bind
- Upgrade to release 9.20.11
  Security Fixes:
  * Fix a possible assertion failure when
    stale-answer-client-timeout is set to 0. In specific
    circumstances the named resolver process could exit with an
    assertion failure when stale answers were enabled and the
    stale-answer-client-timeout configuration option was set to 0.
    (CVE-2025-40777)
    [bsc#1246548]
  New Features:
  * Add support for the CO flag to dig.
  * Implement a new notify-defer configuration option. This new
    option sets a delay (in seconds) to wait before sending a set
    of NOTIFY messages for a zone. Whenever a NOTIFY message is
    ready to be sent, sending is deferred for this duration. This
    option should not be confused with the notify-delay option. The
    default is 0 seconds.
  Removed Features:
  * Implement the systemd notification protocol manually to remove
    dependency on libsystemd.
  Bug Fixes:
  * Correct the default interface-interval from 60s to 60m.
  * Fix a purge-keys bug when using multiple views of a zone.
  * Use IPv6 queries in delv +ns.
  * A secondary zone could initiate a new zone transfer from the
    primary server after it had been already deleted from the
    secondary server, and before the internal garbage collection
    was activated to clean it up completely. This has been fixed.
  * A secondary zone could fail to further refresh with new
    versions of the zone from a primary server if named was
    reconfigured during the SOA request step of an ongoing zone
    transfer. This has been fixed.
- Clean up systemd BuildRequires
coreutils
- coreutils-9.7-sort-CVE-2025-5278.patch: Add upstream patch:
  sort with key character offsets of SIZE_MAX, could induce
  a read of 1 byte before an allocated heap buffer.
  (CVE-2025-5278, bsc#1243767)
docker
[ This update is a no-op, only needed to work around unfortunate automated
  packaging script behaviour on SLES. ]
- The following patches were removed in openSUSE in the Docker 28.1.1-ce
  update, but the patch names were later renamed in a SLES-only update before
  Docker 28.1.1-ce was submitted to SLES.
  This causes the SLES build scripts to refuse the update because the patches
  are not referenced in the changelog. There is no obvious place to put the
  patch removals (the 28.1.1-ce update removing the patches chronologically
  predates their renaming in SLES), so they are included here a dummy changelog
  entry to work around the issue.
  - 0007-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  - 0008-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch

- Update to docker-buildx v0.25.0. Upstream changelog:
  <https://github.com/docker/buildx/releases/tag/v0.25.0>

- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as
  Docker does not have permission to access the host zypper credentials in this
  mode (and unprivileged users cannot disable the feature using
  /etc/docker/suse-secrets-enable.) bsc#1240150
  * 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
- Rebase patches:
  * 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
  * 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch

- Always clear SUSEConnect suse_* secrets when starting containers regardless
  of whether the daemon was built with SUSEConnect support. Not doing this
  causes containers from SUSEConnect-enabled daemons to fail to start when
  running with SUSEConnect-disabled (i.e. upstream) daemons.
  This was a long-standing issue with our secrets support but until recently
  this would've required migrating from SLE packages to openSUSE packages
  (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
  away from in-built SUSEConnect support, this is now a practical issue users
  will run into. bsc#1244035
  + 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
- Rearrange patches:
  - 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  + 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  - 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  + 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  - 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  + 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  + 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  - 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  + 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch

[NOTE: This update was only ever released in SLES and Leap.]
- Always clear SUSEConnect suse_* secrets when starting containers regardless
  of whether the daemon was built with SUSEConnect support. Not doing this
  causes containers from SUSEConnect-enabled daemons to fail to start when
  running with SUSEConnect-disabled (i.e. upstream) daemons.
  This was a long-standing issue with our secrets support but until recently
  this would've required migrating from SLE packages to openSUSE packages
  (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
  away from in-built SUSEConnect support, this is now a practical issue users
  will run into. bsc#1244035
  + 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
- Rearrange patches:
  - 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  + 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  - 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  + 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  - 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  + 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  + 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  - 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  + 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  - 0006-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  + 0007-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  - 0007-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
  + 0008-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch

- Update to Docker 28.2.2-ce. See upstream changelog online at
  <https://github.com/moby/moby/releases/tag/v28.2.2>
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch

- Update to Docker 28.2.1-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/28/#2820> bsc#1243833
  <https://github.com/moby/moby/releases/tag/v28.2.1>
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch

- Update to docker-buildx v0.24.0. Upstream changelog:
  <https://github.com/docker/buildx/releases/tag/v0.24.0>

- Update to Docker 28.1.1-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/28/#2811> bsc#1242114
  Includes upstream fixes:
  - CVE-2025-22872 bsc#1241830
- Remove long-outdated build handling for deprecated and unsupported
  devicemapper and AUFS storage drivers. AUFS was removed in v24, and
  devicemapper was removed in v25.
  <https://docs.docker.com/engine/deprecated/#aufs-storage-driver>
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Remove upstreamed patches:
  - 0006-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
  - 0007-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
  - cli-0001-docs-include-required-tools-in-source-tree.patch

- Update to docker-buildx v0.23.0. Upstream changelog:
  <https://github.com/docker/buildx/releases/tag/v0.23.0>

- Update to docker-buildx v0.22.0. Upstream changelog:
  <https://github.com/docker/buildx/releases/tag/v0.22.0>
  * Includes fixes for CVE-2025-0495. bsc#1239765

- Disable transparent SUSEConnect support for SLE-16. PED-12534
  When this patchset was first added in 2013 (and rewritten over the years),
  there was no upstream way to easily provide SLE customers with a way to build
  container images based on SLE using the host subscription. However, with
  docker-buildx you can now define secrets for builds (this is not entirely
  transparent, but we can easily document this new requirement for SLE-16).
  Users should use
    RUN --mount=type=secret,id=SCCcredentials zypper -n ...
  in their Dockerfiles, and
    docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
  when doing their builds.
- Now that the only blocker for docker-buildx support was removed for SLE-16,
  enable docker-buildx for SLE-16 as well. PED-8905
glib2
- Add glib2-CVE-2025-6052.patch: fix overflow check when expanding
  a GString (bsc#1244596 CVE-2025-6052).

- Add glib2-CVE-2025-4373.patch: carefully handle gssize parameters
  (bsc#1242844 CVE-2025-4373 glgo#GNOME/glib#3677).
google-guest-oslogin
- Override upstream version to address upgrade problems (bsc#1243997)
google-osconfig-agent
- Update to version 20250416.02 (bsc#1244304, bsc#1244503)
  * defaultSleeper: tolerate 10% difference to reduce test flakiness (#810)
  * Add output of some packagemanagers to the testdata (#808)
- from version 20250416.01
  * Refactor OS Info package (#809)
- from version 20250416.00
  * Report RPM inventory as YUM instead of empty SoftwarePackage
    when neither Zypper nor YUM are installed. (#805)
- from version 20250414.00
  * Update hash computation algorithm (#799)

- Update to version 20250320.00
  * Bump github.com/envoyproxy/protoc-gen-validate from 1.1.0 to 1.2.1 (#797)
- from version 20250318.00
  * Bump go.opentelemetry.io/otel/sdk/metric from 1.32.0 to 1.35.0 (#793)
- from version 20250317.02
  * Bump cel.dev/expr from 0.18.0 to 0.22.0 (#792)
  * Bump github.com/golang/glog from 1.2.3 to 1.2.4 in the go_modules group (#785)
- from version 20250317.01
  * Bump cloud.google.com/go/logging from 1.12.0 to 1.13.0 (#774)
- from version 20250317.00
  * Add tests for retryutil package. (#795)
- from version 20250306.00
  * Update OWNERS (#794)
- from version 20250206.01
  * Use separate counters for pre- and post-patch reboots. (#788)
- from version 20250206.00
  * Update owners (#789)
- from version 20250203.00
  * Fix the vet errors for contants in logging (#786)
- from version 20250122.00
  * change available package check (#783)
- from version 20250121.00
  * Fix Inventory reporting e2e tests. (#782)
- from version 20250120.00
  * fix e2e tests (#781)
- Add -buildmode=pie to go build command line (bsc#1239948)
- Drop CVE-2024-45339.patch, merged upstream
- Renumber patches
gpg2
- Security fix: [bsc#1236931, bsc#1239119, CVE-2025-30258]
  * gpg: Fix regression for the recent malicious subkey DoS fix.
  * gpg: Fix another regression due to the T7547 fix.
  * gpg: Allow the use of an ADSK subkey as ADSK subkey.
  * Add patches:
  - gnupg-gpg-Fix-regression-for-the-recent-malicious-subkey-D.patch
  - gnupg-gpg-Fix-another-regression-due-to-the-T7547-fix.patch
  - gnupg-gpg-Allow-the-use-of-an-ADSK-subkey-as-ADSK-subkey.patch

- Don't install expired sks certificate [bsc#1243069]
  * Add patch gnupg-dirmngr-Don-t-install-expired-sks-certificate.patch

- Fix a verification DoS due to a malicious subkey in the keyring: [bsc#1239119]
  * Add patch gnupg-gpg-Fix-a-verification-DoS-due-to-a-malicious-subkey-in-the-keyring.patch
iputils
- Security fix [bsc#1243772, CVE-2025-48964]
  * Fix  integer overflow in ping statistics via zero timestamp
  * Add iputils-CVE-2025-48964_01.patch
  * Add iputils-CVE-2025-48964_02.patch
  * Add iputils-CVE-2025-48964_03.patch
  * Add iputils-CVE-2025-48964_04.patch
  * Add iputils-CVE-2025-48964_regression.patch
jq
- Add patch CVE-2024-23337.patch (CVE-2024-23337, bsc#1243450)
kernel-default
- r8152: add vendor/device ID pair for Dell Alienware AW1022z
  (git-fixes).
- commit 9bd4e20

- perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq
  (CVE-2025-38055 bsc#1244747).
- commit 144da01

- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- commit d8e756f

- add bug reference to existing hv_storvsc change (bsc#1245455).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- commit 1c553b0

- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound
  request (git-fixes).
- commit 784f61d

- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
  (bsc#1245431).
- commit dd145d5

- netlink: specs: dpll: replace underscores with dashes in names
  (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and
  Nahum 13 (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/mlx5: Fix return value when searching for existing flow
  group (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA
  (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset
  (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress
  (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet()
  in TX DQO (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts
  (git-fixes).
- ice: create new Tx scheduler nodes for new queues only
  (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback
  (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz
  (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt
  (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
  (git-fixes).
- net/mlx5_core: Add error handling
  inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- idpf: fix null-ptr-deref in idpf_features_check (CVE-2025-38053
  bsc#1244746).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- devlink: Fix referring to hw_addr attribute during state
  validation (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file
  (git-fixes).
- commit 6dccf5f

- mm/hugetlb: unshare page tables during VMA split, not before
  (bsc#1245431).
- commit bf8eb79

- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
  (bsc#1245431).
- commit 0b96583

- mm/hugetlb: unshare page tables during VMA split, not before
  (bsc#1245431).
- commit cdfa193

- serial: core: restore of_node information in sysfs (git-fixes).
- commit 6ac0cc6

- staging: rtl8723bs: Avoid memset() in aes_cipher() and
  aes_decipher() (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss
  (git-fixes).
- commit 652de47

- drm/amdgpu: csa unmap use uninterruptible lock (CVE-2025-38011
  bsc#1244729).
- commit d370e7c

- drm/xe/gt: Update handling of xe_force_wake_get return
  (stable-fixes).
- Refresh
  patches.suse/drm-xe-Fix-GT-for-each-engine-workarounds.patch.
- commit 2738ff8

- drm/xe: Process deferred GGTT node removals on device unwind
  (git-fixes).
- drm/xe/display: Add check for alloc_ordered_workqueue()
  (git-fixes).
- drm/amd: Adjust output for discovery error handling (git-fixes).
- drm/xe/bmg: Update Wa_16023588340 (git-fixes).
- drm/v3d: Avoid NULL pointer dereference in
  `v3d_job_update_stats()` (stable-fixes).
- PCI: Add ACS quirk for Loongson PCIe (stable-fixes).
- wifi: mt76: mt7925: introduce thermal protection (stable-fixes).
- wifi: mac80211: validate SCAN_FLAG_AP in scan request during
  MLO (stable-fixes).
- wifi: rtw89: 8922a: fix TX fail with wrong VCO setting
  (stable-fixes).
- wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in
  plfxlc_usb_wreq_asyn() (stable-fixes).
- wifi: ath12k: using msdu end descriptor to check for rx
  multicast packets (stable-fixes).
- ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86
  case (stable-fixes).
- drm/amdgpu: read back register after written for VCN v4.0.5
  (stable-fixes).
- wifi: rtw89: phy: add dummy C2H event handler for report of
  TAS power (stable-fixes).
- drm/xe: Wire up device shutdown handler (stable-fixes).
- commit 59cc8a5

- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages
  (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR
  (git-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in
  snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
  (stable-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the
  KTMicro sound card (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list
  (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
  (stable-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite
  (stable-fixes).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup
  (stable-fixes).
- fbcon: Make sure modelist not set on unregistered console
  (stable-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
  (stable-fixes).
- i2c: designware: Invoke runtime suspend on quick slave
  re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- pinctrl: armada-37xx: propagate error from
  armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: armada-37xx: propagate error from
  armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from
  armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from
  armada_37xx_gpio_get() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe
  (stable-fixes).
- software node: Correct a OOB check in
  software_node_get_reference_args() (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast
  RA (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
  (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
  (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET
  (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock
  (stable-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for
  AP mode (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is
  disabled (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is
  disabled (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot
  with hardware grouping (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the
  monitor Rx (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center
  freq2 for 160 MHz (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0
  (stable-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink
  (stable-fixes).
- PM: runtime: fix denying of auto suspend in
  pm_suspend_timer_fn() (stable-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp()
  (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf()
  (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c
  (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails
  (stable-fixes).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind
  (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
  (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data()
  (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
  (stable-fixes).
- Input: sparcspkr - avoid unannotated fall-through
  (stable-fixes).
- commit 0dc7dde

- Update
  patches.suse/HID-uclogic-Add-NULL-check-in-uclogic_input_configur.patch
  (git-fixes CVE-2025-38007 bsc#1244938).
- Update
  patches.suse/RDMA-core-Fix-KASAN-slab-use-after-free-Read-in-ib_r.patch
  (git-fixes CVE-2025-38022 bsc#1245003).
- Update
  patches.suse/RDMA-rxe-Fix-slab-use-after-free-Read-in-rxe_queue_c.patch
  (git-fixes CVE-2025-38024 bsc#1245025).
- Update
  patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-csu.patch
  (bsc#1243342 CVE-2025-38059 bsc#1244759).
- Update
  patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-ext.patch
  (bsc#1236208 CVE-2025-21658).
- Update
  patches.suse/can-bcm-add-locking-for-bcm_op-runtime-updates.patch
  (git-fixes CVE-2025-38004 bsc#1244274).
- Update
  patches.suse/can-bcm-add-missing-rcu-read-protection-for-procfs-c.patch
  (git-fixes CVE-2025-38003 bsc#1244275).
- Update
  patches.suse/crypto-algif_hash-fix-double-free-in-hash_accept.patch
  (git-fixes CVE-2025-38079 bsc#1245217).
- Update
  patches.suse/crypto-lzo-Fix-compression-buffer-overrun.patch
  (stable-fixes CVE-2025-38068 bsc#1245210).
- Update
  patches.suse/dmaengine-idxd-Refactor-remove-call-with-idxd_cleanu.patch
  (git-fixes CVE-2025-38014 bsc#1244732).
- Update
  patches.suse/dmaengine-idxd-fix-memory-leak-in-error-handling-pat-46a5cca.patch
  (git-fixes CVE-2025-38015 bsc#1244789).
- Update
  patches.suse/dmaengine-ti-k3-udma-Add-missing-locking.patch
  (git-fixes CVE-2025-38005 bsc#1244727).
- Update
  patches.suse/drm-amd-display-Increase-block_sequence-array-size.patch
  (stable-fixes CVE-2025-38080 bsc#1244738).
- Update
  patches.suse/ext4-goto-right-label-out_mmap_sem-in-ext4_setattr.patch
  (bsc#1242556 CVE-2025-22120 bsc#1241592).
- Update
  patches.suse/firmware-arm_ffa-Set-dma_mask-for-ffa-devices.patch
  (stable-fixes CVE-2025-38043 bsc#1245081).
- Update patches.suse/media-cx231xx-set-device_caps-for-417.patch
  (stable-fixes CVE-2025-38044 bsc#1245082).
- Update
  patches.suse/net-handshake-Fix-handshake_req_destroy_test1.patch
  (git-fixes CVE-2024-26831 bsc#1223008).
- Update
  patches.suse/net-mlx5e-Disable-MACsec-offload-for-uplink-represen.patch
  (git-fixes CVE-2025-38020 bsc#1245001).
- Update patches.suse/net_sched-prio-fix-a-race-in-prio_tune.patch
  (git-fixes CVE-2025-38083 bsc#1245183).
- Update
  patches.suse/nfs-handle-failure-of-nfs_get_lock_context-in-unlock-path.patch
  (git-fixes CVE-2025-38023 bsc#1245004).
- Update patches.suse/orangefs-Do-not-truncate-file-size.patch
  (git-fixes CVE-2025-38065 bsc#1244906).
- Update
  patches.suse/padata-do-not-leak-refcount-in-reorder_work.patch
  (git-fixes CVE-2025-38031 bsc#1245046).
- Update
  patches.suse/phy-tegra-xusb-Use-a-bitmask-for-UTMI-pad-power-stat.patch
  (git-fixes CVE-2025-38010 bsc#1244996).
- Update
  patches.suse/platform-x86-dell-wmi-sysman-Avoid-buffer-overflow-i.patch
  (git-fixes CVE-2025-38077 bsc#1244736).
- Update
  patches.suse/regulator-max20086-fix-invalid-memory-access.patch
  (git-fixes CVE-2025-38027 bsc#1245042).
- Update
  patches.suse/s390-pci-Fix-duplicate-pci_dev_put-in-disable_slot-w.patch
  (git-fixes bsc#1244145 CVE-2025-37946 bsc#1243506).
- Update
  patches.suse/s390-pci-fix-potential-double-remove-of-hotplug-slot.patch
  (bsc#1244145 CVE-2024-56699 bsc#1235490).
- Update
  patches.suse/sched-numa-fix-memory-leak-due-to-the-overwritten-vma-numab_state.patch
  (git fixes (sched/numa) CVE-2024-56613 bsc#1244176).
- Update
  patches.suse/serial-mctrl_gpio-split-disable_ms-into-sync-and-no_.patch
  (git-fixes CVE-2025-38040 bsc#1245078).
- Update
  patches.suse/spi-rockchip-Fix-register-out-of-bounds-access.patch
  (stable-fixes CVE-2025-38081 bsc#1244739).
- Update
  patches.suse/usb-typec-ucsi-displayport-Fix-NULL-pointer-access.patch
  (git-fixes CVE-2025-37994 bsc#1243823).
- Update
  patches.suse/vhost-scsi-Fix-handling-of-multiple-calls-to-vhost_s.patch
  (git-fixes CVE-2025-22083 bsc#1241414).
- Update
  patches.suse/wifi-cfg80211-fix-out-of-bounds-access-during-multi-.patch
  (git-fixes CVE-2025-37973 bsc#1244172).
- Update patches.suse/wifi-iwlwifi-fix-debug-actions-order.patch
  (stable-fixes CVE-2025-38045 bsc#1245083).
- Update
  patches.suse/wifi-mac80211-Set-n_channels-after-allocating-struct.patch
  (git-fixes CVE-2025-38013 bsc#1244731).
- Update
  patches.suse/wifi-mt76-disable-napi-on-driver-removal.patch
  (git-fixes CVE-2025-38009 bsc#1244995).
- commit fee1c31

- Update
  patches.suse/ASoC-soc-pcm-don-t-use-soc_pcm_ret-on-.prepare-callb.patch
  (stable-fixes CVE-2024-58077 bsc#1239090).
- Update
  patches.suse/Bluetooth-btbcm-Fix-NULL-deref-in-btbcm_get_board_na.patch
  (git-fixes CVE-2024-57988 bsc#1237910).
- Update
  patches.suse/Bluetooth-btrtl-check-for-NULL-in-btrtl_setup_realte.patch
  (git-fixes CVE-2024-57987 bsc#1237905).
- Update
  patches.suse/RDMA-bnxt_re-Add-sanity-checks-on-rdev-validity.patch
  (bsc#1237200 CVE-2025-21901 bsc#1240579).
- Update patches.suse/RDMA-rtrs-Add-missing-deinit-call.patch
  (git-fixes CVE-2025-21805 bsc#1238741).
- Update
  patches.suse/amdkfd-properly-free-gang_ctx_bo-when-failed-to-init.patch
  (git-fixes CVE-2025-21842 bsc#1239063).
- Update
  patches.suse/cxl-mem-Fix-no-cxl_nvd-during-pmem-region-auto-assem.patch
  (jsc#PED-10836 CVE-2024-41085 bsc#1228478).
- Update
  patches.suse/cxl-pci-Skip-to-handle-RAS-errors-if-CXL.mem-device-.patch
  (jsc#PED-10836 CVE-2024-26762 bsc#1230337).
- Update
  patches.suse/drm-amd-display-Fix-invalid-context-error-in-dml-hel.patch
  (git-fixes CVE-2025-37965 bsc#1244174).
- Update
  patches.suse/drm-amdgpu-init-return-value-in-amdgpu_ttm_clear_buf.patch
  (git-fixes CVE-2025-21987 bsc#1240798).
- Update
  patches.suse/drm-amdkfd-Fix-NULL-Pointer-Dereference-in-KFD-queue.patch
  (git-fixes CVE-2025-21940 bsc#1240702).
- Update
  patches.suse/drm-i915-gt-Use-spin_lock_irqsave-in-interruptible-c.patch
  (git-fixes CVE-2025-21849 bsc#1239485).
- Update
  patches.suse/drm-imagination-avoid-deadlock-on-fence-release.patch
  (git-fixes CVE-2025-21911 bsc#1240589).
- Update
  patches.suse/drm-xe-hmm-Don-t-dereference-struct-page-pointers-wi.patch
  (git-fixes CVE-2025-21939 bsc#1240710).
- Update patches.suse/drm-xe-userptr-fix-EFAULT-handling.patch
  (git-fixes CVE-2025-21880 bsc#1240170).
- Update
  patches.suse/gpu-host1x-Fix-a-use-of-uninitialized-mutex.patch
  (git-fixes CVE-2025-21824 bsc#1238478).
- Update
  patches.suse/iommu-Fix-potential-memory-leak-in-iopf_queue_remove.patch
  (git-fixes CVE-2025-21770 bsc#1238495).
- Update
  patches.suse/media-intel-ipu6-remove-cpu-latency-qos-request-on-e.patch
  (git-fixes CVE-2024-58004 bsc#1238508).
- Update
  patches.suse/net-smc-do-not-leave-a-dangling-sk-pointer-in-__smc_create.patch
  (jsc#PED-10299 bsc#1241689 CVE-2024-50293 bsc#1233482).
- Update
  patches.suse/net-smc-fix-lacks-of-icsk_syn_mss-with-IPPROTO_SMC.patch
  (jsc#PED-10299 bsc#1241689 CVE-2024-50034 bsc#1231913).
- Update
  patches.suse/powerpc-pseries-iommu-Don-t-unset-window-if-it-was-n.patch
  (jsc#PED-10539 git-fixes CVE-2025-21713 bsc#1237887).
- Update
  patches.suse/wifi-ath12k-Fix-for-out-of-bound-access-error.patch
  (bsc#1240998 CVE-2024-58015 bsc#1238995).
- Update
  patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch
  (bsc#1240998 CVE-2024-56541 bsc#1235064).
- Update
  patches.suse/wifi-iwlwifi-mvm-avoid-NULL-pointer-dereference-cf704a7.patch
  (git-fixes CVE-2024-58062 bsc#1238965).
- commit 0597d89

- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only
  (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure
  (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure
  (git-fixes).
- wifi: mac80211: fix beacon interval calculation overflow
  (git-fixes).
- commit 8d2d6ad

- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- scsi: storvsc: Don't report the host packet status as the hv status (git-fixes).
- commit cde971c

- btrfs: fix fsync of files with no hard links not persisting
  deletion (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent()
  (git-fixes).
- btrfs: simplify condition for logging new dentries at
  btrfs_log_inode_parent() (git-fixes).
- commit 9370aa3

- btrfs: fix wrong start offset for delalloc space release during
  mmap write (git-fixes).
- commit 59b0f84

- btrfs: fix invalid data space release when truncating block
  in NOCOW mode (git-fixes).
- commit b11e8b5

- btrfs: fix qgroup reservation leak on failure to allocate
  ordered extent (git-fixes).
- commit e13d6e0

- ntp: Remove invalid cast in time offset math (git-fixes)
- commit 92649f3

- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- commit 17fecee

- ntp: Safeguard against time_constant overflow (git-fixes)
- commit fb90573

- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- commit 947fc29

- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- commit f65bb99

- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- commit a87f573

- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- commit 1a57489

- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- commit dc250ae

- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- commit 4e863aa

- Refresh
  patches.kabi/kabi-restore-layout-of-struct-mem_control.patch.
- commit 5049495

- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- commit 2014732

- cgroup/cpuset: Fix race between newly created partition and
  dying one (bsc#1241166).
- cgroup/cpuset: Don't allow creation of local partition over
  a remote one (bsc#1241166).
- commit 36dffbc

- fgraph: Still initialize idle shadow stacks when starting
  (git-fixes).
- commit 1697414

- tracing/eprobe: Fix to release eprobe when failed to add
  dyn_event (git-fixes).
- commit a8fd69f

- tracing: Fix cmp_entries_dup() to respect sort() comparison
  rules (git-fixes).
- commit f73056c

- tracing: Use atomic64_inc_return() in trace_clock_counter()
  (git-fixes).
- commit 23262fc

- trace/trace_event_perf: remove duplicate samples on the first
  tracepoint event (git-fixes).
- commit b4e63e6

- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- commit 90effed

- uprobes: Use kzalloc to allocate xol area (git-fixes).
- Refresh
  patches.suse/uprobes-introduce-the-global-struct-vm_special_mapping-xol_mapping.patch.
- commit 30d8536

- bpf: abort verification if env->cur_state->loop_entry != NULL
  (CVE-2025-38060 bsc#1245155).
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch.
- commit c80eca0

- selftests/bpf: check states pruning for deeply nested iterator
  (CVE-2025-38060 bsc#1245155).
- bpf: don't do clean_live_states when state->loop_entry->branches
  > 0 (CVE-2025-38060 bsc#1245155).
- commit f0d9333

- supported.conf: support firmware_attributes_class
  We added support for hp_bioscfg in commit 23a469a682d6 and the build now
  fails:
  The following unsupported modules are used by supported modules:
  firmware_attributes_class needed by hp_bioscfg
  So support firmware_attributes_class too.
- commit 939c58c

- vmxnet3: support higher link speeds from vmxnet3 v9
  (bsc#1244626).
- commit 0aa445e

- vmxnet3: correctly report gso type for UDP tunnels
  (bsc#1244626).
- commit 44584be

- vmxnet3: update MTU after device quiesce (bsc#1244626).
- commit 14400a7

- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
  (git-fixes).
- commit 11611ac

- tracing: Fix compilation warning on arm32 (bsc#1243551).
- commit bc2f48d

- tracing: Fix oob write in trace_seq_to_buffer() (CVE-2025-37923
  bsc#1243551).
- commit ff6a777

- ata: libata-eh: Do not use ATAPI DMA for a device limited to
  PIO mode (stable-fixes).
- commit 07065f3

- bpf: copy_verifier_state() should copy 'loop_entry' field
  (CVE-2025-38060 bsc#1245155).
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch.
- commit 815fadf

- selftests/bpf: test correct loop_entry update in
  copy_verifier_state (CVE-2025-38060 bsc#1245155).
- commit b2e3449

- tracing: Fix use-after-free in print_graph_function_flags
  during tracer switching (CVE-2025-22035 bsc#1241544).
- commit b6d43f4

- bpf: Fix deadlock between rcu_tasks_trace and event_mutex
  (CVE-2025-37884 bsc#1243060).
- commit 7f690ab

- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- commit 84579a6

- kabi: restore layout of struct page_counter (jsc#PED-12551).
- commit ef34a22

- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- commit 39cb14b

- ucsi_debugfs_entry: hide signedness change (git-fixes).
- commit 154816e

- usb: typec: ucsi: fix Clang -Wsign-conversion warning
  (git-fixes).
- Refresh patches.suse/paddings-add-paddings-to-TypeC-stuff.patch.
- commit 40f2bc3

- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu
  (git-fixes).
- commit b5678d7

- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- commit 416e192

- hwmon: (peci/dimmtemp) Do not provide fake thresholds data
  (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol
  namespace (git-fixes).
- commit 53b0cf2

- Update reference for patches.suse/net_sched-sch_sfq-use-a-temporary-work-area-for-vali.patch (bsc#1242504)
- commit 8730da1

- s390/tty: Fix a potential memory leak bug (git-fixes
  bsc#1245228).
- commit e4f3ff4

- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes
  bsc#1245226).
- commit 7cf700b

- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- Refresh
  patches.suse/ceph-improve-error-handling-and-short-overflow-read-.patch.
- commit 04880f5

- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- commit e7c7fa7

- ceph: Fix incorrect flush end position calculation (git-fixes).
- commit 626f897

- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes
  bsc#1245225).
- commit 7cc3455

- iommu/amd: Fix potential buffer overflow in  parse_ivrs_acpihid
  (CVE-2025-37927 bsc#1243620).
- commit 4916f47

- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvmet-fcloop: don't wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done
  (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock
  (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport
  (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- commit 20104c4

- Remove host-memcpy-hack.h
  This might have been usefult at some point but we have more things that
  depend on specific library versions today.
- commit 0396c23

- Remove compress-vmlinux.sh
  /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in
  pesign-obs-integration during SLE12 RC. This workaround can be removed.
- commit 19caac0

- Remove try-disable-staging-driver
  The config for linux-next is autogenerated from master config, and
  defaults filled for missing options. This is unlikely to enable any
  staging driver in the first place.
- commit a6f21ed

- nvme: always punt polled uring_cmd end_io work to task_work
  (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- commit 36de06b

- platform/x86: hp-bioscfg: Removed needless asm-generic
  (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove unused obj in
  hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix error handling in
  hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: move mutex_lock() down in
  hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Simplify return check in
  hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Annotate struct bios_args with
  __counted_by (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019).
- platform/x86: hp-bioscfg: Update steps order list elements
  are evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc +
  memcpy (jsc#PED-13019).
- platform/x86: hp-bioscfg: Remove duplicate use of variable in
  inner loop (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how password encoding size
  is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how enum possible values size
  is evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how order list size is
  evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Change how prerequisites size is
  evaluated (jsc#PED-13019).
- platform/x86: hp-bioscfg: Replace the word HACK from source code
  (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix uninitialized variable errors
  (jsc#PED-13019).
- platform/x86: hp-bioscfg: Fix memory leaks in attribute packages
  (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix error reporting in
  hp_add_other_attributes() (jsc#PED-13019).
- platform/x86: hp-bioscfg: prevent a small buffer overflow
  (jsc#PED-13019).
- platform/x86: hp-bioscfg: fix a signedness bug in
  hp_wmi_perform_query() (jsc#PED-13019).
- platform/x86: hp-bioscfg: Makefile (jsc#PED-13019).
- Update config files. (HP_BIOSCFG=m)
- supported.conf: add it
- platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019).
- platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019).
- platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019).
- commit 9e16bbb

- net/tls: fix kernel panic when alloc_page failed (CVE-2025-38018
  bsc#1244999).
- commit 1124110

- espintcp: fix skb leaks (CVE-2025-38057 bsc#1244862).
- commit dffbfd5

- nvme: fix command limits status code (git-fixes).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44
  Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- commit 990928c

- sunrpc: handle SVC_GARBAGE during svc auth processing as auth
  error (git-fixes).
- commit afe6d07

- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).
- commit 2684d30

- x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes).
- commit ecc04e3

- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- commit 73bb23d

- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward  declaration (git-fixes).
- commit c818693

- x86/microcode/AMD: Merge early_apply_microcode() into its single  callsite (git-fixes).
- commit 761df14

- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section()  signature (git-fixes).
- commit d6c2d35

- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- commit d0fff01

- scsi: iscsi: Fix incorrect error path labels for flashnode
  operations (git-fixes).
- md/raid1,raid10: don't handle IO error for REQ_RAHEAD and
  REQ_NOWAIT (git-fixes).
- commit cbd3a76

- PCI/PM: Set up runtime PM even for devices without PCI PM
  (git-fixes).
- commit 871b129

- drm/xe: Fix memset on iomem (git-fixes).
- drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes).
- drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes).
- commit 68c42f4

- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA
  (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock
  (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning
  (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled
  (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
  (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- commit 3df7edd

- libnvdimm/labels: Fix divide error in nd_label_data_init()
  (bsc#1244743, CVE-2025-38072).
- commit 42a394c

- kabi: restore layout of struct mem_control (jsc#PED-12551).
- commit e948e2e

- mm, memcg: cg2 memory{.swap,}.peak write handlers
  (jsc#PED-12551).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2
  memcg (jsc#PED-12551).
- commit 97c4d37

- wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850
  (git-fixes).
- wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes).
- commit 0aa272e

- can: tcan4x5x: fix power regulator retrieval during probe
  (git-fixes).
- commit 5798451

- wifi: carl9170: do not ping device which has failed to load
  firmware (git-fixes).
- NFC: nci: uart: Set tty->disc_data only in success path
  (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage
  (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- wifi: ath11k: move some firmware stats related functions
  outside of debugfs (git-fixes).
- wifi: ath11k: don't wait when there is no vdev started
  (git-fixes).
- wifi: ath11k: don't use static variables in
  ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: avoid burning CPU in
  ath11k_debugfs_fw_stats_request() (git-fixes).
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB
  (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage
  device (stable-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE
  (stable-fixes).
- thunderbolt: Do not double dequeue a configuration request
  (stable-fixes).
- rtc: Make rtc_time64_to_tm() support dates before 1970
  (stable-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES
  (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data
  (stable-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single()
  (stable-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies()
  (stable-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission
  (stable-fixes).
- commit d77b71f

- Update patches.suse/ALSA-pcm-Fix-race-of-buffer-access-at-PCM-OSS-layer.patch
  (CVE-2025-38078 bsc#1244737).
- commit 9ad878b

- workqueue: Initialize wq_isolated_cpumask in
  workqueue_init_early() (bsc#1245101 jsc#PED-11934).
- commit cf8ea05

- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr()
  (git-fixes).
- commit 1a53756

- net/sched: fix use-after-free in taprio_dev_notifier
  (git-fixes).
- commit bd7e23e

- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- commit c8863c2

- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- commit 8dd49d3

- net_sched: red: fix a race in __red_change() (git-fixes).
- commit eb63704

- net_sched: prio: fix a race in prio_tune() (git-fixes).
- commit 2898595

- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- commit 11af7b7

- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- commit 9bf44e9

- Update patches.suse/dlm-mask-sk_shutdown-value.patch
  (bsc#1241278).
- Update patches.suse/dlm-use-SHUT_RDWR-for-SCTP-shutdown.patch
  (bsc#1241278).
  Original bsc number was wrong. Fix it.
- commit 37c9443

- net_sched: hfsc: Address reentrant enqueue adding class to
  eltree twice (CVE-2025-38001 bsc#1244234).
- commit 6a31481

- packaging: Add support for suse-kabi-tools
  The current workflow to check kABI stability during the RPM build of SUSE
  kernels consists of the following steps:
  * The downstream script rpm/modversions unpacks the consolidated kABI
  symtypes reference data from kabi/<arch>/symtypes-<flavor> and creates
  individual symref files.
  * The build performs a regular kernel make. During this operation, genksyms
  is invoked for each source file. The tool determines type signatures of
  all exports within the file, reports any differences compared to the
  associated symref reference, calculates symbol CRCs from the signatures
  and writes new type data into a symtypes file.
  * The script rpm/modversions is invoked again, this time it packs all new
  symtypes files to a consolidated kABI file.
  * The downstream script rpm/kabi.pl checks symbol CRCs in the new build and
  compares them to a reference from kabi/<arch>/symvers-<flavor>, taking
  kabi/severities into account.
  suse-kabi-tools is a new set of tools to improve the kABI checking process.
  The suite includes two tools, ksymtypes and ksymvers, which replace the
  existing scripts rpm/modversions and rpm/kabi.pl, as well as the comparison
  functionality previously provided by genksyms. The tools have their own
  source repository and package.
  The tools provide faster operation and more detailed, unified output. In
  addition, they allow the use of the new upstream tool gendwarfksyms, which
  lacks any built-in comparison functionality.
  The updated workflow is as follows:
  * The build performs a regular kernel make. During this operation, genksyms
  (gendwarfksyms) is invoked as usual, determinining signatures and CRCs of
  all exports and writing the type data to symtypes files. However,
  genksyms no longer performs any comparison.
  * 'ksymtypes consolidate' packs all new symtypes files to a consolidated
  kABI file.
  * 'ksymvers compare' checks symbol CRCs in the new build and compares them
  to a reference from kabi/<arch>/symvers-<flavor>, taking kabi/severities
  into account. The tool writes its result in a human-readable form on
  standard output and also writes a list of all changed exports (not
  ignored by kabi/severities) to the changed-exports file.
  * 'ksymtypes compare' takes the changed-exports file, the consolidated kABI
  symtypes reference data from kabi/<arch>/symtypes-<flavor> and the new
  consolidated data. Based on this data, it produces a detailed report
  explaining why the symbols changed.
  The patch enables the use of suse-kabi-tools via rpm/config.sh, providing
  explicit control to each branch. To enable the support, set
  USE_SUSE_KABI_TOOLS=Yes in the config file.
- commit a2c6f89

- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- commit 5432961

- platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes).
- commit eaf3f3e

- platform/x86: ideapad-laptop: use usleep_range() for EC polling
  (git-fixes).
- commit 1373cac

- platform/x86: dell_rbu: Stop overwriting data buffer
  (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle
  (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info
  is NULL (git-fixes).
- commit 4eb007c

- platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094).
- commit 7e90eae

- platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094).
- commit c34bfd9

- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync
  (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_conn: Fix UAF Write in
  __hci_acl_create_connection_sync (git-fixes).
- commit cc24dff

- Bluetooth: hci_event: Fix not using key encryption size when
  its known (git-fixes).
- Bluetooth: Remove pending ACL connection attempts
  (stable-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially
  (stable-fixes).
- commit 45b89a8

- platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094).
- commit 3fa9047

- platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp  modules (jsc#PED-13094).
- commit b70cb9c

- platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094).
- Refresh
  patches.suse/x86-platform-amd-Move-the-asm-amd_hsmp.h-header-to-asm-amd.patch.
- commit e869dba

- x86/platform/amd: Move the <asm/amd_hsmp.h> header to <asm/amd/hsmp.h> (jsc#PED-13094).
- commit b780fd8

- x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094).
- commit bea8590

- kernel-source: Remove log.sh from sources
- commit 96bd779

- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO
  EEH recovery (bsc#1215199).
- commit 8ae69e3

- platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094).
- commit 379d9d8

- platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094).
- commit 66e3f77

- platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094).
- commit 2dee567

- platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094).
- Update config files.
- Refresh
  patches.suse/platform-x86-amd-amd_3d_vcache-Add-AMD-3D-V-Cache-optimize.patch.
- commit ffd3128

- platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094).
- commit 915a3f7

- platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094).
- commit 783665d

- platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094).
- commit 05a6a05

- platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094).
- commit bfb5c2a

- platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094).
- commit 9f08011

- platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094).
- commit b6c3243

- platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094).
- Refresh
  patches.suse/platform-x86-amd-amd_3d_vcache-Add-AMD-3D-V-Cache-optimize.patch.
- commit 9dae3f7

- x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094).
- commit a3ccd34

- x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094).
- commit d16a516

- ima: Suspend PCR extends and log appends when rebooting
  (bsc#1210025 ltc#196650).
- commit 25c308f

- wifi: ath12k: Prevent sending WMI commands to firmware during
  firmware crash (bsc#1240998).
- wifi: ath12k: Resolve multicast packet drop by populating
  key_cipher in ath12k_install_key() (bsc#1240998).
- commit eceaca4

- x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094).
- commit c48ff26

- x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094).
- commit fe719a3

- x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094).
- commit 72c9a97

- x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094).
- commit 66ca957

- x86/amd_nb: Simplify root device search (jsc#PED-13094).
- commit ec70dba

- x86/amd_nb: Simplify function 4 search (jsc#PED-13094).
- commit 60f7dbe

- x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094).
- commit 03a65bb

- x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094).
- commit 300fc20

- x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094).
- commit 00ad037

- x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094).
- commit daa6443

- platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094).
- commit 0e11b2e

- platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094).
- commit ea1af9f

- platform/x86/amd/hsmp: Change the error type (jsc#PED-13094).
- commit a7ed99b

- platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094).
- commit 5e1eefb

- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used
  (git-fixes).
- regulator: max20086: Fix refcount leak in
  max20086_parse_regulators_dt() (git-fixes).
- commit 5b8c5a3

- scsi: dc395x: Remove leftover if statement in reselect()
  (git-fixes).
- commit c259874

- loop: add file_start_write() and file_end_write() (git-fixes).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk
  (git-fixes).
- scsi: qedf: Use designated initializer for struct
  qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT
  ZONES buffer (git-fixes).
- scsi: mpi3mr: Add level check to control event logging
  (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT
  (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails
  (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- commit 6dba36f

- scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to
  return IOC pointer (git-fixes).
- scsi: smartpqi: Fix smp_processor_id() call trace for
  preemptible kernels (git-fixes).
- commit 26561f1

- x86/mm/init: Handle the special case of device private
  pages in add_pages(), to not increase max_pfn and trigger
  dma_addressing_limited() bounce buffers (git-fixes).
- commit d67c7bf

- PCI/MSI: Size device MSI domain with the maximum number of
  vectors (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from
  rockchip_pcie_link_up() (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback
  (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned
  size (git-fixes).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as
  aligned size (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
  (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and
  no_sync APIs (git-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- commit 67e24e5

- Revert "wifi: mwifiex: Fix HT40 bandwidth issue." (git-fixes).
- Bluetooth: eir: Fix possible crashes on eir_create_adv_data
  (git-fixes).
- Bluetooth: btintel_pcie: Reduce driver buffer posting to
  prevent race condition (git-fixes).
- Bluetooth: btintel_pcie: Increase the tx and rx descriptor count
  (git-fixes).
- Bluetooth: btintel_pcie: Fix driver not posting maximum rx
  buffers (git-fixes).
- ptp: ocp: fix start time alignment in ptp_ocp_signal_set
  (git-fixes).
- ptp: ocp: reject unsupported periodic output flags (git-fixes).
- commit 7815601

- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- commit bcd5c33

- wifi: ath11k: validate ath11k_crypto_mode on top of
  ath11k_core_qmi_firmware_ready (git-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery
  (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing
  instance (git-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data
  (git-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write
  access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access
  (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
  (git-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage
  (git-fixes).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
  (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- commit d9ecc09

- wifi: ath12k: fix key cache handling (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol
  'ret' (bsc#1240998).
- wifi: ath12k: Fix for out-of bound access error (bsc#1240998).
- commit 8ff94a8

- wifi: ath12k: fix A-MSDU indication in monitor mode
  (bsc#1240998).
- wifi: ath12k: use tail MSDU to get MSDU information
  (bsc#1240998).
- commit e2172a0

- wifi: ath12k: modify link arvif creation and removal for MLO
  (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch.
- commit 923a9a5

- wifi: ath12k: delete NSS and TX power setting for monitor vdev
  (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info
  (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998).
- wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats
  (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_present
  (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO
  (bsc#1240998).
- wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO
  (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_op_set_key() for MLO
  (bsc#1240998).
- commit 875025b

- wifi: ath12k: prepare vif data structure for MLO handling
  (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-Handle-error-cases-during-extended-skb-a.patch.
- Refresh
  patches.suse/wifi-ath12k-fix-tx-power-max-reg-power-update-to-fir.patch.
- commit d3bc90b

- wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO
  (bsc#1240998).
- wifi: ath12k: modify ath12k_get_arvif_iter() for MLO
  (bsc#1240998).
- wifi: ath12k: modify ath12k_mac_vif_chan() for MLO
  (bsc#1240998).
- wifi: ath12k: prepare vif config caching for MLO (bsc#1240998).
- wifi: ath12k: prepare sta data structure for MLO handling
  (bsc#1240998).
- wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif
  (bsc#1240998).
- wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998).
- wifi: ath12k: Support Pdev Scheduled Algorithm Stats
  (bsc#1240998).
- wifi: ath12k: Support DMAC Reset Stats (bsc#1240998).
- commit 45b89e0

- Update config files: set CONFIG_ATH12K_COREDUMP=n
- commit 6743252

- wifi: ath12k: switch to using wiphy_lock() and remove
  ar->conf_mutex (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-fix-node-corruption-in-ar-arvifs-list.patch.
- Refresh
  patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch.
- commit e4becf9

- wifi: ath12k: Add firmware coredump collection support
  (bsc#1240998).
- wifi: ath12k: add missing lockdep_assert_wiphy() for
  ath12k_mac_op_ functions (bsc#1240998).
- wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk
  cancellation (bsc#1240998).
- wifi: ath12k: ath12k_mac_set_key(): remove exit label
  (bsc#1240998).
- wifi: ath12k: cleanup unneeded labels (bsc#1240998).
- wifi: ath12k: convert struct ath12k_sta::update_wk to use
  struct wiphy_work (bsc#1240998).
- wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998).
- wifi: ath12k: Support pdev CCA Stats (bsc#1240998).
- wifi: ath12k: Support pdev Transmit Multi-user stats
  (bsc#1240998).
- wifi: ath12k: Support Ring and SFM stats (bsc#1240998).
- wifi: ath12k: Support Self-Generated Transmit stats
  (bsc#1240998).
- wifi: ath12k: Modify print_array_to_buf() to support arrays
  with 1-based semantics (bsc#1240998).
- wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp
  (bsc#1240998).
- wifi: ath12k: make read-only array svc_id static const
  (bsc#1240998).
- commit 52faf57

- sch_hfsc: Fix qlen accounting bug when using peek in
  hfsc_enqueue() (CVE-2025-38000 bsc#1244277).
- commit ffb9ab4

- thunderbolt: Improve redrive mode handling (git-fixes).
- commit 9923d39

- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- commit 8196566

- wifi: ath12k: Handle error cases during extended skb allocation
  (git-fixes).
- wifi: ath12k: fix read pointer after free in
  ath12k_mac_assign_vif_to_vdev() (git-fixes CVE-2024-57995
  bsc#1237895).
- commit f9ec810

- wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998).
- wifi: ath12k: Add missing htt_metadata flag in ath12k_dp_tx()
  (bsc#1240998).
- wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path
  (bsc#1240998).
- wifi: ath12k: fix one more memcpy size error (bsc#1240998).
- wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()
  (bsc#1240998).
- commit 911b319

- wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings
  (bsc#1240998).
- wifi: ath12k: fix the stack frame size warning in
  ath12k_mac_op_hw_scan (bsc#1240998).
- commit 00bca74

- wifi: ath12k: restore ASPM for supported hardwares only
  (bsc#1240998).
- commit 32459d7

- wifi: ath12k: Support Transmit DE stats (bsc#1240998).
- wifi: ath12k: use 128 bytes aligned iova in transmit path for
  WCN7850 (bsc#1240998).
- wifi: ath12k: fix reusing outside iterator in
  ath12k_wow_vif_set_wakeups() (bsc#1240998).
- wifi: ath12k: fix build vs old compiler (bsc#1240998).
- wifi: ath12k: Support TQM stats (bsc#1240998).
- wifi: ath12k: Support pdev error stats (bsc#1240998).
- wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998).
- wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998).
- commit 55670c2

- Revert "ipv6: save dontfrag in cork (git-fixes)."
  This reverts commit d3fe600164867bd0529ed1049fbd53ca9fce2eaf.
  See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/
  and https://bugzilla.suse.com/show_bug.cgi?id=1244313.
- commit b9e7a4e

- wifi: ath12k: Add support to parse requested stats_type
  (bsc#1240998).
- wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998).
- wifi: ath12k: Add support to enable debugfs_htt_stats
  (bsc#1240998).
- wifi: ath12k: fix driver initialization for WoW unsupported
  devices (bsc#1240998).
- wifi: ath12k: Fix pdev id sent to firmware for single phy
  devices (bsc#1240998).
- wifi: ath12k: handle keepalive during WoWLAN suspend and resume
  (bsc#1240998).
- wifi: ath12k: support GTK rekey offload (bsc#1240998).
- wifi: ath12k: support ARP and NS offload (bsc#1240998).
- wifi: ath12k: implement hardware data filter (bsc#1240998).
- wifi: ath12k: add WoW net-detect functionality (bsc#1240998).
- wifi: ath12k: add basic WoW functionalities (bsc#1240998).
- wifi: ath12k: implement WoW enable and wakeup commands
  (bsc#1240998).
- wifi: ath12k: add ATH12K_DBG_WOW log level (bsc#1240998).
- wifi: ath12k: fix mbssid max interface advertisement
  (bsc#1240998).
- wifi: ath12k: fix legacy peer association due to missing HT
  or 6 GHz capabilities (bsc#1240998).
- wifi: ath12k: fix NULL pointer access in
  ath12k_mac_op_get_survey() (bsc#1240998).
- wifi: ath12k: Remove unused ath12k_base from ath12k_hw
  (bsc#1240998).
- wifi: ath12k: Fix WARN_ON during firmware crash in split-phy
  (bsc#1240998).
- wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry
  (bsc#1240998).
- wifi: ath12k: unregister per pdev debugfs (bsc#1240998).
- commit 0bd0160

- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
  This reverts commit cbc81e238815721048ac709726467c90981753c9.
  See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/
  and https://bugzilla.suse.com/show_bug.cgi?id=1244313.
- commit 38d0091

- wifi: ath12k: fix per pdev debugfs registration (bsc#1240998).
- wifi: ath12k: avoid unnecessary MSDU drop in the Rx error
  process (bsc#1240998).
- wifi: ath12k: fix ACPI warning when resume (bsc#1240998).
- wifi: ath12k: modify remain on channel for single wiphy
  (bsc#1240998).
- wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998).
- wifi: ath12k: add panic handler (bsc#1240998).
- wifi: ath12k: do not process consecutive RDDM event
  (bsc#1240998).
- wifi: ath12k: Fix devmem address prefix when logging
  (bsc#1240998).
- wifi: ath12k: improve the rx descriptor error information
  (bsc#1240998).
- wifi: ath12k: refactor rx descriptor CMEM configuration
  (bsc#1240998).
- wifi: ath12k: fix Smatch warnings on ath12k_core_suspend()
  (bsc#1240998).
- wifi: ath12k: dynamic VLAN support (bsc#1240998).
- wifi: ath12k: fix ack signal strength calculation (bsc#1240998).
- wifi: ath12k: use correct MAX_RADIOS (bsc#1240998).
- wifi: ath12k: remove duplicate definition of MAX_RADIOS
  (bsc#1240998).
- wifi: ath12k: remove redundant peer delete for WCN7850
  (bsc#1240998).
- wifi: ath12k: skip sending vdev down for channel switch
  (bsc#1240998).
- wifi: ath12k: add EMA beacon support (bsc#1240998).
- wifi: ath12k: add MBSSID beacon support (bsc#1240998).
- wifi: ath12k: refactor arvif security parameter configuration
  (bsc#1240998).
- commit 187e02f

- wifi: ath12k: advertise driver capabilities for MBSSID and EMA
  (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-fix-peer-metadata-parsing.patch.
- commit 9bb543e

- wifi: ath12k: allocate dummy net_device dynamically
  (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-Avoid-napi_sync-before-napi_enable.patch.
- commit 6102136

- wifi: ath12k: configure MBSSID parameters in AP mode
  (bsc#1240998).
- wifi: ath12k: create a structure for WMI vdev up parameters
  (bsc#1240998).
- wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd
  (bsc#1240998).
- wifi: ath12k: configure MBSSID params in vdev create/start
  (bsc#1240998).
- wifi: ath12k: support SMPS configuration for 6 GHz
  (bsc#1240998).
- wifi: ath12k: refactor SMPS configuration (bsc#1240998).
- wifi: ath12k: add 6 GHz params in peer assoc command
  (bsc#1240998).
- wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998).
- wifi: ath12k: add channel 2 into 6 GHz channel list
  (bsc#1240998).
- wifi: ath12k: fix misspelling of "dma" in num_rxmda_per_pdev
  (bsc#1240998).
- wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998).
- wifi: ath12k: remove invalid peer create logic (bsc#1240998).
- wifi: ath12k: avoid duplicated vdev down (bsc#1240998).
- wifi: ath12k: remove unused variable monitor_flags
  (bsc#1240998).
- wifi: ath12k: Remove unused tcl_*_ring configuration
  (bsc#1240998).
- wifi: ath12k: Remove unsupported tx monitor handling
  (bsc#1240998).
- wifi: ath12k: fix calling correct function for rx monitor mode
  (bsc#1240998).
- wifi: ath12k: add multi device support for WBM idle ring buffer
  setup (bsc#1240998).
- commit ea4159d

- wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-fix-firmware-crash-during-reo-reinject.patch.
- commit 3c261ef

- wifi: ath12k: Introduce device index (bsc#1240998).
- wifi: ath12k: Replace "chip" with "device" in hal Rx return
  buffer manager (bsc#1240998).
- wifi: ath12k: Add lock to protect the hardware state
  (bsc#1240998).
- wifi: ath12k: Refactor the hardware state (bsc#1240998).
- wifi: ath12k: Refactor the hardware recovery procedure
  (bsc#1240998).
- wifi: ath12k: fix flush failure in recovery scenarios
  (bsc#1240998).
- wifi: ath12k: set mlo_capable_flags based on QMI PHY capability
  (bsc#1240998).
- wifi: ath12k: read single_chip_mlo_support parameter from QMI
  PHY capability (bsc#1240998).
- wifi: ath12k: add support to handle beacon miss for WCN7850
  (bsc#1240998).
- wifi: ath12k: ACPI band edge channel power support
  (bsc#1240998).
- wifi: ath12k: ACPI CCA threshold support (bsc#1240998).
- wifi: ath12k: ACPI SAR support (bsc#1240998).
- wifi: ath12k: ACPI TAS support (bsc#1240998).
- wifi: ath12k: change supports_suspend to true for WCN7850
  (bsc#1240998).
- wifi: ath12k: support suspend/resume (bsc#1240998).
- wifi: ath12k: avoid stopping mac80211 queues in
  ath12k_core_restart() (bsc#1240998).
- wifi: ath12k: no need to handle pktlog during suspend/resume
  (bsc#1240998).
- wifi: ath12k: flush all packets before suspend (bsc#1240998).
- commit 9a64ae8

- wifi: ath12k: decrease MHI channel buffer length to 8KB
  (bsc#1240998).
- wifi: ath12k: fix warning on DMA ring capabilities event
  (bsc#1240998).
- wifi: ath12k: do not dump SRNG statistics during resume
  (bsc#1240998).
- wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998).
- wifi: ath12k: rearrange IRQ enable/disable in reset path
  (bsc#1240998).
- wifi: ath12k: Refactor data path cmem init (bsc#1240998).
- wifi: ath12k: displace the Tx and Rx descriptor in cookie
  conversion table (bsc#1240998).
- wifi: ath12k: Refactor the hardware cookie conversion init
  (bsc#1240998).
- wifi: ath12k: avoid redundant code in Rx cookie conversion init
  (bsc#1240998).
- wifi: ath12k: don't use %pK in dmesg format strings
  (bsc#1240998).
- wifi: ath12k: enable service flag for survey dump stats
  (bsc#1240998).
- wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998).
- wifi: ath12k: dynamically update peer puncturing bitmap for STA
  (bsc#1240998).
- wifi: ath12k: fix mac id extraction when MSDU spillover in rx
  error path (bsc#1240998).
- wifi: ath12k: support get_survey mac op for single wiphy
  (bsc#1240998).
- wifi: ath12k: Modify rts threshold mac op for single wiphy
  (bsc#1240998).
- wifi: ath12k: Modify set and get antenna mac ops for single
  wiphy (bsc#1240998).
- wifi: ath12k: modify regulatory support for single wiphy
  architecture (bsc#1240998).
- wifi: ath12k: Add additional checks for vif and sta iterators
  (bsc#1240998).
- wifi: ath12k: Cache vdev configs before vdev create
  (bsc#1240998).
- commit ea1744e

- wifi: ath12k: vdev statemachine changes for single wiphy
  (bsc#1240998).
- Refresh
  patches.suse/wifi-ath12k-fix-peer-metadata-parsing.patch.
- commit ab212a6

- wifi: ath12k: modify ath12k mac start/stop ops for single wiphy
  (bsc#1240998).
- Refresh
  patches.suse/wifi-mac80211-inform-the-low-level-if-drv_stop-is-a-.patch.
- commit 0a8727c

- wifi: ath12k: add multiple radio support in a single MAC HW
  un/register (bsc#1240998).
- Refresh
  patches.suse/wifi-mac80211-inform-the-low-level-if-drv_stop-is-a-.patch.
- commit 5897b5c

- wifi: ath12k: fetch correct radio based on vdev status
  (bsc#1240998).
- wifi: ath12k: scan statemachine changes for single wiphy
  (bsc#1240998).
- wifi: ath12k: Modify add and remove chanctx ops for single
  wiphy support (bsc#1240998).
- wifi: ath12k: correct the capital word typo (bsc#1240998).
- wifi: ath12k: fix link capable flags (bsc#1240998).
- wifi: ath12k: extend the link capable flag (bsc#1240998).
- wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation
  (bsc#1240998).
- wifi: ath12k: fix missing endianness conversion in
  wmi_vdev_create_cmd() (bsc#1240998).
- wifi: ath12k: debugfs: radar simulation support (bsc#1240998).
- wifi: ath12k: initial debugfs support (bsc#1240998).
- wifi: ath12k: Refactor error handler of Rxdma replenish
  (bsc#1240998).
- wifi: ath12k: Optimize the lock contention of used list in Rx
  data path (bsc#1240998).
- wifi: ath12k: Refactor Rxdma buffer replinish argument
  (bsc#1240998).
- wifi: ath12k: remove duplicate definitions in wmi.h
  (bsc#1240998).
- wifi: ath12k: fix desc address calculation in wbm tx completion
  (bsc#1240998).
- wifi: ath12k: remove obsolete struct wmi_start_scan_arg
  (bsc#1240998).
- commit 56d49fd

- kABI fix for net: Remove RTNL dance for SIOCBRADDIF and
  SIOCBRDELIF (CVE-2025-22111 bsc#1241572).
- commit edfd43c

- page_pool: avoid infinite loop to schedule delayed worker
  (CVE-2025-37859 bsc#1243051).
- commit b8f1dfd

- tipc: fix memory leak in tipc_link_xmit (CVE-2025-37757 bsc#1242521)
- commit 48e0415

- struct usci: hide additional member (git-fixes).
- commit 1b8456a

- net_sched: Flush gso_skb list too during ->change()
  (CVE-2025-37992 bsc#1243698).
- netfilter: ipset: fix region locking in hash types
  (CVE-2025-37997 bsc#1243832).
- ipvs: fix uninit-value for saddr in do_output_route4
  (CVE-2025-37961 bsc#1243523).
- net: dsa: free routing table on probe failure (CVE-2025-37786
  bsc#1242725).
- net: tls: explicitly disallow disconnect (CVE-2025-37756
  bsc#1242515).
- net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF
  (CVE-2025-22111 bsc#1241572).
- vlan: enforce underlying device type (CVE-2025-21920
  bsc#1240686).
- xfrm: delete intermediate secpath entry in packet offload mode
  (CVE-2025-21720 bsc#1238859).
- xfrm: state: fix out-of-bounds read during lookup
  (CVE-2024-57982 bsc#1237913).
- rxrpc: Fix handling of received connection abort (CVE-2024-58053
  bsc#1238982).
- commit d3e755f

- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
  Return the correct upper limit of the allocated cpumask.
  modified:
  - patches.suse/lib-group_cpus-honor-housekeeping-config-when-grouping.patch
  - patches.suse/lib-group_cpus-let-group_cpu_evenly-return-number.patch
- commit 092bf4a

- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- commit 24d5250

- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- commit 28d162e

- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- commit 9dd3301

- xen/x86: fix initial memory balloon target (git-fixes).
- commit 7e938b1

- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt
  3 dock (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in
  snd_usb_power_domain_set() (git-fixes).
- commit 9d209cd

- ALSA: usb-audio: Rename Pioneer mixer channel controls
  (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names
  (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in
  parse_clock_source_unit (stable-fixes).
- commit e8737ac

- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI
  1.0 entry (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs
  (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- commit 498a796

- Revert "ALSA: usb-audio: Skip setting clock selector for single
  connections" (stable-fixes).
- Refresh
  patches.suse/ALSA-usb-audio-Ignore-clock-selector-errors-for-sing.patch.
- Refresh
  patches.suse/ALSA-usb-audio-Support-multiple-control-interfaces.patch.
- commit d0138e9

- ALSA: usb-audio: Support read-only clock selector control
  (stable-fixes).
- Refresh
  patches.suse/ALSA-usb-audio-Ignore-clock-selector-errors-for-sing.patch.
- Refresh
  patches.suse/ALSA-usb-audio-Support-multiple-control-interfaces.patch.
- commit ee97bec

- ALSA: usb-audio: Skip setting clock selector for single
  connections (stable-fixes).
- Refresh
  patches.suse/ALSA-usb-audio-Ignore-clock-selector-errors-for-sing.patch.
- Refresh
  patches.suse/ALSA-usb-audio-Support-multiple-control-interfaces.patch.
- commit 7326e0b

- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1
  (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c
  within 1810c file (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces
  (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface()
  (stable-fixes).
- commit d4a0ce3

- wifi: ath11k: update channel list in worker when wait flag is
  set (bsc#1243847).
- commit 4cfebaa

- net: lan743x: Fix memleak issue when GSO enabled (CVE-2025-37909
  bsc#1243467).
- vxlan: vnifilter: Fix unlocked deletion of default FDB entry
  (CVE-2025-37921 bsc#1243480).
- commit 788c92a

- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT
  (git-fixes).
- commit 4df631e

- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04
  (git-fixes).
- commit ba2db88

- module: ensure that kobject_put() is safe for module type kobjects (CVE-2025-37995 bsc#1243827)
- commit 6979c9a

- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- commit 7c95ae0

- x86/xen: fix balloon target initialization for PVH dom0
  (git-fixes).
- commit ad18aba

- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap()
  (bsc#1244309 ltc#213790).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace
  mmap (bsc#1244309 ltc#213790).
- commit 2d4ad48

- tracing: Verify event formats that have "%*p.." (CVE-2025-37938
  bsc#1243544).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- commit c705d1d

- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- Refresh
  patches.suse/fbdev-efifb-Register-sysfs-groups-through-driver-cor.patch.
- commit 0c56458

- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- commit 7d2ce51

- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- commit bfdc372

- MyBS: Do not build kernel-obs-qa with limit_packages
  Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild")
- commit f4c6047

- MyBS: Simplify qa_expr generation
  Start with a 0 which makes the expression valid even if there are no QA
  repositories (currently does not happen). Then separator is always
  needed.
- commit e4c2851

- MyBS: Correctly generate build flags for non-multibuild package limit
  (bsc# 1244241)
  Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build")
- commit 27588c9

- bs-upload-kernel: Pass limit_packages also on multibuild
  Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build")
  Fixes: 747f601d4156 ("bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)")
- commit 8ef486c

- ftrace: Avoid potential division by zero in function_stat_show()
  (CVE-2025-21898 bsc#1240610).
- commit d476f96

- tracing: Fix bad hist from corrupting named_triggers list
  (CVE-2025-21899 bsc#1240577).
- commit 60219e4

- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- commit 647b2f4

- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- commit ca42766

- nfsd: Initialize ssc before laundromat_work to prevent NULL
  dereference (git-fixes).
- commit 153c2a2

- nfsd: validate the nfsd_serv pointer before calling svc_wake_up
  (git-fixes).
- commit af8b93e

- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries
  in the encode buffer (git-fixes).
- commit 91b6192

- jffs2: check jffs2_prealloc_raw_node_refs() result in few
  other places (git-fixes).
- commit 254a145

- jffs2: check that raw node were preallocated before writing
  summary (git-fixes).
- commit 4a6701a

- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- commit ae818bc

- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- commit dcdd8b6

- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- commit 65dff7c

- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- commit 662ffcd

- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- commit 15bb5b3

- blacklist.conf: Disable fineibt part of ITS mitigation
- Refresh
  patches.suse/x86-its-Enumerate-Indirect-Target-Selection-ITS-bug.patch.
- commit cedb857

- xsk: fix an integer overflow in xp_create_and_assign_umem()
  (bsc#1240823 CVE-2025-21997).
- commit 931fc27

- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dlm: mask sk_shutdown value (bsc#1228854).
- commit 730d8cf

- drm/xe: Rework eviction rejection of bound external bos
  (git-fixes).
- commit 939c62a

- ASoC: ti: omap-hdmi: Re-add dai_link->platform to fix card init
  (git-fixes).
- commit e678093

- ASoC: Intel: avs: Verify content returned by parse_int_array()
  (git-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX
  (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- commit 7d227ae

- Move upstreamed iommu patch into sorted section
- commit f4c105a

- Move upstreamed crypto patches into sorted section
- commit 9df372d

- drm/xe: remove unmatched xe_vm_unlock() from
  __xe_exec_queue_init() (git-fixes).
- commit 5e0c63a

- usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous
  work (git-fixes).
- tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git-fixes).
- sysfb: Fix screen_info type check for VGA (git-fixes).
- accel/ivpu: Use dma_resv_lock() instead of a custom mutex
  (git-fixes).
- drm/panel-simple: fix the warnings for the Evervision VGG644804
  (git-fixes).
- accel/ivpu: Improve buffer object logging (git-fixes).
- dummycon: Trigger redraw when switching consoles with deferred
  takeover (git-fixes).
- drm/xe: Create LRC BO without VM (git-fixes).
- drm/xe/sched: stop re-submitting signalled jobs (git-fixes).
- drm/xe/vm: move rebind_work init earlier (git-fixes).
- drm/i915/guc: Handle race condition where wakeref count drops
  below 0 (git-fixes).
- drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP
  (git-fixes).
- drm/i915/guc: Check if expecting reply before decrementing
  outstanding_submission_g2h (git-fixes).
- drm/xe: Make xe_gt_freq part of the Documentation (git-fixes).
- commit 5cf14c5

- Update video patch to the upstream version (bsc#1240696).
- commit 8af5790

- Move upstreamed patches into sorted section
- commit 022730e

- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- regulator: max14577: Add error check for max14577_read_reg()
  (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl
  (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event
  (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them
  after reset (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx()
  (git-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management
  in probe (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
  (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe()
  (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per
  datasheet (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and
  vmci_ctx_unset_notify (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign
  (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR
  (git-fixes).
- drm/amd/display: Add null pointer check for
  get_first_active_display() (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1
  (git-fixes).
- commit def2214

- s390/pci: Serialize device addition and removal (bsc#1244145).
- commit f1ae730

- s390/pci: Allow re-add of a reserved but not yet removed device
  (bsc#1244145).
- commit a73fcdb

- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- commit 136fe4f

- s390/pci: Remove redundant bus removal and disable from
  zpci_release_device() (bsc#1244145).
- commit 9bbc219

- s390/pci: Fix potential double remove of hotplug slot
  (bsc#1244145).
- commit 9714d95

- s390/pci: remove hotplug slot when releasing the device
  (bsc#1244145).
- commit 1415bb1

- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when
  PF has child VFs (git-fixes bsc#1244145).
- commit 3430d11

- s390/pci: introduce lock to synchronize state of zpci_dev's
  (jsc#PED-10253 bsc#1244145).
- Refresh
  patches.suse/s390-pci-Fix-leak-of-struct-zpci_dev-when-zpci_add_device-fails.patch.
- Refresh
  patches.suse/s390-pci-Sort-PCI-functions-prior-to-creating-virtual-busses.patch.
- commit 2644b79

- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253
  bsc#1244145).
- Refresh
  patches.suse/s390-pci-Fix-leak-of-struct-zpci_dev-when-zpci_add_device-fails.patch.
- Refresh
  patches.suse/s390-pci-Sort-PCI-functions-prior-to-creating-virtual-busses.patch.
- Refresh
  patches.suse/s390-pci-Use-topology-ID-for-multi-function-devices.patch.
- commit 9223df0

- media: mediatek: vcodec: Only free buffer VA that is not NULL
  (CVE-2023-52888 bsc#1228557).
- commit 0299171

- drm/amd/display: Fix default DC and AC levels (bsc#1240650).
- drm/amd/display: Add debugging message for brightness caps
  (bsc#1240650).
- commit 5941cb0

- net: fix udp gso skb_segment after pull from frag_list
  (git-fixes).
- commit 8353437

- page_pool: Fix use-after-free in page_pool_recycle_in_ring
  (git-fixes).
- commit 69ccdcd

- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW)
  (git-fixes).
- commit d107edf

- net: sched: em_text: fix possible memory leak in
  em_text_destroy() (git-fixes).
- commit 71395f7

- neighbour: Don't let neigh_forced_gc() disable preemption for
  long (git-fixes).
- commit fea49bb

- net: sched: cls_u32: Fix allocation size in u32_init()
  (git-fixes).
- commit eea3eab

- Move upstreamed patches into sorted section
- commit c9465fb

- kernel-source: Do not use multiple -r in sed parameters
  This usage is enabled in commit b18d64d
  (sed: allow multiple (non-conflicting) -E/-r parameters, 2016-07-31)
  only available since sed 4.3
  Fixes: dc2037cd8f94 ("kernel-source: Also replace bin/env"
- commit 91ad98e

- efi/libstub: Describe missing 'out' parameter in efi_load_initrd
  (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup
  (git-fixes).
- drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset
  (git-fixes).
- drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3
  (git-fixes).
- drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes).
- drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes).
- drm/panthor: Update panthor_mmu::irq::mask when needed
  (git-fixes).
- drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions
  (git-fixes).
- drm/panic: add missing space (git-fixes).
- drm/vmwgfx: Fix dumb buffer leak (git-fixes).
- drm/vmwgfx: Add error path for xa_store in
  vmw_bo_add_detached_resource (git-fixes).
- drm/xe/d3cold: Set power state to D3Cold during s2idle/s3
  (git-fixes).
- media: verisilicon: Free post processor buffers on error
  (git-fixes).
- media: platform: mtk-mdp3: Remove unused mdp_get_plat_device
  (git-fixes).
- media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes).
- media: ov2740: Move pm-runtime cleanup on probe-errors to
  proper place (git-fixes).
- media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes).
- thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure
  (git-fixes).
- drm/xe: Save the gt pointer in lrc and drop the tile
  (stable-fixes).
- wifi: mt76: mt7925: load the appropriate CLC data based on
  hardware type (stable-fixes).
- wifi: mt76: mt7925: fix fails to enter low power mode in
  suspend state (stable-fixes).
- wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32()
  (stable-fixes).
- wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU
  (stable-fixes).
- wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes).
- wifi: iwlwifi: mvm: fix setting the TK when associated
  (stable-fixes).
- wifi: iwlwifi: don't warn when if there is a FW error
  (stable-fixes).
- wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes).
- wifi: iwlwifi: mark Br device not integrated (stable-fixes).
- wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes).
- wifi: mac80211: fix warning on disconnect during failed ML
  reconf (stable-fixes).
- wifi: mac80211_hwsim: Fix MLD address translation
  (stable-fixes).
- wifi: cfg80211: allow IR in 20 MHz configurations
  (stable-fixes).
- wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START
  TLV (stable-fixes).
- wifi: ath12k: Fetch regdb.bin file from board-2.bin
  (stable-fixes).
- wifi: rtw89: call power_on ahead before selecting firmware
  (stable-fixes).
- wifi: iwlwifi: use correct IMR dump variable (stable-fixes).
- wifi: iwlwifi: don't warn during reprobe (stable-fixes).
- wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx
  (stable-fixes).
- commit 33f1dc1

- drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401
  (stable-fixes).
- Refresh
  patches.suse/drm-amd-display-prevent-hang-on-link-training-fail.patch.
- commit 063600f

- Bluetooth: btintel: Check dsbr size from EFI variable
  (git-fixes).
- Documentation: ACPI: Use all-string data node references
  (git-fixes).
- ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()
  (git-fixes).
- ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms
  (git-fixes).
- drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes).
- drm/amd/display: check stream id dml21 wrapper to get plane_id
  (stable-fixes).
- drm/amd/display: Defer BW-optimization-blocked DRR adjustments
  (git-fixes).
- drm/amd/display: Call FP Protect Before Mode Programming/Mode
  Support (stable-fixes).
- ASoC: cs42l43: Disable headphone clamps during type detection
  (stable-fixes).
- drm/amdgpu: Allow P2P access through XGMI (stable-fixes).
- drm/amdgpu/discovery: check ip_discovery fw file available
  (stable-fixes).
- drm/amdkfd: set precise mem ops caps to disabled for gfx 11
  and 12 (stable-fixes).
- drm/amdgpu: Skip pcie_replay_count sysfs creation for VF
  (stable-fixes).
- drm/amdgpu: release xcp_mgr on exit (stable-fixes).
- drm/amdgpu: adjust drm_firmware_drivers_only() handling
  (stable-fixes).
- drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes).
- drm/amdgpu/gfx12: don't read registers in mqd init
  (stable-fixes).
- drm/amdgpu/gfx11: don't read registers in mqd init
  (stable-fixes).
- drm/amdgpu: Fix the race condition for draining retry fault
  (stable-fixes).
- drm/amd/display: Correct timing_adjust_pending flag setting
  (stable-fixes).
- drm/amd/display: calculate the remain segments for all pipes
  (stable-fixes).
- drm/amd/display: not abort link train when bw is low
  (stable-fixes).
- drm/amd/display: Do not enable replay when vtotal update is
  pending (stable-fixes).
- drm/xe: Nuke VM's mapping upon close (stable-fixes).
- drm/xe: Retry BO allocation (stable-fixes).
- drm/xe/vf: Retry sending MMIO request to GUC on timeout error
  (stable-fixes).
- drm/xe/pf: Create a link between PF and VF devices
  (stable-fixes).
- drm/xe: xe_gen_wa_oob: replace program_invocation_short_name
  (stable-fixes).
- drm/amdkfd: Set per-process flags only once for gfx9/10/11/12
  (stable-fixes).
- drm/amdgpu: Fix missing drain retry fault the last entry
  (stable-fixes).
- drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35
  (stable-fixes).
- drm/amd/display: Fix DMUB reset sequence for DCN401
  (stable-fixes).
- drm/amd/display: Fix p-state type when p-state is unsupported
  (stable-fixes).
- drm/amd/display: Request HW cursor on DCN3.2 with SubVP
  (stable-fixes).
- drm/amd/display: handle max_downscale_src_width fail check
  (stable-fixes).
- drm/amd/display: fix dcn4x init failed (stable-fixes).
- drm/amdgpu: remove all KFD fences from the BO on release
  (stable-fixes).
- drm/xe/oa: Ensure that polled read returns latest data
  (stable-fixes).
- drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init()
  (stable-fixes).
- drm/xe: Fix xe_tile_init_noalloc() error propagation
  (stable-fixes).
- drm/xe/debugfs: fixed the return value of wedged_mode_set
  (stable-fixes).
- drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set
  (stable-fixes).
- drm/xe/relay: Don't use GFP_KERNEL for new transactions
  (stable-fixes).
- drm/xe/pf: Reset GuC VF config when unprovisioning critical
  resource (stable-fixes).
- drm/xe: Move suballocator init to after display init
  (stable-fixes).
- drm/xe: Do not attempt to bootstrap VF in execlists mode
  (stable-fixes).
- drm/xe/sa: Always call drm_suballoc_manager_fini()
  (stable-fixes).
- drm/xe: Reject BO eviction if BO is bound to current VM
  (stable-fixes).
- drm/amd/pm: Fetch current power limit from PMFW (stable-fixes).
- drm/amd/display: Add support for disconnected eDP streams
  (stable-fixes).
- drm/amd/display: Guard against setting dispclk low when active
  (stable-fixes).
- drm/amd/display: Fix BT2020 YCbCr limited/full range input
  (stable-fixes).
- drm/amd/display: Read LTTPR ALPM caps during link cap retrieval
  (stable-fixes).
- drm/amd/display: Don't treat wb connector as physical in
  create_validate_stream_for_sink (stable-fixes).
- drm/amdgpu/mes11: fix set_hw_resources_1 calculation
  (stable-fixes).
- drm/amdkfd: fix missing L2 cache info in topology
  (stable-fixes).
- drm/amd/display: pass calculated dram_speed_mts to dml2
  (stable-fixes).
- drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes).
- drm/amd/display: Support multiple options during psr entry
  (stable-fixes).
- drm/amd/display: Use Nominal vBlank If Provided Instead Of
  Capping It (stable-fixes).
- drm/amd/display: Populate register address for dentist for
  dcn401 (stable-fixes).
- drm/amdgpu: Use active umc info from discovery (stable-fixes).
- drm/rockchip: vop2: Improve display modes handling on RK3588
  HDMI0 (stable-fixes).
- drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE
  (stable-fixes).
- drm/buddy: fix issue that force_merge cannot free all roots
  (stable-fixes).
- commit c1bcb86

- Drop AMDGPU patch that may cause regressions (bsc#1243782)
  Deleted:
  patches.suse/drm-amd-display-more-liberal-vmin-vmax-update-for-fr.patch
- commit c23b99f

- wifi: ath12k: Avoid memory leak while enabling statistics
  (CVE-2025-37743 bsc#1242163).
- commit f493528

- PM: sleep: Fix power.is_suspended cleanup for direct-complete
  devices (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
  (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place
  (git-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- commit ec23ee6

- net: usb: aqc111: debug info before sanitation (git-fixes).
- commit fc18979

- openvswitch: Fix unsafe attribute parsing in output_userspace() (CVE-2025-37998 bsc#1243836)
- commit 51afd13

- octeon_ep: Fix host hang issue during device reboot (CVE-2025-37933 bsc#1243628)
- commit 44230dd

- kABI: ipv6: save dontfrag in cork (git-fixes).
  Patch-up the kABI change with an #ifdef __GENKSYMS__. This change is
  safe (as detailed in the patch commit message) due to the struct
  having a 6-byte hole at the end we can use.
- commit cbc81e2

- ipv6: save dontfrag in cork (git-fixes).
- commit d3fe600

- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
  (git-fixes).
- commit 756fa72

- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- commit e02eac4

- ipvs: Always clear ipvs_property flag in skb_scrub_packet()
  (git-fixes).
- commit d943643

- tcp/dccp: allow a connection when sk_max_ack_backlog is zero
  (git-fixes).
- commit 09561a1

- xsk: always clear DMA mapping information when unmapping the
  pool (git-fixes).
- commit 9908bc6

- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- commit fc52734

- spi: spi-imx: Add check for spi_imx_setupxfer() (CVE-2025-37801 bsc#1242850)
- commit f3955e7

- ipmr: fix tables suspicious RCU usage (git-fixes).
- commit d029f0f

- ip6mr: fix tables suspicious RCU usage (git-fixes).
- commit 79bb134

- netpoll: Use rcu_access_pointer() in __netpoll_setup
  (git-fixes).
- commit f180c62

- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- commit 895e121

- net/neighbor: clear error in case strict check is not set
  (git-fixes).
- commit 9eb711a

- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- commit 401defe

- net: sched: consistently use rcu_replace_pointer() in
  taprio_change() (git-fixes).
- commit a6910eb

- udp: fix receiving fraglist GSO packets (git-fixes).
- commit 5b87500

- net: linkwatch: use system_unbound_wq (git-fixes).
- commit 34d590e

- net: page_pool: fix warning code (git-fixes).
- commit 0d77245

- net: give more chances to rcu in netdev_wait_allrefs_any()
  (git-fixes).
- commit a1b1859

- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
  (git-fixes).
- commit b96b4a8

- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- commit afdb9bb

- udp: preserve the connected status if only UDP cmsg (git-fixes).
- commit 8714e3a

- udp: fix incorrect parameter validation in the
  udp_lib_getsockopt() function (git-fixes).
- commit 34a2994

- ipmr: fix incorrect parameter validation in the
  ip_mroute_getsockopt() function (git-fixes).
- commit f23f4c9

- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- commit 765e083

- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- commit 1e0fceb

- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- commit 935ac41

- udp: annotate data-races around up->pending (git-fixes).
- commit 72fda93

- ipv4: Correct/silence an endian warning in __ip_do_redirect
  (git-fixes).
- commit 011b9c9

- driver core: fix potential NULL pointer dereference in
  dev_uevent() (CVE-2025-37800 bsc#1242849).
- driver core: introduce device_set_driver() helper
  (CVE-2025-37800 bsc#1242849).
- commit 3aecdc2

- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- commit a145886

- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability
  (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response
  (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()
  (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization
  (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver"
  (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled
  (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption
  (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
  (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out
  of bounds (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms
  (git-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000
  (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID
  11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK
  (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status
  unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT
  (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list
  (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS
  header (git-fixes).
- commit 3f5d0e4

- wifi: mt76: only mark tx-status-failed frames as ACKed on
  mt76x0/2 (stable-fixes).
- commit 0de0b80

- wifi: ath12k: Add MSDU length validation for TKIP MIC error
  (git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc
  (git-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11
  header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch
  (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list
  (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly
  (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU
  (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31
  (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx()
  (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211
  (stable-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz
  band (stable-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable()
  (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1
  override (stable-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring
  descriptor (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU
  (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU
  (stable-fixes).
- wifi: rtw88: Don't use static local variable in
  rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held
  wiphy_lock() yet (stable-fixes).
- wifi: mac80211: don't unconditionally call drv_mgd_complete_tx()
  (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call
  (stable-fixes).
- commit 9963350

- vgacon: Add check for vc_origin address range in vgacon_scroll()
  (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
  (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation
  (git-fixes).
- spi: tegra210-quad: remove redundant error handling code
  (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4
  transfers (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is
  disabled for retimer (stable-fixes).
- usb: xhci: Don't change the status of stalled TDs on failed
  Stop EP (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support
  (stable-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend
  (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable
  sequence (stable-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap
  (stable-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- commit 38d0a8f

- PM: sleep: Print PM debug messages during hibernation
  (git-fixes).
- commit 96179c7

- PCI: dw-rockchip: Fix PHY function call sequence in
  rockchip_pcie_phy_deinit() (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow
  (git-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback
  (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing
  (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup
  in hugetlb_reparenting_test.sh (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting
  direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for
  GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat
  (git-fixes).
- PM: wakeup: Delete space in the end of string shown by
  pm_show_wakelocks() (git-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change
  event notification (stable-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
  (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off
  (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers
  and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe
  (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
  (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60
  kOhm (stable-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- phy: core: don't require set_mode() callback for phy_get_mode()
  to work (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group()
  (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins
  (stable-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
  (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in
  pinctrl_dt_to_map (stable-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows
  (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB
  (stable-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too
  (stable-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code
  (stable-fixes).
- regulator: ad5398: Add device tree support (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus
  (stable-fixes).
- commit 32a9142

- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- commit 2a9c7bb

- mtd: rawnand: sunxi: Add randomizer configuration in
  sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer
  enable (git-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
  (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2
  frames (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping
  (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted
  (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and
  to_phy_device() (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls
  (git-fixes).
- mmc: host: Wait for Vdd to settle on card power off
  (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- commit eedda90

- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
  (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice
  in exynos_lpass_remove() (git-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Return the number of processed controls
  (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers
  (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers
  (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device()
  (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count
  (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor()
  (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path
  (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- media: cxusb: no longer judge rbuf when the write fails
  (git-fixes).
- media: vidtv: Terminating the subsequent process of
  initialization failure (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum
  op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual
  PLL case (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct
  value (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct
  value (git-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed
  (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
  (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check
  (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in
  c8sectpfe_probe() (stable-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
  (stable-fixes).
- media: uvcvideo: Handle uvc menu translation inside
  uvc_get_le_value (stable-fixes).
- media: adv7180: Disable test-pattern control on adv7180
  (stable-fixes).
- media: tc358746: improve calculation of the D-PHY timing
  registers (stable-fixes).
- media: test-drivers: vivid: don't call schedule in loop
  (stable-fixes).
- media: i2c: imx219: Correct the minimum vblanking value
  (stable-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config
  pad op (stable-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware
  is available (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters
  (stable-fixes).
- commit de6c9a2

- Input: gpio-keys - fix possible concurrent access in
  gpio_keys_irq_timer() (git-fixes).
- commit e29f865

- hwmon: (asus-ec-sensors) check sensor index in read_string()
  (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware()
  (git-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- gpiolib: Revert "Don't WARN on gpiod_put() for optional GPIO"
  (stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support
  (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields
  (stable-fixes).
- ima: process_measurement() needlessly takes inode_lock()
  on MAY_READ (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in
  svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request
  (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address
  Assignment(DAA) (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM
  (stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines
  (stable-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args()
  (stable-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32
  (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible
  (stable-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise
  types (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA
  (stable-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value
  (stable-fixes).
- gpio: pca953x: Simplify code with cleanup helpers
  (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and
  pca953x_save_context() (stable-fixes).
- commit 50f84af

- fbdev: Fix fb_set_var to prevent null-ptr-deref in
  fb_videomode_to_var (git-fixes).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref
  in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
  (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during
  boot (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components
  on err (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers
  (git-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device
  ptr (git-fixes).
- Revert "drm/amdgpu: don't allow userspace to create a doorbell
  BO" (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in
  atomctrl_initialize_mc_reg_table (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type
  (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
  (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in
  lt9611uxc_probe() (git-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready
  (git-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default
  PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid()
  (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so
  (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect
  (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst
  (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner
  case (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x
  (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel
  timing (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR
  switch (stable-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
  (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi
  (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in
  gfxhub_v1_0.c (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW
  determination (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking
  (stable-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window
  (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amd/display: Don't try AUX transactions on disconnected link
  (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer
  (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation
  (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting
  (stable-fixes).
- drm/amd/display: Increase block_sequence array size
  (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amd/display/dm: drop hw_support check in
  amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size
  (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/atomic: clarify the rules around
  drm_atomic_state->allow_modeset (stable-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm: Add valid clones check (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file()
  (stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon
  (stable-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for
  tileblit (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across
  protocol ids (stable-fixes).
- commit 0574d41

- Documentation/rtla: Fix duplicate text about timerlat tracer
  (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests
  (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of
  the struct (git-fixes).
- crypto: xts - Only add ecb if it is not already there
  (git-fixes).
- crypto: lrw - Only add ecb if it is not already there
  (git-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor
  (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests
  (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA
  functions (git-fixes).
- Documentation: fix typo in root= kernel parameter description
  (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in
  idxd_cdev_open (stable-fixes).
- commit 8e41cce

- backlight: pm8941: Add NULL check in wled_configure()
  (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP
  device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect
  devices first" (stable-fixes).
- Bluetooth: MGMT: iterate over mesh commands in
  mgmt_mesh_foreach() (git-fixes).
- ASoC: qcom: sdm845: Add error handling in
  sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask
  (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation
  type (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in
  sun8i_ce_cipher_prepare() (git-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to
  negative tests (stable-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher
  (stable-fixes).
- can: c_can: Use of_property_present() to test existence of DT
  property (stable-fixes).
- commit 595e083

- ASoC: meson: meson-card-utils: use of_property_present()
  for DT parsing (git-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013
  (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in
  imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for
  mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: qcom: sm8250: explicitly set format in
  sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile
  (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks
  (stable-fixes).
- commit 255f2cb

- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10
  (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer
  (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx
  (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot()
  (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG
  (stable-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: ops: Enforce platform maximum on initial value
  (stable-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode
  (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers
  (stable-fixes).
- commit ab5fcf6

- kABI workaround for hda_codec.beep_just_power_on flag
  (git-fixes).
- commit 11aaa35

- acpi-cpufreq: Fix nominal_freq units to KHz in
  get_max_boost_ratio() (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" ->
  "Increment" (git-fixes).
- ACPICA: exserial: don't forget to handle FFixedHW opregions
  for reading (git-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
  (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list
  (stable-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook
  855 G7 (stable-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- commit 6ebe577

- net: ethernet: mtk-star-emac: fix spinlock recursion issues
  on rx/tx poll (CVE-2025-37917 bsc#1243475).
- commit 0f659f2

- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further
  (git-fixes).
- commit bae0091

- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm
  devices (git-fixes).
- commit a0506dd

- usb: typec: ucsi: Only enable supported notifications
  (git-fixes).
- commit 3a52706

- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices
  (git-fixes).
- commit 5ca6578

- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
  (git-fixes).
- commit 1564858

- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
  (git-fixes).
- commit 2bfd2a7

- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- commit c964f36

- orangefs: Do not truncate file size (git-fixes).
- commit 9fbe3ae

- NFSv4: Check for delegation validity in
  nfs_start_delegation_return_locked() (git-fixes).
- commit a689f10

- NFS: Don't allow waiting for exiting tasks (git-fixes).
- Refresh
  patches.suse/nfs-add-missing-selections-of-CONFIG_CRC32.patch.
- commit 899f47c

- SUNRPC: Don't allow waiting for exiting tasks (git-fixes).
- commit 8b942ca

- NFSv4: Treat ENETUNREACH errors as fatal for state recovery
  (git-fixes).
- commit 9139fd5

- SUNRPC: rpc_clnt_set_transport() must not change the autobind
  setting (git-fixes).
- commit e2112a4

- SUNRPC: rpcbind should never reset the port to the value '0'
  (git-fixes).
- commit f49c9db

- pNFS/flexfiles: Report ENETDOWN as a connection error
  (git-fixes).
- commit 39e7a29

- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- commit 6adbec5

- ext4: define ext4_journal_destroy wrapper (CVE-2025-22113
  bsc#1241617).
- commit 8dddf47

- ext4: ignore xattrs past end (bsc#1242846 CVE-2025-37738).
- commit 2a74454

- ext4: avoid journaling sb update on error if journal is
  destroying (bsc#1241617 CVE-2025-22113).
- commit 0445179

- xhci: dbc: Avoid event polling busyloop if pending rx transfers
  are inactive (git-fixes).
- commit 7bb46ec

- usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs
  (git-fixes).
- commit b84bbc1

- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving
  proposal msg (CVE-2024-49568 bsc#1235728).
- commit a7c2f15

- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- commit 625407a

- iio: light: opt3001: fix deadlock due to concurrent flag access (CVE-2025-37968 bsc#1243571)
- commit 0e5e655

- perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (CVE-2025-37936 bsc#1243537)
- commit 2e13950

- net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (CVE-2025-37945 bsc#1243538)
- commit efc17f3

- pds_core: Prevent possible adminq overflow/stuck condition (CVE-2025-37987 bsc#1243542)
- commit ba1ea39

- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
  (git-fixes).
- commit dc6e86f

- Refresh
  patches.suse/nfs-ignore-SB_RDONLY-when-remounting-nfs.patch.
- commit 359f356

- Refresh
  patches.suse/nfs-clear-SB_RDONLY-before-getting-superblock.patch.
- commit 2697e51

- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
  (git-fixes).
- commit fcf1703

- powerpc/pseries/msi: Avoid reading PCI device registers in
  reduced power states (bsc#1215199).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion
  (bsc#1215199).
- commit 2d2709b

- IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes)
- commit 80fb173

- Update patches.suse/nfsd-Fix-race-to-FREE_STATEID-and-cl_revoked.patch
  (bsc#1012628 CVE-2024-50106 bsc#1232882).
- commit a87a308

- iommu/tegra241-cmdqv: Fix warnings due to  dmam_free_coherent()
  (CVE-2025-37837 bsc#1242952).
- commit 0f31b68

- net: ngbe: fix memory leak in ngbe_probe() error path (CVE-2025-37874 bsc#1242940)
- commit bc2e64d

- smb: client: fix hang in wait_for_response() for negproto
  (bsc#1242709).
- commit 709cb2e

- net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (CVE-2025-37865 bsc#1242954)
- commit 885d04c

- HID: pidff: Fix null pointer dereference in pidff_find_fields (CVE-2025-37862 bsc#1242982)
- commit f9d615e

- usb: chipidea: ci_hdrc_imx: fix usbmisc handling (CVE-2025-37811 bsc#1242907)
- commit 1f2ed79

- mptcp: fix 'scheduling while atomic' in
  mptcp_pm_nl_append_new_local_addr (git-fixes CVE-2025-21938
  bsc#1240723).
- commit 02ff1ac

- usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572
  CVE-2025-37967).
- commit 59ea04d

- kABI workaround for adding an header (CVE-2025-21868
  bsc#1240180).
- commit 8687a45

- cifs: avoid NULL pointer dereference in dbg call (CVE-2025-37844 bsc#1242946)
- commit 031bdce

- Update
  patches.suse/ASoC-simple-card-utils-Fix-pointer-check-in-graph_ut.patch
  (git-fixes CVE-2025-37934 bsc#1243548).
- Update
  patches.suse/accel-ivpu-Fix-PM-related-deadlocks-in-MS-IOCTLs.patch
  (git-fixes CVE-2025-37848 bsc#1242943).
- Update
  patches.suse/accel-ivpu-Fix-deadlock-in-ivpu_ms_cleanup.patch
  (git-fixes CVE-2025-37847 bsc#1242947).
- Update
  patches.suse/arm64-bpf-Add-BHB-mitigation-to-the-epilogue-for-cBP.patch
  (bsc#1242778 CVE-2025-37948 bsc#1243649).
- Update
  patches.suse/arm64-bpf-Only-mitigate-cBPF-programs-loaded-by-unpr.patch
  (bsc#1242778 CVE-2025-37963 bsc#1243660).
- Update
  patches.suse/drm-imagination-fix-firmware-memory-leaks.patch
  (git-fixes CVE-2025-37764 bsc#1242577).
- Update
  patches.suse/drm-imagination-take-paired-job-reference.patch
  (git-fixes CVE-2025-37763 bsc#1242508).
- Update
  patches.suse/drm-xe-Fix-an-out-of-bounds-shift-when-invalidating-.patch
  (git-fixes CVE-2025-37761 bsc#1242724).
- Update
  patches.suse/drm-xe-Use-local-fence-in-error-path-of-xe_migrate_c.patch
  (git-fixes CVE-2025-37869 bsc#1242967).
- Update
  patches.suse/drm-xe-userptr-fix-notifier-vs-folio-deadlock.patch
  (git-fixes CVE-2025-37868 bsc#1242966).
- Update
  patches.suse/drm-xe-vf-Don-t-try-to-trigger-a-full-GT-reset-if-VF.patch
  (stable-fixes CVE-2025-23162 bsc#1242834).
- Update
  patches.suse/ethtool-cmis_cdb-use-correct-rpl-size-in-ethtool_cmi.patch
  (git-fixes CVE-2025-37791 bsc#1242729).
- Update
  patches.suse/mei-vsc-Fix-fortify-panic-caused-by-invalid-counted_.patch
  (git-fixes CVE-2025-37816 bsc#1242863).
- Update
  patches.suse/net-mlx5-Fix-null-ptr-deref-in-mlx5_create_-inner_-t.patch
  (git-fixes CVE-2025-37888 bsc#1242964).
- Update
  patches.suse/s390-pci-Fix-duplicate-pci_dev_put-in-disable_slot-w.patch
  (git-fixes CVE-2025-37946 bsc#1243506).
- Update
  patches.suse/scsi-mpi3mr-Synchronous-access-b-w-reset-and-tm-thre.patch
  (bsc#1241388 CVE-2025-37861 bsc#1243055).
- Update
  patches.suse/scsi-smartpqi-Use-is_kdump_kernel-to-check-for-kdump.patch
  (git-fixes CVE-2025-37981 bsc#1243514).
- Update
  patches.suse/tty-Require-CAP_SYS_ADMIN-for-all-usages-of-TIOCL_SE.patch
  (git-fixes CVE-2025-37814 bsc#1242865).
- Update
  patches.suse/usb-xhci-Don-t-skip-on-Stopped-Length-Invalid.patch
  (git-fixes CVE-2025-22023 bsc#1241298).
- Update
  patches.suse/usb-xhci-Fix-invalid-pointer-dereference-in-Etron-wo.patch
  (git-fixes CVE-2025-37813 bsc#1242909).
- commit ba2a725

- Update
  patches.suse/ALSA-ump-Fix-buffer-overflow-at-UMP-SysEx-message-co.patch
  (bsc#1242044 CVE-2025-37891 bsc#1243589).
- Update
  patches.suse/ASoC-Intel-avs-Fix-null-ptr-deref-in-avs_component_p.patch
  (git-fixes CVE-2025-37793 bsc#1242584).
- Update
  patches.suse/ASoC-imx-card-Add-NULL-check-in-imx_card_probe.patch
  (git-fixes CVE-2025-22066 bsc#1241340).
- Update
  patches.suse/ASoC-ops-Consistently-treat-platform_max-as-control-.patch
  (git-fixes CVE-2025-37889 bsc#1242945).
- Update
  patches.suse/ASoC-qcom-Fix-sc7280-lpass-potential-buffer-overflow.patch
  (git-fixes CVE-2025-37979 bsc#1243545).
- Update
  patches.suse/Bluetooth-btrtl-Prevent-potential-NULL-dereference.patch
  (git-fixes CVE-2025-37792 bsc#1242591).
- Update
  patches.suse/Bluetooth-btusb-avoid-NULL-pointer-dereference-in-sk.patch
  (git-fixes CVE-2025-37918 bsc#1243476).
- Update
  patches.suse/Input-mtk-pmic-keys-fix-possible-null-pointer-derefe.patch
  (git-fixes CVE-2025-37972 bsc#1243573).
- Update
  patches.suse/KVM-arm64-Tear-down-vGIC-on-failed-vCPU-creation.patch
  (git-fixes CVE-2025-37849 bsc#1243000).
- Update
  patches.suse/KVM-x86-Acquire-SRCU-in-KVM_GET_MP_STATE-to-protect-.patch
  (git-fixes CVE-2025-23141 bsc#1242782).
- Update
  patches.suse/PCI-Fix-reference-leak-in-pci_register_host_bridge.patch
  (git-fixes CVE-2025-37836 bsc#1242957).
- Update
  patches.suse/PCI-brcmstb-Fix-error-path-after-a-call-to-regulator.patch
  (git-fixes CVE-2025-22095 bsc#1241519).
- Update
  patches.suse/PCI-vmd-Make-vmd_dev-cfg_lock-a-raw_spinlock_t-type.patch
  (stable-fixes CVE-2025-23161 bsc#1242792).
- Update
  patches.suse/RDMA-cma-Fix-workqueue-crash-in-cma_netevent_work_ha.patch
  (git-fixes CVE-2025-37772 bsc#1242563).
- Update
  patches.suse/RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch
  (git-fixes bsc#1239925 CVE-2025-22089 bsc#1241538).
- Update
  patches.suse/RDMA-core-Silence-oversized-kvmalloc-warning.patch
  (git-fixes CVE-2025-37867 bsc#1242948).
- Update
  patches.suse/USB-wdm-close-race-between-wdm_open-and-wdm_wwan_por.patch
  (git-fixes CVE-2025-37985 bsc#1243529).
- Update
  patches.suse/arm64-bpf-Add-BHB-mitigation-to-the-epilogue-for-cBPF-prog.patch
  (git-fixes CVE-2025-37948 bsc#1243649).
- Update
  patches.suse/arm64-bpf-Only-mitigate-cBPF-programs-loaded-by-unprivileg.patch
  (git-fixes CVE-2025-37963 bsc#1243660).
- Update
  patches.suse/arm64-errata-Add-missing-sentinels-to-Spectre-BHB-MIDR-arr.patch
  (git-fixes CVE-2025-37929 bsc#1243624).
- Update
  patches.suse/ata-pata_pxa-Fix-potential-NULL-pointer-dereference-.patch
  (git-fixes CVE-2025-37758 bsc#1242514).
- Update
  patches.suse/backlight-led_bl-Hold-led_access-lock-when-calling-l.patch
  (git-fixes CVE-2025-23144 bsc#1242568).
- Update
  patches.suse/block-fix-resource-leak-in-blk_register_queue-error-path.patch
  (git-fixes CVE-2025-37980 bsc#1243522).
- Update
  patches.suse/block-integrity-Do-not-call-set_page_dirty_lock.patch
  (git-fixes CVE-2025-37978 bsc#1243516).
- Update
  patches.suse/bnxt_en-Fix-out-of-bound-memcpy-during-ethtool-w.patch
  (git-fixes CVE-2025-37911 bsc#1243469).
- Update patches.suse/bpf-Scrub-packet-on-bpf_redirect_peer.patch
  (git-fixes CVE-2025-37959 bsc#1243517).
- Update
  patches.suse/bpf-check-changes_pkt_data-property-for-extension-pr.patch
  (bsc#1241590 CVE-2024-58100 bsc#1242564).
- Update
  patches.suse/bpf-consider-that-tail-calls-invalidate-packet-point.patch
  (bsc#1241590 CVE-2024-58237 bsc#1242574).
- Update
  patches.suse/bpf-track-changes_pkt_data-property-for-global-funct.patch
  (bsc#1241590 CVE-2024-58098 bsc#1242565).
- Update
  patches.suse/btrfs-adjust-subpage-bit-start-based-on-sectorsize.patch
  (bsc#1241492 CVE-2025-37931 bsc#1243626).
- Update
  patches.suse/bus-mhi-host-Fix-race-between-unprepare-and-queue_bu.patch
  (git-fixes CVE-2025-23151 bsc#1242512).
- Update
  patches.suse/cxgb4-fix-memory-leak-in-cxgb4_init_ethtool_filters-.patch
  (git-fixes CVE-2025-37788 bsc#1242766).
- Update
  patches.suse/dm-bufio-don-t-schedule-in-atomic-context.patch
  (git-fixes CVE-2025-37928 bsc#1243621).
- Update
  patches.suse/drm-amd-display-Fix-slab-use-after-free-in-hdcp.patch
  (git-fixes CVE-2025-37903 bsc#1243562).
- Update
  patches.suse/drm-amd-pm-Prevent-division-by-zero-4b8c3c0.patch
  (git-fixes CVE-2025-37770 bsc#1242764).
- Update
  patches.suse/drm-amd-pm-Prevent-division-by-zero-4e3d950.patch
  (git-fixes CVE-2025-37766 bsc#1242785).
- Update
  patches.suse/drm-amd-pm-Prevent-division-by-zero-7c246a0.patch
  (git-fixes CVE-2025-37768 bsc#1242567).
- Update
  patches.suse/drm-amd-pm-Prevent-division-by-zero-7d641c2.patch
  (git-fixes CVE-2025-37771 bsc#1242781).
- Update patches.suse/drm-amd-pm-Prevent-division-by-zero.patch
  (git-fixes CVE-2025-37767 bsc#1242501).
- Update
  patches.suse/drm-amd-pm-smu11-Prevent-division-by-zero.patch
  (git-fixes CVE-2025-37769 bsc#1242587).
- Update
  patches.suse/drm-amdgpu-Replace-Mutex-with-Spinlock-for-RLCG-regi.patch
  (git-fixes CVE-2025-38104 bsc#1241635).
- Update
  patches.suse/drm-amdgpu-handle-amdgpu_cgs_create_device-errors-in.patch
  (stable-fixes CVE-2025-37852 bsc#1243074).
- Update patches.suse/drm-amdkfd-Fix-mode1-reset-crash-issue.patch
  (stable-fixes CVE-2025-37854 bsc#1243082).
- Update
  patches.suse/drm-amdkfd-debugfs-hang_hws-skip-GPU-with-MES.patch
  (stable-fixes CVE-2025-37853 bsc#1243076).
- Update
  patches.suse/drm-i915-huc-Fix-fence-not-released-on-early-probe-e.patch
  (git-fixes CVE-2025-37754 bsc#1242524).
- Update
  patches.suse/drm-mediatek-dp-drm_err-dev_err-in-HPD-path-to-avoid.patch
  (git-fixes CVE-2025-38240 bsc#1241457).
- Update
  patches.suse/drm-nouveau-Fix-WARN_ON-in-nouveau_fence_context_kil.patch
  (git-fixes CVE-2025-37930 bsc#1243625).
- Update
  patches.suse/drm-nouveau-prime-fix-ttm_bo_delayed_delete-oops.patch
  (git-fixes CVE-2025-37765 bsc#1242761).
- Update
  patches.suse/drm-v3d-Add-job-to-pending-list-if-the-reset-was-ski.patch
  (stable-fixes CVE-2025-37951 bsc#1243659).
- Update
  patches.suse/eth-bnxt-fix-missing-ring-index-trim-on-error-path.patch
  (git-fixes CVE-2025-37873 bsc#1242961).
- Update patches.suse/fbdev-omapfb-Add-plane-value-check.patch
  (stable-fixes CVE-2025-37851 bsc#1242977).
- Update
  patches.suse/firmware-arm_scmi-Balance-device-refcount-when-destr.patch
  (git-fixes CVE-2025-37905 bsc#1243456).
- Update
  patches.suse/fs-jfs-Prevent-integer-overflow-in-AG-size-calculation.patch
  (git-fixes CVE-2025-37858 bsc#1243049).
- Update
  patches.suse/hfs-hfsplus-fix-slab-out-of-bounds-in-hfs_bnode_read_key.patch
  (git-fixes CVE-2025-37782 bsc#1242770).
- Update
  patches.suse/i2c-cros-ec-tunnel-defer-probe-if-parent-EC-is-not-p.patch
  (git-fixes CVE-2025-37781 bsc#1242575).
- Update
  patches.suse/i3c-Add-NULL-pointer-check-in-i3c_master_queue_ibi.patch
  (git-fixes CVE-2025-23147 bsc#1242530).
- Update
  patches.suse/ice-Check-VF-VSI-Pointer-Value-in-ice_vc_add_fdir_fl.patch
  (git-fixes CVE-2025-37912 bsc#1243470).
- Update patches.suse/igc-fix-PTM-cycle-trigger-logic.patch
  (git-fixes CVE-2025-37875 bsc#1242959).
- Update
  patches.suse/iio-imu-st_lsm6dsx-fix-possible-lockup-in-st_lsm6dsx-8114ef8.patch
  (git-fixes CVE-2025-37969 bsc#1243574).
- Update
  patches.suse/iio-imu-st_lsm6dsx-fix-possible-lockup-in-st_lsm6dsx.patch
  (git-fixes CVE-2025-37970 bsc#1243575).
- Update
  patches.suse/iommu-Fix-two-issues-in-iommu_copy_struct_from_user.patch
  (git-fixes CVE-2025-37900 bsc#1243560).
- Update
  patches.suse/ipv6-Fix-memleak-of-nhc_pcpu_rth_output-in-fib_check_nh_v6_gw.patch
  (git-fixes CVE-2025-22005 bsc#1240866).
- Update
  patches.suse/irqchip-gic-v2m-Prevent-use-after-free-of-gicv2m_get.patch
  (git-fixes CVE-2025-37819 bsc#1242873).
- Update
  patches.suse/irqchip-qcom-mpm-Prevent-crash-when-trying-to-handle.patch
  (git-fixes CVE-2025-37901 bsc#1243559).
- Update patches.suse/jbd2-remove-wrong-sb-s_sequence-check.patch
  (bsc#1242343 CVE-2025-37839 bsc#1242990).
- Update
  patches.suse/jfs-Fix-uninit-value-access-of-imap-allocated-in-the-diMount-function.patch
  (git-fixes CVE-2025-37742 bsc#1243011).
- Update
  patches.suse/jfs-Prevent-copying-of-nlink-with-value-0-from-disk-inode.patch
  (git-fixes CVE-2025-37741 bsc#1243015).
- Update
  patches.suse/jfs-add-sanity-check-for-agwidth-in-dbMount.patch
  (git-fixes CVE-2025-37740 bsc#1243006).
- Update
  patches.suse/jfs-fix-slab-out-of-bounds-read-in-ea_get.patch
  (git-fixes CVE-2025-39735 bsc#1241625).
- Update
  patches.suse/jfs-reject-on-disk-inodes-of-an-unsupported-type.patch
  (git-fixes CVE-2025-37925 bsc#1241654).
- Update
  patches.suse/md-md-bitmap-fix-wrong-bitmap_limit-for-clustermd-wh.patch
  (bsc#1238212 CVE-2025-22124 bsc#1241595).
- Update
  patches.suse/media-dw2102-Fix-null-ptr-deref-in-dw2102_i2c_transf.patch
  (git-fixes CVE-2023-53146 bsc#1220112).
- Update
  patches.suse/media-venus-hfi-add-a-check-to-handle-OOB-in-sfr-reg.patch
  (git-fixes CVE-2025-23159 bsc#1242529).
- Update
  patches.suse/media-venus-hfi-add-check-to-handle-incorrect-queue-.patch
  (git-fixes CVE-2025-23158 bsc#1242531).
- Update
  patches.suse/media-venus-hfi_parser-add-check-to-avoid-out-of-bou.patch
  (git-fixes CVE-2025-23157 bsc#1242532).
- Update
  patches.suse/media-venus-hfi_parser-refactor-hfi-packet-parsing-l.patch
  (git-fixes CVE-2025-23156 bsc#1242569).
- Update
  patches.suse/mfd-ene-kb3930-Fix-a-potential-NULL-pointer-derefere.patch
  (git-fixes CVE-2025-23146 bsc#1242559).
- Update
  patches.suse/misc-microchip-pci1xxxx-Fix-Kernel-panic-during-IRQ-.patch
  (git-fixes CVE-2025-37815 bsc#1242871).
- Update
  patches.suse/mtd-inftlcore-Add-error-check-for-inftl_read_oob.patch
  (git-fixes CVE-2025-37892 bsc#1243536).
- Update
  patches.suse/mtd-rawnand-brcmnand-fix-PM-resume-warning.patch
  (git-fixes CVE-2025-37840 bsc#1242953).
- Update patches.suse/net-phy-leds-fix-memory-leak.patch
  (git-fixes CVE-2025-37989 bsc#1243511).
- Update
  patches.suse/net-reenable-NETIF_F_IPV6_CSUM-offload-for-BIG-TCP-p.patch
  (git-fixes CVE-2025-21629 bsc#1235968).
- Update
  patches.suse/net_sched-drr-Fix-double-list-add-in-class-with-nete.patch
  (git-fixes CVE-2025-37915 bsc#1243473).
- Update
  patches.suse/net_sched-ets-Fix-double-list-add-in-class-with-nete.patch
  (git-fixes CVE-2025-37914 bsc#1243472).
- Update
  patches.suse/net_sched-hfsc-Fix-a-UAF-vulnerability-in-class-with.patch
  (git-fixes CVE-2025-37890 bsc#1243330).
- Update
  patches.suse/net_sched-qfq-Fix-double-list-add-in-class-with-nete.patch
  (git-fixes CVE-2025-37913 bsc#1243471).
- Update
  patches.suse/nfsd-decrease-sc_count-directly-if-fail-to-queue-dl_recall.patch
  (git-fixes CVE-2025-37871 bsc#1242949).
- Update
  patches.suse/objtool-media-dib8000-Prevent-divide-by-zero-in-dib8.patch
  (git-fixes CVE-2025-37937 bsc#1243540).
- Update
  patches.suse/objtool-spi-amd-Fix-out-of-bounds-stack-access-in-am.patch
  (git-fixes CVE-2025-40014 bsc#1241644).
- Update
  patches.suse/perf-Fix-hang-while-freeing-sigtrap-event.patch
  (bsc#1229491 CVE-2024-43869 CVE-2025-37747 bsc#1242520).
- Update
  patches.suse/pm-cpupower-bench-Prevent-NULL-dereference-on-malloc.patch
  (stable-fixes CVE-2025-37841 bsc#1242974).
- Update
  patches.suse/pwm-mediatek-Prevent-divide-by-zero-in-pwm_mediatek_.patch
  (git-fixes CVE-2025-37850 bsc#1242955).
- Update patches.suse/qibfs-fix-_another_-leak.patch (git-fixes
  CVE-2025-37983 bsc#1243567).
- Update patches.suse/sch_htb-make-htb_deactivate-idempotent.patch
  (CVE-2025-37798 bsc#1242414 CVE-2025-37953 bsc#1243543).
- Update
  patches.suse/sch_htb-make-htb_qlen_notify-idempotent.patch
  (CVE-2025-37798 bsc#1242414 CVE-2025-37932 bsc#1243627).
- Update
  patches.suse/sctp-detect-and-prevent-references-to-a-freed-transp.patch
  (git-fixes CVE-2025-23142 bsc#1242760).
- Update
  patches.suse/soc-samsung-exynos-chipid-Add-NULL-pointer-check-in-.patch
  (git-fixes CVE-2025-23148 bsc#1242578).
- Update
  patches.suse/sound-virtio-Fix-cancel_sync-warnings-on-uninitializ.patch
  (stable-fixes CVE-2025-37805 bsc#1242930).
- Update patches.suse/tpm-do-not-start-chip-while-suspended.patch
  (git-fixes CVE-2025-23149 bsc#1242758).
- Update
  patches.suse/usb-cdns3-Fix-deadlock-when-using-NCM-gadget.patch
  (git-fixes CVE-2025-37812 bsc#1242908).
- Update
  patches.suse/usb-dwc3-gadget-check-that-event-count-does-not-exce.patch
  (git-fixes CVE-2025-37810 bsc#1242906).
- Update
  patches.suse/usb-gadget-aspeed-Add-NULL-pointer-check-in-ast_vhub.patch
  (stable-fixes CVE-2025-37881 bsc#1242973).
- Update
  patches.suse/usb-typec-class-Invalidate-USB-device-pointers-on-pa.patch
  (git-fixes CVE-2025-37986 bsc#1243515).
- Update
  patches.suse/vmxnet3-Fix-packet-corruption-in-vmxnet3_xdp_xmit_fr.patch
  (bsc#1226498 CVE-2024-58099 bsc#1242035).
- Update
  patches.suse/wifi-at76c50x-fix-use-after-free-access-in-at76_disc.patch
  (git-fixes CVE-2025-37796 bsc#1242727).
- Update
  patches.suse/wifi-ath12k-Fix-invalid-data-access-in-ath12k_dp_rx_.patch
  (stable-fixes CVE-2025-37943 bsc#1243509).
- Update
  patches.suse/wifi-ath12k-Fix-invalid-entry-fetch-in-ath12k_dp_mon.patch
  (stable-fixes CVE-2025-37944 bsc#1243530).
- Update
  patches.suse/wifi-brcm80211-fmac-Add-error-handling-for-brcmf_usb.patch
  (git-fixes CVE-2025-37990 bsc#1243528).
- Update
  patches.suse/wifi-cfg80211-init-wiphy_work-before-allocating-rfki.patch
  (git-fixes CVE-2025-22119 bsc#1241576).
- Update
  patches.suse/wifi-mac80211-Purge-vif-txq-in-ieee80211_do_stop.patch
  (git-fixes CVE-2025-37794 bsc#1242566).
- Update
  patches.suse/wifi-plfxlc-Remove-erroneous-assert-in-plfxlc_mac_re.patch
  (git-fixes CVE-2025-37897 bsc#1243534).
- Update
  patches.suse/wifi-wl1251-fix-memory-leak-in-wl1251_tx_work.patch
  (git-fixes CVE-2025-37982 bsc#1243524).
- commit 4bd69e5
samba
- Update to 4.21.7
  * Windows security hardening locks out schannel'ed netlogon dc
    calls like netr_DsRGetDCName; (bsc#1246431); (bso#15876);
  * Trust domains are not created; (bso#15680);
  * Startup messages of rpc deamons fills /var/log/messages;
    (bso#15869);

- Update to 4.21.6
  * Running "gpo manage motd set" twice fails with backtrace;
    (bso#15774).
  * samba-tool gpo backup creates entity backups it can't read;
    (bso#15829).
  * gp_cert_auto_enroll_ext.py has problem unpacking GUIDs with
    prepended 0's; (bso#15839).
  * CVE-2025-0620 [SECURITY] smbd doesn't pick up group
    membership changes when re-authenticating an expired SMB
    session; (bso#15707), (bsc#1244136).
  * Deadlock between two smbd processes; (bso#15767).
  * net ad join fails with "Failed to join domain: failed to
    create kerberos keytab"; (bso#15727).
  * Wide link issue in samba 4.22; (bso#15841).
  * dcerpcd not able to bind to listening port; (bso#15851).
  * vfs_ceph_snapshots fails to list snapshots for entries at any
    level beyond share root; (bso#15819).
  * CTDB does not put nodes running NFS into grace on graceful
    shutdown; (bso#15858).

- Update to 4.21.5
  * ldb index cache is too small on known large transactions
    (schemaupgrade, provision); (bso#15795).
  * Enable support for cephfs case insensitive behavior;
    (bso#15822).
  * Subnet based interfaces definition not listening on all
    covered IP addresses; (bso#15823).
  * net ad join fails with "Failed to join domain: failed to
    create kerberos keytab"; (bso#15727); (bsc#1238063).
  * Remove of file or directory not possible with vfs_acl_tdb;
    (bso#15791).
  * Unable to connect to CephFS subvolume shares with
    vfs_shadow_copy2; (bso#15797).
  * Add async io API from libcephfs to ceph_new VFS module;
    (bso#15810).
  * vfs_ceph_new module does not work with other modules for
    snapshot management; (bso#15818).
  * vfs_ceph_new: Add path based fallback for SMB_VFS_FCHOWN,
    SMB_VFS_FCHMOD and SMB_VFS_FNTIMES; (bso#15834).
  * Incorrect FSF address in ctdb pcp scripts; (bso#15820).
  * "samba-tool domain backup offline" hangs; (bso#15804).

- Update to 4.21.4
  * Increasing slowness of sharesec performance with high number
    of registry shares; (bso#15780).
  * winbindd shows memleak in kerberos_decode_pac; (bso#15782).
  * Creation of GPOs applicable to more than one group is
    impossible with Samba 4.20.0 and later; (bso#15738).
  * Replace `crypt` module in
    python/samba/netcmd/user/readpasswords/common.py;
    (bso#15756).
  * vfs_gpfs silently garbles timestamps > year 2106;
    (bso#15151).
  * Spotlight search results don't show file size and creation
    date; (bso#15796).
  * General improvements for vfs_ceph_new module; (bso#15703).
  * net offlinejoin not working correctly; (bso#15777).
  * net ads create/join/winbind producing unix dysfunctional
    keytabs; (bso#15759).
  * Windows Explorer crashes on S-1-22-* Unix-SIDs when accessing
    security tab; (bso#14213).
  * The values from hresult_errstr_const and hresult_errstr are
    reversed in 4.20 and 4.21; (bso#15769).
  * Kerberos referral tickets are generated for principals in our
    domain if we have a trust to a top level domain; (bso#15778).
  * NETLOGON_NTLMV2_ENABLED is missing in the SamLogon*
    user_flags field; (bso#15783).
  * Regression: stack-use-after-return in crypt_as_best_we_can();
    (bso#15784).
  * libreplace:readline: gcc 15 complains about incompatible
    pointer types; (bso#15788).

- Update to 4.21.3
  * More possible replication loops against Azure AD;
    (bso#15701).
  * Compound rename from Mac clients can fail with
    NT_STATUS_INTERNAL_ERROR if the file has a lease;
    (bso#15697).
  * vfs crossrename seems not work correctly; (bso#15724).
  * After 'machine password timeout' /etc/krb5.keytab is not
    updated; (bso#6750).
  * Memory leak wbcCtxLookupSid; (bso#15771).
  * Fix heap-user-after-free with association groups;
    (bso#15765).
  * Segfault in vfs_btrfs; (bso#15758).
  * Avoid event failure race when disabling an event script;
    (bso#15755).
openssl-3
- Backport mdless cms signing support [jsc#PED-12895]
  * Add openssl-3-support-mdless-cms.patch
cyrus-sasl
- Add Channel Binding support for GSSAPI/GSS-SPNEGO; (bsc#1229655);
  (jsc#PED-12097); Add patch
  0009-Add-Channel-Binding-support-for-GSSAPI-GSS-SPNEGO.patch
- Add support for setting max ssf 0 to GSS-SPNEGO; (bsc#1229655);
  (jsc#PED-12097); Add patch
  0010-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO.patch
libssh
- Fix CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311)
  * Add patch libssh-CVE-2025-5318.patch
- Fix CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309)
  * Add patch libssh-CVE-2025-4877.patch
- Fix CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
  * Add patches:
  - libssh-CVE-2025-4878-1.patch
  - libssh-CVE-2025-4878-2.patch
- Fix CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314)
  * Add patch libssh-CVE-2025-5372.patch
systemd
- Import commit 278fb676146e35a7b4057f52f34a7bbaf1b82369
  aa12f501ae logs-show: get timestamp and boot ID only when necessary (bsc#1242827)
  e8b17d11bc sd-journal: drop to use Hashmap to manage journal files per boot ID
  ea80273738 tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate
  a5b3b5344f sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag
  5fa0600b34 sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added
  737e8193e7 sd-journal: cache last entry offset and journal file state
  057dca426f sd-journal: fix typo in function name

- Start the systemd-coredump.socket unit on systemd-coredump package
  installation.
- Restore the kernel default values of the coredump sysctl settings on
  systemd-coredump package removal.

- Import commit e08f49f2432509787abfb7f3fc0b2f2c459def04 (merge of v254.25)
  This merge includes the following fix:
    7fc7aa5a4d coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)
  For a complete list of changes, visit:
  https://github.com/openSUSE/systemd/compare/b0ae3b6e85b6a4030cf2adb88519a6ca0ffc1343...e08f49f2432509787abfb7f3fc0b2f2c459def04
- Drop 1021-Revert-macro-terminate-the-temporary-VA_ARGS_FOREACH.patch
  The SUSE specific patch has been integrated into the SUSE/v254 git
  branch. Some of the imported commits from the stable tree rely on the macro
  now.

- Import commit b0ae3b6e85b6a4030cf2adb88519a6ca0ffc1343
  41d2be2fb5 Revert "macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel" (SUSE specific)
libxml2
- security update
- added patches
  CVE-2025-49794 [bsc#1244554], heap use after free (UAF) can lead to Denial of service (DoS)
  CVE-2025-49796 [bsc#1244557], type confusion may lead to Denial of service (DoS)
  + libxml2-CVE-2025-49794,49796.patch
  CVE-2025-49795 [bsc#1244555], null pointer dereference may lead to Denial of service (DoS)
  + libxml2-CVE-2025-49795.patch

- security update
- added patches
  CVE-2025-6170 [bsc#1244700], stack buffer overflow may lead to a crash
  CVE-2025-6021 [bsc#1244580], Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
  + libxml2-CVE-2025-6170,6021.patch
mdadm
- monitor: Add MAILFROM address to email envelope to avoid smtp auth
  errors (bsc#1241474)
  * add 1008-mdmonitor-use-MAILFROM-to-set-sendmail-envelope-send.patch

- Allow any valid minor name in md device name (bsc#1240789)
  * add 1007-mdadm-allow-any-valid-minor-number-in-md-device-name.patch

- Add dependency on suse-module-tools for SLE15 (bsc#1242696)
openssh
- Add openssh-scp-umask-preserve-permissions.patch (bsc#1241667).
runc
- Update to runc v1.2.6. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.6>.

- Update to runc v1.2.5. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.5>.

- Update to runc v1.2.4. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.4>.
- Update runc.keyring to match upstream.

- Update to runc v1.2.3. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.3>.

- Update to runc v1.2.2. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.2>.

- Update to runc v1.2.1. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.1>.

- Update to runc v1.2.0. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.0>.
- Remove upstreamed patches.
  - 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  - 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  - 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
  - 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch

- Update to runc v1.2.0~rc3. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.2.0-rc.3>.
  Includes the patch for CVE-2024-45310. bsc#1230092
sudo
- Fix a possible local privilege escalation via the --host option
  [bsc#1245274, CVE-2025-32462]
- Fix a possible local privilege Escalation via chroot option
  [bsc#1245275, CVE-2025-32463]
vim
- Fix bsc#1228776 / CVE-2024-41965.
- Fix bsc#1239602 / CVE-2025-29768.
- Refresh patch:
  vim-7.3-sh_is_bash.patch
- Update to 9.1.1406:
  9.1.1406: crash when importing invalid tuple
  9.1.1405: tests: no test for mapping with special keys in session file
  9.1.1404: wrong link to Chapter 2 in new-tutor
  9.1.1403: expansion of 'tabpanelopt' value adds wrong values
  9.1.1402: multi-byte mappings not properly stored in session file
  9.1.1401: list not materialized in prop_list()
  9.1.1400: [security]: use-after-free when evaluating tuple fails
  9.1.1399: tests: test_codestyle fails for auto-generated files
  9.1.1398: completion: trunc does not follow Pmenu highlighting attributes
  9.1.1397: tabpanel not correctly updated on :tabonly
  9.1.1396: 'errorformat' is a global option
  9.1.1395: search_stat not reset when pattern differs in case
  9.1.1394: tabpanel not correctly redrawn on tabonly
  9.1.1393: missing test for switching buffers and reusing curbuf
  9.1.1392: missing patch number
  9.1.1391: Vim does not have a vertical tabpanel
  9.1.1390: style: more wrong indentation
  9.1.1389: completion: still some issue when 'isexpand' contains a space
  9.1.1388: Scrolling one line too far with 'nosmoothscroll' page scrolling
  9.1.1387: memory leak when buflist_new() fails to reuse curbuf
  9.1.1386: MS-Windows: some minor problems building on AARCH64
  9.1.1385: inefficient loop for 'nosmoothscroll' scrolling
  9.1.1384: still some problem with the new tutors filetype plugin
  9.1.1383: completion: 'isexpand' option does not handle space char correct
  9.1.1382: if_ruby: unused compiler warnings from ruby internals
  9.1.1381: completion: cannot return to original text
  9.1.1380: 'eventignorewin' only checked for current buffer
  9.1.1379: MS-Windows: error when running evim when space in path
  9.1.1378: sign without text overwrites number option
  9.1.1377: patch v9.1.1370 causes some GTK warning messages
  9.1.1376: quickfix dummy buffer may remain as dummy buffer
  9.1.1375: [security]: possible heap UAF with quickfix dummy buffer
  9.1.1374: completion: 'smartcase' not respected when filtering matches
  9.1.1373: 'completeopt' checking logic can be simplified
  9.1.1372: style: braces issues in various files
  9.1.1371: style: indentation and brace issues in insexpand.c
  9.1.1370: CI Tests favor GTK2 over GTK3
  9.1.1369: configure still using autoconf 2.71
  9.1.1368: GTK3 and GTK4 will drop numeric cursor support.
  9.1.1367: too many strlen() calls in gui.c
  9.1.1366: v9.1.1364 unintentionally changed sign.c and sound.c
  9.1.1365: MS-Windows: compile warnings and too many strlen() calls
  9.1.1364: style: more indentation issues
  9.1.1363: style: inconsistent indentation in various files
  9.1.1362: Vim9: type ignored when adding tuple to instance list var
  9.1.1361: [security]: possible use-after-free when closing a buffer
  9.1.1360: filetype: GNU Radio companion files are not recognized
  9.1.1359: filetype: GNU Radio config files are not recognized
  9.1.1358: if_lua: compile warnings with gcc15
  9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer
  9.1.1356: Vim9: crash when unletting variable
  9.1.1355: The pum_redraw() function is too complex
  9.1.1354: tests: Test_terminalwinscroll_topline() fails on Windows
  9.1.1353: missing change from v9.1.1350
  9.1.1352: style: inconsistent indent in insexpand.c
  9.1.1351: Return value of getcmdline() inconsistent in CmdlineLeavePre
  9.1.1350: tests: typo in Test_CmdlineLeavePre_cabbr()
  9.1.1349: CmdlineLeavePre may trigger twice
  9.1.1348: still E315 with the terminal feature
  9.1.1347: small problems with gui_w32.c
  9.1.1346: missing out-of-memory check in textformat.c
  9.1.1345: tests: Test_xxd_color2() test failure dump diff is misleading
  9.1.1344: double free in f_complete_match() (after v9.1.1341)
  9.1.1343: filetype: IPython files are not recognized
  9.1.1342: Shebang filetype detection can be improved
  9.1.1341: cannot define completion triggers
  9.1.1340: cannot complete :filetype arguments
  9.1.1339: missing out-of-memory checks for enc_to_utf16()/utf16_to_enc()
  9.1.1338: Calling expand() interferes with cmdcomplete_info()
  9.1.1337: Undo corrupted with 'completeopt' "preinsert" when switching buffer
  9.1.1336: comment plugin does not support case-insensitive 'commentstring'
  9.1.1335: Coverity complains about Null pointer dereferences
  9.1.1334: Coverity complains about unchecked return value
  9.1.1333: Coverity: complains about unutilized variable
  9.1.1332: Vim9: segfault when using super within a lambda
  9.1.1331: Leaking memory with cmdcomplete()
  9.1.1330: may receive E315 in terminal
  9.1.1329: cannot get information about command line completion
  9.1.1328: too many strlen() calls in indent.c
  9.1.1327: filetype: nroff detection can be improved
  9.1.1326: invalid cursor position after 'tagfunc'
  9.1.1325: tests: not checking error numbers properly
  9.1.1324: undefined behaviour if X11 connection dies
  9.1.1323: b:undo_ftplugin not executed when re-using buffer
  9.1.1322: small delete register cannot paste multi-line correctly
  9.1.1321: filetype: MS ixx and mpp files are not recognized
  9.1.1320: filetype: alsoft config files are not recognized
  9.1.1319: Various typos in the code, issue with test_inst_complete.vim
  9.1.1318: tests: test_format fails
  9.1.1317: noisy error when restoring folds from session fails
  9.1.1316: missing memory allocation failure in os_mswin.c
  9.1.1315: completion: issue with fuzzy completion and 'completefuzzycollect'
  9.1.1314: max allowed string width too small
  9.1.1313: compile warning about uninitialized value
  9.1.1312: tests: Test_backupskip() fails when HOME is defined
  9.1.1311: completion: not possible to limit number of matches
  9.1.1310: completion: redundant check for preinsert effect
  9.1.1309: tests: no test for 'pummaxwidth' with non-truncated "kind"
  9.1.1308: completion: cannot order matches by distance to cursor
  9.1.1307: make syntax does not reliably detect different flavors
  9.1.1306: completion menu rendering can be improved
  9.1.1305: completion menu active after switching windows/tabs
  9.1.1304: filetype: some man files are not recognized
  9.1.1303: missing out-of-memory check in linematch.c
  9.1.1302: Coverity warns about using uninitialized value
  9.1.1301: completion: cannot configure completion functions with 'complete'
  9.1.1300: wrong detection of -inf
  9.1.1299: filetype: mbsyncrc files are not recognized
  9.1.1298: define_function() is too long
  9.1.1297: Ctrl-D scrolling can get stuck
  9.1.1296: completion: incorrect truncation logic
  9.1.1295: clientserver: does not handle :stopinsert correctly
  9.1.1294: gui tabline menu does not use confirm when closing tabs
  9.1.1293: comment plugin does not handle 'exclusive' selection for comment object
  9.1.1292: statusline not correctly evaluated
  9.1.1291: too many strlen() calls in buffer.c
  9.1.1290: tests: missing cleanup in test_filetype.vim
  9.1.1289: tests: no test for matchparen plugin with WinScrolled event
  9.1.1288: Using wrong window in ll_resize_stack()
  9.1.1287: quickfix code can be further improved
  9.1.1286: filetype: help files not detected when 'iskeyword' includes ":"
  9.1.1285: Vim9: no error message for missing method after "super."
  9.1.1284: not possible to configure pum truncation char
  9.1.1283: quickfix stack is limited to 10 items
  9.1.1282: Build and test failure without job feature
  9.1.1281: extra newline output when editing stdin
  9.1.1280: trailing additional semicolon in get_matches_in_str()
  9.1.1279: Vim9: null_object and null_class are no reserved names
  9.1.1278: Vim9: too long functions in vim9type.c
  9.1.1277: tests: trailing comment char in test_popupwin
  9.1.1276: inline word diff treats multibyte chars as word char
  9.1.1275: MS-Windows: Not possible to pass additional flags to Make_mvc
  9.1.1274: Vim9: no support for object<type> as variable type
  9.1.1273: Coverity warns about using uninitialized value
  9.1.1272: completion: in keyword completion Ctrl_P cannot go back after Ctrl_N
  9.1.1271: filetype: Power Query files are not recognized
  9.1.1270: missing out-of-memory checks in buffer.c
  9.1.1269: completion: compl_shown_match is updated when starting keyword completion
  9.1.1268: filetype: dax files are not recognized
  9.1.1267: Vim9: no support for type list/dict<object<any>>
  9.1.1266: MS-Windows: type conversion warnings
  9.1.1265: tests: no tests for typing normal char during completion
  9.1.1264: Vim9: error when comparing objects
  9.1.1263: string length wrong in get_last_inserted_save()
  9.1.1262: heap-buffer-overflow with narrow 'pummaxwidth' value
  9.1.1261: No test for 'pummaxwidth' non-truncated items
  9.1.1260: Hang when filtering buffer with NUL bytes
  9.1.1259: some issues with comment package and tailing spaces
  9.1.1258: regexp: max \U and \%U value is limited by INT_MAX
  9.1.1257: Mixing vim_strsize() with mb_ptr2cells() in pum_redraw()
  9.1.1256: if_python: duplicate tuple data entries
  9.1.1255: missing test condition for 'pummaxwidth' setting
  9.1.1254: need more tests for the comment plugin
  9.1.1253: abort when closing window with attached quickfix data
  9.1.1252: typos in code and docs related to 'diffopt' "inline:"
  9.1.1251: if_python: build error with tuples and dynamic python
  9.1.1250: cannot set the maximum popup menu width
  9.1.1249: tests: no test that 'listchars' "eol" doesn't affect "gM"
  9.1.1248: compile error when building without FEAT_QUICKFIX
  9.1.1247: fragile setup to get (preferred) keys from key_name_entry
  9.1.1246: coverity complains about some changes in v9.1.1243
  9.1.1245: need some more tests for curly braces evaluation
  9.1.1244: part of patch v9.1.1242 was wrong
  9.1.1243: diff mode is lacking for changes within lines
  9.1.1242: Crash when evaluating variable name
  9.1.1241: wrong preprocessort indentation in term.c
  9.1.1240: Regression with ic/ac text objects and comment plugin
  9.1.1239: if_python: no tuple data type support
  9.1.1238: wrong cursor column with 'set splitkeep=screen'
  9.1.1237: Compile error with C89 compiler in term.c
  9.1.1236: tests: test_comments leaves swapfiles around
  9.1.1235: cproto files are outdated
  9.1.1234: Compile error when SIZE_MAX is not defined
  9.1.1233: Coverity warns about NULL pointer when triggering WinResized
  9.1.1232: Vim script is missing the tuple data type
  9.1.1231: filetype: SPA JSON files are not recognized
  9.1.1230: inconsistent CTRL-C behaviour for popup windows
  9.1.1229: the comment plugin can be improved
  9.1.1228: completion: current position column wrong after got a match
  9.1.1227: no tests for the comment package
  9.1.1226: "shellcmdline" completion doesn't work with input()
  9.1.1225: extra NULL check in VIM_CLEAR()
  9.1.1224: cannot :put while keeping indent
  9.1.1223: wrong translation used for encoding failures
  9.1.1222: using wrong length for last inserted string
  9.1.1221: Wrong cursor pos when leaving Insert mode just after 'autoindent'
  9.1.1220: filetype: uv.lock file not recognized
  9.1.1219: Strange error with wrong type for matchfuzzy() "camelcase"
  9.1.1218: missing out-of-memory check in filepath.c
  9.1.1217: tests: typos in test_matchfuzzy.vim
  9.1.1216: Pasting the '.' register multiple times may not work
  9.1.1215: Patch 9.1.1213 has some issues
  9.1.1214: matchfuzzy() can be improved for camel case matches
  9.1.1213: cannot :put while keeping indent
  9.1.1212: too many strlen() calls in edit.c
  9.1.1212: filetype: logrotate'd pacmanlogs are not recognized
  9.1.1211: TabClosedPre is triggered just before the tab is being freed
  9.1.1210: translation(ru): missing Russian translation for the new tutor
  9.1.1209: colorcolumn not drawn after virtual text lines
  9.1.1208: MS-Windows: not correctly restoring alternate screen on Win 10
  9.1.1207: MS-Windows: build warning in filepath.c
  9.1.1206: tests: test_filetype fails when a file is a directory
  9.1.1205: completion: preinserted text not removed when closing pum
  9.1.1204: MS-Windows: crash when passing long string to expand()
  9.1.1203: matchparen keeps cursor on case label in sh filetype
  9.1.1202: Missing TabClosedPre autocommand
  9.1.1201: 'completefuzzycollect' does not handle dictionary correctly
  9.1.1200: cmdline pum not cleared for input() completion
  9.1.1199: gvim uses hardcoded xpm icon file
  9.1.1198: [security]: potential data loss with zip.vim
  9.1.1197: process_next_cpt_value() uses wrong condition
  9.1.1196: filetype: config files for container tools are not recognized
  9.1.1195: inside try-block: fn body executed with default arg undefined
  9.1.1194: filetype: false positive help filetype detection
  9.1.1193: Unnecessary use of STRCAT() in au_event_disable()
  9.1.1192: Vim crashes with term response debug logging enabled
  9.1.1191: tests: test for patch 9.1.1186 doesn't fail without the patch
  9.1.1190: C indentation does not detect multibyte labels
  9.1.1189: if_python: build error due to incompatible pointer types
  9.1.1188: runtime(tera): tera support can be improved
  9.1.1187: matchparen plugin wrong highlights shell case statement
  9.1.1186: filetype: help files in git repos are not detected
  9.1.1185: endless loop with completefuzzycollect and no match found
  9.1.1184: Unnecessary use of vim_tolower() in vim_strnicmp_asc()
  9.1.1083: "above" virtual text breaks cursorlineopt=number
  9.1.1182: No cmdline completion for 'completefuzzycollect'
  9.1.1181: Unnecessary STRLEN() calls in insexpand.c
  9.1.1180: short-description
  9.1.1179: too many strlen() calls in misc2.c
  9.1.1178: not possible to generate completion candidates using fuzzy matching
  9.1.1177: filetype: tera files not detected