to Etron xHCI host
(jsc#PED-10701).
- commit 5ad7a28
- xhci: Combine two if statements for Etron xHCI host
(jsc#PED-10701).
- commit 68c16e1
- xhci: Cleanup Candence controller PCI device and vendor ID usage
(git-fixes).
- commit df43775
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host
(git-fixes).
- commit 1479d30
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- commit 6f73c8c
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- commit 32a2ce7
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- commit 02e0809
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- commit 3ebb63d
- xhci: pci: Use full names in PCI IDs for Intel platforms
(git-fixes).
- commit 38d020d
- ila: call nf_unregister_net_hooks() sooner (CVE-2024-46782
bsc#1230769).
- commit e9d9715
- Input: iqs7222 - preserve system status register (git-fixes).
- commit 1f2a9a2
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2
(git-fixes).
- commit 9ee6aed
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- commit 6fedbfd
- Update
patches.suse/ASoC-SOF-stream-ipc-Check-for-cstream-nullity-in-sof.patch
(git-fixes CVE-2025-21847 bsc#1239471).
- Update
patches.suse/HID-multitouch-Add-NULL-check-in-mt_input_configured.patch
(git-fixes CVE-2024-58020 bsc#1239346).
- Update
patches.suse/USB-gadget-f_midi-f_midi_complete-to-call-queue_work.patch
(git-fixes CVE-2025-21859 bsc#1239467).
- Update patches.suse/acct-perform-last-write-from-workqueue.patch
(git-fixes CVE-2025-21846 bsc#1239508).
- Update
patches.suse/block-don-t-revert-iter-for-EIOCBQUEUED.patch
(git-fixes CVE-2025-21832 bsc#1239105).
- Update
patches.suse/fbdev-omap-use-threaded-IRQ-for-LCD-DMA.patch
(stable-fixes CVE-2025-21821 bsc#1239174).
- Update
patches.suse/nfsd-clear-acl_access-acl_default-after-releasing-them.patch
(git-fixes CVE-2025-21796 bsc#1238716).
- Update
patches.suse/nvmet-Fix-crash-when-a-namespace-is-disabled.patch
(git-fixes CVE-2025-21850 bsc#1239477).
- Update
patches.suse/orangefs-fix-a-oob-in-orangefs_debug_write.patch
(git-fixes CVE-2025-21782 bsc#1239117).
- Update
patches.suse/partitions-mac-fix-handling-of-bogus-partition-table.patch
(git-fixes CVE-2025-21772 bsc#1238911).
- Update
patches.suse/powerpc-code-patching-Fix-KASAN-hit-by-not-flagging-.patch
(bsc#1215199 CVE-2025-21866 bsc#1239473).
- commit d74c347
- nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997 CVE-2024-58019)
- commit 73aa11f
- i2c: sis630: Fix an error handling path in sis630_probe()
(git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe()
(git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe()
(git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- commit a2963cf
- Input: ads7846 - fix gpiod allocation (git-fixes).
- commit 829ae40
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen
2 model (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360
14-dy1xxx (stable-fixes).
- commit 10b7907
- ASoC: codecs: wm0010: Fix error handling path in
wm0010_spi_probe() (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology
probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in
mid_get_vbt_data() (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work
(git-fixes).
- commit 866bbeb
- Refresh patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch.
- Refresh
patches.suse/mptcp-move-__mptcp_error_report-in-protocol.c.patch.
- Refresh
patches.suse/tcp-define-initial-scaling-factor-value-as-a-macro.patch.
- Refresh
patches.suse/tcp-increase-the-default-TCP-scaling-ratio.patch.
After discussing with @jwiesner: re-introduce b8dc6d6ce ("mptcp: fix rcv
buffer auto-tuning")
- commit 2c38df3
- mm/migrate_device: don't add folio to be freed to LRU in
migrate_device_finalize() (CVE-2025-21861 bsc#1239483).
- commit 2aaf230
- mm: migrate_device: use more folio in migrate_device_finalize()
(CVE-2025-21861 bsc#1239483 dependency).
- commit 6c15dfd
- geneve: Suppress list corruption splat in
geneve_destroy_tunnels() (CVE-2025-21858 bsc#1239468).
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl()
(CVE-2025-21865 bsc#1239481).
- ibmvnic: Don't reference skb after sending to VIOS
(CVE-2025-21858 bsc#1239468).
- geneve: Fix use-after-free in geneve_find_dev() (CVE-2025-21858
bsc#1239468).
- commit 37714b5
- drm/amdgpu: Check extended configuration space register when
system uses large bar (stable-fixes).
- Refresh
patches.suse/drm-amdgpu-disable-BAR-resize-on-Dell-G5-SE.patch.
- commit 3119f0d
- wifi: cfg80211: cancel wiphy_work before freeing wiphy
(git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms
(git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass
Storage Card Reader (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- gpio: rcar: Use raw_spinlock to protect register access
(stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad
X131e (stable-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress
200M (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL
(git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions
(stable-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- commit afdffc3
- Delete patches.suse/APEI-GHES-Have-GHES-honor-the-panic-setting.patch (bsc#1239615)
The panic-on-reboot behavior change is too surprsing as an update,
better to be reverted during SP
- commit 38b0ca3
- dm-crypt: track tag_offset in convert_context (git-fixes).
- commit e418c3f
- dm-crypt: don't update io->sector after
kcryptd_crypt_write_io_submit() (git-fixes).
- commit 4e42a0d
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
(git-fixes).
- commit d656a3c
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block
size (take 2) (git-fixes).
mwilck: some hand editing because d95e2c34a3ca ("dm verity: Fix IO
priority lost when reading FEC and hash") is missing
- commit 952c7af
- dm array: fix cursor index when skipping across block boundaries
(git-fixes).
- commit 9559a70
- dm array: fix unreleased btree blocks on closing a faulty
array cursor (git-fixes).
- commit 3401ff8
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- commit b8c64af
- dm: Fix typo in error message (git-fixes).
- commit 085bad2
- dm-unstriped: cast an operand to sector_t to prevent potential
uint32_t overflow (git-fixes).
- commit 9289690
- Revert "dm: requeue IO if mapping table not yet available"
(git-fixes).
- commit 5102f1f
- dm-integrity: fix a race condition when accessing recalc_sector
(git-fixes).
- commit f9223d3
- dm persistent data: fix memory allocation failure (git-fixes).
- commit 6ad0a55
- dm resume: don't return EINVAL when signalled (git-fixes).
- commit b83910f
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- commit d18f8de
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume
(git-fixes).
- commit 6d3fcd8
- dm init: Handle minors larger than 255 (git-fixes).
- commit 73dcd27
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- commit 3d6cb93
- dm-delay: fix max_delay calculations (git-fixes).
- commit 9bd5588
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- commit c232aae
- dm-delay: fix workqueue delay_timer race (git-fixes).
- commit d3bc4cb
- dm integrity: fix out-of-range warning (git-fixes).
- commit 94146a8
- dm-integrity: align the outgoing bio in integrity_recheck
(git-fixes).
- commit 8ef7f34
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
(git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- commit 3e8333c
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits
out (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's
safe (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent
(git-fixes).
- commit 057626d
- tcp: avoid reusing FIN_WAIT2 when trying to find port in
connect() process (git-fixes).
- commit b709352
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- commit ee5bb6a
- tcp: Update window clamping condition (git-fixes).
- commit 21c2df7
- tcp: Adjust clamping window for applications specifying
SO_RCVBUF (git-fixes).
- commit 45a6b13
- tcp: Don't drop SYN+ACK for simultaneous connect() (git-fixes).
- commit d347622
- tcp: fix races in tcp_v_err() (git-fixes).
- commit 7d8961a
- tcp: fix races in tcp_abort() (git-fixes).
- commit 57c21f2
- tcp: fix race in tcp_write_err() (git-fixes).
- commit f7c5a0b
- tcp: add tcp_done_with_error() helper (git-fixes).
- commit 67b079b
- tcp: fix incorrect undo caused by DSACK of TLP retransmit
(git-fixes).
- commit 7fc3dc6
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call
tcp_try_to_open() (git-fixes).
- commit 481ef49
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for
failed TFO (git-fixes).
- commit e0d6e17
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack()
(git-fixes).
- commit 2f9ac53
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- commit debc800
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- commit e578c32
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value
(git-fixes).
- commit a0f87a0
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- commit 9d8f16e
- tcp: increase the default TCP scaling ratio (git-fixes).
- commit 37d2a56
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- Refresh
patches.suse/mptcp-cope-racing-subflow-creation-in-mptcp_rcv_spac.patch.
- commit baccd3e
- tcp: Fix bind() regression for v6-only wildcard and
v4(-mapped-v6) non-wildcard addresses (git-fixes).
- commit 10a8fd3
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- commit 2c65748
- tcp: fix incorrect parameter validation in the
do_tcp_getsockopt() function (git-fixes).
- commit 1b71f1e
- tcp: Add memory barrier to tcp_push() (git-fixes).
- commit 9e18439
- tcp: fix mid stream window clamp (git-fixes).
- commit 1da9c62
- tcp: define initial scaling factor value as a macro (git-fixes).
- Refresh
patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch.
- Refresh
patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch.
- commit 5d65891
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- commit 35f4bde
- tcp: derive delack_max from rto_min (git-fixes).
- commit 681cef6
- tcp: check mptcp-level constraints for backlog coalescing
(git-fixes).
- commit f47afe8
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes
bsc#1239595).
- commit e1c229c
- s390/stackleak: Use exrl instead of ex in __stackleak_poison()
(git-fixes bsc#1239594).
- commit bf5ac4c
- s390/ism: add release function for struct device (git-fixes
CVE-2025-21856 bsc#1239486).
- commit ae9aecd
- tcp: drop secpath at the same time as we currently drop dst
(CVE-2025-21864 bsc#1239482).
- commit 068f76d
- tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit cd84ccc
- net: sched: use RCU read-side critical section in taprio_dump()
(CVE-2024-50140 bsc#1233060).
- commit 481b06f
- spi: microchip-core: Use helper function devm_clk_get_enabled()
(git-fixes).
- commit ba5bb35
- spi: microchip-core: Clean up redundant dev_err_probe()
(git-fixes).
- Refresh
patches.suse/spi-microchip-core-switch-to-use-modern-name.patch.
- commit e92f46c
- net/smc: check iparea_offset and ipv6_prefixes_cnt when
receiving proposal msg (CVE-2024-49571 bsc#1235733).
- commit d49e720
- kABI: bpf: Prevent tailcall infinite loop caused by freplace
kABI workaround (bsc#1235712 CVE-2024-47794).
- commit b659789
- bpf: Prevent tailcall infinite loop caused by freplace
(bsc#1235712 CVE-2024-47794).
- commit 594a2b0
- netdev: prevent accessing NAPI instances from another namespace
(CVE-2025-21659 bsc#1236206).
- commit 4814e4a
- ice: Remove and readd netdev during devlink reload (bsc#1230497
bsc#1239518).
- Refresh
patches.suse/ice-add-ice_adapter-for-shared-data-across-PFs-on-th.patch.
- commit fac3f79
- HID: hid-steam: Fix use-after-free when detaching device
(git-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle
(git-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in
ishtp_hid_remove() (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI
(git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on
system suspend (stable-fixes).
- commit 66671e7
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value
(git-fixes).
- commit e9a08e4
- net: mana: Allow variable size indirection table (bsc#1239016).
- Refresh
patches.suse/net-mana-Enable-debugfs-files-for-MANA-device.patch.
- commit 987aac3
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs
(bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic
(bsc#1239016).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2
(bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- commit 99e576d
- af_unix: Disable MSG_OOB handling for sockets in
sockmap/sockhash (bsc#1239435).
- af_unix: Annotate data-race of sk->sk_state in
unix_stream_read_skb() (bsc#1239435).
- commit 53fc06a
- padata: fix sysfs store callback check (git-fixes).
- commit 9e53996
- netpoll: Fix race condition in netpoll_owner_active
(CVE-2024-41005 bsc#1227858).
- commit edbf839
- sched/membarrier: Fix redundant load of membarrier_state
(bsc#1232743).
- commit 4b4693f
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for
server bind (git-fixes).
- commit acac4ee
- selftests/bpf: Add test case for the freeing of bpf_timer
(bsc#1238971 CVE-2025-21825).
- bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
(bsc#1238971 CVE-2025-21825).
- commit d0cb4f3
- kABI fix for l2tp: prevent possible tunnel refcount underflow
(CVE-2024-49940 bsc#1232812).
- commit d6225ab
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs
for pmemory (bsc#1239167 ltc#211055).
- commit 1543fff
- l2tp: fix lockdep splat (git-fixes).
- commit 1b614a9
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- commit 9f93194
- net l2tp: drop flow hash on forward (git-fixes).
- commit c98f745
- l2tp: fix incorrect parameter validation in the
pppol2tp_getsockopt() function (git-fixes).
- commit 33af351
- net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996
bsc#1239076).
- commit 8f719fe
- ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during
params (CVE-2024-58012 bsc#1239104).
- commit 3d2e163
- usb: gadget: Check bmAttributes only if configuration is valid
(git-fixes).
- usb: gadget: Fix setting self-powered state on suspend
(git-fixes).
- commit 1151d65
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes
(git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations
(git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix
functionality (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes
(git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails
(git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks
(git-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles()
(git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based
detection" (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device
(git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in
pmcmd_ioctl (git-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt
scenario (git-fixes).
- cdx: Fix possible UAF error in driver_override_show()
(git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function()
to avoid deadlock (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value
(git-fixes).
- commit 481095d
- Update
patches.suse/HID-hid-thrustmaster-fix-stack-out-of-bounds-read-in.patch
(git-fixes CVE-2025-21794 bsc#1238502).
- Update
patches.suse/NFC-nci-Add-bounds-checking-in-nci_hci_create_pipe.patch
(git-fixes CVE-2025-21735 bsc#1238497).
- Update
patches.suse/PCI-Avoid-putting-some-root-ports-into-D3-on-TUXEDO-.patch
(git-fixes CVE-2025-21831 bsc#1239039).
- Update
patches.suse/PCI-rcar-ep-Fix-incorrect-variable-used-when-calling.patch
(git-fixes CVE-2025-21804 bsc#1238736).
- Update
patches.suse/RDMA-mlx5-Fix-a-race-for-an-ODP-MR-which-leads-to-CQ.patch
(git-fixes CVE-2025-21732 bsc#1237877).
- Update
patches.suse/RDMA-mlx5-Fix-implicit-ODP-use-after-free.patch
(git-fixes CVE-2025-21714 bsc#1237890).
- Update
patches.suse/RDMA-rxe-Fix-the-warning-__rxe_cleanup-0x12c-0x170-r.patch
(git-fixes CVE-2025-21829 bsc#1239030).
- Update
patches.suse/Revert-drm-amd-display-Use-HW-lock-mgr-for-PSR1.patch
(stable-fixes CVE-2025-21819 bsc#1238994).
- Update
patches.suse/USB-hub-Ignore-non-compliant-devices-with-too-many-c.patch
(stable-fixes CVE-2025-21776 bsc#1238909).
- Update
patches.suse/arm64-cacheinfo-Avoid-out-of-bounds-write-to-cacheinfo-array.patch
(git-fixes CVE-2025-21785 bsc#1238747).
- Update
patches.suse/ata-libata-sff-Ensure-that-we-cannot-write-outside-t.patch
(stable-fixes CVE-2025-21738 bsc#1238917).
- Update
patches.suse/batman-adv-Drop-unmanaged-ELP-metric-worker.patch
(git-fixes CVE-2025-21823 bsc#1238475).
- Update
patches.suse/batman-adv-fix-panic-during-interface-removal.patch
(git-fixes CVE-2025-21781 bsc#1238735).
- Update
patches.suse/blk-cgroup-Fix-class-block_class-s-subsystem-refcount-leakage.patch
(bsc#1237558 CVE-2025-21745 bsc#1238785).
- Update
patches.suse/block-bfq-fix-waker_bfqq-UAF-after-bfq_split_bfqq.patch
(git-fixes CVE-2025-21631 bsc#1236099).
- Update
patches.suse/can-ctucanfd-handle-skb-allocation-failure.patch
(git-fixes CVE-2025-21775 bsc#1238501).
- Update
patches.suse/can-etas_es58x-fix-potential-NULL-pointer-dereferenc.patch
(git-fixes CVE-2025-21773 bsc#1238762).
- Update
patches.suse/driver-core-class-Fix-wild-pointer-dereferences-in-A.patch
(git-fixes CVE-2025-21810 bsc#1238757).
- Update
patches.suse/drm-amdgpu-avoid-buffer-overflow-attach-in-smu_sys_s.patch
(stable-fixes CVE-2025-21780 bsc#1239115).
- Update
patches.suse/drm-amdgpu-bail-out-when-failed-to-load-fw-in-psp_in.patch
(git-fixes CVE-2025-21784 bsc#1238510).
- Update patches.suse/landlock-Handle-weird-files.patch (git-fixes
CVE-2025-21830 bsc#1239033).
- Update patches.suse/misc-fastrpc-Fix-copy-buffer-page-size.patch
(git-fixes CVE-2025-21734 bsc#1238734).
- Update
patches.suse/mm-compaction-fix-UBSAN-shift-out-of-bounds-warning.patch
(git fixes (mm/compaction) CVE-2025-21815 bsc#1238474).
- Update
patches.suse/msft-hv-3160-KVM-x86-Reject-Hyper-V-s-SEND_IPI-hypercalls-if-loca.patch
(git-fixes CVE-2025-21779 bsc#1238768).
- Update
patches.suse/nbd-don-t-allow-reconnect-after-disconnect.patch
(git-fixes CVE-2025-21731 bsc#1237881).
- Update
patches.suse/net-rose-fix-timer-races-against-user-threads.patch
(git-fixes CVE-2025-21718 bsc#1239073).
- Update patches.suse/net-rose-lock-the-socket-in-rose_bind.patch
(git-fixes CVE-2025-21749 bsc#1238904).
- Update
patches.suse/net-rose-prevent-integer-overflows-in-rose_setsockop.patch
(git-fixes CVE-2025-21711 bsc#1239114).
- Update
patches.suse/net-usb-rtl8150-enable-basic-endpoint-checking.patch
(git-fixes CVE-2025-21708 bsc#1239087).
- Update
patches.suse/nilfs2-fix-possible-int-overflows-in-nilfs_fiemap.patch
(git-fixes CVE-2025-21736 bsc#1238715).
- Update patches.suse/padata-avoid-UAF-for-reorder_work.patch
(git-fixes CVE-2025-21726 bsc#1238865).
- Update patches.suse/padata-fix-UAF-in-padata_reorder.patch
(git-fixes CVE-2025-21727 bsc#1237876).
- Update
patches.suse/scsi-mpi3mr-Fix-possible-crash-when-setting-up-bsg-f.patch
(git-fixes CVE-2025-21723 bsc#1238864).
- Update patches.suse/spi-sn-f-ospi-Fix-division-by-zero.patch
(git-fixes CVE-2025-21793 bsc#1238500).
- Update patches.suse/tty-xilinx_uartps-split-sysrq-handling.patch
(git-fixes CVE-2025-21820 bsc#1238479).
- Update
patches.suse/usb-cdc-acm-Check-control-transfer-buffer-size-befor.patch
(git-fixes CVE-2025-21704 bsc#1237571).
- Update
patches.suse/usb-gadget-core-flush-gadget-workqueue-after-device-.patch
(git-fixes CVE-2025-21838 bsc#1239065).
- Update
patches.suse/usb-gadget-f_midi-fix-MIDI-Streaming-descriptor-leng.patch
(git-fixes CVE-2025-21835 bsc#1239068).
- Update patches.suse/usbnet-ipheth-fix-DPE-OoB-read.patch
(git-fixes CVE-2025-21741 bsc#1238767).
- Update
patches.suse/usbnet-ipheth-fix-possible-overflow-in-DPE-length-ch.patch
(git-fixes CVE-2025-21743 bsc#1238781).
- Update
patches.suse/usbnet-ipheth-use-static-NDP16-location-in-URB.patch
(git-fixes CVE-2025-21742 bsc#1238771).
- Update
patches.suse/vsock-Keep-the-binding-until-socket-destruction.patch
(git-fixes CVE-2025-21756 bsc#1238876).
- Update
patches.suse/wifi-brcmfmac-Check-the-return-value-of-of_property_.patch
(stable-fixes CVE-2025-21750 bsc#1238905).
- Update
patches.suse/wifi-brcmfmac-fix-NULL-pointer-dereference-in-brcmf_.patch
(stable-fixes CVE-2025-21744 bsc#1238903).
- Update
patches.suse/wifi-mac80211-don-t-flush-non-uploaded-STAs.patch
(git-fixes CVE-2025-21828 bsc#1238958).
- Update patches.suse/zram-fix-potential-UAF-of-zram-table.patch
(git-fixes CVE-2025-21671 bsc#1236692).
- commit 0d7f015
- Update
patches.suse/Bluetooth-L2CAP-handle-NULL-sock-pointer-in-l2cap_so.patch
(git-fixes CVE-2024-58009 bsc#1238760).
- Update
patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-mgmt_.patch
(stable-fixes CVE-2024-58013 bsc#1239095).
- Update
patches.suse/HID-core-Fix-assumption-that-Resolution-Multipliers-.patch
(git-fixes CVE-2024-57986 bsc#1237907).
- Update
patches.suse/HID-hid-thrustmaster-Fix-warning-in-thrustmaster_pro.patch
(git-fixes CVE-2024-57993 bsc#1237894).
- Update
patches.suse/PCI-dwc-ep-Prevent-changing-BAR-size-flags-in-pci_ep.patch
(git-fixes CVE-2024-58006 bsc#1238772).
- Update
patches.suse/block-Fix-page-refcounts-for-unaligned-buffers-in-__bio_release_pages.patch
(git-fixes CVE-2024-35826 bsc#1224610).
- Update
patches.suse/block-avoid-to-reuse-hctx-not-removed-from-cpuhp-callback-list.patch
(git-fixes CVE-2024-41149 bsc#1235698).
- Update
patches.suse/block-fix-integer-overflow-in-BLKSECDISCARD.patch
(git-fixes CVE-2024-49994 bsc#1225770).
- Update
patches.suse/cifs-fix-potential-null-pointer-use-in-destroy_workqueue-in-init_ci.patch
(bsc#1231432 CVE-2024-42307 bsc#1229361).
- Update
patches.suse/clk-qcom-dispcc-sm6350-Add-missing-parent_map-for-a-.patch
(git-fixes CVE-2024-58080 bsc#1239027).
- Update
patches.suse/clk-qcom-gcc-sm6350-Add-missing-parent_map-for-two-c.patch
(git-fixes CVE-2024-58076 bsc#1239037).
- Update
patches.suse/drm-amdgpu-Fix-potential-NULL-pointer-dereference-in.patch
(git-fixes CVE-2024-58052 bsc#1238986).
- Update
patches.suse/drm-msm-gem-prevent-integer-overflow-in-msm_ioctl_ge.patch
(git-fixes CVE-2024-52559 bsc#1238507).
- Update
patches.suse/drm-v3d-Stop-active-perfmon-if-it-is-being-destroyed.patch
(git-fixes CVE-2024-58086 bsc#1239038).
- Update patches.suse/idpf-convert-workqueues-to-unbound.patch
(git-fixes CVE-2024-58057 bsc#1238969).
- Update
patches.suse/ipmi-ipmb-Add-check-devm_kasprintf-returned-value.patch
(git-fixes CVE-2024-58051 bsc#1238963).
- Update
patches.suse/media-imx-jpeg-Fix-potential-error-pointer-dereferen.patch
(git-fixes CVE-2024-57978 bsc#1238523).
- Update
patches.suse/media-uvcvideo-Fix-crash-during-unbind-if-gpio-unit-.patch
(git-fixes CVE-2024-58079 bsc#1239029).
- Update
patches.suse/media-uvcvideo-Fix-double-free-in-error-path.patch
(git-fixes CVE-2024-57980 bsc#1237911).
- Update
patches.suse/media-uvcvideo-Remove-dangling-pointers.patch
(git-fixes CVE-2024-58002 bsc#1238503).
- Update
patches.suse/media-vidtv-Fix-a-null-ptr-deref-in-vidtv_mux_stop_t.patch
(stable-fixes CVE-2024-57834 bsc#1238993).
- Update
patches.suse/memory-tegra20-emc-fix-an-OF-node-reference-bug-in-t.patch
(git-fixes CVE-2024-58034 bsc#1238773).
- Update
patches.suse/misc-misc_minor_alloc-to-use-ida-for-all-dynamic-mis.patch
(git-fixes CVE-2024-58078 bsc#1239034).
- Update
patches.suse/net-fix-removing-a-namespace-with-conflicting-altnam.patch
(bsc#1233749 CVE-2024-26634 bsc#1221651).
- Update patches.suse/null_blk-fix-validation-of-block-size.patch
(git-fixes CVE-2024-41077 bsc#1228653).
- Update
patches.suse/platform-x86-int3472-Check-for-adev-NULL.patch
(stable-fixes CVE-2024-58011 bsc#1239080).
- Update
patches.suse/powerpc-pseries-iommu-IOMMU-incorrectly-marks-MMIO-r.patch
(bsc#1218470 ltc#204531 CVE-2024-57999 bsc#1238526).
- Update
patches.suse/printk-Fix-signed-integer-overflow-when-defining-LOG_BUF_LEN_MAX.patch
(bsc#1237950 CVE-2024-58017 bsc#1239112).
- Update
patches.suse/rdma-cxgb4-Prevent-potential-integer-overflow-on-32b.patch
(git-fixes CVE-2024-57973 bsc#1238531).
- Update
patches.suse/remoteproc-core-Fix-ida_free-call-while-not-allocate.patch
(git-fixes CVE-2024-58056 bsc#1238981).
- Update
patches.suse/rtc-pcf85063-fix-potential-OOB-write-in-PCF85063-NVM.patch
(git-fixes CVE-2024-58069 bsc#1238978).
- Update
patches.suse/scsi-hisi_sas-Fix-a-deadlock-issue-related-to-automa-3c4f53b2.patch
(git-fixes CVE-2024-26873 bsc#1223047).
- Update
patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch
(git-fixes CVE-2024-57807 bsc#1235761).
- Update
patches.suse/smb-client-fix-double-put-of-cfile-in-smb2_rename_path-.patch
(git-fixes CVE-2024-46736 bsc#1230728).
- Update
patches.suse/smb-client-fix-double-put-of-cfile-in-smb2_set_path_size-.patch
(git-fixes CVE-2024-46796 bsc#1230832).
- Update
patches.suse/smb-client-fix-possible-double-free-in-smb2_set_ea-.patch
(git-fixes CVE-2024-50152 bsc#1233033).
- Update
patches.suse/soc-qcom-socinfo-Avoid-out-of-bounds-read-of-serial-.patch
(git-fixes CVE-2024-58007 bsc#1238511).
- Update
patches.suse/staging-media-max96712-fix-kernel-oops-when-removing.patch
(git-fixes CVE-2024-58054 bsc#1238975).
- Update
patches.suse/tomoyo-don-t-emit-warning-in-tomoyo_write_control.patch
(stable-fixes CVE-2024-58085 bsc#1239085).
- Update
patches.suse/tpm-Change-to-kvalloc-in-eventlog-acpi.c.patch
(bsc#1233260 bsc#1233259 bsc#1232421 CVE-2024-58005
bsc#1237873).
- Update
patches.suse/ubifs-skip-dumping-tnc-tree-when-zroot-is-null.patch
(git-fixes CVE-2024-58058 bsc#1238979).
- Update
patches.suse/usb-gadget-f_tcm-Don-t-free-command-immediately.patch
(git-fixes CVE-2024-58055 bsc#1238959).
- Update
patches.suse/usb-xhci-Fix-NULL-pointer-dereference-on-certain-com.patch
(git-fixes CVE-2024-57981 bsc#1237912).
- Update
patches.suse/wifi-brcmsmac-add-gain-range-check-to-wlc_phy_iqcal_.patch
(stable-fixes CVE-2024-58014 bsc#1239109).
- Update
patches.suse/wifi-mac80211-prohibit-deactivating-all-links.patch
(git-fixes CVE-2024-58061 bsc#1238973).
- Update
patches.suse/wifi-mt76-mt7925-fix-off-by-one-in-mt7925_load_clc.patch
(git-fixes CVE-2024-57990 bsc#1237900).
- Update
patches.suse/wifi-rtlwifi-fix-memory-leaks-and-invalid-access-at-.patch
(git-fixes CVE-2024-58063 bsc#1238984).
- Update
patches.suse/wifi-rtlwifi-remove-unused-check_buddy_priv.patch
(git-fixes CVE-2024-58072 bsc#1238964).
- Update
patches.suse/wifi-wcn36xx-fix-channel-survey-memory-allocation-si.patch
(git-fixes CVE-2024-57997 bsc#1238529).
- commit fb231d1
- Update
patches.suse/cpu-hotplug-Don-t-offline-the-last-non-isolated-CPU.patch
(bsc#1237562 CVE-2023-52831 bsc#1225533).
- Update
patches.suse/io_uring-rw-split-io_read-into-a-helper.patch
(bsc#1215211 CVE-2023-52926 bsc#1237565).
- commit a1ecaa9
- partitions: mac: fix handling of bogus partition table
(git-fixes).
- block: cleanup and fix batch completion adding conditions
(git-fixes).
- block: don't revert iter for -EIOCBQUEUED (git-fixes).
- commit 9b6ced4
- rapidio: add check for rio_add_net() in rio_scan_alloc_net()
(git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- commit 6203500
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- commit d83f55b
- sunrpc: suppress warnings for unused procfs functions
(git-fixes).
- commit cd678ab
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- commit 55bec3b
- SUNRPC: Prevent looping due to rpc_signal_task() races
(git-fixes).
- commit 033fbe6
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- commit 444dbb7
- nfsd: clear acl_access/acl_default after releasing them
(git-fixes).
- commit 44261ed
- pnfs/flexfiles: retry getting layout segment for reads
(git-fixes).
- commit 76f556a
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-various-ASUS-Laptop.patch.
- commit 9363cb2
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops
using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop
using CS35L41 HDA (stable-fixes).
- commit aea7c4e
- Refresh patches.suse/ALSA-hda-realtek-Workaround-for-resume-on-Dell-Venue.patch
A patch chunk was dropped mistakenly
- commit 0e9ac09
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA
Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops
using CS35L41 HDA (stable-fixes).
- commit 4ef6d55
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage
(git-fixes).
- commit 844da8a
- ALSA: hda/realtek: Add support for various ASUS Laptops using
CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50
(stable-fixes).
- commit 2ee2163
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist
(stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo
platform (stable-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery
(stable-fixes).
- commit 10a77af
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in
xgene_hwmon_probe() (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error
(git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table
(git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify()
(git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: aggregator: protect driver attr handlers against module
unload (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe
(git-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config
(git-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- commit c757c56
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
When compiler different from the one which was used to configure the
kernel is used to build modules a warning is issued and the build
continues. This could be turned into an error but that would be too
restrictive.
The generated kernel-devel makefile could set the compiler but then the
main Makefile as to be patched to assign CC with ?=
This causes run_oldconfig failure on SUSE-2024 and kbuild config check
failure on SUSE-2025.
This cannot be hardcoded to one version in a regular patch because the
value is expected to be configurable at mkspec time. Patch the Makefile
after aplyin patches in rpm prep step instead. A check is added to
verify that the sed command did indeed apply the change.
- commit 6031391
- tracing/osnoise: Fix resetting of tracepoints (CVE-2025-21733
bsc#1238494).
- commit 27d6e3b
- btrfs: fix assertion failure when splitting ordered extent
after transaction abort (CVE-2025-21754 bsc#1238496).
- commit 2050c25
- kABI workaround for pps changes (CVE-2024-57979 bsc#1238521).
- commit b151154
- pps: Fix a use-after-free (CVE-2024-57979 bsc#1238521).
- commit c19b588
- initcall_blacklist: Does not allow kernel_lockdown be
blacklisted (bsc#1237521).
- commit c830a3e
- drm/amd/display: Fix null check for pipe_ctx->plane_state in
resource_build_scaling_params (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking
(git-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: don't try to talk to a dead firmware
(git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with
other flags (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in
mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
(git-fixes).
- bluetooth: btusb: Initialize .owner field of
force_poll_sync_fops (git-fixes).
- commit ba6baa3
- net: hns3: fix oops when unload drivers paralleling
(CVE-2025-21802 bsc#1238751).
- commit 1e9156e
- NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795
bsc#1238759).
- commit b38b339
- vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790
bsc#1238753).
- commit f088d3b
- clocksource: Use migrate_disable() to avoid calling
get_random_u32() in atomic context (CVE-2025-21767 bsc#1238509).
- commit 63a12d3
- vxlan: Fix uninit-value in vxlan_vnifilter_dump()
(CVE-2025-21716 bsc#1237891).
- commit dd55756
- mptcp: handle fastopen disconnect correctly (CVE-2025-21705
bsc#1238525).
- commit fd8b648
- exfat: fix timing of synchronizing bitmap and inode
(bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file
(bsc#1237356).
- commit 7d766d0
- smb: client: fix oops due to unset link speed (CVE-2025-21725
bsc#1238877).
- commit b5023ae
- exfat: do not zero the extended part (bsc#1237356).
- commit 156857e
- ipmr: do not call mr_mfc_uses_dev() for unres entries
(CVE-2025-21719 bsc#1238860).
- commit d4d6c1b
- net: davicom: fix UAF in dm9000_drv_remove (CVE-2025-21715
bsc#1237889).
- commit 0308747
- iommufd/iova_bitmap: Fix shift-out-of-bounds in
iova_bitmap_offset_to_index() (CVE-2025-21724 bsc#1238863).
- commit fa2cf3e
- net: ethernet: ti: am65-cpsw: fix freeing IRQ in
am65_cpsw_nuss_remove_tx_chns() (CVE-2025-21799 bsc#1238739).
- commit b9602c4
- l2tp: prevent possible tunnel refcount underflow (CVE-2024-49940
bsc#1232812).
- commit d920b08
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- commit b9248a0
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- commit 9a3d13e
- cpufreq/cppc: Don't compare desired_perf in target() (bsc#1237856)
- commit 03856df
- cpufreq/cppc: Move and rename (bsc#1237856)
- commit e1d3232
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- commit 34e3660
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- commit b0fd1f1
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- commit 8be63c4
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- commit dfb1a17
- ipvs: fix UB due to uninitialized stack access in
ip_vs_protocol_init() (CVE-2024-53680 bsc#1235715).
- commit 0f1b770
- scsi: hisi_sas: Remove redundant checks for automatic debugfs
dump (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump
(git-fixes).
- commit 2531f6e
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- commit 4c3f2b6
- scsi: mpi3mr: Fix possible crash when setting up bsg fails
(git-fixes).
- commit f1f6d56
- scsi: myrb: Remove dead code (git-fixes).
- commit 11c2ac0
- scsi: iscsi: Fix redundant response for
ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- commit 3d258a5
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- commit 6998b85
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- commit 13d0e59
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- commit 330c415
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040
(git-fixes).
- commit f2ba519
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after
device reset (git-fixes).
- commit 1ead6e0
- scsi: st: Don't modify unknown block number in MTIOCGET
(git-fixes).
- commit fb5d2a0
- scsi: sg: Enable runtime power management (git-fixes).
- Refresh
patches.suse/scsi-sg-Fix-slab-use-after-free-read-in-sg_release.patch.
- commit 89afcac
- scsi: hisi_sas: Enable all PHYs that are not disabled by user
during controller reset (git-fixes).
- commit 27a4afa
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- commit 782dd6e
- scsi: hisi_sas: Allocate DFX memory during dump trigger
(git-fixes).
- Refresh patches.suse/scsi-hisi_sas-Create-all-dump-files-during-debugfs-initialization.patch
- commit 9b4cb76
- scsi: hisi_sas: Directly call register snapshot instead of
using workqueue (git-fixes).
- commit 1286dd4
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
(git-fixes).
- commit 7c8c098
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848
bsc#1230497).
- commit df06d93
- packaging: Turn gcc version into config.sh variable
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit 011d54b
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- commit 1ccb01b
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- commit a9f56ff
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- commit 85cc91e
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- commit 67ea9f3
- mm: hugetlb: add huge page size param to set_huge_pte_at() (git-fixes).
Refresh patches.suse/s390-mm-Fix-clearing-storage-keys-for-huge-pages.patch.
- commit f491ee9
- btrfs: check folio mapping after unlock in relocate_one_folio() (CVE-2024-56758 bsc#1235621)
- commit 1866d3d
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC
isn't in-kernel (git-fixes).
- commit 82bdecd
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- commit 1f1e842
- Update
patches.suse/s390-pci-Fix-SR-IOV-for-PFs-initially-in-standby.patch
(git-fixes bsc#1236752 bsc#1238368).
- commit bf69596
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Pull search for parent PF out of
zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- commit 0745d9f
- bpf: Send signals asynchronously if !preemptible (git-fixes
bsc#1237879 CVE-2025-21728).
- commit 180a0da
- rxrpc: Fix missing locking causing hanging calls (git-fixes
bsc#1233483 CVE-2024-50294).
- commit d2475e0
- scsi: lpfc: Copyright updates for 14.4.0.8 patches
(bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID
routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk
(bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when
pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring
clean up (bsc#1238347).
- commit 0a7ad68
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU
(git-fixes).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count
(git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk
(git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk
(git-fixes).
- commit 7d2a8bd
- Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
(CVE-2024-50029 bsc#1231949).
- commit 64f3840
- gup: make the stack expansion warning a bit more targeted
(bsc#1238214).
- commit feae374
- btrfs: fix use-after-free when attempting to join an aborted transaction (CVE-2025-21753 bsc#1237875)
- commit 338e787
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL
masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT
(git-fixes).
- commit 92e733c
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq
(git-fixes).
- commit 6c35b3b
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- commit d778b71
- soc/mediatek: mtk-devapc: Convert to platform remove callback
returning void (stable-fixes).
- Refresh
patches.suse/soc-mediatek-mtk-devapc-Fix-leaking-IO-map-on-error-.patch.
- commit b320307
- smb: client: Fix netns refcount imbalance causing leaks and
use-after-free (git-fixes).
- commit 7fb2f0e
- scsi: core: Clear driver private data when retrying request
(git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats
(git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper
md_bitmap_get_stats() (git-fixes).
- scsi: core: Handle depopulation and restoration in progress
(git-fixes).
- commit 72dfeb6
- cifs: Fix parsing reparse point with native symlink in SMB1
non-UNICODE session (git-fixes).
- commit 37da1d3
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer
DJM-900NXS2 (stable-fixes).
- commit 1b4de08
- usbnet: gl620a: fix endpoint checking in genelink_bind()
(git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD
(git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15
(git-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple
ports (git-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup()
(git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training
(stable-fixes).
- drm/i915: Make sure all planes in use by the joiner have their
crtc included (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove
(git-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
(git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER
(stable-fixes).
- commit 73ebe5d
- md/raid5: Wait sync io to finish before changing group cnt
(git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md: Don't flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- md/raid1: don't free conf on raid0_run failure (git-fixes).
- md/raid0: don't free conf on raid0_run failure (git-fixes).
- commit b66645f
- kabi: hide adding RCU head into struct netdev_name_node
(bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: fix removing a namespace with conflicting altnames
(bsc#1233749).
- net: do not send a MOVE event when netdev changes netns
(bsc#1233749).
- net: Fix undefined behavior in netdev name allocation
(bsc#1233749).
- net: remove else after return in dev_prep_valid_name()
(bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name()
(bsc#1233749).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: make dev_alloc_name() call dev_prep_valid_name()
(bsc#1233749).
- net: don't use input buffer of __dev_alloc_name() as a scratch
space (bsc#1233749).
- net: move altnames together with the netdevice (bsc#1233749).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns
(bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- commit ff5990f
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
(git-fixes).
- commit 23d3ebd
- smb: client: handle path separator of created SMB symlinks
(git-fixes).
- Refresh
patches.suse/smb-client-move-most-of-reparse-point-handling-code-to-common-file.patch.
- commit c241ea6
- smb: client: ignore unhandled reparse tags (git-fixes).
- commit f2d26a5
- smb: client: fix double put of @cfile in smb2_rename_path()
(git-fixes).
- commit 4ac349c
- smb: client: fix double put of @cfile in smb2_set_path_size()
(git-fixes).
- commit 647e9ab
- cifs: Remove intermediate object of failed create reparse call
(git-fixes).
- commit fa14b80
- netfilter: nft_inner: incorrect percpu area handling under
softirq (CVE-2024-56638 bsc#1235524).
- commit 4c882b9
- ptr_ring: do not block hard interrupts in
ptr_ring_resize_multiple() (CVE-2024-57994 bsc#1237901).
- commit e5a0226
- printk: Fix signed integer overflow when defining
LOG_BUF_LEN_MAX (bsc#1237950).
- commit 1ff6bc3
- add nf_tables for iptables non-legacy network handling
This is needed for example by docker on the Alpine Linux distribution,
but can also be used on openSUSE.
- commit f9b0903
- af_packet: do not call packet_read_pending() from
tpacket_destruct_skb() (bsc#1237849).
- commit 4ff6762
- zram: fix potential UAF of zram table (git-fixes).
- commit b9770a4
- Fix memory-hotplug regression (bsc#1237504)
Refreshed
patches.suse/mm-memory_hotplug-add-missing-mem_hotplug_lock.patch
- commit 248260f
- kernel-source: Also replace bin/env
- commit dc2037c
- net: do not delay dst_entries_add() in dst_release()
(CVE-2024-50036 bsc#1231912).
- commit 1203cd1
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- commit 72d0292
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- commit a50daa9
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- commit d0d2370
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- commit c4c267b
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- commit 2106458
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- commit a795049
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- commit 8f2604e
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- commit d076f6b
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- commit 92c60dc
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- commit 06e0da5
- zram: fix uninitialized ZRAM not releasing backing device
(git-fixes).
- zram: refuse to use zero sized block device as backing device
(git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- commit ef8009a
- blk-cgroup: Properly propagate the iostat update up the
hierarchy (bsc#1225606).
- commit fb4fada
- Refresh
patches.suse/btrfs-fix-extent-map-merging-not-happening-for-adjacent-ex.patch.
Fix the `-Wparentheses` build warning.
../fs/btrfs/extent_map.c: In function 'mergable_maps':
../fs/btrfs/extent_map.c:219:48: warning: suggest parentheses around comparison in operand of '&' [-Wparentheses]
- commit a88d495
- smb: client: fix corruption in cifs_extend_writeback
(bsc#1235609).
- commit 7111675
- Move upstreamed ACPI patch into sorted section
- commit 34b98f4
- btrfs: fix defrag not merging contiguous extents due to merged
extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents
(bsc#1237232).
- commit a57c147
- zram: split memory-tracking and ac-time tracking (git-fixes).
- Update config files.
- commit d2eb9a9
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations
(git-fixes).
- commit 0b597f1
- KVM: arm64: Flush hyp bss section after initialization of
variables in bss (git-fixes).
- commit 7a0da9b
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR
(git-fixes).
- commit 361bd1c
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO
registration (git-fixes).
- commit eb69c06
- KVM: arm64: Don't eagerly teardown the vgic on init error
(git-fixes).
- commit 09d2069
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU
(git-fixes).
- commit b54256b
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU
(git-fixes).
- commit 497fc9a
- KVM: x86: Zero out PV features cache when the CPUID leaf is
not present (git-fixes).
- commit b3e323a
- KVM: x86: Account for KVM-reserved CR4 bits when passing
through CR4 on VMX (git-fixes).
- commit fe0be3a
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0
(bsc#1237563).
- cpu/hotplug: Don't offline the last non-isolated CPU
(bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug
(bsc#1237562).
- commit 285ec7d
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- commit 986c213
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable
bit is cleared (git-fixes).
- commit 19b003b
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module
init (git-fixes).
- commit c214d6b
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB
(git-fixes).
- commit 08a45f2
- KVM: x86: Fix a comment inside
__kvm_set_or_clear_apicv_inhibit() (git-fixes).
- commit dc6e2e8
- blk-cgroup: Fix class @block_class's subsystem refcount leakage
(bsc#1237558).
- commit 908404a
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was
a leaf SPTE (git-fixes).
- commit d7ef6bb
- KVM: x86: Unconditionally set irr_pending when updating APICv
state (jsc#PED-348).
- commit 7089ba6
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with
VPID disabled (jsc#PED-348 git-fixes).
- commit ce778dd
- KVM: VMX: reset the segment cache after segment init in
vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- commit 57ae6ea
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- commit 3cc9281
- virtio_blk: reverse request order in virtio_queue_rqs
(git-fixes).
- commit 08ef4d5
- x86/xen: allow larger contiguous memory regions in PV guests
(git-fixes).
- commit cbf742d
- xen/swiotlb: relax alignment requirements (git-fixes).
- commit 85ac962
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- commit 23eecda
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
(git-fixes).
- commit e343881
- Grab mm lock before grabbing pt lock (git-fixes).
- commit ae619e6
- platform/x86/intel-uncore-freq: Increase minor number support
(bsc#1237452).
- commit 43ac95b
- platform/x86/intel-uncore-freq: Ignore minor version change
(bsc#1237452).
- commit 6b5df6d
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- commit 904b0d7
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- commit 17cda63
- platform/x86/intel/tpmi: Add defines to get version information
(bsc#1237452).
- commit 1c56c6e
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- commit 129191d
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- commit 1052c36
- RDMA/efa: Reset device on probe failure (git-fixes)
- commit c120211
- selftest: hugetlb_dio: fix test naming (git-fixes).
- commit 303d120
- selftests: hugetlb_dio: fixup check for initial conditions to
skip in the start (git-fixes).
- commit 35f33c3
- selftests: hugetlb_dio: check for initial conditions to skip
in the start (git-fixes).
- commit 89353b1
- selftest: mm: Test if hugepage does not get leaked during
__bio_release_pages() (git-fixes).
- commit 56d43b6
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- commit f3e10b9
- drm/msm/dpu: Don't leak bits_per_component into random DSC_ENC
fields (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- nouveau/svm: fix missing folio unlock + put after
make_device_exclusive_range() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
(git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address
(git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init()
(git-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist
(stable-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone
(stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI
(stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name
(stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions
(stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: hub: Ignore non-compliant devices with too many configs
or interfaces (stable-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue
during MIDI bind retries (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- efi: Avoid cold plugged memory for placing the kernel
(stable-fixes).
- drm/amdgpu: avoid buffer overflow attach in
smu_sys_set_pp_table() (stable-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case
(stable-fixes).
- HID: hid-steam: Don't use cancel_delayed_work_sync in IRQ
context (git-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla
10 tablet 5V (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10
tablet 5V (stable-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements
(stable-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P
(stable-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
(stable-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix
Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of
usb packets (stable-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list
(stable-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal
(stable-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format
(stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding
options (stable-fixes).
- HID: hid-steam: Update list of identifiers from SDL
(stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat
(stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter
(stable-fixes).
- commit df6a4bb
- block: avoid to reuse `hctx` not removed from cpuhp callback
list (git-fixes).
- block: use the right type for stub rq_integrity_vec()
(git-fixes).
- block: Fix page refcounts for unaligned buffers in
__bio_release_pages() (git-fixes).
- commit 27674be
- devlink: avoid potential loop in
devlink_rel_nested_in_notify_work() (bsc#1237234).
- commit 3a39566
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- commit 859fe45
- ocfs2: fix incorrect CPU endianness conversion causing mount
failure (bsc#1236138).
re-enable patch ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch
(bsc#1236138).
- commit 1f4d40a
- iommu/arm-smmu-v3: Clean up more on probe failure
(stable-fixes).
- commit f5873b7
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64
(bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path
(bsc#1237415).
- ice: add ice_adapter for shared data across PFs on the same NIC
(bsc#1237415).
- commit 9bb3389
- Fix conditional for selecting gcc-13
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit 07542ae
- kasan: don't call find_vm_area() in a PREEMPT_RT kernel
(git-fixes).
- lib/iov_iter: fix import_iovec_ubuf iovec management
(git-fixes).
- lib: stackinit: hide never-taken branch from compiler
(stable-fixes).
- commit 08ac036
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- commit 484a6fb
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- commit d8f1799
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- commit 44f383d
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- commit 13bd685
- block: copy back bounce buffer to user-space correctly in case
of split (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation
(git-fixes).
- nbd: don't allow reconnect after disconnect (git-fixes).
- block: retry call probe after request_module in
blk_request_module (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
(git-fixes).
- blk-iocost: Avoid using clamp() on inuse in
__propagate_weights() (git-fixes).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock
(git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray
table (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into
account (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex
less long (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request
adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED
request adding (git-fixes).
- block: fix missing dispatching request when queue is started
or unquiesced (git-fixes).
- Revert "blk-throttle: Fix IO hang for a corner case"
(git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set
(git-fixes).
- blk_iocost: remove some duplicate irq disable/enables
(git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- bio-integrity: don't restrict the size of integrity metadata
(git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings
(git-fixes).
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings
(git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait
(git-fixes).
- loop: don't set QUEUE_FLAG_NOMERGES (git-fixes).
- block: change rq_integrity_vec to respect the iterator
(git-fixes).
- block: remove the blk_flush_integrity call in
blk_integrity_unregister (git-fixes).
- block: sed-opal: avoid possible wrong address reference in
read_sed_opal_key() (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller
then zone size (git-fixes).
- null_blk: Print correct max open zones limit in
null_init_zoned_dev() (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions
(git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
(git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing
(git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal
(git-fixes).
- block: propagate partition scanning errors to the BLKRRPART
ioctl (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue
(git-fixes).
- rbd: don't move requests to the running list on errors
(git-fixes).
- commit 267ddd1
- null_blk: Remove usage of the deprecated ida_simple_xx() API
(git-fixes).
- Refresh
patches.suse/null_blk-fix-null-ptr-dereference-while-configuring-.patch.
- commit cea38e9
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: fix bus type (bsc#1236896).
- commit 175404f
- PCI: imx6: Simplify clock handling by using clk_bulk*() function
(git-fixes).
- Refresh
patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch.
- Refresh
patches.suse/PCI-imx6-Skip-controller_id-generation-logic-for-i.M.patch.
- commit f03d03e
- PCI: Use downstream bridges for distributing resources
(bsc#1237325).
- commit 7c0294f
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device
(git-fixes).
- commit bbb24b0
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
(stable-fixes).
- commit 5d15622
- ALSA: seq: Drop UMP events when no UMP-conversion is set
(git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic
(git-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in
snd_hda_create_dig_out_ctls() (git-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close
(git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in
sof_ipc_msg_data() (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for
SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality()
(git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- commit 6fb0aa0
- block: ensure we hold a queue reference when using queue limits
(git-fixes).
- Refresh
patches.suse/block-Fix-where-bio-IO-priority-gets-set.patch.
- commit 36d897c
- null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS
(git-fixes).
- block: add check of 'minors' and 'first_minor' in
device_add_disk() (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error
path (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- blk-mq: don't count completed flush data request as inflight
in case of quiesce (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- commit 3e547cf
- doc: update managed_irq documentation (bsc#1236897).
- blk-mq: issue warning when offlining hctx with online isolcpus
(bsc#1236897).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled
(bsc#1236897).
- lib/group_cpus: honor housekeeping config when grouping CPUs
(bsc#1236897).
- virtio: blk/scsi: use block layer helpers to calculate num of
queues (bsc#1236897).
- scsi: use block layer helpers to calculate num of queues
(bsc#1236897).
- nvme-pci: use block layer helpers to calculate num of queues
(bsc#1236897).
- blk-mq: add number of queue calc helper (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized
masks (bsc#1236897).
- commit 3a935fa
- blk-mq: create correct map for fallback case (bsc#1236896).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with
blk_mq_map_hw_queues (bsc#1236896).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- driver core: bus: add irq_get_affinity callback to bus_type
(bsc#1236896).
- commit 1f8d7a5
- Update
patches.suse/USB-serial-quatech2-fix-null-ptr-deref-in-qt2_proces.patch (CVE-2025-21689 bsc#1237017).
- Update
patches.suse/drm-v3d-Assign-job-pointer-to-NULL-before-signaling-.patch (CVE-2025-21688 bsc#1237007
- Update
patches.suse/drm-v3d-Ensure-job-pointer-is-set-to-NULL-after-job-.patch (CVE-2025-21697 bsc#1237132)
- Update
patches.suse/gfs2-Truncate-address-space-when-flipping-GFS2_DIF_JDATA-flag.patch (CVE-2025-21699 bsc#1237139)
- Update
patches.suse/gpio-xilinx-Convert-gpio_lock-to-raw-spinlock.patch (CVE-2025-21684 bsc#1236952)
- Update
patches.suse/msft-hv-3155-scsi-storvsc-Ratelimit-warning-logs-to-prevent-VM-de.patch (CVE-2025-21690 bsc#1237025)
- commit a20ee68
- kABI fix for mptcp: fix inconsistent state on fastopen race
(CVE-2024-26708 bsc#1222672).
Upstream commit 4fd19a307016 ("mptcp: fix inconsistent state
on fastopen race") introduced three breaking changes, which are handled in
this patch.
* a new variable `pending_state` was added to `struct mptcp_sock`, which
is now moved into a hole.
* a new define replaces an old one, so renumber the new one and re-add
the old one.
* an API function was removed, so re-add it again.
```
u8 in_accept_queue:1; /* 1562: 4 1 */
/* XXX 3 bits hole, try to pack */
/* XXX 5 bytes hole, try to pack */
struct work_struct work; /* 1568 32 */
```
- commit a4771c0
- bpf, sockmap: Several fixes to bpf_msg_pop_data (CVE-2024-56720
bsc#1235592).
- commit a218d9d
- net: Fix icmp host relookup triggering ip_rt_bug (CVE-2024-56647
bsc#1235435).
- commit 713c9c9
- USB: Fix the issue of task recovery failure caused by USB
status when S4 wakes up (git-fixes).
- commit 686e836
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
(bsc#1215199).
- commit 73fb25c
- powerpc/code-patching: Fix KASAN hit by not flagging text
patching area as VM_ALLOC (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as
static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching
via temporary mm (bsc#1215199).
- commit cb15126
- usbnet: ipheth: document scope of NCM implementation
(stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in
brcmf_txfinalize() (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH
(stable-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss
(stable-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: brcmfmac: Check the return value of
of_property_read_string_index() (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow
value (stable-fixes).
- wifi: brcmsmac: add gain range check to
wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- commit b67568f
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes
(stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1"
(stable-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- net: rose: lock the socket in rose_bind() (git-fixes).
- scripts/gdb: fix aarch64 userspace detection in get_current_task
(stable-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- ata: libata-sff: Ensure that we cannot write outside the
allocated buffer (stable-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- drm/modeset: Handle tiled displays in pan_display_atomic
(stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15
(stable-fixes).
- ASoC: amd: Add ACPI dependency to fix build error
(stable-fixes).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- tomoyo: don't emit warning in tomoyo_write_control()
(stable-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg
(git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration
(git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock
(git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks
(git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate
(git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during
gdsc_disable() (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to
mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to
mtk_clk_simple_probe (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
(stable-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator
(stable-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card
(stable-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
(stable-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O
(git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer
SoC families (stable-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in
rtattr_pack() (stable-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in
mgmt_remove_adv_monitor_sync (stable-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver
around it (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1
Monitor (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer
(stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching
(stable-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready
(stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT
(stable-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs
(stable-fixes).
- commit 32eeef9
- net: sched: Disallow replacing of child qdisc from one parent
to another (CVE-2025-21700 bsc#1237159).
- commit fd65855
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (CVE-2025-21640 bsc#1236123)
- commit 7a3b711
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (CVE-2025-21639 bsc#1236122)
- commit e818833
- pktgen: Avoid out-of-bounds access in get_imix_entries
(CVE-2025-21680 bsc#1236700).
- commit 8cb9ad2
- sctp: sysctl: auth_enable: avoid using current->nsproxy (CVE-2025-21638 bsc#1236115)
- commit e4e9666
- sctp: sysctl: udp_port: avoid using current->nsproxy (CVE-2025-21637 bsc#1236114)
- commit b35279d
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (CVE-2025-21636 bsc#1236113)
- commit 3f71e7d
- add bug reference to hv_storvsc change (bsc#1237025 CVE-2025-21690).
- commit 45e9861
- kABI fix for mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit d478aac
- idpf: fix VF dynamic interrupt ctl register initialization
(git-fixes).
- Refresh
patches.suse/idpf-add-support-for-SW-triggered-interrupts.patch.
- commit da462e1
- igc: Set buffer type for empty frames in igc_init_empty_frame
(git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: gather page_count()'s of each frag right before XDP prog
call (git-fixes).
- ice: put Rx buffers after being done with current frame
(git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit
(git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1
(git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- igc: return early when failing to read EECD register
(git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- eth: gve: use appropriate helper to set xdp_features
(git-fixes).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails
(git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params
(git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit
(git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend
(git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type
(git-fixes).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset
(git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- commit a2c0ed6
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- commit 51dacec
- kbuild: userprogs: fix bitsize and target detection on clang
(git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools
in parallel (git-fixes).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal
(git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work
(git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0
(git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from
halt state (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk
(git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access
(git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths
(git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop
(git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning
(git-fixes).
- commit f681ca5
- gpio: stmpe: Check return value of stmpe_reg_read in
stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string
(git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting
IRQ (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0
(git-fixes).
- commit 72e2a5f
- exfat: fix file being changed by unaligned direct write
(git-fixes).
- commit c5a2490
- exfat: fix zero the unwritten part for dio read (git-fixes).
- commit ab0ec4f
- hfs: Sanity check the root record (git-fixes).
- commit 6977b91
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- commit 3303370
- exfat: fix out-of-bounds access of directory entries
(bsc#1234857 CVE-2024-53147).
- commit 8127e11
- exfat: change to get file size from DataLength (bsc#1234857
CVE-2024-53147).
- commit 34f63a5
- exfat: convert to ctime accessor functions (git-fixes).
- commit 430eb66
- mmc: mtk-sd: Fix register settings for hs400(es) mode
(git-fixes).
- commit 0e84651
- smb: client: instantiate when creating SFU files (git-fixes).
- commit 1658f01
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support
(git-fixes).
- commit eacadae
- smb: client: return reparse type in /proc/mounts (git-fixes).
- commit 5c949e8
- smb: client: set correct d_type for reparse DFS/DFSR and mount
point (git-fixes).
- commit 99477ce
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs()
(git-fixes).
- commit dcd4483
- smb: client: parse uid, gid, mode and dev from WSL reparse
points (git-fixes).
- commit 86b1707
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit 6f30059
- smb: client: get rid of smb311_posix_query_path_info()
(git-fixes).
- commit 08f4b23
- smb: client: add support for WSL reparse points (git-fixes).
- commit 4773bbe
- smb: client: reduce number of parameters in smb2_compound_op()
(git-fixes).
- commit 5bf06b7
- smb: client: retry compound request without reusing lease
(git-fixes).
- commit 44ecf42
- smb: client: reuse file lease key in compound operations
(git-fixes).
- commit e1d39cc
- smb: client: parse owner/group when creating reparse points
(git-fixes).
- commit 2b1f34d
- cifs: open_cached_dir(): add FILE_READ_EA to desired access
(git-fixes).
- commit f59c050
- cifs: update the same create_guid on replay (git-fixes).
- commit 651496d
- smb: client: reduce stack usage in smb2_query_reparse_point()
(git-fixes).
- commit a2f52a1
- cifs: update desired access while requesting for directory lease
(git-fixes).
- commit 3577933
- smb: client: move most of reparse point handling code to common
file (git-fixes).
- commit 90c5825
- smb: client: handle special files and symlinks in SMB3 POSIX
(git-fixes).
- commit 7ddb775
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- commit 56a04ed
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- commit a9edfbd
- smb: client: allow creating symlinks via reparse points
(git-fixes).
- commit 93e7dee
- smb: client: fix hardlinking of reparse points (git-fixes).
- commit 6805b33
- drm/i915/selftests: avoid using uninitialized context
(git-fixes).
- drm/amdgpu: bail out when failed to load fw in
psp_init_cap_microcode() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on
udev->serial (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path
(git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages
with data length zero (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- commit 30daf36
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- commit 8fa207f
- smb: client: stop revalidating reparse points unnecessarily
(git-fixes).
- commit ce08be7
- smb: client: fix potential broken compound request (git-fixes).
- commit a4415de
- smb: client: fix renaming of reparse points (git-fixes).
- commit 32e853e
- smb: client: optimise reparse point querying (git-fixes).
- commit a53eec6
- smb: client: allow creating special files via reparse points
(git-fixes).
- commit 74e26d4
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- commit 39b0787
- smb: client: set correct file type from NFS reparse points
(git-fixes).
- Delete
patches.suse/cifs-Fix-buffer-overflow-when-parsing-NFS-reparse-points.patch.
(deleted patch will be added later)
- commit 7b28133
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- commit 5e66e50
- smb3: fix creating FIFOs when mounting with "sfu" mount option
(git-fixes).
- commit 82c7e6d
- mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (CVE-2024-50085 bsc#1232508)
- commit 25971ed
- smb: client: Fix minor whitespace errors and warnings
(git-fixes).
- commit 1eedc39
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- commit 6936009
- smb: client: introduce reparse mount option (git-fixes).
- commit e5a8c1e
- smb: client: implement ->query_reparse_point() for SMB1
(git-fixes).
- commit 2615bfd
- smb: cilent: set reparse mount points as automounts (git-fixes).
- commit da6e3c8
- smb: client: do not query reparse points twice on symlinks
(git-fixes).
- commit b7e62c9
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes
bsc#1237158).
- commit 3e00897
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages
(git-fixes bsc#1237155).
- commit 6d87f47
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2
(bsc#1236994).
- net: smc: fix spurious error message from __sock_release()
(bsc#1237126).
- commit 2c0a5e1
- mptcp: fix data races on local_id (git-fixes)
- Refresh patches.suse/mptcp-fix-data-races-on-remote_id.patch
- commit 661ea6e
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- commit 1d30f2b
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- commit 8638b2c
- mptcp: unify pm set_flags interfaces (git-fixes)
- commit 493b268
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- commit 57ae267
- mptcp: unify pm get_local_id interfaces (git-fixes)
- commit f1f0e12
- mptcp: export local_address (git-fixes)
- commit 2e22243
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- commit 9c72df8
- mptcp: pm: only decrement add_addr_accepted for MPJ req (CVE-2024-45009 bsc#1230438)
- commit 9337031
- mptcp: pm: only mark 'subflow' endp as available (CVE-2024-45010 bsc#1230439)
- commit 9e1f869
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- commit 0d1e602
- Update config files.
Use the upstream default for TSX_MODE.
- commit 55bbd12
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- commit 2798558
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- commit 405e62f
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- commit 42e63a4
- mptcp: fix NL PM announced address accounting (git-fixes)
- commit 28d5efa
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- commit adfc1dd
- mptcp: pm: avoid possible UaF when selecting endp (CVE-2024-44974 bsc#1230235)
- commit e827535
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- commit 262fe7b
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- commit 20e7fdf
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- commit 54ad8c1
- mptcp: pm: don't try to create sf if alloc failed (git-fixes)
- commit 9185902
- mptcp: pm: reduce indentation blocks (git-fixes)
- commit a393115
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- commit 71a0164
- mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit 01e9763
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- Refresh patches.suse/powerpc-pseries-iommu-IOMMU-incorrectly-marks-MMIO-r.patch
- commit d8f69df
- usb: dwc3: core: Defer the probe until USB power supply ready
(git-fixes).
- commit f3ecf26
- vfio/platform: check the bounds of read/write syscalls
(bsc#1237045 CVE-2025-21687).
- commit e52d676
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- commit 806156f
- net: sched: fix ets qdisc OOB Indexing (bsc#1237028
CVE-2025-21692).
- commit 1b093fe
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Refresh patches.suse/RDMA-rxe-Fix-mismatched-max_msg_sz.patch
- Pickup RXE code change introduced by upstream merge: af96134dc856 ("Merge tag 'rcu.2023.06.22a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu")
- commit 1492681
- smb: client: fix possible double free in smb2_set_ea()
(git-fixes).
- commit b6cd961
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API
(bsc#1236967 ltc#210988).
- Update config files.
- commit 83bff51
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
Update to match upstream commit 6636c58b946c ("drm/mgag200: Added
support for the new device G200eH5").
- commit 7ba9f89
- usb: xhci: Fix NULL pointer dereference on certain command
aborts (git-fixes).
- commit 8628513
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- commit 01b2939
- s390/topology: Improve topology detection (bsc#1236591).
- commit 101e515
- HID: hid-thrustmaster: fix stack-out-of-bounds read in
usb_check_int_endpoints() (git-fixes).
- HID: multitouch: Add NULL check in mt_input_configured
(git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware
(git-fixes).
- commit 1dbe333
- scsi: storvsc: Set correct data length for sending SCSI command
without payload (git-fixes).
- commit 93c01ea
- net/mlx5: Fix msix vectors to respect platform limit
(bsc#1225981).
- commit b7a2367
- s390/pci: Fix SR-IOV for PFs initially in standby
(git-fixes bsc#1236752).
- commit dcf85a0
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device()
fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices
(bsc#1236752).
- s390/pci: Sort PCI functions prior to creating virtual busses
(bsc#1236752).
- commit 004cfd2
- iommu/arm-smmu: Make instance lookup robust (bsc#1235032, CVE-2024-56568).
- commit 8f1b23e
- selftests/bpf: add fp-leaking precise subprog result tests
(git-fixes).
- bpf: prevent r10 register from being marked as precise
(git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update
(git-fixes).
- selftests/bpf: Prevent client connect before server bind in
test_tc_tunnel.sh (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- commit dfce816
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array
(git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute
(git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC
(git-fixes).
- commit 3243439
- Update
patches.suse/ALSA-6fire-Release-resources-at-card-release.patch
(git-fixes CVE-2024-53239 bsc#1235054 bsc#1234853).
- Update
patches.suse/Bluetooth-L2CAP-Fix-uaf-in-l2cap_connect.patch
(CVE-2024-49950 bsc#1232159 bsc#1225742).
- Update
patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch
(stable-fixes CVE-2024-56605 bsc#1235061 bsc#1234853).
- Update
patches.suse/KVM-nSVM-Ignore-nCR3-4-0-when-loading-PDPTEs-from-me.patch
(CVE-2024-50115 bsc#1232919 bsc#1225742).
- Update
patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch
(git-fixes CVE-2024-53173 bsc#1234891 bsc#1234853).
- Update
patches.suse/RDMA-hns-Fix-NULL-pointer-derefernce-in-hns_roce_map.patch
(git-fixes CVE-2024-53226 bsc#1236576).
- Update
patches.suse/ext4-avoid-OOB-when-system.data-xattr-changes-undern.patch
(bsc#1231920 CVE-2024-47701 bsc#1225742).
- Update
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198 bsc#1225742).
- Update
patches.suse/hfsplus-don-t-query-the-device-logical-block-size-multiple-times.patch
(git-fixes CVE-2024-56548 bsc#1235073 bsc#1234853).
- Update
patches.suse/mac802154-check-local-interfaces-before-deleting-sda.patch
(stable-fixes CVE-2024-57948 bsc#1236677).
- Update
patches.suse/media-amphion-Set-video-drvdata-before-register-vide.patch
(git-fixes CVE-2024-56579 bsc#1236575).
- Update
patches.suse/mm-prevent-derefencing-NULL-ptr-in-pfn_section_valid.patch
(git-fixes CVE-2024-41055 bsc#1228521).
- Update
patches.suse/pinctrl-mcp23s08-Fix-sleeping-in-atomic-context-due-.patch
(git-fixes CVE-2024-57889 bsc#1236573).
- Update
patches.suse/tty-n_gsm-Fix-use-after-free-in-gsm_cleanup_mux.patch
(stable-fixes CVE-2024-50073 bsc#1232520 bsc#1225742).
- Update
patches.suse/vfio-pci-Lock-external-INTx-masking-ops.patch
(bsc#1222803 CVE-2024-26810).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning-d241a13.patch
(git-fixes CVE-2024-56539 bsc#1234963 bsc#1234853).
- commit 2e394be
- Update
patches.suse/netfilter-nf_tables-don-t-fail-inserts-if-dupl.patch
(bsc#1012628 CVE-2023-52925 bsc#1236822).
- Update
patches.suse/netfilter-nf_tables-don-t-skip-expired-element.patch
(bsc#1012628 CVE-2023-52924 bsc#1236821).
- commit 6257a48
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- commit 43ff004
- wifi: mt76: mt7915: improve hardware restart reliability
(stable-fixes).
- commit 8478fb6
- ASoC: Intel: avs: Prefix SKL/APL-specific members
(stable-fixes).
- Refresh
patches.suse/ASoC-Intel-avs-Fix-theoretical-infinite-loop.patch.
- commit 01a2134
- serial: sc16is7xx: use device_property APIs when configuring
irda mode (stable-fixes).
- Refresh
patches.suse/serial-sc16is7xx-remove-global-regmap-from-struct-sc.patch.
- commit 5b3248c
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize
(git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware
reset (git-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: Fix the windows switch between different
layers (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
(stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT
(stable-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at
vop2_post_config (stable-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: move output interface related definition to
rockchip_drm_drv.h (stable-fixes).
- crypto: hisilicon/sec2 - optimize the error return process
(stable-fixes).
- commit 21fab4a
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms
(git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context
is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check
(git-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list()
(git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- ACPI: property: Fix return value for nval == 0 in
acpi_data_prop_read() (git-fixes).
- ACPI: PRM: Remove unnecessary strict handler address checks
(git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- commit e018ad6
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- commit 4ce1907
- filemap: avoid truncating 64-bit offset to 32 bits
(CVE-2025-21665 bsc#1236684).
- commit 597c6a3
- smb: client: fix double free of TCP_Server_Info::hostname
(CVE-2025-21673 bsc#1236689).
- commit 3139e94
- openvswitch: fix lockup on tx to unregistering netdev with
carrier (CVE-2025-21681 bsc#1236702).
- commit b85304e
- pmdomain: imx8mp-blk-ctrl: add missing loop break condition
(CVE-2025-21668 bsc#1236682).
- commit 99dbd95
- iomap: avoid avoid truncating 64-bit offset to 32 bits
(CVE-2025-21667 bsc#1236681).
- commit e233a3c
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- Refresh
patches.suse/cpufreq-qcom-nvmem-Enable-virtual-power-domain-devices.patch.
- commit f530449
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- commit 785700c
- cpufreq: mediatek-hw: Don't error out if supply is not found
(git-fixes).
- commit 8cc17c1
- mptcp: error out earlier on disconnect (CVE-2024-53123 bsc#1234070)
- commit b7c16f4
- drop_monitor: replace spin_lock by raw_spin_lock (CVE-2024-40980 bsc#1227937)
- commit 72b4850
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142 bsc#1233028)
- commit 821a08b
- selftests/bpf: Add apply_bytes test to
test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485
CVE-2024-56633).
- tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
(bsc#1235485 CVE-2024-56633).
- commit 92f3cb7
- smb: During unmount, ensure all cached dir instances drop
their dentry (bsc#1231432, bsc#1234894, CVE-2024-53176).
- commit c66b2d4
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit b56ad4e
- smb: client: properly close cfids on umount (bsc#1231432,
bsc#1232299, bsc#1235599, bsc#1234896).
- commit 189365b
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- commit 5e11827
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses
(git-fixes).
- commit 60005f6
- cpufreq: qcom: Implement clk_ops::determine_rate() for
qcom_cpufreq* clocks (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT
if LMh IRQ is not available (git-fixes).
- commit 3e10296
- cpufreq: mediatek-hw: Wait for CPU supplies before probing
(git-fixes).
- commit b08f9e8
- sched: sch_cake: add bounds checks to host bulk flow fairness
counts (CVE-2025-21647 bsc#1236133).
- commit 1f1bc5f
- locking/lockdep: Avoid creating new name string literals in
lockdep_set_subclass() (git-fixes).
- commit c137ed9
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- commit d6daab7
- locking/rwsem: Add __always_inline annotation to
__down_write_common() and inlined callers (git-fixes).
- commit 1366984
- selftests/futex: pass _GNU_SOURCE without a value to the
compiler (git-fixes).
- commit 6c47425
- futex: Don't include process MM in futex key on no-MMU
(git-fixes).
- commit 925398b
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a
header (git-fixes).
- commit 870636f
- libX11
-
- U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch
* Buffer overflow in XkbChangeTypesOfKey()
(CVE-2025-26597, bsc#1237431)
- freetype2
-
- Added patch:
* CVE-2025-27363.patch
+ fixes bsc#1239465, CVE-2025-27363: out-of-bounds write when
attempting to parse font subglyph structures related to
TrueType GX and variable font files
- libgcrypt
-
- FIPS: Differentiate non-compliant flags in the SLI [bsc#1225939]
* Add libgcrypt-FIPS-SLI-Differentiate-non-compliant-flags-in-the-SLI.patch
- FIPS: Implement KAT for non-deterministic ECDSA [bsc#1225939]
* Add libgcrypt-FIPS-SLI-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
- FIPS: Disable setting the library in non-FIPS mode [bsc#1220893]
* Add libgcrypt-FIPS-disable-GCRYCTL_NO_FIPS_MODE.patch
- FIPS: Disallow rsa < 2048 [bsc#1225941]
* Mark RSA operations with keysize < 2048 as non-approved in the SLI
* Add libgcrypt-FIPS-SLI-Disallow-RSA-keys-with-size-lt-2048.patch
- FIPS: Service level indicator for libgcrypt [bsc#1225939]
* Factor out `prepare_datasexp_to_be_signed` for FIPS SLI
* Add libgcrypt-FIPS-SLI-Factor-out-data-SEXP-preparation.patch
* Include missing checks for EdDSA and ECDSA for FIPS SLI
* Add libgcrypt-FIPS-SLI-Only-allow-defined-digest-algo-for-EdDSA.patch
* Add libgcrypt-FIPS-SLI-Reject-use-of-SHAKE-when-its-ECDSA-with-RFC6979.patch
* Include upstream patches for FIPS SLI for libgcrypt
* Add libgcrypt-FIPS-SLI-Introduce-an-internal-API-for-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_md_hash_*.patch
* Add libgcrypt-FIPS-SLI-Add-t-digest.patch
* Add libgcrypt-FIPS-SLI-Fix-t-digest-for-a-minimal-configuration.patch
* Add libgcrypt-FIPS-SLI-Extend-tests-t-digest-to-test-hmac-too.patch
* Add libgcrypt-FIPS-SLI-Fix-comment-in-t-thread-local.patch
* Add libgcrypt-FIPS-SLI-Change-the-internal-API-for-new-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
* Add libgcrypt-FIPS-SLI-Add-tests-for-md_open-write-read-close-for-t-digest.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-cipher_open.patch
* Add libgcrypt-FIPS-SLI-Add-gcry_mac_open-tests.patch
* Add libgcrypt-FIPS-SLI-Rename-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Move-KDF-tests-to-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Add-gcry_cipher_open-tests.patch
* Add libgcrypt-FIPS-SLI-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Implement-FIPS-service-indicator-for-gcry_pk_hash_API.patch
* Add libgcrypt-FIPS-SLI-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
* Add libgcrypt-FIPS-SLI-Fix-the-previous-change.patch
* Add libgcrypt-FIPS-SLI-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
* Add libgcrypt-FIPS-SLI-Add-behavior-not-to-reject-but-mark-non-compliant.patch
* Add libgcrypt-FIPS-SLI-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
* Add libgcrypt-FIPS-SLI-Add-more-tests-to-tests-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
* Add libgcrypt-FIPS-SLI-Fix-memory-leak-for-gcry_pk_hash_sign.patch
* Add libgcrypt-FIPS-SLI-Improve-__thread-specifier-check.patch
* Add libgcrypt-FIPS-SLI-mark-non-compliant-cipher-modes-as-non-approved-in-the-SLI.patch
* Add libgcrypt-FIPS-SLI-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-.patch
* Add libgcrypt-FIPS-SLI-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
* Implement `hex2buffer` in tests/t-common.h for FIPS SLI testing
* Add hex2buffer-Factor-from-existing-uses.patch
* Remove redundant/reworked patches now in FIPS SLI
* Remove libgcrypt-FIPS-SLI-pk.patch
* Remove libgcrypt-FIPS-SLI-hash-mac.patch
* Remove libgcrypt-FIPS-SLI-kdf-leylength.patch
* Rebased patches:
* libgcrypt-1.10.0-allow_FSM_same_state.patch
* libgcrypt-no-deprecated-grep-alias.patch
* libgcrypt-FIPS-rndjent_poll.patch
* libgcrypt-Chacha20-poly1305-Optimized-chacha20-poly1305.patch
- FIPS: Consider deprecate sha1 [bsc#1225942]
* In FIPS 180-5 revision, NIST announced EOL for SHA-1 and will
transition at the end of 2030. Mark SHA1 as non-approved in SLI.
* Add libgcrypt-FIPS-SLI-md-Make-SHA1-non-FIPS-and-differentiate-in-the-SLI.patch
* Add libgcrypt-FIPS-SLI-cipher-Differentiate-SHA1-with-GCRY_FIPS_FLAG_REJECT_MD_SHA1.patch
- FIPS: Unnecessary RSA KAT Encryption/Decryption [bsc#1225936]
* cipher: Do not run RSA encryption selftest by default
* Add libgcrypt-FIPS-SLI-Do-not-run-RSA-encryption-selftest-by-default.patch
- FIPS: Make sure that Libgcrypt makes use of the built-in Jitter RNG
for the whole length entropy buffer in FIPS mode. [bsc#1220893]
* Add libgcrypt-FIPS-jitter-whole-entropy.patch
- FIPS: Set the FSM into error state if Jitter RNG is returning an
error code to the caller when an health test error occurs when
random bytes are requested through the jent_read_entropy_safe()
function. [bsc#1220895]
* Add libgcrypt-FIPS-jitter-errorcodes.patch
- FIPS: Replace the built-in jitter rng with standalone version
* Remove the internal jitterentropy copy [bsc#1220896]
* Add libgcrypt-FIPS-jitter-standalone.patch
* Remove not needed libgcrypt-jitterentropy-3.4.0.patch
- gnutls
-
- Security fix [bsc#1236974, CVE-2024-12243]
* gnutls: inefficient DER Decoding in libtasn1 could lead to remote DoS
* Add gnutls-CVE-2024-12243.patch
- xz
-
- Add CVE-2025-31115.patch
* Fix heap use after free and writing to an address based on the null
pointer plus an offset (CVE-2025-31115, bsc#1240414)
- nfs-utils
-
- rpc.idmapd: nfsopen() failures should not be fatal (bsc#1239165)
- add 0007-rpc.idmapd-nfsopen-failures-should-not-be-fatal.patch
- enable ldap support for nfsidmap (bsc#1226533)
- procps
-
- Add patch CVE-2023-4016-part2.patch
* Fix the ps command segfaults when pid argument has a leading space (bsc#1236842)
- python3
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according to the Debian version
(gh#python/cpython#103848#issuecomment-2708135083).
- ruby2.5
-
- remove rexml-test.patch as it is included in suse.patch now
- update suse.patch to f0660edeba
- fix HTTP request smuggling in WEBrick
bsc#1230930 CVE-2024-47220
- update REXML to 3.3.9 to fix ReDOS vulnerability
bsc#1232440 CVE-2024-49761
- [ruby/uri] Fix quadratic backtracking on invalid relative URI
- [ruby/time] Make RFC2822 regexp linear
- [ruby/time] Fix quadratic backtracking on invalid time
- merge some parts of CGI 0.1.1
- systemd
-
- Import commit 83b9060b6e4c9cdffbbed0e27467cbd2f806dc0d
09b7477895 udev: allow/denylist for reading sysfs attributes when composing a NIC name (bsc#1234015)
- Drop 5004-udev-allow-denylist-for-reading-sysfs-attributes-whe.patch
The path has been merged into the SUSE/v254 branch.
- Import commit 2b599c7501253b0e6b7987fdb2676af21bc72ab3 (merge of v254.24)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b25faa18ee7ef3c2d0b16416dfa331d0013dd112...2b599c7501253b0e6b7987fdb2676af21bc72ab3
- Import commit b25faa18ee7ef3c2d0b16416dfa331d0013dd112
b4693652f3 journald: close runtime journals before their parent directory removed
044d051f0c journald: reset runtime seqnum data when flushing to system journal (bsc#1236886)
- Move systemd-userwork from the experimental sub-package to the main package (bsc#1236643)
It is likely an oversight from when systemd-userdb was migrated from the
experimental package to the main one.
- libxml2
-
- security update
- added patches
fix CVE-2024-56171 [bsc#1237363], use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
+ libxml2-CVE-2024-56171.patch
fix CVE-2025-24928 [bsc#1237370], stack-based buffer overflow in xmlSnprintfElements in valid.c
+ libxml2-CVE-2025-24928.patch
fix CVE-2025-27113 [bsc#1237418], NULL Pointer Dereference in libxml2 xmlPatMatch
+ libxml2-CVE-2025-27113.patch
- libxslt
-
- Security fixes:
* Fix use-after-free of XPath context node [bsc#1239625, CVE-2025-24855]
* Fix UAF related to excluded namespaces [bsc#1239637, CVE-2024-55549]
* Make generate-id() deterministic [bsc#1238591, CVE-2023-40403]
Just adding the reference here as this CVE was already fixed
in 0009-Make-generate-id-deterministic.patch
* Rebase patches to use autosetup:
- libxslt-1.1.24-no-net-autobuild.patch
- libxslt-config-fixes.patch
* Add patches:
- libxslt-CVE-2024-55549.patch
- libxslt-CVE-2025-24855.patch
- libzypp
-
- Disable zypp.conf:download.use_deltarpm by default (fixes #620)
Measurements show that you don't benefit from using deltarpms
unless your network connection is very slow. That's why most
distributions even stop offering deltarpms. The default remains
unchanged on SUSE-15.6 and older.
- Make sure repo variables are evaluated in the right context
(bsc#1237044)
- Introducing MediaCurl2 a alternative HTTP backend.
This patch adds MediaCurl2 as a testbed for experimenting with a
more simple way to download files. Set ZYPP_CURL2=1 in the
environment to use it.
- version 17.36.3 (35)
- Filesystem usrmerge must not be done in singletrans mode
(bsc#1236481, bsc#1189788)
Commit will amend the backend in case the transaction would
perform a filesystem usrmerge.
- Workaround bsc#1216091 on Code16.
- version 17.36.2 (35)
- mozilla-nss
-
- Updated nss-fips-approved-crypto-non-ec.patch to not pass in
bad targetKeyLength parameters when checking for FIPS approval
after keygen. This was causing false rejections.
- Updated nss-fips-approved-crypto-non-ec.patch to approve
RSA signature verification mechanisms with PKCS padding and
legacy moduli (bsc#1222834).
- openssh
-
- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2
due to gssapi proposal not being correctly initialized
(bsc#1236826). The problem was introduced in the rebase of
the patch for 9.6p1:
* openssh-8.0p1-gssapi-keyex.patch
- Rebase patch and apply it:
* fix-memleak-in-process_server_config_line_depth.patch
- pkg-config
-
- Build with system GLib instead of bundled GLib (bsc#1237374).
- python-instance-billing-flavor-check
-
- Update to version 1.0.0 (jsc#PCT-531)
+ API incompatibility: The check_payg_byos function no longer exits, it now
returns a tuple of (flavor, exit_code). This makes the function reusable.
+ Update the build setup to work with the system interpreter of
upcoming SLE releases. SLE 12 stays with the Python 3.4 interpreter
and SLE 15 with the Python 3.6 interpreter.
- python3-M2Crypto
-
- Change macro to %{?sle15allpythons} so we build both Python 3.6
and Python 3.11 on SLE-15.
- Fix spelling of BSD-2-Clause license.
- Add rpmlintrc … overflow of ignorable rpmlint warnings caused
me not to see the previous problem.
- Update to 0.44.0:
- fix(rsa): introduce internal cache for rsa.check_key()
(bsc#1236664, srht#mcepl/m2crypto#369)
- fix[authcookie]: modernize the module
- fix(_lib): add missing #include for windows
- ci: relax fedora crypto policy to legacy.
- enhance setup.py for macos compatibility
- prefer packaging.version over distutils.version
- fix segfault with openssl 3.4.0
- fix[ec]: raise ioerror instead when load_key_bio() cannot read
the file.
- doc: update installation instructions for windows.
- fix setting x509.verify_* variables
- fix building against openssl in non-standard location
- test_x509: use only x509_version_1 (0) as version for csr.
- The real license is BSD 2-Clause, not MIT.
- Update to 0.43.0:
- feat[m2]: add m2.time_t_bits to checking for 32bitness.
- fix[tests]: Use only X509_VERSION_1 (0) as version for CSR.
- fix[EC]: raise ValueError when load_key_bio() cannot read the
file (bsc#1231589).
- ci: use -mpip wheel instead of -mbuild
- fix: use PyMem_Malloc() instead of malloc()
- fix[hints]: more work on conversion of type hints to the py3k ones
- fix: make the package build even on Python 3.6
- ci[local]: skip freezing local tests
- fix[hints]: remove AnyStr type
- test: add suggested test for RSA.{get,set}_ex_data
- fix: implement interfaces for RSA_{get,set}_ex_new_{data,index}
- fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of
swig
- fix: replace literal enumeration of all VERIFY_ constants by a
cycle
- test: unify various test cases in test_ssl related to ftpslib
- fix: replace deprecated url keyword in setup.cfg with complete
project_urls map
- Update 0.42.0:
- allow ASN1_{Integer,String} be initialized directly
- minimal infrastructure for type hints for a C extension and
some type hints for some basic modules
- time_t on 32bit Linux is 32bit (integer) not 64bit (long)
- EOS for CentOS 7
- correct checking for OpenSSL version number on Windows
- make compatible with Python 3.13 (replace PyEval_CallObject
with PyObject_CallObject)
- fix typo in extern function signature (and proper type of
engine_ctrl_cmd_string())
- move the package to Sorucehut
- setup CI to use Sourcehut CI
- setup CI on GitLab for Windows as well (remove Appveyor)
- initial draft of documentation for migration to
pyca/cryptography
- fix Read the Docs configuration (contributed kindly by Facundo
Tuesca)
- Remove upstreamed 32bit_ASN1_Time.patch
- Remove python-M2Crypto.keyring, because PyPI broke GPG support
- Build for modern python stack on SLE/Leap
- zypp-plugin
-
- version 0.6.5
- Build package for multiple Python flavors on the SLE15 family
(fixes #4)
- samba
-
- Fix crossing automounter mount points; (bsc#1215212);
(bsc#1236803);
- Update shipped /etc/samba/smb.conf to point to smb.conf
man page;(bsc#1233880).
- suse-build-key
-
- changed keys to use SHA256 UIDs instead of SHA1. (bsc#1237294
bsc#1236779 jsc#PED-12321)
- gpg-pubkey-3fa1d6ce-67c856ee.asc to gpg-pubkey-09d9ea69-67c857f3.asc
- gpg-pubkey-09d9ea69-645b99ce.asc to gpg-pubkey-3fa1d6ce-63c9481c.asc
- suse_ptf_key_2023.asc, suse_ptf_key.asc: adjusted
- timezone
-
- Update to 2025a:
* Paraguay adopts permanent -03 starting spring 2024
* Improve pre-1991 data for the Philippines
* Etc/Unknown is now reserved
- Update to 2024b:
* Improve historical data for Mexico, Mongolia, and Portugal.
* System V names are now obsolescent.
* The main data form now uses %z.
* The code now conforms to RFC 8536 for early timestamps.
* Support POSIX.1-2024, which removes asctime_r and ctime_r.
* Assume POSIX.2-1992 or later for shell scripts.
* SUPPORT_C89 now defaults to 1.
- Add revert-philippines-historical-data.patch, revert-systemv-deprecation.patch
* Fixes testsuite failures for other packages
- vim
-
- Introduce patch to fix bsc#1235751 (regression).
* vim-9.1.1134-revert-putty-terminal-colors.patch
- Update to 9.1.1176. Changes:
* 9.1.1176: wrong indent when expanding multiple lines
* 9.1.1175: inconsistent behaviour with exclusive selection and motion commands
* 9.1.1174: tests: Test_complete_cmdline() may fail
* 9.1.1173: filetype: ABNF files are not detected
* 9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file
* 9.1.1171: tests: wrong arguments passed to assert_equal()
* 9.1.1170: wildmenu highlighting in popup can be improved
* 9.1.1169: using global variable for get_insert()/get_lambda_name()
* 9.1.1168: wrong flags passed down to nextwild()
* 9.1.1167: mark '] wrong after copying text object
* 9.1.1166: command-line auto-completion hard with wildmenu
* 9.1.1165: diff: regression with multi-file diff blocks
* 9.1.1164: [security]: code execution with tar.vim and special crafted tar files
* 9.1.1163: $MYVIMDIR is set too late
* 9.1.1162: completion popup not cleared in cmdline
* 9.1.1161: preinsert requires bot "menu" and "menuone" to be set
* 9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items
* 9.1.1159: $MYVIMDIR may not always be set
* 9.1.1158: :verbose set has wrong file name with :compiler!
* 9.1.1157: command completion wrong for input()
* 9.1.1156: tests: No test for what patch 9.1.1152 fixes
* 9.1.1155: Mode message not cleared after :silent message
* 9.1.1154: Vim9: not able to use autoload class accross scripts
* 9.1.1153: build error on Haiku
* 9.1.1152: Patch v9.1.1151 causes problems
* 9.1.1151: too many strlen() calls in getchar.c
* 9.1.1150: :hi completion may complete to wrong value
* 9.1.1149: Unix Makefile does not support Brazilian lang for the installer
* 9.1.1148: Vim9: finding imported scripts can be further improved
* 9.1.1147: preview-window does not scroll correctly
* 9.1.1146: Vim9: wrong context being used when evaluating class member
* 9.1.1145: multi-line completion has wrong indentation for last line
* 9.1.1144: no way to create raw strings from a blob
* 9.1.1143: illegal memory access when putting a register
* 9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined
* 9.1.1141: Misplaced comment in readfile()
* 9.1.1140: filetype: m17ndb files are not detected
* 9.1.1139: [fifo] is not displayed when editing a fifo
* 9.1.1138: cmdline completion for :hi is too simplistic
* 9.1.1137: ins_str() is inefficient by calling STRLEN()
* 9.1.1136: Match highlighting marks a buffer region as changed
* 9.1.1135: 'suffixesadd' doesn't work with multiple items
* 9.1.1134: filetype: Guile init file not recognized
* 9.1.1133: filetype: xkb files not recognized everywhere
* 9.1.1132: Mark positions wrong after triggering multiline completion
* 9.1.1131: potential out-of-memory issue in search.c
* 9.1.1130: 'listchars' "precedes" is not drawn on Tabs.
* 9.1.1129: missing out-of-memory test in buf_write()
* 9.1.1128: patch 9.1.1119 caused a regression with imports
* 9.1.1127: preinsert text is not cleaned up correctly
* 9.1.1126: patch 9.1.1121 used a wrong way to handle enter
* 9.1.1125: cannot loop through pum menu with multiline items
* 9.1.1124: No test for 'listchars' "precedes" with double-width char
* 9.1.1123: popup hi groups not falling back to defaults
* 9.1.1122: too many strlen() calls in findfile.c
* 9.1.1121: Enter does not insert newline with "noselect"
* 9.1.1120: tests: Test_registers fails
* 9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script
* 9.1.1118: tests: test_termcodes fails
* 9.1.1117: there are a few minor style issues
* 9.1.1116: Vim9: super not supported in lambda expressions
* 9.1.1115: [security]: use-after-free in str_to_reg()
* 9.1.1114: enabling termguicolors automatically confuses users
* 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds
* 9.1.1112: Inconsistencies in get_next_or_prev_match()
* 9.1.1111: Vim9: variable not found in transitive import
* 9.1.1110: Vim tests are slow and flaky
* 9.1.1109: cmdexpand.c hard to read
* 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol"
* 9.1.1107: cannot loop through completion menu with fuzzy
* 9.1.1106: tests: Test_log_nonexistent() causes asan failure
* 9.1.1105: Vim9: no support for protected new() method
* 9.1.1104: CI: using Ubuntu 22.04 Github runners
* 9.1.1103: if_perl: still some compile errors with Perl 5.38
* 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename
- 9.1.1101 is a fix for:
bsc#1229685 (CVE-2024-43790)
bsc#1229822 (CVE-2024-43802)
bsc#1230078 (CVE-2024-45306)
bsc#1235695 (CVE-2025-22134)
bsc#1236151 (CVE-2025-24014)
bsc#1237137 (CVE-2025-1215)
- Remove obsoleted patch:
* vim-7.3-mktemp_tutor.patch
- update to 9.1.1101
* insexpand.c hard to read
* tests: Test_log_nonexistent only works on Linux
* Update base-syntax, improve variable matching
* Vim9: import with extends may crash
* leaking memory with completing multi lines
* --log with non-existent path causes a crash
* if_perl: Perl 5.38 adds new symbols causing link failure
* tests: matchparen plugin test wrongly named
* Vim9: problem finding implemented method in type hierarchy
* runtime(qf): Update syntax file, match second delimiter
* tests: output of test ...win32_ctrl_z depends on python version
* tests: fix expected return code for python 3.13 on Windows
* tests: timeout might be a bit too small
* tests: test_terminwscroll_topline2 unreliable
* tests: No check when tests are run under Github actions
* tests: plugin tests are named inconsistently
* Vim9: import with extends may crash
* completion doesn't work with multi lines
* filetype: cmmt files are not recognized
* Unable to persistently ignore events in a window and its buffers
* improve syntax highlighting
* setreg() doesn't correctly handle mbyte chars in blockwise mode
* unexpected DCS responses may cause out of bounds reads
* has('bsd') is true for GNU/Hurd
* filetype: Mill files are not recognized
* GUI late startup leads to uninitialized scrollbars
* Add support for lz4 to tar & gzip plugin
* Terminal ansi colors off by one after tgc reset
* included syntax items do not understand contains=TOP
* vim_strnchr() is strange and unnecessary
* Vim9: len variable not used in compile_load()
* runtime(vim): Update base-syntax, match :debuggreedy count prefix
* Strange error when heredoc marker starts with "trim"
* tests: test_compiler fails on Windows without Maven
* 'diffopt' "linematch" cannot be used with {n} less than 10
* args missing after failing to redefine a function
* Cannot control cursor positioning of getchar()
* preinsert text completions not deleted with <C-W>/<C-U>
* getchar() can't distinguish between C-I and Tab
* tests: Test_termwinscroll_topline2 fails on MacOS
* heap-use-after-free and stack-use-after-scope with :14verbose
* no digraph for "Approaches the limit"
* not possible to use plural forms with gettext()
* too many strlen() calls in userfunc.c
* terminal: E315 when dragging the terminal with the mouse
* runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()
* runtime(doc): Tweak documentation style a bit
* tests: test_glvs fails when unarchiver not available
* Vim always enables 'termguicolors' in a terminal
* completion: input text deleted with preinsert when adding leader
* translation(sr): Missing Serbian translation for the tutor
* Superfluous cleanup steps in test_ins_complete.vim
* runtime(netrw): correct wrong version check
* Vim doesn't highlight to be inserted text when completing
* runtime(netrw): upstream snapshot of v176
* runtime(dist/vim9): fix regressions in dist#vim9#Open
* runtime(hyprlang): fix string recognition
* make install fails because of a missing dependency
* runtime(asm): add byte directives to syntax script
* Vim doesn't work well with TERM=xterm-direct
* runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection
* runtime: decouple Open and Launch commands and gx mapping from netrw
* "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
* runtime(just): fix typo in syntax file
* runtime(filetype): Improve Verilog detection by checking for modules definition
* tests: off-by-one error in CheckCWD in test_debugger.vim
* tests: no support for env variables when running Vim in terminal
* too many strlen() calls in os_unix.c
* insert-completed items are always sorted
* crash after scrolling and pasting in silent Ex mode
* Makefiles uses non-portable syntax
* fuzzymatching doesn't prefer matching camelcase
* filetype: N-Tripels and TriG files are not recognized
* Vim9: Patch 9.1.1014 causes regressions
* translation(sr): Update Serbian messages translation
- updade to 9.1.1043
* [security]: segfault in win_line()
* update helptags
* filetype: just files are not recognized
* Update base-syntax, match ternary and falsy operators
* Vim9: out-of-bound access when echoing an enum
* Vim9: imported type cannot be used as func return type
* runtime(kconfig): updated ftplugin and syntax script
* runtime(doc): rename last t_BG reference to t_RB
* Vim9: comments are outdated
* tests: test_channel.py fails with IPv6
* runtime(vim): Update base-syntax, fix is/isnot operator matching
* Vim9: confusing error when using abstract method via super
* make install fails when using shadowdir
* Vim9: memory leak with blob2str()
* runtime(tex): add texEmphStyle to texMatchGroup in syntax script
* runtime(netrw): upstream snapshot of v175
* Vim9: compiling abstract method fails without return
* runtime(c): add new constexpr keyword to syntax file (C23)
* tests: shaderslang was removed from test_filetype erroneously
* link error when FEAT_SPELL not defined
* Coverity complains about insecure data handling
* runtime(sh): update syntax script
* runtime(c): Add missing syntax test files
* filetype: setting bash filetype is backwards incompatible
* runtime(c): Update syntax and ftplugin files
* the installer can be improved
* too many strlen() calls in screen.c
* no sanitize check when running linematch
* filetype: swc configuration files are not recognized
* runtime(netrw): change netrw maintainer
* wrong return type of blob2str()
* blob2str/str2blob() do not support list of strings
* runtime(doc): fix typo in usr_02.txt
* Coverity complains about dereferencing NULL pointer
* linematch option value not completed
* string might be used without a trailing NUL
* no way to get current selected item in a async context
* filetype: fd ignore files are not recognized
* v9.1.0743 causes regression with diff mode
* runtime(doc): fix base64 encode/decode examples
* Vim9: Patch 9.1.1013 causes a few problems
* Not possible to convert string2blob and blob2string
* Coverity complains about dereferencing NULL value
* Vim9: variable not found in transitive import
* runtime(colors): Update colorschemes, include new unokai colorscheme
* Vim9: Regression caused by patch v9.1.0646
* runtime(lyrics): support milliseconds in syntax script
* runtime(vim): Split Vim legacy and Vim9 script indent tests
* Vim9: class interface inheritance not correctly working
* popupmenu internal error with some abbr in completion item
* filetype: VisualCode setting file not recognized
* diff feature can be improved
* tests: test for patch 9.1.1006 doesn't fail without the patch
* filetype: various ignore are not recognized
* tests: Load screendump files with "git vimdumps"
* PmenuMatch completion highlight can be combined
* completion text is highlighted even with no pattern found
* tests: a few termdebug tests are flaky
* [security]: heap-buffer-overflow with visual mode
* runtime(doc): add package-<name> helptags for included packages
* Vim9: unknown func error with interface declaring func var
* runtime(filetype): don't detect string interpolation as angular
* ComplMatchIns highlight hard to read on light background
* runtime(vim): Update base-syntax, highlight literal string quote escape
* runtime(editorconfig): set omnifunc to syntaxcomplete func
* tests: ruby tests fail with Ruby 3.4
* Vim9: leaking finished exception
* runtime(tiasm): use correct syntax name tiasm in syntax script
* filetype: TI assembly files are not recognized
* too many strlen() calls in drawscreen.c
* runtime(xf86conf): add section name OutputClass to syntax script
* ComplMatchIns may highlight wrong text
* runtime(vim): Update base-syntax, improve ex-bang matching
* runtime(doc): clarify buffer deletion on popup_close()
* filetype: shaderslang files are not detected
* Vim9: not able to use comment after opening curly brace
- update to 9.1.0993
* 9.1.0993: New 'cmdheight' behavior may be surprising
* runtime(sh): fix typo in Last Change header
* 9.1.0992: Vim9: double-free after v9.1.0988
* 9.1.0991: v:stacktrace has wrong type in Vim9 script
* runtime(sh): add PS0 to bashSpecialVariables in syntax script
* runtime(vim): Remove trailing comma from match_words
* runtime(zsh): sync syntax script with upstream repo
* runtime(doc): Capitalise the mnemonic "Zero" for the 'z' flag of search()
* 9.1.0990: Inconsistent behavior when changing cmdheight
* 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
* runtime(java): Quietly opt out for unsupported markdown.vim versions
* runtime(vim): fix failing vim syntax test
* 9.1.0988: Vim9: no error when using uninitialized var in new()
* runtime(doc): update index.txt
* 9.1.0987: filetype: cake files are not recognized
* 9.1.0986: filetype: 'jj' filetype is a bit imprecise
* runtime(jj): Support diffs in jj syntax
* runtime(vim): Update matchit pattern, no Vim9 short names
* 9.1.0985: Vim9: some ex commands can be shortened
* 9.1.0984: exception handling can be improved
* runtime(doc): update doc for :horizontal
* runtime(doc): update index.txt, windows.txt and version9.txt
* runtime(doc): Tweak documentation about base64 function
* runtime(chordpro): update syntax script
* 9.1.0983: not able to get the displayed items in complete_info()
* runtime(doc): use standard SGR format at :h xterm-true-color
* 9.1.0982: TI linker files are not recognized
* runtime(vim): update vim generator syntax script
* 9.1.0981: tests: typo in test_filetype.vim
* 9.1.0980: no support for base64 en-/decoding functions in Vim Script
* syntax(sh): Improve the recognition of bracket expressions
* runtime(doc): mention how NUL bytes are handled
* 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
* 9.1.0978: GUI tests sometimes fail when setting 'scroll' options
* 9.1.0977: filetype: msbuild filetypes are not recognized
* 9.1.0976: Vim9: missing return statement with throw
* 9.1.0975: Vim9: interpolated string expr not working in object methods
* 9.1.0974: typo in change of commit v9.1.0873
* 9.1.0973: too many strlen() calls in fileio.c
* runtime(sh): set shellcheck as the compiler for supported shells
* runtime(doc): Fix enum example syntax
* 9.1.0972: filetype: TI linker map files are not recognized
* runtime(vim): Improve syntax script generator for Vim Script
* 9.1.0971: filetype: SLNX files are not recognized
* 9.1.0970: VMS: build errors on VMS architecture
* runtime(doc): Fix documentation typos
* runtime(doc): update for new keyprotocol option value (after v9.1.0969)
* 9.1.0969: ghostty not using kitty protocol by default
* 9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
* runtime(doc): update version9.txt for bash filetype
* runtime(netrw): update last change header for #16265
* runtime(doc): fix doc error in :r behaviour
* 9.1.0967: SpotBugs compiler setup can be further improved
* 9.1.0966: Vim9: :enum command can be shortened
* runtime(compiler): include a basic bash syntax checker compiler
* 9.1.0965: filetype: sh filetype set when detecting the use of bash
* runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt
* 9.1.0963: fuzzy-matching does not prefer full match
* 9.1.0962: filetype: bun.lock file is not recognized
* runtime(vim): update indentation plugin for Vim script
* runtime(doc): tweak documentation style in helphelp.txt
* runtime(vim): Update base-syntax, allow parens in default arguments
* runtime(doc): mention auto-format using clang-format for sound.c/sign.c
* runtime(help): fix typo s/additional/arbitrary/
* runtime(help): Add better support for language annotation highlighting
* 9.1.0961: filetype: TI gel files are not recognized
* 9.1.0960: filetype: hy history files are not recognized
* translation(fi): Fix typoes in Finish menu translation
* 9.1.0959: Coverity complains about type conversion
* runtime(vim): Use supported syntax in indent tests
* 9.1.0958: filetype: supertux2 config files detected as lisp
* 9.1.0956: completion may crash, completion highlight wrong with preview window
* 9.1.0955: Vim9: vim9compile.c can be further improved
* runtime(doc): move help tag E1182
* runtime(graphql): contribute vim-graphql to Vim core
* 9.1.0954: popupmenu.c can be improved
* 9.1.0953: filetype: APKBUILD files not correctly detected
* 9.1.0952: Vim9: missing type checking for any type assignment
* 9.1.0951: filetype: jshell files are not recognized
* runtime(dockerfile): do not set commentstring in syntax script
* 9.1.0950: filetype: fennelrc files are not recognized
* runtime(netrw): do not double escape Vim special characters
* git: ignore reformatting change of netrw plugin
* runtime(netrw): more reformating #16248
* runtime(doc): Add a note about handling symbolic links in starting.txt
* 9.1.0949: popups inconsistently shifted to the left
* git: ignore reformatting change of netrw plugin
* runtime(netrw): change indent size from 1 to 2
* 9.1.0948: Missing cmdline completion for :pbuffer
* runtime(tutor): Reformat tutor1
* 9.1.0947: short-description
* 9.1.0946: cross-compiling fails on osx-arm64
* 9.1.0945: ComplMatchIns highlight doesn't end after inserted text
* translation(sv): re-include the change from #16240
* 9.1.0944: tests: test_registers fails when not run under X11
* 9.1.0943: Vim9: vim9compile.c can be further improved
* runtime(doc): Update README and mention make check to verify
* translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec
* runtime(vim): update base-syntax after v9.1.0936
* 9.1.0942: a few typos were found
* 9.1.0941: ComplMatchIns doesn't work after multibyte chars
* runtime(doc): Fix style in fold.txt
* translation(sv): Fix typo in Swedish translation
* 9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
* runtime(doc): fix some small errors
* 9.1.0939: make installtutor fails
* 9.1.0938: exclusive selection not respected when re-selecting block mode
* 9.1.0937: test_undolist() is flaky
* 9.1.0936: cannot highlight completed text
* 9.1.0935: SpotBugs compiler can be improved
* 9.1.0934: hard to view an existing buffer in the preview window
* runtime(doc): document how to minimize fold computation costs
* 9.1.0933: Vim9: vim9compile.c can be further improved
* 9.1.0932: new Italian tutor not installed
* runtime(doc): fix a few minor errors from the last doc updates
* translation(it): add Italian translation for the interactive tutor
* runtime(doc): update the change.txt help file
* runtime(help): Add Vim lang annotation support for codeblocks
* 9.1.0931: ml_get error in terminal buffer
* 9.1.0930: tests: test_terminal2 may hang in GUI mode
* 9.1.0929: filetype: lalrpop files are not recognized
* 9.1.0928: tests: test_popupwin fails because the filter command fails
* editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim
* 9.1.0927: style issues in insexpand.c
* 9.1.0926: filetype: Pixi lock files are not recognized
* runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`
* runtime(doc): add a note about inclusive motions and exclusive selection
* 9.1.0925: Vim9: expression compiled when not necessary
* 9.1.0924: patch 9.1.0923 causes issues
* 9.1.0923: too many strlen() calls in filepath.c
* 9.1.0923: wrong MIN macro in popupmenu.c
* 9.1.0921: popupmenu logic is a bit convoluted
* 9.1.0920: Vim9: compile_assignment() too long
* 9.1.0919: filetype: some assembler files are not recognized
* runtime(netrw): do not pollute search history with symlinks
* 9.1.0918: tiny Vim crashes with fuzzy buffer completion
* 9.1.0917: various vartabstop and shiftround bugs when shifting lines
* runtime(typst): add definition lists to formatlistpat, update maintainer
* 9.1.0916: messages.c is exceeding 80 columns
* runtime(proto): include filetype plugin for protobuf
* 9.1.0915: GVim: default font size a bit too small
* 9.1.0914: Vim9: compile_assignment() is too long
* 9.1.0913: no error check for neg values for 'messagesopt'
* runtime(netrw): only check first arg of netrw_browsex_viewer for being executable
* 9.1.0912: xxd: integer overflow with sparse files and -autoskip
* 9.1.0911: Variable name for 'messagesopt' doesn't match short name
* 9.1.0910: 'messagesopt' does not check max wait time
* runtime(doc): update wrong Vietnamese localization tag
* 9.1.0909: Vim9: crash when calling instance method
- update to 9.1.0908
* refresh vim-7.3-mktemp_tutor.patch
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
* runtime(doc): mention option-backslash at :h CompilerSet
* runtime(compiler): include a Java Maven compiler plugin
* runtime(racket): update Racket runtime files
* runtime(doc): improve indentation in examples for netrw-handler
* runtime(doc): improve examples for netrw-handler functions
* runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg
* runtime(doc): clarify the use of filters and external commands
* 9.1.0861: Vim9: no runtime check for object member access of any var
* runtime(compiler): update pylint linter
* 9.1.0860: tests: mouse_shape tests use hard code sleep value
* 9.1.0859: several problems with the GLVS plugin
* 9.1.0858: Coverity complains about dead code
* runtime(tar): Update tar.vim to support permissions
* 9.1.0857: xxd: --- is incorrectly recognized as end-of-options
* 9.1.0851: too many strlen() calls in getchar.c
* 9.1.0850: Vim9: cannot access nested object inside objects
* runtime(tex): extra Number highlighting causes issues
* runtime(vim): Fix indent after :silent! function
* 9.1.0849: there are a few typos in the source
* runtime(netrw): directory symlink not resolved in tree view
* runtime(doc): add a table of supported Operating Systems
* runtime(tex): update Last Change header in syntax script
* runtime(doc): fix typo in g:termdebug_config
* runtime(vim): Update base-syntax, improve :normal highlighting
* runtime(tex): add Number highlighting to syntax file
* runtime(doc): Tweak documentation style a bit
* 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
* runtime(dune): use :setl instead of :set in ftplugin
* runtime(termdebug): allow to use decimal signs
* translation(it): Updated Italian vimtutor
* runtime(compiler): improve cppcheck
* git: git-blame-ignore-revs shown as an error on Github
* 9.1.0847: tests: test_popupwin fails because of updated help file
* 9.1.0846: debug symbols for xxd are not cleaned in Makefile
* runtime(structurizr): Update structurizr syntax
* runtime(8th): updated 8th syntax
* runtime(doc): Add pi_tutor.txt to help TOC
* runtime(compiler): add mypy and ruff compiler; update pylint linter
* runtime(netrw): fix several bugs in netrw tree listing
* runtime(netrw): prevent polluting the search history
* 9.1.0845: vimtutor shell script can be improved
* 9.1.0844: if_python: no way to pass local vars to python
* 9.1.0843: too many strlen() calls in undo.c
* runtime(doc): update default value for fillchars option
* runtime(compiler): fix typo in cppcheck compiler plugin
* runtime(doc): simplify vimtutor manpage a bit more
* runtime(matchparen): Add matchparen_disable_cursor_hl config option
* 9.1.0842: not checking for the sync() systemcall
* 9.1.0841: tests: still preferring python2 over python3
* 9.1.0840: filetype: idris2 files are not recognized
* 9.1.0839: filetype: leo files are not recognized
* runtime(cook): include cook filetype plugin
* runtime(debversions): Update Debian versions
* patch 9.1.0838: vimtutor is bash-specific
* runtime(doc): add help specific modeline to pi_tutor.txt
* Filelist: vimtutor chapter 2 is missing in Filelist
* 9.1.0837: cross-compiling has some issues
* runtime(vimtutor): Add a second chapter
- xen
-
- bsc#1219354 - xen channels and domU console
67c86fc1-xl-fix-channel-configuration-setting.patch
- bsc#1237692 - When attempting to start guest vm's libxl fills disk with errors
67d2a3fe-libxl-avoid-infinite-loop-in-libxl__remove_directory.patch
- Upstream bug fixes (bsc#1027519)
67b4961e-console-dont-truncate-panic-messages.patch
67b49d86-memory-resource_max_frames-retval.patch
67b5d27c-SVM-separate-STI-from-VMRUN.patch
67cb03e0-x86-vlapic-ESR-write-handling.patch
67d17edd-x86-expose-MSR_FAM10H_MMIO_CONF_BASE-on-AMD.patch
67d17ede-VT-x-PI-usage-of-msi_desc-msg-field.patch
- bsc#1238043 - VUL-0: CVE-2025-1713: xen: deadlock potential with
VT-d and legacy PCI device pass-through (XSA-467)
67c06178-x86-IOMMU-bus-to-bridge-lock-acquired-IRQ-safe.patch
- Xen call trace and APIC Error found after reboot operation on AMD
machine (bsc#1233796)
67acb684-x86-offline-APs-with-IRQs-disabled.patch
67acb685-x86-SMP-disable-IRQs-ahead-of-AP-shutdown.patch
67acb686-x86-PCI-disable-MSI-at-shutdown.patch
67acb687-x86-IOMMU-disable-IRQs-at-shutdown.patch
- Upstream bug fixes (bsc#1027519)
66dedebf-x86-HVM-recursion-in-linear-rw.patch
677bcb65-x86-traps-rework-LER-init-and.patch
677c1a7c-x86-AMD-misc-setup-for-Fam1A.patch
67921698-x86-HVM-MMIO-emul-cache-bounds-check.patch
67935a31-x86-HVM-dyn-alloc-emul-cache-ents.patch
67935a4c-x86-HVM-rw-split-at-page.patch
67977673-x86-IOMMU-check-CMPXCHG16B-when-enabling.patch
67977677-AMD-IOMMU-atomically-update-IRTE.patch
679796ff-x86-PV-further-harden-guest-mem-access.patch
67a5cb5f-radix-tree-purge-node-alloc-hooks.patch
67a5cb94-radix-tree-introduce-RADIX_TREE_INIT.patch
- yast2-network
-
- Added a warn about a possible problem with the configured bond
ports configuration using a MAC based renaming schema allowing
the user to change all of them to use the BusID. (bsc#1233653)
- 4.6.11
- zypper
-
- Annonunce --root in commands not launching a Target
(bsc#1237044)
- BuildRequires: libzypp-devel >= 17.36.3.
- version 1.14.85