- NetworkManager
-
- Drop nm-add-CAP_CHOWN-capability.patch: This solution was denied
by upstream maintainers.
- Add nm-add-CAP_CHOWN-capability.patch: Add CAP_CHOWN to
CapabilityBoundingSet to make teamd work properly
(glfo#NetworkManager/NetworkManager!860, bsc#1185424).
- Exclude systemd.automount from nfs processing: fix boo#1116625
as suggested from Neil Brown
- SUSEConnect
-
- Update to 0.3.32
- Allow --regcode and --instance-data attributes at the same time (jsc#PCT-164)
- Document that 'debug' can also get set in the config file
- --status will also print the subscription name
- Update to 0.3.31
- Disallow registering via SUSEConnect if the system is managed by SUSE Manager.
- Add subscription name to output of 'SUSEConnect --status'
- Update to 0.3.30
- send payload of GET requests as part of the url,
not in the body (see bsc#1185611)
- apache2
-
fix CVE-2021-40438 [bsc#1190703], SSRF via a crafted request uri-path
+ apache2-CVE-2021-40438.patch
fix CVE-2021-36160 [bsc#1190702], out-of-bounds read via a crafted request uri-path
+ apache2-CVE-2021-36160.patch
fix CVE-2021-39275 [bsc#1190666], out-of-bounds write in ap_escape_quotes() via malicious input
+ apache2-CVE-2021-39275.patch
fix CVE-2021-34798 [bsc#1190669], NULL pointer dereference via malformed requests
+ apache2-CVE-2021-34798.patch
- security update
- added patches
fix CVE-2021-33193 [bsc#1189387], Request splitting via HTTP/2 method injection and mod_proxy
+ apache2-CVE-2021-33193.patch
- security update
- added patches
- apache2-mod_wsgi-python3
-
- Enable installation of Python sitelib wrapper
This enabled Python Projects to require mod_wsgi in the install_requires
without receiving a "/DistributionNotFound"/ error on entrypoint script
generated by setuptools
- Backport of https://build.opensuse.org/request/show/794038
- Fixes bsc#1189467
- apparmor
-
- Don't provide python2 symbol for python3 package (bsc#1191690).
- Be explicit about using python2 macros, when needed.
- augeas
-
- Allow all printable ASCII characters in WPA-PSK definition
* augeas-allow_printable_ASCII.patch
* bsc#1187512
* Sourced from https://github.com/hercules-team/augeas/pull/723/commits
* Credit to Michal Filka <mfilka@suse.com
- autoyast2
-
- Add the "/keep_unknown_lv"/ element to the partitioning schema
(bsc#1191968).
- 4.3.91
- Add the "/hostname"/ element to the rules schema (bsc#1190696).
- 4.3.90
- Ensure closing notification pop-ups even if a user script
was not executed to prevent "/No widget with ID ..."/ error pop-up
(bsc#1188930, bsc#1188716)
- 4.3.89
- Fixed handling of the "/final_reboot"/ and "/final_halt"/ options,
add the custom scripts only once and avoid displaying
a warning popup during installation (bsc#1188356)
- 4.3.88
- Copy the init-scripts to the right location during 1st stage
(bsc#1188360).
- 4.3.87
- bash
-
- Add patch bash-4.4-jobctrl.patch to allow process group asignment
even for modern kernels (bsc#1057452, bsc#1188287)
- bind
-
- Since BIND 9.9, it has been easier to use tsig-keygen and
ddns-confgen to generare TSIG keys. In 9.13, TSIG support was
removed from dnssec-keygen, so now it is just for DNSKEY (and KEY
for obscure cases). tsig-keygen is now used to generate DDNS keys.
[bsc#1187921, vendor-files.tar.bz2]
- binutils
-
- Add binutils-revert-hlasm-insns.diff for compatibility on old
code stream that expect 'brcl 0,label' to not be disassembled
as 'jgnop label' on s390x. [bsc#1192267]
- Rebase binutils-2.37-branch.diff: fixes PR28523 aka boo#1188941.
- Fix empty man-pages from broken release tarball [PR28144].
- Update binutils-skip-rpaths.patch with contained a memory corruption
(boo#1191473).
- Configure with --disable-x86-used-note on old code streams.
- Disable libalternatives temporarily for build cycle reasons.
- make TARGET-bfd=headers again, we patch bfd-in.h
- This state submitted to SLE12 and SLE15 code streams for annual
toolchain update. [jsc#PM-2767, jsc#SLE-21561, jsc#SLE-19618]
- Bump binutils-2.37-branch.diff to 66d5c7003, to include fixes for
PR28422, PR28192, PR28391. Also adds some s390x arch14
instructions [jsc#SLE-18637].
- Using libalternatives instead of update-alternatives.
- Adjust for testsuite fails on older products that configure
binutils in different ways, adds binutils-compat-old-behaviour.diff
and adjusts binutils-revert-nm-symversion.diff and
binutils-revert-plt32-in-branches.diff.
- Bump binutils-2.37-branch.diff: fixes PR28138.
- Use LTO & PGO build.
- Update to binutils 2.37:
* The GNU Binutils sources now requires a C99 compiler and library to
build.
* Support for the arm-symbianelf format has been removed.
* Support for Realm Management Extension (RME) for AArch64 has been
added.
* A new linker option '-z report-relative-reloc' for x86 ELF targets
has been added to report dynamic relative relocations.
* A new linker option '-z start-stop-gc' has been added to disable
special treatment of __start_*/__stop_* references when
- -gc-sections.
* A new linker options '-Bno-symbolic' has been added which will
cancel the '-Bsymbolic' and '-Bsymbolic-functions' options.
* The readelf tool has a new command line option which can be used to
specify how the numeric values of symbols are reported.
- -sym-base=0|8|10|16 tells readelf to display the values in base 8,
base 10 or base 16. A sym base of 0 represents the default action
of displaying values under 10000 in base 10 and values above that in
base 16.
* A new format has been added to the nm program. Specifying
'--format=just-symbols' (or just using -j) will tell the program to
only display symbol names and nothing else.
* A new command line option '--keep-section-symbols' has been added to
objcopy and strip. This stops the removal of unused section symbols
when the file is copied. Removing these symbols saves space, but
sometimes they are needed by other tools.
* The '--weaken', '--weaken-symbol' and '--weaken-symbols' options
supported by objcopy now make undefined symbols weak on targets that
support weak symbols.
* Readelf and objdump can now display and use the contents of .debug_sup
sections.
* Readelf and objdump will now follow links to separate debug info
files by default. This behaviour can be stopped via the use of the
new '-wN' or '--debug-dump=no-follow-links' options for readelf and
the '-WN' or '--dwarf=no-follow-links' options for objdump. Also
the old behaviour can be restored by the use of the
'--enable-follow-debug-links=no' configure time option.
The semantics of the =follow-links option have also been slightly
changed. When enabled, the option allows for the loading of symbol
tables and string tables from the separate files which can be used
to enhance the information displayed when dumping other sections,
but it does not automatically imply that information from the
separate files should be displayed.
If other debug section display options are also enabled (eg
'--debug-dump=info') then the contents of matching sections in both
the main file and the separate debuginfo file *will* be displayed.
This is because in most cases the debug section will only be present
in one of the files.
If however non-debug section display options are enabled (eg
'--sections') then the contents of matching parts of the separate
debuginfo file will *not* be displayed. This is because in most
cases the user probably only wanted to load the symbol information
from the separate debuginfo file. In order to change this behaviour
a new command line option --process-links can be used. This will
allow di0pslay options to applied to both the main file and any
separate debuginfo files.
* Nm has a new command line option: '--quiet'. This suppresses "/no
symbols"/ diagnostic.
- Includes fixes for these CVEs:
bnc#1181452 aka CVE-2021-20197 aka PR26945
bnc#1183511 aka CVE-2021-20284 aka PR26931
bnc#1184519 aka CVE-2021-20294 aka PR26929
bnc#1184620 aka CVE-2021-3487 aka PR26946
bnc#1184794 aka CVE-2020-35448 aka PR26574
- Also fixes:
bsc#1183909 - slow performance of stripping some binaries
- Rebased patches: binutils-build-as-needed.diff, binutils-fix-abierrormsg.diff,
binutils-fix-invalid-op-errata.diff, binutils-fix-relax.diff,
binutils-revert-nm-symversion.diff, binutils-revert-plt32-in-branches.diff
- Removed patches (are in upstream): ppc-ensure-undef-dynamic-weak-undefined.patch and
ppc-use-local-plt.patch.
- Add binutils-2.37-branch.diff.gz.
- ppc-ensure-undef-dynamic-weak-undefined.patch: PPC: ensure_undef_dynamic
on weak undef only in plt
- ppc-use-local-plt.patch: PowerPC use_local_plt (prerequisite for above
patch)
- Update 2.36 branch diff which fixes PR27587.
- Do not run make TARGET-bfd=headers separately.
- Bump 2.36 branch diff (includes fix for PR27441 aka bsc#1182252).
- Bump 2.36 branch diff.
- Update 2.36 branch diff which should fix PR27311 completely.
It fixes also PR27284.
- Remove temporary fix 0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch.
- Add temporary upstream fix for PR27311
0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch.
- Update to binutils 2.36:
New features in the Assembler:
General:
* When setting the link order attribute of ELF sections, it is now
possible to use a numeric section index instead of symbol name.
* Added a .nop directive to generate a single no-op instruction in
a target neutral manner. This instruction does have an effect on
DWARF line number generation, if that is active.
* Removed --reduce-memory-overheads and --hash-size as gas now
uses hash tables that can be expand and shrink automatically.
X86/x86_64:
* Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key
Locker instructions.
* Support non-absolute segment values for lcall and ljmp.
* Add {disp16} pseudo prefix to x86 assembler.
* Configure with --enable-x86-used-note by default for Linux/x86.
ARM/AArch64:
* Add support for Cortex-A78, Cortex-A78AE and Cortex-X1,
Cortex-R82, Neoverse V1, and Neoverse N2 cores.
* Add support for ETMv4 (Embedded Trace Macrocell), ETE (Embedded
Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call
Stack Recorder Extension) and BRBE (Branch Record Buffer
Extension) system registers.
* Add support for Armv8-R and Armv8.7-A ISA extensions.
* Add support for DSB memory nXS barrier, WFET and WFIT
instruction for Armv8.7.
* Add support for +csre feature for -march. Add CSR PDEC
instruction for CSRE feature in AArch64.
* Add support for +flagm feature for -march in Armv8.4 AArch64.
* Add support for +ls64 feature for -march in Armv8.7
AArch64. Add atomic 64-byte load/store instructions for this
feature.
* Add support for +pauth (Pointer Authentication) feature for
- march in AArch64.
New features in the Linker:
* Add --error-handling-script=<NAME> command line option to allow
a helper script to be invoked when an undefined symbol or a
missing library is encountered. This option can be suppressed
via the configure time switch: --enable-error-handling-script=no.
* Add -z x86-64-{baseline|v[234]} to the x86 ELF linker to mark
x86-64-{baseline|v[234]} ISA level as needed.
* Add -z unique-symbol to avoid duplicated local symbol names.
* The creation of PE format DLLs now defaults to using a more
secure set of DLL characteristics.
* The linker now deduplicates the types in .ctf sections. The new
command-line option --ctf-share-types describes how to do this:
its default value, share-unconflicted, produces the most compact
output.
* The linker now omits the "/variable section"/ from .ctf sections
by default, saving space. This is almost certainly what you
want unless you are working on a project that has its own
analogue of symbol tables that are not reflected in the ELF
symtabs.
New features in other binary tools:
* The ar tool's previously unused l modifier is now used for
specifying dependencies of a static library. The arguments of
this option (or --record-libdeps long form option) will be
stored verbatim in the __.LIBDEP member of the archive, which
the linker may read at link time.
* Readelf can now display the contents of LTO symbol table
sections when asked to do so via the --lto-syms command line
option.
* Readelf now accepts the -C command line option to enable the
demangling of symbol names. In addition the --demangle=<style>,
- -no-demangle, --recurse-limit and --no-recurse-limit options
are also now availale.
- Includes fixes for these CVEs:
bnc#1179898 aka CVE-2020-16590 aka PR25821
bnc#1179899 aka CVE-2020-16591 aka PR25822
bnc#1179900 aka CVE-2020-16592 aka PR25823
bnc#1179901 aka CVE-2020-16593 aka PR25827
bnc#1179902 aka CVE-2020-16598 aka PR25840
bnc#1179903 aka CVE-2020-16599 aka PR25842
bnc#1180451 aka CVE-2020-35493 aka PR25307
bnc#1180454 aka CVE-2020-35496 aka PR25308
bnc#1180461 aka CVE-2020-35507 aka PR25308
- Rebase the following patches:
* binutils-fix-relax.diff
* binutils-revert-nm-symversion.diff
* binutils-revert-plt32-in-branches.diff
- Add missing dependency on bc (ld.gold testsuite uses it).
- Use --enable-obsolete for cross builds as ia64 is deprecated now.
- Add binutils-2.36-branch.diff.gz.
- c-ares
-
- 5c995d5.patch: augment input validation on hostnames to allow _
as part of DNS response (bsc#1190225)
- Version update to git snapshot 1.17.1+20200724:
* fixes missing input validation on hostnames returned by DNS
servers (bsc#1188881, CVE-2021-3672)
* If ares_getaddrinfo() was terminated by an ares_destroy(),
it would cause crash
* Crash in sortaddrinfo() if the list size equals 0 due to
an unexpected DNS response
* Expand number of escaped characters in DNS replies as
per RFC1035 5.1 to prevent spoofing
* Use unbuffered /dev/urandom for random data to prevent early startup
performance issues
- missing_header.patch: upstreamed
- ca-certificates-mozilla
-
- remove the DST_Root_CA_X3.pem trust, as it expires september 30th 2021.
(bsc#1190858)
- cobbler
-
- Fixed modify_setting test to complete successfully
- Added:
* v3-1-2-fix-failing-test-after-cve-fix.patch
- Fixed Remote Code Execution in the XMLRPC API which additionally
allowed arbitrary file read and write as root
(bsc#1189458, CVE-2021-40323, CVE-2021-40324, CVE-2021-40325)
- This patch introduces a regression where valid log data from Anamon
(Red Hat Autoinstallation Process) uploaded to cobbler may be rejected
- Added:
* v3-1-2-arbitrary-file-read-write-plus-RCE.patch
- containerd
-
- Update to containerd v1.4.11, to fix CVE-2021-41103 bsc#1191121. bsc#1191355
- Switch to Go 1.16.x compiler, in line with upstream.
- Install systemd service file as well (fixes bsc#1190826)
- Update to containerd v1.4.8, to fix CVE-2021-32760. bsc#1188282
- Remove upstreamed patches:
- bsc1188282-use-chmod-path-for-checking-symlink.patch
[ This patch was only released in SLES and Leap. ]
- Add patch for GHSA-c72p-9xmj-rx3w. CVE-2021-32760 bsc#1188282
- Build with go1.15 for reproducible build results (boo#1102408)
- cpio
-
- Add another patch to fix regression (bsc#1189465)
* fix-CVE-2021-38185_3.patch
- Fix regression in last update (bsc#1189465)
* fix-CVE-2021-38185_2.patch
- Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr
(CVE-2021-38185, bsc#1189206)
* fix-CVE-2021-38185.patch
- cpu-mitigations-formula
-
- Version 0.4.0
- Add SLES 15 SP3 and openSUSE Leap 15.3 to supported versions
- createrepo_c
-
- removed %is_opensuse (CtLG)
- disabled drpm for SLE/Leap 15.3
- Update to 0.16.0
+ Never do dir walk when --recycle-pkglist specified
+ Add automatic module metadata handling for repos (rh#1795936)
- Update to 0.15.11
+ Add python unittest for invalid date in updateinfo record get_datetime
+ Simplify case when attr is empty (prevents covscan warnings)
+ Fix couple of memory leaks, some mistakenly dead code and error handling
+ Add --arch-expand option
+ Fix spelling errors.
- Update to 0.15.7
+ Add relogin_suggested to updatecollectionpackage (rh#1779751)
+ Support issued date in epoch format in Python API (rh#1779751)
- Update to 0.15.6
+ Set global_exit_status on sigint so that .repodata are cleaned up
+ Fix various issues discovered by covscans (rh#1789707)
+ Enhance error handling when locating repositories (rh#1762697)
+ Switch updateinfo to explicitly include bool values (rh#1772466)
+ add --recycle-pkglist option
+ use pkg href for cache lookup with --update
+ Sync --excludes matching for dir-walk vs. --pkglist
- cronie
-
- Increase limit of allowed entries in crontab files to fix bsc#1187508
* cronie-1.5.1-increase_crontab_limit.patch
- curl
-
- MIME: Properly check Content-Type even if it has parameters
* Add curl-check-content-type.patch [bsc#1190153]
- Security fix: [bsc#1190374, CVE-2021-22947]
* STARTTLS protocol injection via MITM
* Add curl-CVE-2021-22947.patch
- Security fix: [bsc#1190373, CVE-2021-22946]
* Protocol downgrade required TLS bypassed
* Add curl-CVE-2021-22946.patch
- dbus-1
-
- Add missing patch for CVE-2020-12049
* fix-upstream-CVE-2020-12049_2.patch
- Fix CVE-2020-12049 truncated messages lead to resource exhaustion
(CVE-2020-12049, bsc#1172505)
* fix-upstream-CVE-2020-12049.patch
- Rebased fix-CVE-2019-12749.patch
- docker
-
- Update to Docker 20.10.9-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1191355
CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
* 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Switch to Go 1.16.x compiler, in line with upstream.
- Add patch to return ENOSYS for clone3 to avoid breaking glibc again.
bsc#1190670
+ 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Add shell requires for the *-completion subpackages.
- dracut
-
- Update to version 049.1+suse.209.gebcf4f33:
* fix(systemd): add unit files for systemd-coredump (bsc#1190845)
- Update to version 049.1+suse.207.g72a93d93:
* fcoe/fcoe-genrules.sh: use $name instead of $env{INTERFACE} (bsc#1186260)
* fix: /var/lib/nfs/statd/sm is /var/lib/nfs/sm on SUSE (bsc#1184970)
- Update to version 049.1+suse.203.g8ee14a90:
* fix(suse-initrd): use $kernel rather than $(uname -r)
* fix(suse-initrd): exclude modules that are built-in (bsc#1185646)
* fix(suse-initrd): inform on usage of obsolete -f parameter (bsc#1187470)
* docs: fix reference to insmodpost module (bsc#1187774)
- Update to version 049.1+suse.196.g8706843b:
* fix(suse-initrd): restore INITRD_MODULES in mkinitrd script
* fix(suse-initrd): call dracut_instmods with hostonly=
- Update to version 049.1+suse.192.g00425ead:
* fix(suse-initrd): remove references to INITRD_MODULES (bsc#1187115)
* fix(suse-initrd) fix list of modprobe.d directories
* fix(install): handle $LIB in ldd output parsing (bsc#1185615)
- efibootmgr
-
- file
-
- Add patch bsc1189996-9fbe768a.patch to fix bsc#1189996
- gcc
-
- With gcc-PIE add -pie even when -fPIC is specified but we are
not linking a shared library. [boo#1185348]
- Fix postun of gcc-go alternative.
- glibc
-
- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify
(CVE-2021-33574, bsc#1186489, BZ #27896)
- wordexp-param-overflow.patch: wordexp: handle overflow in positional
parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)
- google-guest-oslogin
-
- Update to version 20210728.00 (bsc#1188992, bsc#1189041)
* JSON object cleanup (#65)
- Update to version 20210707.00
* throw exceptions in cache_refresh (#64)
- from version 20210702.00
* Use IP address for calling the metadata server. (#63)
- Update to version 20210618.00
* flush each group member write (#62)
- grub2
-
- Fix error not a btrfs filesystem on s390x (bsc#1187645)
* 80_suse_btrfs_snapshot
- Fix error gfxterm isn't found with multiple terminals (bsc#1187565)
* grub2-fix-error-terminal-gfxterm-isn-t-found.patch
- Fix boot failure after kdump due to the content of grub.cfg is not
completed with pending modificaton in xfs journal (bsc#1186975)
* grub-install-force-journal-draining-to-ensure-data-i.patch
- Patch refreshed
* grub2-mkconfig-default-entry-correction.patch
- hwdata
-
- Update to version 0.351 (bsc#1190091):
+ Updated pci, usb and vendor ids.
- Update to version 0.350 (bsc#1189005):
+ Updated pci, usb and vendor ids.
- Update to version 0.349 (bsc#1187948):
- insserv-compat
-
- Require sysvinit-tools (boo#1187941)
- iproute2
-
ss-fix-end-of-line-printing-in-misc-ss.c.patch
xfrm-also-check-for-ipv6-state-in-xfrm_state_keep.patch
bridge-Fix-typo.patch
bridge-Fix-output-with-empty-vlan-lists.patch
tc-action-fix-time-values-output-in-JSON-format.patch
Revert-bpf-replace-snprintf-with-asprintf-when-deali.patch
bpf-Fixes-a-snprintf-truncation-warning.patch
tipc-fixed-a-compile-warning-in-tipc-link.c.patch
ip-xfrm-update-man-page-on-setting-printing-XFRMA_IF.patch
bridge-fdb-show-fix-fdb-entry-state-output-for-json-.patch
ip-link-Fix-indenting-in-help-text.patch
ip-iplink_ipoib.c-Remove-extra-spaces.patch
devlink-fix-uninitialized-warning.patch
bridge-fix-string-length-warning.patch
f_u32-fix-compiler-gcc-10-compiler-warning.patch
rdma-Fix-statistics-bind-unbing-argument-handling.patch
lib-namespace-fix-ip-all-netns-return-code.patch
lib-bpf-Fix-and-simplify-bpf_mnt_check_target.patch
lib-fs-avoid-double-call-to-mkdir-on-make_path.patch
q_cake-Fix-incorrect-printing-of-signed-values-in-cl.patch
ip-xfrm-limit-the-length-of-the-security-context-nam.patch
erspan-fix-JSON-output.patch
devlink-always-check-strslashrsplit-return-value.patch
nexthop-fix-memory-leak-in-add_nh_group_attr.patch
rdma-stat-initialize-ret-in-stat_qp_show_parse_cb.patch
rdma-stat-fix-return-code.patch
lib-bpf_legacy-treat-0-as-a-valid-file-descriptor.patch
lib-bpf_legacy-fix-missing-socket-close-when-connect.patch
ip-drop-2-char-command-assumption.patch
man-fix-syntax-for-ip-link-property.patch
lib-bpf_legacy-avoid-to-pass-invalid-argument-to-clo.patch
ip-route-ignore-ENOENT-during-save-if-RT_TABLE_MAIN-.patch
libnetlink-check-error-handler-is-present-before-a-c.patch
ipmonitor-Fix-recvmsg-with-ancillary-data.patch
tc-u32-Fix-key-folding-in-sample-option.patch
man-bridge-fix-the-typo-to-change-c-lor-into-c-olor-.patch
ss-fix-fallback-to-procfs-for-raw-sockets.patch
iptuntap-fix-multi-queue-flag-display.patch
tc-f_flower-fix-port-range-parsing.patch
lib-bpf_legacy-fix-bpffs-mount-when-sys-fs-bpf-exist.patch
- refresh:
ip-link_gre-Do-not-send-ERSPAN-attributes-to-GRE-tun.patch
tc-fq_codel-fix-class-stat-deficit-is-signed-int.patch
- follow-up fixes backported from upstream (bsc#1160242):
ip-link_gre-Do-not-send-ERSPAN-attributes-to-GRE-tun.patch
tc-fq_codel-fix-class-stat-deficit-is-signed-int.patch
- follow-up fixes backported from upstream (bsc#1160242):
- java-11-openjdk
-
- Added patch:
* fips.patch
+ implement FIPS support in OpenJDK
- Modified patch:
* nss-security-provider.patch
+ revert recent changes making NSS provider the default one
+ fixes bsc#1190252
- Added patch:
* jdk11-glibc234.patch
+ fix build with glibc-2.34 (bsc#1189201)
- riscv64-zero.patch: Add support for riscv64 (zero VM)
- Update to upstream tag jdk-11.0.12+7 (July 2021, CPU)
* Security fixes
+ JDK-8256157: Improve bytecode assembly
+ JDK-8256491: Better HTTP transport
+ JDK-8258432, CVE-2021-2341, bsc#1188564: Improve file
transfers
+ JDK-8260453: Improve Font Bounding
+ JDK-8260960: Signs of jarsigner signing
+ JDK-8260967, CVE-2021-2369, bsc#1188565: Better jar file
validation
+ JDK-8262380: Enhance XML processing passes
+ JDK-8262403: Enhanced data transfer
+ JDK-8262410: Enhanced rules for zones
+ JDK-8262477: Enhance String Conclusions
+ JDK-8262967: Improve Zip file support
+ JDK-8264066, CVE-2021-2388, bsc#1188566: Enhance compiler
validation
+ JDK-8264079: Improve abstractions
+ JDK-8264460: Improve NTLM support
* Other changes
+ JDK-6847157: java.lang.NullPointerException: HDC for
component at sun.java2d.loops.Blit.Blit
+ JDK-7106851: Test should not use System.exit
+ JDK-8073446: TimeZone getOffset API does not return a dst
offset between years 2038-2137
+ JDK-8076190: Customizing the generation of a PKCS12 keystore
+ JDK-8153005: Upgrade the default PKCS12 encryption/MAC
algorithms
+ JDK-8171303: sun/java2d/pipe/InterpolationQualityTest.java
fails on Windows & Linux
+ JDK-8177068: incomplete classpath causes NPE in Flow
+ JDK-8185734: [Windows] Structured Exception Catcher missing
around gtest execution
+ JDK-8187450: JNI local refs exceeds capacity warning in
NetworkInterface::getAll
+ JDK-8190763: Class cast exception on (CompoundEdit)
UndoableEditEvent.getEdit()
+ JDK-8195841: PNGImageReader.readNullTerminatedString() doesnt
check for non-null terminated strings with length equal to
maxLen
+ JDK-8196100: javax/swing/text/JTextComponent/5074573/
/bug5074573.java fails
+ JDK-8199646: JShell tests: jdk/jshell/
/FailOverDirectExecutionControlTest.java failed with
java.lang.UnsupportedOperationException
+ JDK-8206925: Support the certificate_authorities extension
+ JDK-8207160: ClassReader::adjustMethodParams can potentially
return null if the args list is empty
+ JDK-8207247: AARCH64: Enable Minimal and Client VM builds
+ JDK-8207404: MulticastSocket tests failing on AIX
+ JDK-8207779: Method::is_valid_method() compares 'this' with
NULL
+ JDK-8208061: runtime/LoadClass/TestResize.java fails with
"/Load factor too high"/ when running in CDS mode.
+ JDK-8209459: TestSHA512MultiBlockIntrinsics failed on AArch64
+ JDK-8210443: Migrate Locale matching tests to JDK Repo.
+ JDK-8213231: ThreadSnapshot::_threadObj can become stale
+ JDK-8213483: ARM32: runtime/ErrorHandling/
/ShowRegistersOnAssertTest.java jtreg test fail
+ JDK-8213725: JShell NullPointerException due to class file
with unexpected package
+ JDK-8213794: ARM32: disable TypeProfiling,
CriticalJNINatives, Serviceablity tests for ARM32
+ JDK-8213845: ARM32: Interpreter doesn't call result handler
after native calls
+ JDK-8214128: ARM32: wrong stack alignment on
Deoptimization::unpack_frames
+ JDK-8214512: ARM32: Jtreg test compiler/c2/Test8062950.java
fails on ARM
+ JDK-8214854: JDWP: Unforseen output truncation in logging
+ JDK-8214922: Add vectorization support for fmin/fmax
+ JDK-8215009: GCC 8 compilation error in libjli
+ JDK-8216184: CDS/appCDS tests failed on Windows due to long
path to a classlist file
+ JDK-8216259: AArch64: Vectorize Adler32 intrinsics
+ JDK-8216314: SIGILL in CodeHeapState::print_names()
+ JDK-8217348: assert(thread->is_Java_thread()) failed: just
checking
+ JDK-8217465: [REDO] - Optimize CodeHeap Analytics
+ JDK-8217561: X86: Add floating-point Math.min/max intrinsics
+ JDK-8217918: C2: -XX:+AggressiveUnboxing is broken
+ JDK-8218458: [TESTBUG] runtime/NMT/
/CheckForProperDetailStackTrace.java fails with Expected
stack trace missing from output
+ JDK-8219142: Remove unused JIMAGE_ResourcePath
+ JDK-8219586: CodeHeap State Analytics processes dead nmethods
+ JDK-8220074: Clean up GCC 8.3 errors in LittleCMS
+ JDK-8220407: compiler/intrinsics/math/
/TestFpMinMaxIntrinsics.java timedout
+ JDK-8222302: [TESTBUG] test/hotspot/jtreg/compiler/intrinsics/
/sha/cli/TestUseSHAOptionOnUnsupportedCPU.java fails on any
other CPU
+ JDK-8222412: AARCH64: multiple instructions encoding issues
+ JDK-8223020: aarch64: expand minI_rReg and maxI_rReg patterns
into separate instructions
+ JDK-8223444: Improve CodeHeap Free Space Management
+ JDK-8223504: Improve performance of forall loops by better
inlining of "/iterator()"/ methods
+ JDK-8223667: ASAN build broken
+ JDK-8225081: Remove Telia Company CA certificate expiring in
April 2021
+ JDK-8225116: Test OwnedWindowsLeak.java intermittently fails
+ JDK-8225438: javax/net/ssl/TLSCommon/
/TestSessionLocalPrincipal.java failed with Read timed out
+ JDK-8225756: [testbug] compiler/loopstripmining/
/CheckLoopStripMining.java sets too short a
SafepointTimeoutDelay
+ JDK-8226374: Restrict TLS signature schemes and named groups
+ JDK-8226627: assert(t->singleton()) failed: must be a constant
+ JDK-8226721: Missing intrinsics for Math.ceil, floor, rint
+ JDK-8227080: (fs) Files.newInputStream(...).skip(n) is slow
+ JDK-8227222: vmTestbase/jit/FloatingPoint/gen_math/Loops04/
/Loops04.java failed XMM register should be 0-15
+ JDK-8227609: (fs) Files.newInputStream(...).skip(n) should
allow skipping beyond file size
+ JDK-8230428: Cleanup dead CastIP node code in formssel.cpp
+ JDK-8231460: Performance issue (CodeHeap) with large free
blocks
+ JDK-8231713: x86_32 build failures after JDK-8226721 (Missing
intrinsics for Math.ceil, floor, rint)
+ JDK-8231841: AArch64: debug.cpp help() is missing an AArch64
line for pns
+ JDK-8232084: HotSpot build failed with GCC 9.2.1
+ JDK-8232591: AArch64: Add missing match rules for smaddl,
smsubl and smnegl
+ JDK-8233185: HttpServer.stop() blocks indefinitely when
called on dispatch thread
+ JDK-8233787: Break cycle in vm_version* includes
+ JDK-8233948: AArch64: Incorrect mapping between OptoReg and
VMReg for high 64 bits of Vector Register
+ JDK-8234355: Buffer overflow in jcmd GC.class_stats due to
too many classes
+ JDK-8235368: Update BCEL to Version 6.4.1
+ JDK-8236859: WebSocket over authenticating proxy fails with
NPE
+ JDK-8236992: AArch64: remove redundant load_klass in itable
stub
+ JDK-8237743: test/langtools/jdk/jshell/
/FailOverExecutionControlTest.java fails No
ExecutionControlProvider with name 'nonExistent' and parameter
keys: []
+ JDK-8237804: sun/security/mscapi tests fail with "/Key pair
not generated, alias <nnnnnn> already exists"/
+ JDK-8238175: CTW: Class.getDeclaredMethods fails with
assert(k->is_subclass_of(SystemDictionary::Throwable_klass()))
failed: invalid exception class
+ JDK-8238567: SoftMainMixer.processAudioBuffers(): Wrong
handling of stoppedMixers
+ JDK-8238812: assert(false) failed: bad AD file
+ JDK-8239312: [macos] javax/swing/JFrame/NSTexturedJFrame/
/NSTexturedJFrame.java
+ JDK-8239386: handle ContendedPaddingWidth in
vm_version_aarch64
+ JDK-8239536: Can't use 'java.util.List' object after
importing 'java.awt.List'
+ JDK-8240487: Cleanup whitespace in .cc, .hh, .m, and .mm files
+ JDK-8240848: ArrayIndexOutOfBoundsException buf for
TextCallbackHandler
+ JDK-8241082: Upgrade IANA Language Subtag Registry data to
03-16-2020 version
+ JDK-8241087: Build failure with VS 2019 (16.5.0) due to C2039
and C2873
+ JDK-8241101: [s390] jtreg test failure after JDK-8238696: not
conformant features string
+ JDK-8241248: NullPointerException in
sun.security.ssl.HKDF.extract(HKDF.java:93)
+ JDK-8241372: Several test failures due to
javax.net.ssl.SSLException: Connection reset
+ JDK-8241475: AArch64: Add missing support for PopCountVI node
+ JDK-8241829: Cleanup the code for PrinterJob on windows
+ JDK-8241960: The SHA3 message digests impl of SUN provider
are not thread safe after cloned
+ JDK-8242010: Upgrade IANA Language Subtag Registry to Version
2020-04-01
+ JDK-8242429: Better implementation for sign extract
+ JDK-8242557: Add length limit for strings in PNGImageWriter
+ JDK-8242919: Paste locks up jshell
+ JDK-8243155: AArch64: Add support for SqrtVF
+ JDK-8243240: AArch64: Add support for MulVB
+ JDK-8243452: JFR: Could not create chunk in repository with
over 200 recordings
+ JDK-8243559: Remove root certificates with 1024-bit keys
+ JDK-8243597: AArch64: Add support for integer vector abs
+ JDK-8244031: HttpClient should have more tests for HEAD
requests
+ JDK-8244205: HTTP/2 tunnel connections through proxy may be
reused regardless of which proxy is selected
+ JDK-8244847: Linux/PPC: runtime/CompressedOops/
/CompressedClassPointers: smallHeapTest fails
+ JDK-8245511: G1 adaptive IHOP does not account for
reclamation of humongous objects by young GC
+ JDK-8246274: G1 old gen allocation tracking is not in a
separate class
+ JDK-8247354: [aarch64] PopFrame causes
assert(oopDesc::is_oop(obj)) failed: not an oop
+ JDK-8247408: IdealGraph bit check expression canonicalization
+ JDK-8247432: Update IANA Language Subtag Registry to Version
2020-09-29
+ JDK-8247438: JShell: When FailOverExecutionControlProvider
fails the proximal cause is not shown
+ JDK-8247753: UIManager.getSytemLookAndFeelClassName() returns
wrong value on Fedora 32
+ JDK-8248043: Need to eliminate excessive i2l conversions
+ JDK-8248411: [aarch64] Insufficient error handling when
CodeBuffer is exhausted
+ JDK-8248568: compiler/c2/TestBit.java failed: test missing
from stdout/stderr
+ JDK-8248870: AARCH64: I2L/L2I conversions can be skipped for
masked positive values
+ JDK-8249142: java/awt/FontClass/CreateFont/DeleteFont.sh is
unstable
+ JDK-8249189: AARCH64: more L2I conversions can be skipped
+ JDK-8249719: MethodHandle performance suffers from bad
ResolvedMethodTable hash function
+ JDK-8249875: GCC 10 warnings -Wtype-limits with JFR code
+ JDK-8250635: MethodArityHistogram should use Compile_lock in
favour of fancy checks
+ JDK-8250876: Fix issues with cross-compile on macos
+ JDK-8251031: Some vmTestbase/nsk/monitoring/RuntimeMXBean
tests fail with hostnames starting from digits
+ JDK-8251525: AARCH64: Faster Math.signum(fp)
+ JDK-8252259: AArch64: Adjust default value of FLOATPRESSURE
+ JDK-8252311: AArch64: save two words in itable lookup stub
+ JDK-8252779: compiler/graalunit/HotspotTest.java failed after
8251525
+ JDK-8252883: AccessDeniedException caused by delayed file
deletion on Windows
+ JDK-8253167: ARM32 builds fail after JDK-8247910
+ JDK-8253572: [windows] CDS archive may fail to open with long
file names
+ JDK-8253923: C2 doesn't always run loop opts for compilations
that include loops
+ JDK-8253948: Memory leak in ImageFileReader
+ JDK-8254631: Better support ALPN byte wire values in SunJSSE
+ JDK-8254717: isAssignableFrom checks in
KeyFactorySpi.engineGetKeySpec appear to be backwards
+ JDK-8255086: Update the root locale display names
+ JDK-8255625: AArch64: Implement Base64.encodeBlock
accelerator/intrinsic
+ JDK-8255763: C2: OSR miscompilation caused by invalid memory
instruction placement
+ JDK-8255992: JFR EventWriter does not use first string from
StringPool with id 0
+ JDK-8256037: [TESTBUG] com/sun/jndi/dns/ConfigTests/
/PortUnreachable.java fails due to the hard coded threshold
is small
+ JDK-8256244: java/lang/ProcessHandle/PermissionTest.java
fails with TestNG 7.1
+ JDK-8256287: [windows] add loop fuse to
map_or_reserve_memory_aligned
+ JDK-8256523: Streamline Java SHA2 implementation
+ JDK-8257414: Drag n Drop target area is wrong on high DPI
systems
+ JDK-8257569: Failure observed with
JfrVirtualMemory::initialize
+ JDK-8257574: C2: "/failed: parsing found no loops but there
are some"/ assert failure
+ JDK-8257580: Bump update version for OpenJDK: jdk-11.0.12
+ JDK-8257604: JNI_ArgumentPusherVaArg leaks valist
+ JDK-8257621: JFR StringPool misses cached items across
consecutive recordings
+ JDK-8257796: [TESTBUG]
TestUseSHA512IntrinsicsOptionOnSupportedCPU.java fails
on x86_32
+ JDK-8257822: C2 crashes with SIGFPE due to a division that
floats above its zero check
+ JDK-8257828: SafeFetch may crash if invoked in non-JavaThreads
+ JDK-8257853: Remove dependencies on JNF's JNI utility
functions in AWT and 2D code
+ JDK-8257858: [macOS]: Remove JNF dependency from
libosxsecurity/KeystoreImpl.m
+ JDK-8257860: [macOS]: Remove JNF dependency from
libosxkrb5/SCDynamicStoreConfig.m
+ JDK-8257988: Remove JNF dependency from
libsaproc/MacosxDebuggerLocal.m
+ JDK-8258414: OldObjectSample events too expensive
+ JDK-8258505: [TESTBUG] TestDivZeroWithSplitIf.java fails due
to missing UnlockDiagnosticVMOptions
+ JDK-8258753: StartTlsResponse.close() hangs due to
synchronization issues
+ JDK-8259061: C2: assert(found) failed: memory-writing node is
not placed in its original loop or an ancestor of it
+ JDK-8259227: C2 crashes with SIGFPE due to a division that
floats above its zero check
+ JDK-8259232: Bad JNI lookup during printing
+ JDK-8259276: C2: Empty expression stack when reexecuting
tableswitch/lookupswitch instructions after deoptimization
+ JDK-8259343: [macOS] Update JNI error handling in Cocoa code.
+ JDK-8259585: Accessible actions do not work on mac os x
+ JDK-8259651: [macOS] Replace JNF_COCOA_ENTER/EXIT macros
+ JDK-8259662: Don't wrap SocketExceptions into SSLExceptions
in SSLSocketImpl
+ JDK-8259710: Inlining trace leaks memory
+ JDK-8259729: Missed JNFInstanceOf -> IsInstanceOf conversion
+ JDK-8259777: Incorrect predication condition generated by ADLC
+ JDK-8259786: initialize last parameter of getpwuid_r
+ JDK-8259843: initialize dli_fname array before calling
dll_address_to_library_name
+ JDK-8259869: [macOS] Remove desktop module dependencies on
JNF Reference APIs
+ JDK-8259886: Improve SSL session cache performance and
scalability
+ JDK-8259983: do not use uninitialized expand_ms value in
G1CollectedHeap::expand_heap_after_young_collection
+ JDK-8260030: Improve stringStream buffer handling
+ JDK-8260236: better init AnnotationCollector _contended_group
+ JDK-8260255: C1: LoopInvariantCodeMotion constructor can
leave some fields uninitialized
+ JDK-8260284: C2: assert(_base == Int) failed: Not an Int
+ JDK-8260380: Upgrade to LittleCMS 2.12
+ JDK-8260420: C2 compilation fails with assert(found_sfpt)
failed: no node in loop that's not input to safepoint
+ JDK-8260426: awt debug_mem.c DMem_AllocateBlock might leak
memory
+ JDK-8260432: allocateSpaceForGP in freetypeScaler.c might
leak memory
+ JDK-8260616: Removing remaining JNF dependencies in the
java.desktop module
+ JDK-8260653: Unreachable nodes keep speculative types alive
+ JDK-8260707: java/lang/instrument/PremainClass/
/InheritAgent0100.java times out
+ JDK-8260925: HttpsURLConnection does not work with other
JSSE provider.
+ JDK-8260926: Trace resource exhausted events unconditionally
+ JDK-8261020: Wrong format parameter in
create_emergency_chunk_path
+ JDK-8261027: AArch64: Support for LSE atomics C++ HotSpot code
+ JDK-8261167: print_process_memory_info add a close call after
fopen
+ JDK-8261170: Upgrade to freetype 2.10.4
+ JDK-8261198: [macOS] Incorrect JNI parameters in number
conversion in A11Y code
+ JDK-8261235: C1 compilation fails with
assert(res->vreg_number() == index) failed: conversion check
+ JDK-8261261: The version extra fields needs to be overridable
in jib-profiles.js
+ JDK-8261262: Kitchensink24HStress.java crashed with
EXCEPTION_ACCESS_VIOLATION
+ JDK-8261354: SIGSEGV at MethodIteratorHost
+ JDK-8261355: No data buffering in SunPKCS11 Cipher encryption
when the underlying mechanism has no padding
+ JDK-8261397: try catch Method failing to work when dividing
an integer by 0
+ JDK-8261422: Adjust problematic String.format calls in
jdk/internal/util/Preconditions.java outOfBoundsMessage
+ JDK-8261447: MethodInvocationCounters frequently run into
overflow
+ JDK-8261481: Cannot read Kerberos settings in dynamic store
on macOS Big Sur
+ JDK-8261505: Test test/hotspot/jtreg/gc/parallel/
/TestDynShrinkHeap.java killed by Linux OOM Killer
+ JDK-8261601: free memory in early return in
Java_sun_nio_ch_sctp_SctpChannelImpl_receive0
+ JDK-8261649: AArch64: Optimize LSE atomics in C++ code
+ JDK-8261730: C2 compilation fails with
assert(store->find_edge(load) != -1) failed: missing
precedence edge
+ JDK-8261752: Multiple GC test are missing memory requirements
+ JDK-8261791: (sctp) handleSendFailed in SctpChannelImpl.c
potential leaks
+ JDK-8261812: C2 compilation fails with assert(!had_error)
failed: bad dominance
+ JDK-8261914: IfNode::fold_compares_helper faces
non-canonicalized bool when running JRuby JSON workload
+ JDK-8262093: java/util/concurrent/tck/JSR166TestCase.java
failed "/assert(false) failed: unexpected node"/
+ JDK-8262110: DST starts from incorrect time in 2038
+ JDK-8262121: [11u] Redo 8244287: JFR: Methods samples have
line number 0
+ JDK-8262163: Extend settings printout in jcmd VM.metaspace
+ JDK-8262295: C2: Out-of-Bounds Array Load from Clone Source
+ JDK-8262298: G1BarrierSetC2::step_over_gc_barrier fails with
assert "/bad barrier shape"/
+ JDK-8262446: DragAndDrop hangs on Windows
+ JDK-8262461: handle wcstombsdmp return value correctly in
unix awt_InputMethod.c
+ JDK-8262465: Very long compilation times and high memory
consumption in C2 debug builds
+ JDK-8262726: AArch64: C1 StubAssembler::call_RT can corrupt
stack
+ JDK-8262739: String inflation C2 intrinsic prevents insertion
of anti-dependencies
+ JDK-8262829: Native crash in
Win32PrintServiceLookup.getAllPrinterNames()
+ JDK-8262837: handle split_USE correctly
+ JDK-8262900: ToolBasicTest fails to access HTTP server it
starts
+ JDK-8263260: [s390] Support latest hardware (z14 and z15)
+ JDK-8263311: Watch registry changes for remote printers
update instead of polling
+ JDK-8263361: Incorrect arraycopy stub selected by C2 for SATB
collectors
+ JDK-8263404: RsaPrivateKeySpec is always recognized as
RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
+ JDK-8263425: AArch64: two potential bugs in C1
LIRGenerator::generate_address()
+ JDK-8263448: CTW: fatal error: meet not symmetric
+ JDK-8263504: Some OutputMachOpcodes fields are uninitialized
+ JDK-8263557: Possible NULL dereference in
Arena::destruct_contents()
+ JDK-8263558: Possible NULL dereference in fast path arena
free if ZapResourceArea is true
+ JDK-8263676: AArch64: one potential bug in C1
LIRGenerator::generate_address()
+ JDK-8263729: [test] divert spurious output away from stream
under test in ProcessBuilder Basic test
+ JDK-8263846: Bad JNI lookup getFocusOwner in accessibility
code on Mac OS X
+ JDK-8264047: Duplicate global variable 'jvm' in libjavajpeg
and libawt
+ JDK-8264096: slowdebug jvm crashes when StrInflatedCopy match
rule is not supported
+ JDK-8264151: ciMethod::ensure_method_data() should return
false is loading resulted in empty state
+ JDK-8264173: [s390] Improve Hardware Feature Detection And
Reporting
+ JDK-8264190: Harden TLS interop tests
+ JDK-8264223: CodeHeap::verify fails extra_hops assertion in
fastdebug test
+ JDK-8264328: Broken license in
javax/swing/JComboBox/8072767/bug8072767.java
+ JDK-8264360: Loop strip mining verification fails with
"/should be on the backedge"/
+ JDK-8264626: C1 should be able to inline excluded methods
+ JDK-8264640: CMS ParScanClosure misses a barrier
+ JDK-8264786: [macos] All Swing/AWT apps cause Allow
Notifications prompt to appear when app is launched
+ JDK-8264821: DirectIOTest fails on a system with large block
size
+ JDK-8264848: [macos] libjvm.dylib linker warning due to macOS
version mismatch
+ JDK-8264923: PNGImageWriter.write_zTXt throws Exception with
a typo
+ JDK-8264958: C2 compilation fails with assert "/n is later
than its clone"/
+ JDK-8265099: Revert backport to 11u of 8236859: WebSocket
over authenticating proxy fails with NPE
+ JDK-8265154: vinserti128 operand mix up for KNL platforms
+ JDK-8265239: Shenandoah: Shenandoah heap region count could
be off by 1
+ JDK-8265417: Backport of JDK-8249672 breaks Solaris x86 build
+ JDK-8265421: java/lang/String/StringRepeat.java test is
missing a memory requirement
+ JDK-8265462: Handle multiple slots in the NSS Internal Module
from SunPKCS11's Secmod
+ JDK-8265537: x86 version string truncated after JDK-8249672
11u backport
+ JDK-8265666: Enable AIX build platform to make external debug
symbols
+ JDK-8265677: CMS: CardTableBarrierSet::write_ref_array_work()
lacks storestore barrier
+ JDK-8265690: Use the latest Ubuntu base image version in
Docker testing
+ JDK-8265718: Build failure after JDK-8258414 11u backport
+ JDK-8265750: Fatal error in safepoint.cpp after backport of
8258414
+ JDK-8265784: [C2] Hoisting of DecodeN leaves MachTemp inputs
behind
+ JDK-8265938: C2's conditional move optimization does not
handle top Phi
+ JDK-8266220: keytool still prompt for store password on a
password-less pkcs12 file if -storetype pkcs12 is specified
+ JDK-8266293: Key protection using PBEWithMD5AndDES fails with
"/java.security.InvalidAlgorithmParameterException: Salt must
be 8 bytes long"/
+ JDK-8266713: [AIX] Build failure after 11u backport of
JDK-8247753
+ JDK-8266802: Shenandoah: Round up region size to page size
unconditionally
+ JDK-8266892: avoid maybe-uninitialized gcc warnings on linux
s390x
+ JDK-8266929: Unable to use algorithms from 3p providers
+ JDK-8267235: [macos_aarch64]
InterpreterRuntime::throw_pending_exception messing up LR
results in crash
+ JDK-8267561: Shenandoah: Reference processing not properly
setup for outside of cycle degenerated GC
+ JDK-8267599: Revert the change to the default PKCS12
macAlgorithm and macIterationCount props for 11u/8u/7u
+ JDK-8267641: [11u] 8227609 backport typo
+ JDK-8267721: Enable sun/security/pkcs11 tests for Amazon
Linux 2 AArch64
+ JDK-8268678: LetsEncryptCA.java test fails as Let's Encrypt
Authority X3 is retired
- Modified patch:
* nss-security-provider.patch
+ make the NSS provider first in the list
- Remove all Jpackage provides for SLE12 in order to avoid
installing this package as default Java on SLE12-SP5
(bsc#1185476)
- Set alternative priority in SLE12 to 0 in order to be able to
push to SLE12-SP5 (fate#326790, jsc#SLE-5715)
- kdump
-
- kdump-do-not-iterate-past-end-of-string.patch:
URLParser::extractAuthority(): Do not iterate past end of string
(bsc#1186037).
- kdump-fix-incorrect-exit-code-checking.patch: Fix incorrect exit
code checking after "/local"/ with assignment (bsc#1184616
LTC#192282).
- kdump-avoid-endless-loop-EAI_AGAIN.patch: Avoid an endless loop
when resolving a hostname fails with EAI_AGAIN (bsc#1183070).
- kdump-install-etc-resolv.conf-using-resolved-path.patch: Install
/etc/resolv.conf using its resolved path (bsc#1183070).
- kdump-ensure-initrd.target.wants-directory.patch: Make sure that
initrd.target.wants directory exists (bsc#1172670).
- kernel-default
-
- netfilter: conntrack: collect all entries in one cycle
(bsc#1173604).
- commit c4117de
- ipv6/netfilter: Discard first fragment not including all headers
(bsc#1191241).
- IPv6: reply ICMP error if the first fragment don't include
all headers (bsc#1191241).
- ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
(bsc#1191241).
- net: ipv6: Discard next-hop MTU less than minimum link MTU
(bsc#1191241).
- commit c74316d
- KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
changing registers (bsc#1156395).
- KVM: PPC: Fix clearing never mapped TCEs in realmode
(bsc#1156395).
- KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0
when guest SPRs are live (bsc#1156395).
- KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
(bsc#1156395).
- KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395).
- commit 2ce76cc
- powerpc/xive: Discard disabled interrupts in get_irqchip_state()
(fate#322438 bsc#1085030 git-fixes).
- commit 3106974
- powerpc/64s: Remove irq mask workaround in
accumulate_stolen_time() (jsc#SLE-9246 git-fixes).
- commit 5f2cf7e
- x86/pat: Pass valid address to sanitize_phys() (bsc#1152489).
- commit 1702f6b
- KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path
(bsc#1065729).
- commit 4a60f84
- sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772
bsc#1190351).
- sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772
bsc#1190351).
- sctp: add vtag check in sctp_sf_violation (CVE-2021-3772
bsc#1190351).
- sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772
bsc#1190351).
- sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772
bsc#1190351).
- sctp: fix the processing for INIT chunk (CVE-2021-3772
bsc#1190351).
- sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772
bsc#1190351).
- sctp: check asoc peer.asconf_capable before processing asconf
(bsc#1190351).
- commit c4ecd47
- mmc: vub300: fix control-message timeouts (git-fixes).
- mmc: dw_mmc: exynos: fix the finding clock sample value
(git-fixes).
- commit 15296ab
- scsi: lpfc: Update lpfc version to 14.0.0.3 (bsc#1192145).
- scsi: lpfc: Allow fabric node recovery if recovery is in
progress before devloss (bsc#1192145).
- scsi: lpfc: Fix link down processing to address NULL pointer
dereference (bsc#1192145).
- scsi: lpfc: Allow PLOGI retry if previous PLOGI was aborted
(bsc#1192145).
- scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine
(bsc#1192145).
- scsi: lpfc: Correct sysfs reporting of loop support after SFP
status change (bsc#1192145).
- scsi: lpfc: Wait for successful restart of SLI3 adapter during
host sg_reset (bsc#1192145).
- scsi: lpfc: Revert LOG_TRACE_EVENT back to LOG_INIT prior to
driver_resource_setup() (bsc#1192145).
- commit ea0ad63
- kABI workaround for cfg80211 mgmt_registration_lock changes
(git-fixes).
- commit 85ca292
- cfg80211: correct bridge/4addr mode check (git-fixes).
- cfg80211: fix management registrations locking (git-fixes).
- commit 38a77a6
- net: lan78xx: fix division by zero in send path (git-fixes).
- net: batman-adv: fix error handling (git-fixes).
- nfc: port100: fix using -ERRNO as command type mask (git-fixes).
- cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
(git-fixes).
- regmap: Fix possible double-free in regcache_rbtree_exit()
(git-fixes).
- commit 1fb45c2
- ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
(git-fixes).
- commit c406ead
- netfilter: xt_IDLETIMER: fix panic that occurs when timer_type
has garbage value (bsc#1176447).
- ice: fix getting UDP tunnel entry (jsc#SLE-12878).
- net/mlx5: E-Switch, Fix double allocation of acl flow counter
(jsc#SLE-15172).
- net/mlx5e: IPSEC RX, enable checksum complete (jsc#SLE-15172).
- RDMA/cma: Do not change route.addr.src_addr.ss_family
(bsc#1181147).
- RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
(bsc#1181147).
- net: hns3: check queue id range before using (jsc#SLE-14777).
- bnxt_en: make bnxt_free_skbs() safe to call after
bnxt_free_mem() (jsc#SLE-16649).
- ice: Only lock to update netdev dev_addr (git-fixes).
- net/sched: ets: fix crash when flipping from 'strict' to
'quantum' (bsc#1176774).
- net/mlx5e: RX, Avoid possible data corruption when relaxed
ordering and LRO combined (jsc#SLE-15172).
- commit 016bdb7
- sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
(CVE-2021-3655 bsc#1188563).
- sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655
bsc#1188563).
- sctp: add size validation when walking chunks (CVE-2021-3655
bsc#1188563).
- commit e419503
- powerpc/idle: Don't corrupt back chain when going idle
(bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056).
- KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return
0 if it went to guest (bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056).
- KVM: PPC: Book3S HV: Fix stack handling in
idle_kvm_start_guest() (bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056).
- powerpc64/idle: Fix SP offsets when saving GPRs (bko#206669
bsc#1174585 bsc#1192107 CVE-2021-43056).
- commit 90745c9
- Update patch reference for ISDN fix (CVE-2021-3896 bsc#1191958)
- commit b1524c3
- nvme-pci: fix error unwind in nvme_map_data (bsc#1191934).
- nvme-pci: refactor nvme_unmap_data (bsc#1191934).
- commit fc21d20
- nvme-pci: fix error unwind in nvme_map_data (bsc#1191934).
- nvme-pci: refactor nvme_unmap_data (bsc#1191934).
- commit 3a9d8cd
- ASoC: DAPM: Fix missing kctl change notifications (git-fixes).
- ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
(git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes).
- Input: snvs_pwrkey - add clk handling (git-fixes).
- isdn: mISDN: Fix sleeping function called from invalid context
(git-fixes).
- isdn: cpai: check ctr->cnr to avoid array index out of bound
(git-fixes).
- ALSA: hda: avoid write to STATESTS if controller is in reset
(git-fixes).
- platform/x86: intel_scu_ipc: Update timeout value in comment
(git-fixes).
- commit 26182ff
- xfs: fix log intent recovery ENOSPC shutdowns when inactivating
inodes (bsc#1190642).
- commit 4a5d10a
- drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks
read (git-fixes).
- drm/msm: Avoid potential overflow in timeout_to_jiffies()
(git-fixes).
- ALSA: hda/realtek: Add quirk for TongFang PHxTxX1 (git-fixes).
- ALSA: hda - Enable headphone mic on Dell Latitude laptops with
ALC3254 (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output for Dell Precision
5560 laptop (git-fixes).
- ASoC: SOF: loader: release_firmware() on load failure to avoid
batching (git-fixes).
- ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and
SRAM types (git-fixes).
- ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and
SRAM types (git-fixes).
- ASoC: fsl_spdif: register platform component before registering
cpu dai (git-fixes).
- ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
(git-fixes).
- ASoC: Intel: Skylake: Fix passing loadable flag for module
(git-fixes).
- ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
(git-fixes).
- ASoC: Intel: update sof_pcm512x quirks (git-fixes).
- ASoC: Intel: bytcr_rt5640: Move "/Platform Clock"/ routes to
the maps for the matching in-/output (git-fixes).
- ASoC: atmel: ATMEL drivers don't need HAS_DMA (git-fixes).
- commit 6765039
- e1000e: Fix packet loss on Tiger Lake and later (git-fixes).
- can: peak_usb: pcan_usb_fd_decode_status(): fix back to
ERROR_ACTIVE state notification (git-fixes).
- can: peak_pci: peak_pci_remove(): fix UAF (git-fixes).
- can: rcar_can: fix suspend/resume (git-fixes).
- lan78xx: select CRC32 (git-fixes).
- ASoC: wm8960: Fix clock configuration on slave mode (git-fixes).
- audit: fix possible null-pointer dereference in
audit_filter_rules (git-fixes).
- ata: ahci_platform: fix null-ptr-deref in
ahci_platform_enable_regulators() (git-fixes).
- virtio: write back F_VERSION_1 before validate (git-fixes).
- mei: me: add Ice Lake-N device id (git-fixes).
- iio: adc: aspeed: set driver data when adc probe (git-fixes).
- usb: musb: dsps: Fix the probe error path (git-fixes).
- xhci: guard accesses to ep_state in xhci_endpoint_reset()
(git-fixes).
- ALSA: usb-audio: Add quirk for VF0770 (git-fixes).
- ALSA: hda/realtek: Fix the mic type detection issue for ASUS
G551JW (git-fixes).
- ALSA: hda/realtek - ALC236 headset MIC recording issue
(git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes).
- ALSA: hda/realtek: Complete partial device name to avoid
ambiguity (git-fixes).
- watchdog: orion: use 0 for unset heartbeat (git-fixes).
- commit 2657409
- xfs: fix I_DONTCACHE (bsc#1192074).
- commit c29b8dd
- Delete
patches.suse/e1000e-Do-not-take-care-about-recovery-NVM-checksum.patch.
Drop patch to avoid regressions until real fix is available (bsc#1191663)
- commit e7e000a
- blacklist.conf: irrelevant
- commit 4c2a4eb
- USB: xhci: dbc: fix tty registration race (git-fixes).
- commit 8800f76
- xhci: guard accesses to ep_state in xhci_endpoint_reset()
(git-fixes).
- commit 2947d1e
- nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760
bsc#1190067).
- commit 9eabc0c
- Update patch reference for firewire fix (CVE-2021-42739 CVE-2021-3542 bsc#1184673)
- commit 2adc0e5
- cipso,calipso: resolve a number of problems with the DOI
refcounts (CVE-2021-33033 bsc#1186109).
- commit 499c5a0
- ceph: fix handling of "/meta"/ errors (bsc#1192041).
- ceph: skip existing superblocks that are blocklisted or shut
down when mounting (bsc#1192040).
- commit 329e544
- kabi: hide return value type change of sctp_af::from_addr_param
(CVE-2021-3655 bsc#1188563).
- sctp: fix return value check in __sctp_rcv_asconf_lookup
(CVE-2021-3655 bsc#1188563).
- sctp: validate from_addr_param return (CVE-2021-3655
bsc#1188563).
- commit 9f59a3f
- Update
patches.suse/net_sched-cls_route-remove-the-right-filter-from-has.patch
references (add CVE-2021-3715 bsc#1190349).
- commit bd39990
- Revert "/sched/fair: Add ancestors of unthrottled undecayed cfs_rq"/
The reverted commit is a followup of a7b359fc6a37 ("/sched/fair:
Correctly insert cfs_rq's to list on unthrottle"/) which is going to be
reverted as part of short-term solution of bsc#1191343.
This reverts commit d8d828e03d4f1e436c3580616c7b53db38e38dcb.
- commit c6395e4
- blacklist.conf: 3a1255396b5a x86/alternatives: add missing insn.h include
- commit 9bccba9
- scsi: ibmvfc: Fix up duplicate response detection (bsc#1191867
ltc#194757).
- commit 38f073b
- Added 3 SCSI-iscsi git-fix commits
- commit 2073942
- scsi: iscsi: Fix deadlock on recovery path during GFP_IO reclaim
(git-fixes).
- Refresh
patches.suse/scsi-iscsi-verify-lengths-on-passthrough-pdus.
- commit 6addc19
- scsi: target: Fix the pgr/alua_support_store functions
(git-fixes).
- commit 5bcb387
- scsi: mpi3mr: Fix error return code in mpi3mr_init_ioc() (git-fixes)
Also refreshed scsi-mpi3mr-Set-up-IRQs-in-resume-path, since this
commit changed the context.
- commit 0352f63
- USB: serial: option: add Quectel EC200S-CN module support
(git-fixes).
- commit e1df2bf
- USB: serial: qcserial: add EM9191 QDL support (git-fixes).
- commit b42181b
- USB: serial: option: add prod. id for Quectel EG91 (git-fixes).
- commit cff3cf9
- USB: serial: option: add Telit LE910Cx composition 0x1204
(git-fixes).
- commit 3ccad62
- xhci: Enable trust tx length quirk for Fresco FL11 USB
controller (git-fixes).
- commit 55acfbd
- xhci: Fix command ring pointer corruption while aborting a
command (git-fixes).
- commit bf02a9c
- Input: xpad - add support for another USB ID of Nacon GC-100
(git-fixes).
- commit eba25ff
- scsi: mpi3mr: Fix missing unlock on error (git-fixes).
- commit f4b9433
- scsi: mpi3mr: Fix error handling in mpi3mr_setup_isr()
(git-fixes).
- commit 0eebf69
- x86/sev: Return an error on a returned non-zero
SW_EXITINFO1[31:0] (bsc#1178134).
- commit 3b2a96a
- media: firewire: firedtv-avc: fix a buffer overflow in
avc_ca_pmt() (CVE-2021-3542 bsc#1184673).
- commit fab3d4f
- net: mana: Fix error handling in mana_create_rxq() (git-fixes,
bsc#1191800).
- commit 8c6d0b8
- ocfs2: fix data corruption after conversion from inline format
(bsc#1190795).
- commit ac3ffc2
- blacklist.conf: 4758fd801f91 x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
- commit c40c7ae
- blacklist.conf: 225bac2dc5d1 x86/Kconfig: Correct reference to MWINCHIP3D
- commit eee3b41
- blacklist.conf: 711885906b5c x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
- commit da61791
- gpio: pca953x: Improve bias setting (git-fixes).
- spi: spi-nxp-fspi: don't depend on a specific node name erratum
workaround (git-fixes).
- drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes).
- drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
(git-fixes).
- drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
(git-fixes).
- drm/msm: Fix null pointer dereference on pointer edp
(git-fixes).
- mac80211: check return value of rhashtable_init (git-fixes).
- commit c393393
- iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes).
- iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes).
- iio: ssp_sensors: add more range checking in
ssp_parse_dataframe() (git-fixes).
- iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
(git-fixes).
- iio: adc128s052: Fix the error handling path of 'adc128_probe()'
(git-fixes).
- iio: dac: ti-dac5571: fix an error code in probe() (git-fixes).
- drm/amdgpu: fix gart.bo pin_count leak (git-fixes).
- mac80211: Drop frames from invalid MAC address in ad-hoc mode
(git-fixes).
- HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device
IDs (git-fixes).
- HID: apple: Fix logical maximum and usage maximum of Magic
Keyboard JIS (git-fixes).
- commit 372fd90
- pata_legacy: fix a couple uninitialized variable bugs
(git-fixes).
- cb710: avoid NULL pointer subtraction (git-fixes).
- acpi/arm64: fix next_platform_timer() section mismatch error
(git-fixes).
- ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
(git-fixes).
- ACPI: fix NULL pointer dereference (git-fixes).
- ACPI: bgrt: Fix CFI violation (git-fixes).
- ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros (git-fixes).
- commit 1a13895
- rpm/kernel-obs-build.spec.in: reduce initrd functionality
For building in OBS, we always build inside a virtual machine
that gets a new, freshly created scratch filesystem image. So
we do not need to handle fscks because that ain't gonna happen,
as well as not we do not need to handle microcode update in the
initrd as these only can be run on the host system anyway. We
can also strip and hardlink as an additional optimisation that
should not significantly hurt.
- commit c72c6fc
- nvme-pci: Fix abort command id (git-fixes).
- nvme: add command id quirk for apple controllers (git-fixes).
- commit 210cebb
- drm/nouveau: avoid a use-after-free when BO init fails (bsc#1152472)
Backporting notes:
* context changes
- commit dbfac3c
- drm/panfrost: Make sure MMU context lifetime is not bound to (bsc#1152472)
Backporting notes:
* context changes in panfrost_job_irq_handler()
- commit 78a582b
- drm/i915: Fix syncmap memory leak (bsc#1152489)
Backporting notes:
* context changes in intel_timeline_fini()
- commit d5e337e
- blacklist.conf: Append 'drm/i915/overlay: Fix active retire callback alignment'
- commit c6cc973
- xen: reset legacy rtc flag for PV domU (git-fixes).
- commit 2ae68ea
- xen: fix setting of max_pfn in shared_info (git-fixes).
- commit 2d2e1e0
- fix patch metadata
- fix Patch-mainline:
- patches.suse/NFS-Do-uncached-readdir-when-we-re-seeking-a-cookie-.patch
- commit b7dfcc7
- NFS: Do uncached readdir when we're seeking a cookie in an
empty page cache (bsc#1191628).
- commit 5ca83d3
- Update patches.suse/bpf-Fix-ringbuf-helper-function-compatibility.patch
(git-fixes, bsc#1191645, CVE-2021-34866).
Update references.
- commit 3bcb18d
- ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat
ioctl (git-fixes).
- ALSA: hda/realtek: Fix for quirk to enable speaker output on
the Lenovo 13s Gen2 (git-fixes).
- commit f5dfccc
- NFC: digital: fix possible memory leak in
digital_in_send_sdd_req() (git-fixes).
- NFC: digital: fix possible memory leak in
digital_tg_listen_mdaa() (git-fixes).
- nfc: fix error handling of nfc_proto_register() (git-fixes).
- ALSA: seq: Fix a potential UAF by wrong private_free call order
(git-fixes).
- commit aada78f
- netfilter: Drop fragmented ndisc packets assembled in netfilter
(git-fixes).
- commit e526835
- net: ipv6: Discard next-hop MTU less than minimum link MTU
(bsc#1191241).
- commit ba09279
- nvme-fc: remove freeze/unfreeze around update_nr_hw_queues
(bsc#1185762).
- nvme-fc: avoid race between time out and tear down
(bsc#1185762).
- nvme-fc: update hardware queues before using them (bsc#1185762).
- commit 4afdc63
- scsi: lpfc: Fix memory overwrite during FC-GS I/O abort handling
(bsc#1191349).
- commit c7eb218
- acpi/arm64: fix next_platform_timer() section mismatch error
(git-fixes).
- platform/x86: intel_scu_ipc: Fix busy loop expiry time
(git-fixes).
- platform/mellanox: mlxreg-io: Fix read access of n-bytes size
attributes (git-fixes).
- drm/nouveau/kms/nv50-: fix file release memory leak (git-fixes).
- drm/nouveau/kms/tu102-: delay enabling cursor until after
assign_windows (git-fixes).
- drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup (git-fixes).
- iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell
XPS 15 (git-fixes).
- ACPI: NFIT: Use fallback node id when numa info in NFIT table
is incorrect (git-fixes).
- ACPI: fix NULL pointer dereference (git-fixes).
- commit 0673e50
- net: hso: fix NULL-deref on disconnect regression (git-fixes).
- commit 901c621
- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32()
call (git-fixes).
- i2c: acpi: fix resource leak in reconfiguration device addition
(git-fixes).
- mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
(git-fixes).
- drm/nouveau/debugfs: fix file release memory leak (git-fixes).
- video: fbdev: gbefb: Only instantiate device when built for IP32
(git-fixes).
- soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
(git-fixes).
- ptp_pch: Load module automatically if ID matches (git-fixes).
- phy: mdio: fix memory leak (git-fixes).
- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870
SSD (git-fixes).
- ptp_pch: Restore dependency on PCI (git-fixes).
- net: cdc_eem: fix tx fixup skb leak (git-fixes).
- net: hso: fix null-ptr-deref during tty device unregistration
(git-fixes).
- net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes).
- net: usb: Fix uninit-was-stored issue in asix_read_phy_addr()
(git-fixes).
- commit 4915e73
- pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
(git-fixes).
- commit aaf0697
- scsi: qla2xxx: Remove redundant initialization of pointer req
(bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.07.100-k (bsc#1190941).
- scsi: qla2xxx: Fix use after free in eh_abort path
(bsc#1190941).
- scsi: qla2xxx: Move heartbeat handling from DPC thread to
workqueue (bsc#1190941).
- scsi: qla2xxx: Call process_response_queue() in Tx path
(bsc#1190941).
- scsi: qla2xxx: Fix kernel crash when accessing port_speed
sysfs file (bsc#1190941).
- scsi: qla2xxx: edif: Use link event to wake up app
(bsc#1190941).
- scsi: qla2xxx: Fix crash in NVMe abort path (bsc#1190941).
- scsi: qla2xxx: Check for firmware capability before creating
QPair (bsc#1190941).
- scsi: qla2xxx: Display 16G only as supported speeds for 3830c
card (bsc#1190941).
- scsi: qla2xxx: Add support for mailbox passthru (bsc#1190941).
- scsi: qla2xxx: Fix excessive messages during device logout
(bsc#1190941).
- scsi: qla2xxx: Restore initiator in dual mode (bsc#1190941).
- scsi: qla2xxx: Open-code qla2xxx_eh_device_reset()
(bsc#1190941).
- scsi: qla2xxx: Open-code qla2xxx_eh_target_reset()
(bsc#1190941).
- scsi: qla2xxx: Do not call fc_block_scsi_eh() during bus reset
(bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.06.200-k (bsc#1190941).
- scsi: qla2xxx: edif: Fix returnvar.cocci warnings (bsc#1190941).
- scsi: qla2xxx: Fix NVMe session down detection (bsc#1190941).
- scsi: qla2xxx: Fix NVMe retry (bsc#1190941).
- scsi: qla2xxx: Fix hang on NVMe command timeouts (bsc#1190941).
- scsi: qla2xxx: Fix NVMe | FCP personality change (bsc#1190941).
- scsi: qla2xxx: edif: Do secure PLOGI when auth app is present
(bsc#1190941).
- scsi: qla2xxx: edif: Add N2N support for EDIF (bsc#1190941).
- scsi: qla2xxx: Fix hang during NVMe session tear down
(bsc#1190941).
- scsi: qla2xxx: edif: Fix EDIF enable flag (bsc#1190941).
- scsi: qla2xxx: edif: Reject AUTH ELS on session down
(bsc#1190941).
- scsi: qla2xxx: edif: Fix stale session (bsc#1190941).
- scsi: qla2xxx: Update version to 10.02.06.100-k (bsc#1190941).
- scsi: qla2xxx: Sync queue idx with queue_pair_map idx
(bsc#1190941).
- scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
(bsc#1190941).
- scsi: qla2xxx: Changes to support kdump kernel (bsc#1190941).
- scsi: qla2xxx: Suppress unnecessary log messages during login
(bsc#1190941).
- scsi: qla2xxx: Fix NPIV create erroneous error (bsc#1190941).
- scsi: qla2xxx: Fix unsafe removal from linked list
(bsc#1190941).
- scsi: qla2xxx: Fix port type info (bsc#1190941).
- scsi: qla2xxx: Add debug print of 64G link speed (bsc#1190941).
- scsi: qla2xxx: Show OS name and version in FDMI-1 (bsc#1190941).
- scsi: qla2xxx: Changes to support FCP2 Target (bsc#1190941).
- scsi: qla2xxx: Adjust request/response queue size for 28xx
(bsc#1190941).
- scsi: qla2xxx: Add host attribute to trigger MPI hang
(bsc#1190941).
- scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
(bsc#1190941).
- commit c17f95e
- kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229).
The semantic changed in an incompatible way so invoking the macro now
causes a build failure.
- commit 3e55f55
- powerpc/feature-fixups: use a semicolon rather than a comma
(bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- commit c85e1c6
- powerpc/lib/feature-fixups: Use PPC_RAW_xxx() macros
(bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- Refresh patches.suse/powerpc-Don-t-use-struct-ppc_inst-to-reference-instr.patch.
- powerpc/ppc-opcode: Add PPC_RAW_MFSPR() (bsc#1188983
CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- commit 5a3ede4
- powerpc/opcodes: Add shorter macros for registers for use
with PPC_RAW_xx() (bsc#1188983 CVE-2021-34556 bsc#1188985
CVE-2021-35477).
- commit 6a14724
- powerpc/signal: Use PPC_RAW_xx() macros (bsc#1188983
CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- powerpc/asm: Add some opcodes in asm/ppc-opcode.h for PPC32 eBPF
(bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- commit 66c500d
- ipv6/netfilter: Discard first fragment not including all headers
(bsc#1191241).
- commit 040f020
- IPv6: reply ICMP error if the first fragment don't include
all headers (bsc#1191241).
- commit abf80f6
- ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
(bsc#1191241).
- commit b3ab292
- powerpc: Don't use 'struct ppc_inst' to reference instruction
location (jsc#SLE-13847 git-fixes).
- powerpc/lib/code-patching: Don't use struct 'ppc_inst' for
runnable code in tests (jsc#SLE-13847 git-fixes).
- powerpc/lib/code-patching: Make instr_is_branch_to_addr()
static (jsc#SLE-13847 git-fixes).
- powerpc: Do not dereference code as 'struct ppc_inst' (uprobe,
code-patching, feature-fixups) (jsc#SLE-13847 git-fixes).
- powerpc/64s: Fix stf mitigation patching w/strict RWX & hash
(jsc#SLE-13847 git-fixes).
- powerpc/64s: Fix entry flush patching w/strict RWX & hash (jsc#SLE-13847 git-fixes).
- powerpc/uprobes: Validation for prefixed instruction
(jsc#SLE-13847 git-fixes).
- commit 5729394
- powerpc/bpf: Emit stf barrier instruction sequences
for BPF_NOSPEC (bsc#1188983 CVE-2021-34556 bsc#1188985
CVE-2021-35477).
- powerpc/security: Add a helper to query stf_barrier type
(bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- powerpc/bpf: Validate branch ranges (bsc#1188983 CVE-2021-34556
bsc#1188985 CVE-2021-35477).
- powerpc/lib: Add helper to check if offset is within
conditional branch range (bsc#1188983 CVE-2021-34556 bsc#1188985
CVE-2021-35477).
- powerpc/bpf: Emit stf barrier instruction sequences
for BPF_NOSPEC (bsc#1188983 CVE-2021-34556 bsc#1188985
CVE-2021-35477).
- powerpc/security: Add a helper to query stf_barrier type
(bsc#1188983 CVE-2021-34556 bsc#1188985 CVE-2021-35477).
- powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729).
- powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729).
- powerpc/bpf: Validate branch ranges (bsc#1188983 CVE-2021-34556
bsc#1188985 CVE-2021-35477).
- powerpc/lib: Add helper to check if offset is within
conditional branch range (bsc#1188983 CVE-2021-34556 bsc#1188985
CVE-2021-35477).
- powerpc/bpf: Use bctrl for making function calls (bsc#1065729).
- powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729).
- powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729).
- powerpc/bpf: Use bctrl for making function calls (bsc#1065729).
- powerpc/lib: Fix emulate_step() std test (bsc#1065729).
- commit 3f6738b
- bpf: Fix OOB read when printing XDP link fdinfo (git-fixes).
- commit 09be9b3
- bpf: Fix a typo of reuseport map in bpf.h (git-fixes).
- bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h
(git-fixes).
- bpf: Fix up bpf_skb_adjust_room helper's skb csum setting
(git-fixes).
- commit b5d0357
- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit
from run_smbios_call (git-fixes).
- commit a539d65
- x86/resctrl: Free the ctrlval arrays when
domain_setup_mon_state() fails (bsc#1152489).
- commit dba5675
- can: xilinx_can: handle failure cases of pm_runtime_get_sync
(git-fixes).
- commit 82f6db6
- blacklist.conf: feature, not a fix
- commit fd65896
- net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
(git-fixes).
- commit 5487063
- can: peak_usb: fix use after free bugs (git-fixes).
- commit 3ad9b4d
- can: dev: can_restart: fix use after free bug (git-fixes).
- commit 0943ca2
- can: ti_hecc: ti_hecc_probe(): add missed
clk_disable_unprepare() in error path (git-fixes).
- commit 2fec0e3
- Update patch reference for soc fix (CVE-2021-42252 bsc#1190479)
- commit f05067d
- blacklist.conf: requires newer USB PD version than we have
- commit a8bbe8f
- blacklist.conf: needs newer USB PD than we have
- commit d0d6a50
- Update kabi files.
- commit a156da7
- USB: cdc-acm: fix minor-number release (git-fixes).
- commit 477b833
- USB: cdc-acm: clean up probe error labels (git-fixes).
- commit 576c313
- blacklist.conf: 4758fd801f91 x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
- commit fab5572
- blacklist.conf: 225bac2dc5d1 x86/Kconfig: Correct reference to MWINCHIP3D
- commit 08dc820
- kabi: block: Fix kabi of blk_mq_sched_try_insert_merge()
(bsc#1191456).
- commit 7832c25
- usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
(git-fixes).
- commit b332e18
- KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines
(jsc#SLE-12936 git-fixes).
- commit 825316d
- tpm: ibmvtpm: Avoid error message when process gets signal
while waiting (bsc#1065729).
- commit 1910f07
- powerpc/numa: Update cpu_cpu_map on CPU online/offline
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Enable CACHE domain for shared processor
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Update cpu_core_map on all PowerPc systems
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Fix a crash while booting kvm guest with nr_cpus=2
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Set numa node before updating mask (jsc#SLE-13615
bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Cache CPU to chip lookup (jsc#SLE-13615 bsc#1180100
ltc#190257 git-fixes).
- Refresh patches.suse/powerpc-cacheinfo-Lookup-cache-by-dt-node-and-thread.patch.
- Revert "/powerpc/topology: Update topology_core_cpumask"/
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Fold cpu_die() into its only caller (jsc#SLE-13615
bsc#1180100 ltc#190257 git-fixes).
- Refresh patches.suse/powerpc-cacheinfo-Lookup-cache-by-dt-node-and-thread.patch
- powerpc: Move arch_cpu_idle_dead() into smp.c (jsc#SLE-13615
bsc#1180100 ltc#190257 git-fixes).
- commit 6f6565a
- powerpc/pseries: Fix build error when NUMA=n (bsc#1190620
ltc#194498 git-fixes).
- commit 6c29f54
- cpuidle: pseries: Mark pseries_idle_proble() as __init
(jsc#SLE-13614 bsc#1176914 ltc#186394 git-fixes).
- commit 319f0f3
- xfs: fix up non-directory creation in SGID directories
(bsc#1190006 CVE-2018-13405).
- commit f5a61c4
- xfs: remove the icdinode di_uid/di_gid members (bsc#1190006).
- commit 7385144
- xfs: ensure that the inode uid/gid match values match the
icdinode ones (bsc#1190006).
- commit 0ddcc0f
- xfs: merge the projid fields in struct xfs_icdinode
(bsc#1190006).
- commit 3a30ff3
- Configure mpi3mr as currently unsupported (jsc#SLE-18120)
- commit aede7cc
- Revert "/sched/fair: Correctly insert cfs_rq's to list on unthrottle
(git-fixes)"/ (bsc#1191343, bsc#1191238)
The commit a7b359fc6a37 ("/sched/fair: Correctly insert cfs_rq's to list
on unthrottle"/) causes more severe problems than the problem it aims to
solve (corrupting cfs_rq leaf list vs insufficient fairness). While both
need to be solved eventually, revert the commit until non-breaking
solution is found.
Blacklist the commit as well, to prevent a regression via git-fixes.
This reverts commit 1732b9ba91b4b7a0822e98bd910feefbcb5424dc.
- commit b8c1ddd
- Revert "/sched/fair: Ensure that the CFS parent is added after unthrottling (git-fixes)."/
The reverted commit is a followup of a7b359fc6a37 ("/sched/fair:
Correctly insert cfs_rq's to list on unthrottle"/) which is going to be
reverted as part of short-term solution of bsc#1191343.
This reverts commit f3a38fbebab3f88070c129511f99a896f5532f7e.
- commit 4f925fc
- scsi: mpi3mr: Set up IRQs in resume path (jsc#SLE-18120).
- scsi: mpi3mr: Use the proper SCSI midlayer interfaces for PI
(jsc#SLE-18120).
- scsi: mpi3mr: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
(jsc#SLE-18120).
- commit fc7fb17
- fscrypt: add fscrypt_symlink_getattr() for computing st_size
(bsc#1191449).
- commit 549a3d8
- scsi: mpi3mr: Add event handling debug prints (jsc#SLE-18120).
- scsi: mpi3mr: Add EEDP DIF DIX support (jsc#SLE-18120).
- scsi: mpi3mr: Add support for DSN secure firmware check
(jsc#SLE-18120).
- scsi: mpi3mr: Add support for PM suspend and resume
(jsc#SLE-18120).
- scsi: mpi3mr: Wait for pending I/O completions upon detection
of VD I/O timeout (jsc#SLE-18120).
- scsi: mpi3mr: Print pending host I/Os for debugging
(jsc#SLE-18120).
- scsi: mpi3mr: Complete support for soft reset (jsc#SLE-18120).
- scsi: mpi3mr: Add support for threaded ISR (jsc#SLE-18120).
- scsi: mpi3mr: Hardware workaround for UNMAP commands to NVMe
drives (jsc#SLE-18120).
- scsi: mpi3mr: Allow certain commands during pci-remove hook
(jsc#SLE-18120).
- scsi: mpi3mr: Add change queue depth support (jsc#SLE-18120).
- scsi: mpi3mr: Implement SCSI error handler hooks
(jsc#SLE-18120).
- scsi: mpi3mr: Add bios_param SCSI host template hook
(jsc#SLE-18120).
- scsi: mpi3mr: Print IOC info for debugging (jsc#SLE-18120).
- scsi: mpi3mr: Add support for timestamp sync with firmware
(jsc#SLE-18120).
- scsi: mpi3mr: Add support for recovering controller
(jsc#SLE-18120).
- scsi: mpi3mr: Additional event handling (jsc#SLE-18120).
- scsi: mpi3mr: Add support for PCIe device event handling
(jsc#SLE-18120).
- scsi: mpi3mr: Add support for device add/remove event handling
(jsc#SLE-18120).
- scsi: mpi3mr: Add support for internal watchdog thread
(jsc#SLE-18120).
- scsi: mpi3mr: Add support for queue command processing
(jsc#SLE-18120).
- scsi: mpi3mr: Create operational request and reply queue pair
(jsc#SLE-18120).
- commit 259660e
- blk: Fix lock inversion between ioc lock and bfqd lock
(bsc#1191456).
- commit adb5e59
- bfq: Remove merged request already in bfq_requests_merged()
(bsc#1191456).
- commit 0d474e5
- fs, mm: fix race in unlinking swapfile (bsc#1191455).
- commit cd60ce3
- blacklist.conf: Blacklist 889c05cc5834
- commit ea30b1a
- scsi: mpi3mr: Base driver code (jsc#SLE-18120).
- Update config files (enabling tthe driver as a module)
- commit 3c0fd36
- blacklist.conf: Blacklist 6961fed42014
- commit b6fb7af
- blktrace: Fix uaf in blk_trace access after removing by sysfs
(bsc#1191452).
- commit a4f24d0
- block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451).
- commit 34735be
- ext4: fix reserved space counter leakage (bsc#1191450).
- commit 449ab75
- ext4: report correct st_size for encrypted symlinks
(bsc#1191449).
- commit 3669a7f
- bpf: Fix integer overflow in prealloc_elems_and_freelist()
(bsc#1191317, CVE-2021-41864).
- commit d4466f5
- kABI workaround for HD-audio probe retry changes (bsc#1190801).
- ALSA: hda: intel: Allow repeatedly probing on codec
configuration errors (bsc#1190801).
- commit 27f79df
- drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (git-fixes).
- ALSA: hda/realtek: Quirks to enable speaker output for Lenovo
Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops
(git-fixes).
- ASoC: dapm: use component prefix when checking widget names
(git-fixes).
- commit 9bf3e05
- Add cherry-picked commit id to the usb hso fix (git-fixes)
- commit a4c3be7
- drm/amd/display: Pass PCI deviceid into DC (git-fixes).
- e100: fix buffer overrun in e100_get_regs (git-fixes).
- e100: fix length calculation in e100_get_regs_len (git-fixes).
- HID: u2fzero: ignore incomplete packets without data
(git-fixes).
- HID: betop: fix slab-out-of-bounds Write in betop_probe
(git-fixes).
- net: hso: add failure handler for add_net_device (git-fixes).
- HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes).
- usb: hso: remove the bailout parameter (git-fixes).
- usb: hso: fix error handling code of hso_create_net_device
(git-fixes).
- e100: handle eeprom as little endian (git-fixes).
- hso: fix bailout in error case of probe (git-fixes).
- PCI: Fix pci_host_bridge struct device release/free handling
(git-fixes).
- commit 51aaf55
- scsi: mpi3mr: Add mpi30 Rev-R headers and Kconfig
(jsc#SLE-18120).
- Update config files.
- commit 54f9bad
- PM / devfreq: rk3399_dmc: Remove unneeded semicolon (git-fixes).
- PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu
is absent (git-fixes).
- PM / devfreq: rk3399_dmc: Disable devfreq-event device when
fails (git-fixes).
- PM / devfreq: rk3399_dmc: Add missing of_node_put() (git-fixes).
- PM / devfreq: rk3399_dmc: Fix spelling typo (git-fixes).
- commit b4b8a3b
- Update kabi files.
- update from October 2021 maintenance update submission (commit c909dd500033)
- commit d500b18
- rpm: use _rpmmacrodir (boo#1191384)
- commit e350c14
- net: 6pack: fix slab-out-of-bounds in decode_data
(CVE-2021-42008 bsc#1191315).
- commit b0db75a
- x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289).
- powercap: intel_rapl: add support for Sapphire Rapids
(jsc#SLE-15289).
- commit 053c38b
- series.conf: cleanup
- move a kabi workaround into correct section:
patches.kabi/ipvs-Fix-up-kabi-for-expire_nodest_conn_work-additio.patch
- commit bc02214
- sched/fair: Add ancestors of unthrottled undecayed cfs_rq
(bsc#1191292).
- commit d8d828e
- blacklist.conf: Update for 51e1bb9eeaf7
- commit fe28675
- x86/alternatives: Teach text_poke_bp() to emulate instructions
(bsc#1185302).
- Refresh
patches.suse/x86-alternatives-sync-bp_patching-update-for-avoiding-null-pointer-exception.patch.
- commit ef191ae
- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).
- blk-mq: don't deactivate hctx if managed irq isn't used
(bsc#1185762).
- blk-mq: mark if one queue map uses managed irq (bsc#1185762).
- genirq: add device_has_managed_msi_irq (bsc#1185762).
- commit 71f9eaf
- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).
- blk-mq: don't deactivate hctx if managed irq isn't used
(bsc#1185762).
- blk-mq: mark if one queue map uses managed irq (bsc#1185762).
- genirq: add device_has_managed_msi_irq (bsc#1185762).
- commit 57a6cb7
- blacklist.conf: 3a1255396b5a x86/alternatives: add missing insn.h include
- commit 53a5b9c
- hwmon: (tmp421) fix rounding for negative values (git-fixes).
- hwmon: (tmp421) report /PVLD condition as fault (git-fixes).
- hwmon: (mlxreg-fan) Return non-zero value when fan current
state is enforced from sysfs (git-fixes).
- commit 2560193
- ipc: remove memcg accounting for sops objects in do_semtimedop()
(bsc#1190115).
- Delete
patches.suse/ipc-remove-memcg-accounting-for-sops-objects.patch.
Refreshing patch with upstream metadata.
- commit 2d6ef2e
- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).
- commit 628c3ee
- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).
- commit 466f31b
- powerpc/powernv: Fix machine check reporting of async store
errors (bsc#1065729).
- commit 0b715ae
- powerpc/perf: Fix the check for SIAR value (bsc#1065729).
- powerpc/perf: Drop the case of returning 0 as instruction
pointer (bsc#1065729).
- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).
- powerpc/perf: Fix crash in perf_instruction_pointer() when
ppmu is not set (bsc#1065729).
- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).
- powerpc/perf: Use the address from SIAR register to set cpumode
flags (bsc#1065729).
- commit f3110f1
- drm/i915/rkl: Remove require_force_probe protection
(bsc#1189257).
- commit 94530db
- apparmor: remove duplicate macro list_entry_is_head()
(git-fixes).
- commit 514b75b
- xhci: Set HCD flag to defer primary roothub registration
(git-fixes).
- commit 8f4e75e
- USB: serial: option: add device id for Foxconn T99W265
(git-fixes).
- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital
Multimeter (git-fixes).
- USB: serial: option: add Telit LN920 compositions (git-fixes).
- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
(git-fixes).
- usb: core: hcd: Add support for deferring roothub registration
(git-fixes).
- commit 0a6378c
- mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes).
- mac80211-hwsim: fix late beacon hrtimer handling (git-fixes).
- mac80211: mesh: fix potentially unaligned access (git-fixes).
- mac80211: limit injected vht mcs/nss in
ieee80211_parse_tx_radiotap (git-fixes).
- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk
(git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes).
- spi: Fix tegra20 build with CONFIG_PM=n (git-fixes).
- tty: synclink_gt, drop unneeded forward declarations
(git-fixes).
- commit dbd9f90
- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
(git-fixes).
- ALSA: firewire-motu: fix truncated bytes in message tracepoints
(git-fixes).
- ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes).
- ASoC: fsl_micfil: register platform component before registering
cpu dai (git-fixes).
- ASoC: mediatek: common: handle NULL case in suspend/resume
function (git-fixes).
- media: cedrus: Fix SUNXI tile size calculation (git-fixes).
- watchdog/sb_watchdog: fix compilation problem due to
COMPILE_TEST (git-fixes).
- dmaengine: xilinx_dma: Set DMA mask for coherent APIs
(git-fixes).
- dmaengine: ioat: depends on !UML (git-fixes).
- console: consume APC, DM, DCS (git-fixes).
- commit 71b860e
- thermal/core: Potential buffer overflow in
thermal_build_list_of_policies() (git-fixes).
- rtc: rx8010: select REGMAP_I2C (git-fixes).
- pwm: stm32-lp: Don't modify HW state in .remove() callback
(git-fixes).
- pwm: rockchip: Don't modify HW state in .remove() callback
(git-fixes).
- pwm: img: Don't modify HW state in .remove() callback
(git-fixes).
- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
(git-fixes).
- PCI: pci-bridge-emul: Fix array overruns, improve safety
(git-fixes).
- PCI: pci-bridge-emul: Fix big-endian support (git-fixes).
- commit a8d4022
- fpga: machxo2-spi: Fix missing error code in
machxo2_write_complete() (git-fixes).
- fpga: machxo2-spi: Return an error on failure (git-fixes).
- serial: mvebu-uart: fix driver's tx_empty callback (git-fixes).
- USB: serial: option: remove duplicate USB device ID (git-fixes).
- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
(git-fixes).
- usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes).
- gpio: uniphier: Fix void functions to remove return value
(git-fixes).
- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
(git-fixes).
- ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes).
- commit 79aec8d
- clk: at91: clk-generated: pass the id of changeable parent at
registration (git-fixes).
- Refresh
patches.suse/clk-at91-clk-generated-Limit-the-requested-rate-to-o.patch.
- commit 39cefdd
- drm/amd/amdgpu: Update debugfs link_settings output link_rate
field in hex (git-fixes).
- drm: avoid blocking in drm_clients_info's rcu section
(git-fixes).
- drm/gma500: Fix end of loop tests for list_for_each_entry
(git-fixes).
- drm/amdgpu: Fix BUG_ON assert (git-fixes).
- staging: board: Fix uninitialized spinlock when attaching genpd
(git-fixes).
- ath9k: fix sleeping in atomic context (git-fixes).
- ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes).
- Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes).
- include/linux/list.h: add a macro to test if entry is pointing
to the head (git-fixes).
- commit 60017cf
- drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes).
- gpu: drm: amd: amdgpu: amdgpu_i2c: fix
possible uninitialized-variable access in
amdgpu_i2c_router_select_ddc_port() (git-fixes).
- drm/amd/display: Fix timer_per_pixel unit error (git-fixes).
- media: TDA1997x: fix tda1997x_query_dv_timings() return value
(git-fixes).
- media: v4l2-dv-timings.c: fix wrong condition in two for-loops
(git-fixes).
- media: imx258: Limit the max analogue gain to 480 (git-fixes).
- iio: dac: ad5624r: Fix incorrect handling of an optional
regulator (git-fixes).
- staging: ks7010: Fix the initialization of the 'sleep_status'
structure (git-fixes).
- iwlwifi: mvm: fix a memory leak in
iwl_mvm_mac_ctxt_beacon_changed (git-fixes).
- drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object
to 0 in amdgpu_dm_update_backlight_caps (git-fixes).
- commit 4c6f48f
- PCI: Add AMD GPU multi-function power dependencies (git-fixes).
- mfd: Don't use irq_create_mapping() to resolve a mapping
(git-fixes).
- media: imx258: Rectify mismatch of VTS value (git-fixes).
- media: rc-loopback: return number of emitters rather than error
(git-fixes).
- media: uvc: don't do DMA on stack (git-fixes).
- media: dib8000: rewrite the init prbs logic (git-fixes).
- parport: remove non-zero check on count (git-fixes).
- mmc: core: Return correct emmc response in case of ioctl error
(git-fixes).
- mmc: rtsx_pci: Fix long reads when clock is prescaled
(git-fixes).
- mmc: sdhci-of-arasan: Check return value of non-void funtions
(git-fixes).
- commit 9209c5a
- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
(git-fixes).
- PCI: aardvark: Increase polling delay to 1.5s while waiting
for PIO response (git-fixes).
- PCI: aardvark: Fix checking for PIO status (git-fixes).
- PM: base: power: don't try to use non-existing RTC for storing
data (git-fixes).
- PCI: Add ACS quirks for Cavium multi-function devices
(git-fixes).
- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
(git-fixes).
- PCI: ibmphp: Fix double unmap of io_mem (git-fixes).
- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
(git-fixes).
- PCI: Use pci_update_current_state() in pci_enable_device_flags()
(git-fixes).
- commit 61f24a4
- rtc: tps65910: Correct driver module alias (git-fixes).
- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
(git-fixes).
- usb: gadget: u_ether: fix a potential null pointer dereference
(git-fixes).
- usb: host: fotg210: fix the actual_length of an iso packet
(git-fixes).
- serial: sh-sci: fix break handling for sysrq (git-fixes).
- serial: 8250_pci: make setup_port() parameters explicitly
unsigned (git-fixes).
- serial: 8250: Define RX trigger levels for OxSemi 950 devices
(git-fixes).
- tty: serial: jsm: hold port lock when reporting modem line
changes (git-fixes).
- staging: rts5208: Fix get_ms_information() heap buffer size
(git-fixes).
- commit f3797b6
- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes).
- video: fbdev: riva: Error out if 'pixclock' equals zero
(git-fixes).
- video: fbdev: kyro: Error out if 'pixclock' equals zero
(git-fixes).
- video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
(git-fixes).
- video: fbdev: kyro: fix a DoS bug by restricting user input
(git-fixes).
- usbip:vhci_hcd USB port can get stuck in the disabled state
(git-fixes).
- usbip: give back URBs for unsent unlink requests during cleanup
(git-fixes).
- usb: musb: musb_dsps: request_irq() after initializing musb
(git-fixes).
- usb: host: fotg210: fix the endpoint's transactional
opportunities calculation (git-fixes).
- commit f1407f0
- kabi/severities: skip kABI check for ath9k-local symbols (CVE-2020-3702 bsc#1191193)
ath9k modules have some exported symbols for the common helpers
and the recent fixes broke kABI of those. They are specific to
ath9k's own usages, so safe to ignore.
- commit 7579b4b
- kABI compatibility for ath_key_delete() changes (CVE-2020-3702
bsc#1191193).
- commit bc02804
- ath9k: Postpone key cache entry deletion for TXQ frames
reference it (CVE-2020-3702 bsc#1191193).
- ath: Modify ath_key_delete() to not need full key entry
(CVE-2020-3702 bsc#1191193).
- ath: Export ath_hw_keysetmac() (CVE-2020-3702 bsc#1191193).
- commit 5fe383f
- Refresh
patches.kabi/scsi-fc-kABI-fixes-for-new-ELS_RDP-definition.patch.
- commit 7f69543
- Update patches.kabi/NFS-pass-cred-explicitly-for-access-tests.patch
(bsc#1190746 bsc#1191172).
cache.group_info (aka cache.cred) was not properly initialized when
- >access() was called.
- commit 9ff84db
- ipc: replace costly bailout check in sysvipc_find_ipc()
(bsc#1159886 bsc#1188986 CVE-2021-3669).
- ipc/util.c: use binary search for max_idx (bsc#1159886).
- commit af97833
- scsi/fc: kABI fixes for new ELS_EDC, ELS_RDP definition
(bsc#1171688 bsc#1174003 bsc#1190576).
- commit 3952cc0
- Update config files.
- commit 48075c9
- fix patch metadata
- fix Patch-mainline:
- patches.suse/net-mana-Fix-a-memory-leak-in-an-error-handling-path.patch
- commit 12cbf84
- series.conf: cleanup
- move submitted patches to "/almost mainline"/ section:
- patches.suse/NFS-change-nfs_access_get_cached-to-only-report-the-.patch
- patches.suse/NFS-pass-cred-explicitly-for-access-tests.patch
- patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch
- commit a3b4285
- btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626).
- commit b88ab2e
- blacklist.conf: too intrusive, gone in through SP3
- commit a81e8d3
- blacklist.conf: too intrusive, gone in through SP3
- commit 4bedee6
- blacklist.conf: too intrusive, gone in through SP3
- commit 0474866
- blacklist.conf: kABI
- commit e8337cf
- cpuidle: pseries: Do not cap the CEDE0 latency in
fixup_cede0_latency() (bsc#1185550 ltc#192610 git-fixes
jsc#SLE-18128).
- commit cfe4b84
- x86/mm: Fix kern_addr_valid() to cope with existing but not
present entries (bsc#1152489).
- commit 1efaf04
- x86/asm: Fix SETZ size enqcmds() build failure (bsc#1178134).
- commit 54b59b3
- Refresh
patches.suse/drm-amd-display-Initialize-attribute-for-hdcp_srm-sy.patch.
Added Alt-commit for duplicate
- commit 86167e7
- drm/ast: Fix missing conversions to managed API (git-fixes).
- commit cab6852
- Refresh patches.suse/drm-i915-Fix-crash-in-auto_retire.patch.
Added Alt-commit for duplicate
- commit 334db42
- drm/ingenic: Switch IPU plane to type OVERLAY (git-fixes).
- commit ed3952b
- drm/pl111: depend on CONFIG_VEXPRESS_CONFIG (git-fixes).
- commit 4e7e865
- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185726).
- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185726).
- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726).
- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726).
- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726).
- hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185726).
- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185726).
- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185726).
- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185726).
- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726).
- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185726).
- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185726).
- commit 44e26ca
- Refresh
patches.suse/drm-amdgpu-Init-GFX10_ADDR_CONFIG-for-VCN-v3-in-DPG-.patch.
Added Alt-commit for duplicate
- commit fa028bf
- nvme: avoid race in shutdown namespace removal (bsc#1188067).
- commit bac299d
- nvme: fix refcounting imbalance when all paths are down
(bsc#1188067).
- Refresh
patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch.
- commit 44b2d54
- series: Update meta data and resort
Refresh the metad data and sort into correct position:
patches.suse/scsi-lpfc-Fix-CPU-to-from-endian-warnings-introduced.patch
patches.suse/scsi-lpfc-Fix-compilation-errors-on-kernels-with-no-.patch
patches.suse/scsi-lpfc-Fix-gcc-Wstringop-overread-warning-again.patch
patches.suse/scsi-lpfc-Fix-sprintf-overflow-in-lpfc_display_fpin_.patch
patches.suse/scsi-lpfc-Remove-unneeded-variable.patch
patches.suse/scsi-lpfc-Use-correct-scnprintf-limit.patch
- commit 12f1564
- Update
patches.suse/Bluetooth-check-for-zapped-sk-before-connecting.patch
(CVE-2021-3752 bsc#1190023).
- commit 6b966b4
- Update
patches.suse/Bluetooth-check-for-zapped-sk-before-connecting.patch
(CVE-2021-3752 bsc#1190023).
- commit 65458cc
- drm/mgag200: Select clock in PLL update functions (git-fixes).
- commit 8e058be
- Restore kabi after NFS: pass cred explicitly for access tests
(bsc#1190746).
- NFS: don't store 'struct cred *' in struct nfs_access_entry
(bsc#1190746).
- NFS: pass cred explicitly for access tests (bsc#1190746).
- NFS: change nfs_access_get_cached to only report the mask
(bsc#1190746).
- commit 907996a
- dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER
(git-fixes).
- commit 931b672
- usb: musb: tusb6010: uninitialized data in
tusb_fifo_write_unaligned() (git-fixes).
- commit 11a541f
- drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume
__maybe_unused (git-fixes).
- commit 6bec20e
- drm/i915: Allow the sysadmin to override security mitigations
(git-fixes).
- commit c1eb827
- erofs: fix up erofs_lookup tracepoint (git-fixes).
- commit 3009743
- EDAC/synopsys: Fix wrong value type assignment for edac_mode
(bsc#1152489).
- commit 15eb225
- kernel-binary.spec: Do not sign kernel when no key provided
(bsc#1187167 bsc#1191240 ltc#194716).
- kernel-binary.spec: Do not sign kernel when no key provided
(bsc#1187167).
- commit c909dd5
- enetc: Fix uninitialized struct dim_sample field usage
(git-fixes).
- PCI: of: Don't fail devm_pci_alloc_host_bridge() on missing
'ranges' (git-fixes).
- mmc: sdhci: Fix issue with uninitialized dma_slave_config
(git-fixes).
- net: ethernet: ti: cpsw: fix min eth packet size for non-switch
use-cases (git-fixes).
- optee: Fix memory leak when failing to register shm pages
(git-fixes).
- commit 1758b20
- powerpc: fix function annotations to avoid section mismatch
warnings with gcc-10 (bsc#1148868).
- commit 9e9276f
- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543
ltc#194523).
- Refresh patches.suse/pseries-drmem-update-LMBs-after-LPM.patch
- commit e17894e
- Revert "/rpm: Abolish scritplet templating (bsc#1189841)."/ (bsc#1190598)
This reverts commit e98096d5cf85dbe90f74a930eb1f0e3fe4a70c7f.
These changes depend on a suse-module-tools update which has not reached
SLE15-SP2/3 and Leap 15.2/3 yet, causing both build failures and
unsatisfiable dependency of resulting binary packages.
Revert the commit temporarily until suse-module-tools is updated.
- commit 7d43568
- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).
- commit 9763078
- powerpc/pseries: Prevent free CPU ids being reused on another
node (bsc#1190620 ltc#194498).
- commit 7097b6c
- net: sched: sch_teql: fix null-pointer dereference
(bsc#1190717).
- commit 0a89f09
- x86/alternatives: Teach text_poke_bp() to emulate instructions
(bsc#1190561).
- Refresh
patches.suse/x86-alternatives-sync-bp_patching-update-for-avoiding-null-pointer-exception.patch.
- commit 1c9f1df
- kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as
well.
Fixes: e98096d5cf85 ("/rpm: Abolish scritplet templating (bsc#1189841)."/)
- commit e082fbf
- mm/swap: consider max pages in iomap_swapfile_add_extent
(bsc#1190785).
- commit afb626e
- iomap: Fix negative assignment to unsigned sis->pages in
iomap_swapfile_activate (bsc#1190784).
- commit 7126cba
- scsi: lpfc: Fix gcc -Wstringop-overread warning, again
(bsc#1190576).
- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).
- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn()
(bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).
- scsi: lpfc: Improve PBDE checks during SGL processing
(bsc#1190576).
- scsi: lpfc: Zero CGN stats only during initial driver load
and stat reset (bsc#1190576).
- scsi: lpfc: Fix I/O block after enabling managed congestion mode
(bsc#1190576).
- scsi: lpfc: Adjust bytes received vales during cmf timer
interval (bsc#1190576).
- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).
- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines
(bsc#1190576).
- scsi: lpfc: Fix NVMe I/O failover to non-optimized path
(bsc#1190576).
- scsi: lpfc: Don't remove ndlp on PRLI errors in P2P mode
(bsc#1190576).
- scsi: lpfc: Fix rediscovery of tape device after LIP
(bsc#1190576).
- scsi: lpfc: Fix hang on unload due to stuck fport node
(bsc#1190576).
- scsi: lpfc: Fix premature rpi release for unsolicited TPLS
and LS_RJT (bsc#1190576).
- scsi: lpfc: Don't release final kref on Fport node while ABTS
outstanding (bsc#1190576).
- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
(bsc#1190576).
- scsi: lpfc: Remove unneeded variable (bsc#1190576).
- scsi: lpfc: Fix compilation errors on kernels with no
CONFIG_DEBUG_FS (bsc#1190576).
- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS
processing (bsc#1190576).
- commit 1435c13
- blacklist.conf: kABI
- commit 3cb18d9
- blacklist.conf: kABI
- commit dcb25ee
- blacklist.conf: kABI
- commit d400b4c
- docs: Fix infiniband uverbs minor number (git-fixes).
- commit 0fb9cd2
- usb: dwc2: Avoid leaving the error_debugfs label unused
(git-fixes).
- commit fb08350
- ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943).
- ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943).
- ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758
ltc#191943).
- ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758
ltc#191943).
- ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758
ltc#191943).
- ibmvnic: Fix up some comments and messages (bsc#1190758
ltc#191943).
- ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758
ltc#191943).
- commit dea5bd2
- x86/resctrl: Fix a maybe-uninitialized build warning treated
as error (bsc#1152489).
- x86/resctrl: Fix default monitoring groups reporting
(bsc#1152489).
- commit 450cdb2
- vmxnet3: update to version 6 (bsc#1190406).
- commit 8d3dc67
- vmxnet3: increase maximum configurable mtu to 9190
(bsc#1190406).
- commit bd5109d
- vmxnet3: set correct hash type based on rss information
(bsc#1190406).
- commit e1e474b
- vmxnet3: add support for ESP IPv6 RSS (bsc#1190406).
- commit 1687646
- vmxnet3: remove power of 2 limitation on the queues
(bsc#1190406).
- commit f3834f6
- vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406).
- commit fbdf2fe
- vmxnet3: prepare for version 6 changes (bsc#1190406).
- commit 7e0fe82
- fuse: truncate pagecache on atomic_o_trunc (bsc#1190705).
- commit 73351a3
- xfs: sync lazy sb accounting on quiesce of read-only mounts
(bsc#1190679).
- commit 668fdef
- blacklist.conf: 3bff147b187d x86/mce: Defer processing of early errors
- commit 7e0dc1d
- s390/unwind: use current_frame_address() to unwind current task
(bsc#1185677).
- commit 92c31e7
- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI
(bsc#1190576).
- scsi: lpfc: Copyright updates for 14.0.0.1 patches
(bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).
- scsi: lpfc: Add bsg support for retrieving adapter cmf data
(bsc#1190576).
- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).
- scsi: lpfc: Add debugfs support for cm framework buffers
(bsc#1190576).
- scsi: lpfc: Add support for maintaining the cm statistics buffer
(bsc#1190576).
- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).
- scsi: lpfc: Add support for the CM framework (bsc#1190576).
- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).
- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).
- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).
- scsi: lpfc: Add EDC ELS support (bsc#1190576).
- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).
- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).
- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info
to firmware (bsc#1190576).
- scsi: fc: Add EDC ELS definition (bsc#1190576).
Refresh and update:
- patches.kabi/scsi-fc-kABI-fixes-for-new-ELS_RDP-definition.patch
- scsi: core: Add helper to return number of logical blocks in
a request (bsc#1190576).
- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
(bsc#1190576).
- scsi: core: Introduce the scsi_cmd_to_rq() function
(bsc#1190576).
- scsi: fc: Update formal FPIN descriptor definitions
(bsc#1190576).
- commit e13d431
- Refresh patches.suse/msft-hv-2119-irqdomain-treewide-Keep-firmware-node-unconditionall.patch.
Add else braces.
- commit f230c58
- series.conf: cleanup
- update upstream reference and resort:
- patches.suse/ibmvnic-check-failover_pending-in-login-response.patch
- commit 2b5f056
- kernel-binary.spec: Check for no kernel signing certificates.
Also remove unused variable.
- commit bdc323e
- Revert "/rpm/kernel-binary.spec: Use only non-empty certificates."/
This reverts commit 30360abfb58aec2c9ee7b6a27edebe875c90029d.
- commit 413e05b
- fuse: flush extending writes (bsc#1190595).
- cuse: fix broken release (bsc#1190596).
- commit 232b4ea
- rpm/kernel-binary.spec: Use only non-empty certificates.
- commit 30360ab
- ipvs: Fix up kabi for expire_nodest_conn_work addition
(bsc#1190467).
- ipvs: queue delayed work to expire no destination connections
if expire_nodest_conn=1 (bsc#1190467).
- ipvs: allow connection reuse for unconfirmed conntrack
(bsc#1190467).
- ipvs: avoid expiring many connections from timer (bsc#1190467).
- commit e0da213
- ext4: fix race writing to an inline_data file while its xattrs
are changing (bsc#1190159 CVE-2021-40490).
- commit 4fadd7d
- crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
(bsc#1189884 CVE-2021-3744 bsc#1190534 CVE-2021-3764).
- commit 4ee91a7
- xfs: allow mount/remount when stripe width alignment is zero
(bsc#1188651).
- commit e701c22
- bnxt_en: Fix asic.rev in devlink dev info command
(jsc#SLE-16649).
- bnxt_en: fix stored FW_PSID version masks (jsc#SLE-16649).
- RDMA/hns: Fix QP's resp incomplete assignment (jsc#SLE-14777).
- RDMA/rtrs: Remove a useless kfree() (jsc#SLE-15176).
- RDMA/mlx5: Delete not-available udata check (jsc#SLE-15175).
- IB/hfi1: Indicate DMA wait when txq is queued for wakeup
(jsc#SLE-13208).
- devlink: Clear whole devlink_flash_notify struct (bsc#1176447).
- net/mlx5: Fix missing return value in
mlx5_devlink_eswitch_inline_mode_set() (jsc#SLE-15172).
- ionic: cleanly release devlink instance (bsc#1167773).
- ionic: drop useless check of PCI driver data validity
(bsc#1167773).
- i40e: improve locking of mac_filter_hash (jsc#SLE-13701).
- igc: Use num_tx_queues when iterating over tx_ring queue
(jsc#SLE-13533).
- ice: do not abort devlink info if board identifier can't be
found (jsc#SLE-12878).
- sch_cake: fix srchost/dsthost hashing mode (bsc#1176447).
- ice: don't remove netdev->dev_addr from uc sync list
(git-fixes).
- bareudp: Fix invalid read beyond skb's linear data
(jsc#SLE-15172).
- RDMA/mlx5: Delay emptying a cache entry when a new MR is added
to it recently (jsc#SLE-15175).
- commit 3dc7052
- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
(git-fixes).
- debugfs: Return error during {full/open}_proxy_open() on rmmod
(bsc#1173746).
- devlink: Break parameter notification sequence to be
before/after unload/load driver (bsc#1154353).
- net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes).
- ionic: cleanly release devlink instance (bsc#1167773).
- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).
- cxgb4: dont touch blocked freelist bitmap after free
(git-fixes).
- e1000e: Do not take care about recovery NVM checksum
(jsc#SLE-8100).
- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).
- xgene-v2: Fix a resource leak in the error handling path of
'xge_probe()' (git-fixes).
- RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init()
(bsc#1170774).
- iavf: Fix ping is lost after untrusted VF had tried to change
MAC (jsc#SLE-7940).
- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
(git-fixes).
- bnxt_en: Add missing DMA memory barriers (git-fixes).
- bnxt_en: Disable aRFS if running on 212 firmware (git-fixes).
- bnxt: count Tx drops (git-fixes).
- bnxt: make sure xmit_more + errors does not miss doorbells
(git-fixes).
- bnxt: disable napi before canceling DIM (git-fixes).
- bnxt: don't lock the tx queue from napi poll (git-fixes).
- net/mlx5: Fix return value from tracer initialization
(git-fixes).
- net/mlx5e: Avoid creating tunnel headers for local route
(git-fixes).
- iavf: Set RSS LUT and key in reset handle path (git-fixes).
- ice: Prevent probing virtual functions (git-fixes).
- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).
- nfp: update ethtool reporting of pauseframe control (git-fixes).
- net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).
- net/mlx5: Unload device upon firmware fatal error (git-fixes).
- net/mlx5: E-Switch, handle devcom events only for ports on
the same device (git-fixes).
- net/mlx5: Fix flow table chaining (git-fixes).
- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).
- ionic: count csum_none when offload enabled (bsc#1167773).
- i40e: Fix log TC creation failure when max num of queues is
exceeded (git-fixes).
- i40e: Fix queue-to-TC mapping on Tx (git-fixes).
- i40e: Add additional info to PHY type error (git-fixes).
- i40e: Fix firmware LLDP agent related warning (git-fixes).
- i40e: Fix logic of disabling queues (git-fixes).
- bnxt_en: Do not enable legacy TX push on older firmware
(git-fixes).
- bnxt_en: Store the running firmware version code (git-fixes).
- commit f97144d
- powerpc/numa: Consider the max NUMA node for migratable LPAR
(bsc#1190544 ltc#194520).
- commit ea0d9bb
- iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha
(git-fixes).
- drm/msm/mdp4: move HW revision detection to earlier phase
(git-fixes).
- drm/msm/mdp4: refactor HW revision detection into
read_mdp_hw_revision (git-fixes).
- ASoC: rt5682: Remove unused variable in rt5682_i2c_remove()
(git-fixes).
- ASoC: rt5682: Properly turn off regulators if wrong device ID
(git-fixes).
- ASoC: Intel: Fix platform ID matching (git-fixes).
- ASoC: rt5682: Implement remove callback (git-fixes).
- commit 6612614
- fbmem: don't allow too huge resolutions (git-fixes).
- backlight: pwm_bl: Improve bootloader/kernel device handover
(git-fixes).
- media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
(git-fixes).
- tty: Fix data race between tiocsti() and flush_to_ldisc()
(git-fixes).
- PM: EM: Increase energy calculation precision (git-fixes).
- libata: fix ata_host_start() (git-fixes).
- power: supply: max17042_battery: fix typo in MAx17042_TOFF
(git-fixes).
- power: supply: axp288_fuel_gauge: Report register-address on
readb / writeb errors (git-fixes).
- regmap: fix the offset of register error log (git-fixes).
- regmap: fix page selection for noinc writes (git-fixes).
- regmap: fix page selection for noinc reads (git-fixes).
- commit 0c36126
- time: Handle negative seconds correctly in timespec64_to_ns()
(git-fixes).
- mm: always have io_remap_pfn_range() set pgprot_decrypted()
(git-fixes).
- commit b2d42ef
- ibmvnic: check failover_pending in login response (bsc#1190523
ltc#194510).
- commit 9f9cec0
- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).
- Refresh
patches.suse/0002-x86-msi-Only-use-high-bits-of-MSI-address-for-DMAR-u.patch.
- Refresh
patches.suse/0004-x86-apic-Support-15-bits-of-APIC-ID-in-IOAPIC-MSI-wh.patch.
- Refresh
patches.suse/msft-hv-2119-irqdomain-treewide-Keep-firmware-node-unconditionall.patch.
- commit a89813f
- EDAC/i10nm: Fix NVDIMM detection (bsc#1152489).
- commit 9def092
- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
(bsc#1189297).
- commit 913942c
- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT
state (bsc#1190062).
- commit e5272e8
- clk: at91: clk-generated: Limit the requested rate to our range
(git-fixes).
- commit c432b6b
- nvme: only call synchronize_srcu when clearing current path
(bsc#1188067).
- nvme-tcp: Do not reset transport on data digest errors
(bsc#1188418).
- nvme-multipath: revalidate paths during rescan (bsc#1187211).
- commit 359f763
- phy: tegra: xusb: Fix dangling pointer on probe failure
(git-fixes).
- misc: sram: Only map reserved areas in Tegra SYSRAM (git-fixes).
- misc: sram: use devm_platform_ioremap_resource_wc() (git-fixes).
- commit b7afa19
- blacklist.conf: add efa non backportable patch
- commit ebbcbd1
- selftests/bpf: Fix bpf-iter-tcp4 test to print correctly the
dest IP (git-fixes).
- bpf, samples: Add missing mprog-disable to xdp_redirect_cpu's
optstring (git-fixes).
- libbpf: Fix removal of inner map in bpf_object__create_map
(git-fixes).
- libbpf: Fix the possible memory leak on error (git-fixes).
- bpf: Fix ringbuf helper function compatibility (git-fixes).
- tools: bpf: Fix error in 'make -C tools/ bpf_install'
(git-fixes).
- selftests/bpf: Whitelist test_progs.h from .gitignore
(git-fixes).
- bpftool: Add sock_release help info for cgroup attach/prog
load command (bsc#1177028).
- selftests/bpf: Define string const as global for
test_sysctl_prog.c (git-fixes).
- selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang
change (git-fixes).
- commit 37bd48e
- ipc: remove memcg accounting for sops objects in do_semtimedop()
(bsc#1190115).
- memcg: enable accounting of ipc resources (bsc#1190115
CVE-2021-3759).
- commit 84a3538
- usb: dwc2: Add missing cleanups when usb_add_gadget_udc()
fails (git-fixes).
- commit bc5a062
- ipc: remove memcg accounting for sops objects in do_semtimedop()
(bsc#1190115).
- commit 561fbd8
- series.conf: refresh
- update upstream references and resort:
- patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
- patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
- patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit ebb6bcb
- fixup "/rpm: support gz and zst compression methods"/ once more
(bsc#1190428, bsc#1190358)
Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 165378a
- PM: sleep: core: Avoid setting power.must_resume to false
(git-fixes).
- drm/panfrost: Use u64 for size in lock_region (git-fixes).
- dmaengine: idxd: clear block on fault flag when clear wq
(git-fixes).
- dmaengine: idxd: fix wq slot allocation index check (git-fixes).
- commit b255b0e
- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
- PCI: iproc: Fix BCMA probe resource handling (git-fixes).
- usb: dwc2: Fix error path in gadget registration (git-fixes).
- commit 59e7328
- thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
(git-fixes).
- drm/panfrost: Simplify lock_region calculation (git-fixes).
- dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
(git-fixes).
- mfd: lpc_sch: Rename GPIOBASE to prevent build error
(git-fixes).
- mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
(git-fixes).
- mfd: axp20x: Update AXP288 volatile ranges (git-fixes).
- gpio: mpc8xxx: Fix a resources leak in the error handling path
of 'mpc8xxx_probe()' (git-fixes).
- commit 75d69a6
- pwm: lpc32xx: Don't modify HW state in .probe() after the PWM
chip was registered (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 800
(git-fixes).
- PCI: Fix pci_dev_str_match_path() alloc while atomic bug
(git-fixes).
- PCI/portdrv: Enable Bandwidth Notification only if port supports
it (git-fixes).
- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
(git-fixes).
- PCI: Call Max Payload Size-related fixup quirks early
(git-fixes).
- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
ROG Strix G17 (git-fixes).
- reset: reset-zynqmp: Fixed the argument data type (git-fixes).
- gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for
(semi)planar U/V formats (git-fixes).
- commit f395ad9
- Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412)
Deleted and blacklisted:
patches.suse/platform-x86-intel_int0002_vgpio-Only-call-enable_ir.patch
patches.suse/platform-x86-intel_int0002_vgpio-Pass-irqchip-when-a.patch
- commit bebba41
- fixup "/rpm: support gz and zst compression methods"/ once more
Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 34e68f4
- Avoid double printing SUSE specific flags in mod->taint (bsc#1190413).
- commit 297a1a6
- fixup "/rpm: support gz and zst compression methods"/ (bsc#1190358, bsc#1190428).
Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
- fixup "/rpm: support gz and zst compression methods"/
Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
- commit 6c262f9
- kernel-cert-subpackage: Fix certificate location in scriptlets
(bsc#1189841).
Fixes: d9a1357edd73 ("/rpm: Define $certs as rpm macro (bsc#1189841)."/)
- commit 8684de8
- kernel-binary.spec.in Stop templating the scriptlets for subpackages
(bsc#1190358).
The script part for base package case is completely separate from the
part for subpackages. Remove the part for subpackages from the base
package script and use the KMP scripts for subpackages instead.
- commit 5d1f677
- kernel-binary.spec: Do not fail silently when KMP is empty
(bsc#1190358).
Copy the code from kernel-module-subpackage that deals with empty KMPs.
- commit d7d2e6e
- mm/vmscan: fix infinite loop in drop_slab_node (VM
Functionality, bsc#1189301).
- commit 016e8e0
- blacklist.conf: blacklist an unwanted commit
- commit 910824e
- SUNRPC: Simplify socket shutdown when not reusing TCP ports
(git-fixes).
- SUNRPC: Fix potential memory corruption (git-fixes).
- NFSv4/pNFS: Fix a layoutget livelock loop (git-fixes).
- nfsd4: Fix forced-expiry locking (git-fixes).
- lockd: Fix invalid lockowner cast after vfs_test_lock
(git-fixes).
- commit 59642ba
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
- commit 8c2fa8c
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
- commit a70a19d
- Sort nvme patches into linux-block.
- commit 090f7ef
- Refresh patches.suse/cpuidle-pseries-Fixup-CEDE0-latency-only-for-POWER10.patch
Update patch metadata.
- commit cbfec2a
- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481).
- Delete
patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch.
- commit bfb1107
- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1135481).
- commit 9722825
- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481).
- commit 350aa4f
- btrfs: rip out may_commit_transaction (bsc#1135481).
- commit 4606638
- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1135481).
- commit 631f16e
- btrfs: adjust the flush trace point to include the source (bsc#1135481).
- commit e32ea57
- btrfs: implement space clamping for preemptive flushing (bsc#1135481).
- commit ca710c1
- btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481).
- commit 4b02073
- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481).
- commit 7205c9f
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481).
- Refresh
patches.suse/btrfs-account-ticket-size-at-add-delete-time.patch.
- commit bcb2da5
- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481).
- commit fba4763
- btrfs: rename need_do_async_reclaim (bsc#1135481).
- commit f764126
- btrfs: improve preemptive background space flushing (bsc#1135481).
- commit 874aca2
- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481).
- commit 7ec1638
- btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481).
- commit c78869d
- btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc#1135481).
- commit c805821
- btrfs: add a trace point for reserve tickets (bsc#1135481).
- commit ed22c30
- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1135481).
- commit f6a0397
- ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
(git-fixes).
- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
ROG Strix G17 (git-fixes).
- gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for
(semi)planar U/V formats (git-fixes).
- commit 6335a8b
- SUNRPC: improve error response to over-size gss credential
(bsc#1190022).
- commit 0678bd3
- scsi: sg: add sg_remove_request in sg_write (bsc#1171420
CVE2020-12770).
- commit 59a4a94
- Bluetooth: schedule SCO timeouts with delayed_work
(CVE-2021-3640 bsc#1188172).
- Refresh
patches.suse/Bluetooth-fix-repeated-calls-to-sco_sock_kill.patch.
- Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch.
- commit 69c5b94
- sched/fair: Ensure that the CFS parent is added after unthrottling (git-fixes).
- commit f3a38fb
- rpm/kernel-source.spec.in: do some more for vanilla_only
Make sure:
* sources are NOT executable
* env is not used as interpreter
* timestamps are correct
We do all this for normal kernel builds, but not for vanilla_only
kernels (linux-next and vanilla).
- commit b41e4fd
- Revert "/memcg: enable accounting for file lock caches (bsc#1190115)."/
This reverts commit 78b761616bfb31a0d54806624e7c8db23fbeda9c.
It's effectively upstream commit
3754707bcc3e190e5dadc978d172b61e809cb3bd applied to kernel-source (to
avoid proliferation of patches). Make a note in blacklist.conf too.
- commit eba498f
- Update kabi files.
- update from September 2021 maintenance update submission (commit 21030bc7f9be)
- commit 63b67d5
- fix patch metadata
- fix Patch-mainline:
- patches.suse/mm-vmscan-guarantee-drop_slab_node-termination.patch
- commit bddec27
- blacklist.conf: kABI
- commit 2b1e710
- mm, vmscan: guarantee drop_slab_node() termination (VM
Functionality, bsc#1189301).
- commit 56cc71b
- Delete patches.kabi/cpuidle-cpuidle_state-kABI-fix.patch.
we don't have the field in sle15-sp3
- commit 0e3f58a
- blacklist.conf: cosmetic fix
- commit c872ce5
- EDAC/mce_amd: Do not load edac_mce_amd module on guests
(bsc#1190138).
- commit 2d1891d
- blacklist.conf: 33cba859220b ("/fscache: Fix fscache_cookie_put() to not deref after dec"/)
Needs prerequisites to backport which could be problematic.
- commit 648a5e5
- usb: dwc3: core: Properly default unspecified speed (git-fixes).
- commit 714137e
- libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
(git-fixes).
- commit 5a2ecd2
- kABI: revert change in struct bpf_insn_aux_data (bsc#1188983,
bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit 425bbd2
- memcg: enable accounting of ipc resources (bsc#1190115
CVE-2021-3759).
- memcg: enable accounting for file lock caches (bsc#1190115).
- commit 925e30c
- Refresh
patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch.
- commit f3cba28
- series.conf: cleanup
- update upstream references and resort:
- patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch
- commit 0d42678
- update nvme patch references and move them out of sorted section
Within a few days, nvme repository was not only rebased again but the
patches has been also reordered. To avoid further spurious git-sort errors,
move the nvme patches out of sorted section until they reach mainline or
some better behaving subsystem repository.
- update Git-commit and move out of sorted section:
- patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
- patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
- patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit 95e9f8b
- mm: fix memory_failure() handling of dax-namespace metadata
(bsc#1189872).
- commit e915313
- rpm: Fold kernel-devel and kernel-source scriptlets into spec files
(bsc#1189841).
These are unchanged since 2011 when they were introduced. No need to
track them separately.
- commit 692d38b
- rpm: Abolish image suffix (bsc#1189841).
This is used only with vanilla kernel which is not supported in any way.
The only effect is has is that the image and initrd symlinks are created
with this suffix.
These symlinks are not used except on s390 where the unsuffixed symlinks
are used by zipl.
There is no reason why a vanilla kernel could not be used with zipl as
well as it's quite unexpected to not be able to boot when only a vanilla
kernel is installed.
Finally we now have a backup zipl kernel so if the vanilla kernel is
indeed unsuitable the backup kernel can be used.
- commit e2f37db
- kernel-binary.spec: Define $image as rpm macro (bsc#1189841).
- commit e602b0f
- rpm: Define $certs as rpm macro (bsc#1189841).
Also pass around only the shortened hash rather than full filename.
As has been discussed in bsc#1124431 comment 51
https://bugzilla.suse.com/show_bug.cgi?id=1124431#c51 the placement of
the certificates is an API which cannot be changed unless we can ensure
that no two kernels that use different certificate location can be built
with the same certificate.
- commit d9a1357
- HID: input: do not report stylus battery state as "/full"/
(git-fixes).
- HID: i2c-hid: Fix Elan touchpad regression (git-fixes).
- pinctrl: samsung: Fix pinctrl bank pin count (git-fixes).
- pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
(git-fixes).
- pinctrl: single: Fix error return code in
pcs_parse_bits_in_pinctrl_entry() (git-fixes).
- clk: kirkwood: Fix a clocking boot regression (git-fixes).
- mailbox: sti: quieten kernel-doc warnings (git-fixes).
- overflow: Correct check_shl_overflow() comment (git-fixes).
- commit 835ad7d
- ASoC: rt5682: Adjust headset volume button threshold again
(git-fixes).
- commit 662b23e
- drm/nouveau/kms/nv50: workaround EFI GOP window channel format
differences (git-fixes).
- iwlwifi: pnvm: accept multiple HW-type TLVs (git-fixes).
- ASoC: component: Remove misplaced prefix handling in pin
control functions (git-fixes).
- ASoC: rt5682: Adjust headset volume button threshold
(git-fixes).
- commit db055cd
- mtd: rawnand: cafe: Fix a resource leak in the error handling
path of 'cafe_nand_probe()' (git-fixes).
- USB: serial: option: add new VID/PID to support Fibocom FG150
(git-fixes).
- drm/nouveau/disp: power down unused DP links during init
(git-fixes).
- drm: Copy drm_wait_vblank to user before returning (git-fixes).
- virtio_pci: Support surprise removal of virtio pci device
(git-fixes).
- commit ce46f13
- ocfs2: ocfs2_downconvert_lock failure results in deadlock
(bsc#1188439).
- commit d85d8fa
- cgroup1: fix leaked context root causing sporadic NULL deref
in LTP (bsc#1190181).
- commit d57aed6
- Refresh patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch.
- commit aec8493
- series.conf: cleanup
- update upstream references and resort:
- patches.suse/scsi-core-Add-scsi_prot_ref_tag-helper.patch
- patches.suse/scsi-ibmvfc-Do-not-wait-for-initial-device-scan.patch
- patches.suse/scsi-lpfc-Add-256-Gb-link-speed-support.patch
- patches.suse/scsi-lpfc-Add-PCI-ID-support-for-LPe37000-LPe38000-s.patch
- patches.suse/scsi-lpfc-Call-discovery-state-machine-when-handling.patch
- patches.suse/scsi-lpfc-Clear-outstanding-active-mailbox-during-PC.patch
- patches.suse/scsi-lpfc-Copyright-updates-for-12.8.0.11-patches.patch
- patches.suse/scsi-lpfc-Copyright-updates-for-14.0.0.0-patches.patch
- patches.suse/scsi-lpfc-Delay-unregistering-from-transport-until-G.patch
- patches.suse/scsi-lpfc-Discovery-state-machine-fixes-for-LOGO-han.patch
- patches.suse/scsi-lpfc-Enable-adisc-discovery-after-RSCN-by-defau.patch
- patches.suse/scsi-lpfc-Fix-KASAN-slab-out-of-bounds-in-lpfc_unreg.patch
- patches.suse/scsi-lpfc-Fix-NULL-ptr-dereference-with-NPIV-ports-f.patch
- patches.suse/scsi-lpfc-Fix-NVMe-support-reporting-in-log-message.patch
- patches.suse/scsi-lpfc-Fix-cq_id-truncation-in-rq-create.patch
- patches.suse/scsi-lpfc-Fix-function-description-comments-for-vmid.patch
- patches.suse/scsi-lpfc-Fix-memory-leaks-in-error-paths-while-issu.patch
- patches.suse/scsi-lpfc-Fix-possible-ABBA-deadlock-in-nvmet_xri_ab.patch
- patches.suse/scsi-lpfc-Fix-target-reset-handler-from-falsely-retu.patch
- patches.suse/scsi-lpfc-Improve-firmware-download-logging.patch
- patches.suse/scsi-lpfc-Keep-NDLP-reference-until-after-freeing-th.patch
- patches.suse/scsi-lpfc-Remove-REG_LOGIN-check-requirement-to-issu.patch
- patches.suse/scsi-lpfc-Remove-redundant-assignment-to-pointer-pcm.patch
- patches.suse/scsi-lpfc-Remove-use-of-kmalloc-in-trace-event-loggi.patch
- patches.suse/scsi-lpfc-Revise-Topology-and-RAS-support-checks-for.patch
- patches.suse/scsi-lpfc-Skip-issuing-ADISC-when-node-is-in-NPR-sta.patch
- patches.suse/scsi-lpfc-Skip-reg_vpi-when-link-is-down-for-SLI3-in.patch
- patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.11.patch
- patches.suse/scsi-lpfc-Update-lpfc-version-to-14.0.0.0.patch
- patches.suse/scsi-lpfc-Use-PBDE-feature-enabled-bit-to-determine-.patch
- patches.suse/scsi-qla2xxx-Fix-spelling-mistakes-allloc-alloc.patch
- patches.suse/scsi-qla2xxx-Fix-use-after-free-in-debug-code.patch
- patches.suse/scsi-qla2xxx-Remove-redundant-continue-statement-in-.patch
- patches.suse/scsi-qla2xxx-Remove-redundant-initialization-of-vari.patch
- patches.suse/scsi-qla2xxx-Remove-unused-variable-status.patch
- patches.suse/scsi-qla2xxx-Update-version-to-10.02.00.107-k.patch
- patches.suse/scsi-qla2xxx-Use-the-proper-SCSI-midlayer-interfaces.patch
- patches.suse/scsi-qla2xxx-edif-Add-authentication-pass-fail-bsgs.patch
- patches.suse/scsi-qla2xxx-edif-Add-detection-of-secure-device.patch
- patches.suse/scsi-qla2xxx-edif-Add-doorbell-notification-for-app.patch
- patches.suse/scsi-qla2xxx-edif-Add-encryption-to-I-O-path.patch
- patches.suse/scsi-qla2xxx-edif-Add-extraction-of-auth_els-from-th.patch
- patches.suse/scsi-qla2xxx-edif-Add-getfcinfo-and-statistic-bsgs.patch
- patches.suse/scsi-qla2xxx-edif-Add-key-update.patch
- patches.suse/scsi-qla2xxx-edif-Add-send-receive-and-accept-for-au.patch
- patches.suse/scsi-qla2xxx-edif-Add-start-stop-bsgs.patch
- patches.suse/scsi-qla2xxx-edif-Increment-command-and-completion-c.patch
- commit 9a3c219
- update patches metadata
Once again, the nvme repository branch has been rebased so that patches
from it must have their Git-commit tags updated to avoid git-sort errors.
- commit cca729c
- fix patch metadata
- fix Patch-mainline:
patches.suse/NFS-Correct-size-calculation-for-create-reply-length.patch
- commit fbde034
- series.conf: refresh
- update upstream references and resort:
- patches.suse/nvme-code-command_id-with-a-genctr-for-use-after-fre.patch
- patches.suse/nvme-pci-limit-maximum-queue-depth-to-4095.patch
- patches.suse/nvme-tcp-don-t-check-blk_mq_tag_to_rq-when-receiving.patch
- patches.suse/params-lift-param_set_uint_minmax-to-common-code.patch
- commit 5b98a5d
- cgroup: verify that source is a string (bsc#1190131).
- commit b8204f1
- blacklist.conf: Add 2ca11b0e043b cgroup: Fix kernel-doc
- commit 0b9195b
- Update patch reference for virtio_console fix (CVE-2021-38160 bsc#1190117)
- commit c8baed7
- rpm/config.sh: correct OBS_PROJECT to SUSE:SLE-15-SP3:Update
SP3 has been released long time ago
- commit c0223dc
- scsi: libfc: Fix array index out of bound exception
(bsc#1188616).
- commit de260d1
- nvme-tcp: Do not reset transport on data digest errors
(bsc#1188418).
- nvme: only call synchronize_srcu when clearing current path
(bsc#1188067).
- commit bbe789f
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/dp_mst: Fix return code on sideband message failure
(git-fixes).
- drm/prime: fix comment on PRIME Helpers (git-fixes).
- drm/of: free the iterator object on failure (git-fixes).
- drm/of: free the right object (git-fixes).
- ASoC: Intel: Skylake: Fix module resource and format selection
(git-fixes).
- ASoC: Intel: kbl_da7219_max98927: Fix format selection for
max98373 (git-fixes).
- ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in
mt8183_afe_pcm_dev_probe (git-fixes).
- commit a00572a
- VMCI: fix NULL pointer dereference when unmapping queue pair
(git-fixes).
- commit 45162f9
- usb: host: xhci-rcar: Don't reload firmware after the completion
(git-fixes).
- usb: bdc: Fix an error handling path in 'bdc_probe()' when no
suitable DMA config is available (git-fixes).
- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
(git-fixes).
- usb: gadget: mv_u3d: request_irq() after initializing UDC
(git-fixes).
- usb: phy: tahvo: add IRQ check (git-fixes).
- usb: host: ohci-tmio: add IRQ check (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
(git-fixes).
- usb: mtu3: fix the wrong HS mult value (git-fixes).
- usb: mtu3: use @mult for HS isoc or intr (git-fixes).
- usb: phy: twl6030: add IRQ checks (git-fixes).
- commit 2b2a9dc
- soc: qcom: smsm: Fix missed interrupts if state changes while
masked (git-fixes).
- soc: qcom: rpmhpd: Use corner in power_off (git-fixes).
- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes).
- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes).
- usb: phy: fsl-usb: add IRQ check (git-fixes).
- usb: gadget: udc: at91: add IRQ check (git-fixes).
- usb: dwc3: meson-g12a: add IRQ check (git-fixes).
- tty: serial: fsl_lpuart: fix the wrong mapbase value
(git-fixes).
- staging: rtl8192u: Fix bitwise vs logical operator in
TranslateRxSignalStuff819xUsb() (git-fixes).
- commit 7e7cd62
- media: venus: venc: Fix potential null pointer dereference on
pointer fmt (git-fixes).
- media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
(git-fixes).
- media: stkwebcam: fix memory leak in stk_camera_probe
(git-fixes).
- media: go7007: remove redundant initialization (git-fixes).
- media: go7007: fix memory leak in go7007_usb_probe (git-fixes).
- media: dvb-usb: Fix error handling in dvb_usb_i2c_init
(git-fixes).
- media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
(git-fixes).
- media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
(git-fixes).
- media: cxd2880-spi: Fix an error handling path (git-fixes).
- commit c67010c
- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes).
- drm/msm/dsi: Fix some reference counted resource leaks
(git-fixes).
- drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear
necessary LMs (git-fixes).
- drm/amdgpu/acp: Make PM domain really work (git-fixes).
- drm/panfrost: Fix missing clk_disable_unprepare() on error in
panfrost_clk_init() (git-fixes).
- media: TDA1997x: enable EDID support (git-fixes).
- fpga: zynqmp-fpga: Address warning about unused variable
(git-fixes).
- fpga: xiilnx-spi: Address warning about unused variable
(git-fixes).
- fpga: altera-freeze-bridge: Address warning about unused
variable (git-fixes).
- commit 6aaa769
- dmaengine: imx-sdma: remove duplicated sdma_load_context
(git-fixes).
- Revert "/dmaengine: imx-sdma: refine to load context only once"/
(git-fixes).
- ASoC: wcd9335: Disable irq on slave ports in the remove function
(git-fixes).
- ASoC: wcd9335: Fix a memory leak in the error handling path
of the probe function (git-fixes).
- ASoC: wcd9335: Fix a double irq free in the remove function
(git-fixes).
- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
(git-fixes).
- ASoC: ti: delete some dead code in omap_abe_probe() (git-fixes).
- ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes).
- ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
(git-fixes).
- commit bdcb5b3
- xprtrdma: Pad optimization, revisited (bsc#1189760).
- commit 0acbfd0
- Refresh
patches.suse/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch.
- commit fa03a78
- Refresh
patches.suse/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch.
- commit 2264bac
- iwlwifi: skip first element in the WTAS ACPI table (git-fixes).
- Bluetooth: btusb: check conditions before enabling USB ALT 3
for WBS (git-fixes).
- Bluetooth: mgmt: Fix wrong opcode in the response for add_adv
cmd (git-fixes).
- Bluetooth: btusb: Fix a unspported condition to set available
debug features (git-fixes).
- commit 084b82e
- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
(CVE-2021-3640 bsc#1188172).
- commit a21f4da
- Move upstreamed BT fixes into sorted section
- commit 0de160e
- brcmfmac: pcie: fix oops on failure to resume and reprobe
(git-fixes).
- bcma: Fix memory leak for internally-handled cores (git-fixes).
- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
(git-fixes).
- rsi: fix an error code in rsi_probe() (git-fixes).
- rsi: fix error code in rsi_load_9116_firmware() (git-fixes).
- mac80211: Fix insufficient headroom issue for AMSDU (git-fixes).
- Bluetooth: add timeout sanity check to hci_inquiry (git-fixes).
- Bluetooth: fix repeated calls to sco_sock_kill (git-fixes).
- Bluetooth: increase BTNAMSIZ to 21 chars to fix potential
buffer overflow (git-fixes).
- Bluetooth: sco: prevent information leak in
sco_conn_defer_accept() (git-fixes).
- leds: trigger: audio: Add an activate callback to ensure the
initial brightness is set (git-fixes).
- i2c: mt65xx: fix IRQ check (git-fixes).
- i2c: s3c2410: fix IRQ check (git-fixes).
- i2c: iop3xx: fix deferred probing (git-fixes).
- i2c: highlander: add IRQ check (git-fixes).
- mmc: moxart: Fix issue with uninitialized dma_slave_config
(git-fixes).
- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
(git-fixes).
- PCI: PM: Enable PME if it can be signaled from D3cold
(git-fixes).
- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
(git-fixes).
- commit 9a711f4
- Add alt-commit for a BT fix patch (git-fixes)
- commit 3dbcbb3
- nvme-multipath: revalidate paths during rescan (bsc#1187211)
- commit b61f128
- usb: dwc3: Add support for DWC_usb32 IP (git-fixes).
- Refresh
patches.suse/usb-dwc3-gadget-Enable-suspend-events.patch.
- commit 8846c72
- md: revert io stats accounting (git-fixes).
- device-dax: Fix default return code of range_parse()
(git-fixes).
- commit b8e948b
- vt_kdsetmode: extend console locking (bsc#1190025
CVE-2021-3753).
- commit 025c5d0
- nbd: Aovid double completion of a request (git-fixes).
- commit 7a1bece
- nbd: Fix NULL pointer in flush_workqueue (git-fixes).
- dm rq: fix double free of blk_mq_tag_set in dev remove after
table load fails (git-fixes).
- dm integrity: fix missing goto in bitmap_flush_interval error
handling (git-fixes).
- drivers/block/null_blk/main: Fix a double free in null_init
(git-fixes).
- dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes).
- nbd: don't update block size after device is started
(git-fixes).
- commit 6df7d5d
- blacklist.conf: add following commit IDs,
- 27ba3e8ff3ab86449e63d38a8d623053591e65fa
- 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23
- 854f32648b8a5e424d682953b1a9f3b7c3322701
- a4c8dd9c2d0987cf542a2a0c42684c9c6d78a04e
- 24f6b6036c9eec21191646930ad42808e6180510
- 5b0fab508992c2e120971da658ce80027acbc405
- commit eb9efeb
- rpm: Abolish scritplet templating (bsc#1189841).
Outsource kernel-binary and KMP scriptlets to suse-module-tools.
This allows fixing bugs in the scriptlets as well as defining initrd
regeneration policy independent of the kernel packages.
- commit 940cfb4
- usb: dwc2: Postponed gadget registration to the udc class driver
(git-fixes).
- commit e55ae9a
- rpm/kernel-binary.spec.in: Use kmod-zstd provide.
This makes it possible to use kmod with ZSTD support on non-Tumbleweed.
- commit 357f09a
- crypto: qat - use proper type for vf_mask (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- power: supply: max17042: handle fails of reading status register
(git-fixes).
- spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes).
- spi: spi-pic32: Fix issue with uninitialized dma_slave_config
(git-fixes).
- spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
(git-fixes).
- regulator: vctrl: Avoid lockdep warning in enable/disable ops
(git-fixes).
- regulator: vctrl: Use locked regulator_get_voltage in probe path
(git-fixes).
- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
- commit d2a4523
- mm: swap: properly update readahead statistics in
unuse_pte_range() (bsc#1187619).
- commit 6ceb471
- NFS: Correct size calculation for create reply length
(bsc#1189870).
- commit 7843408
- iommu/amd: Move Stoney Ridge check to detect_ivrs()
(bsc#1189762).
- commit d8747d6
- blacklist.conf: Don't revert SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
This revert fix which breaks the ACPI based RPi's.
We support only DT based RPi's.
- commit c076733
- sched/rt: Fix RT utilization tracking during policy change (git-fixes)
- commit 8fc8b7f
- sched/fair: Correctly insert cfs_rq's to list on unthrottle (git-fixes)
- commit 1732b9b
- rpm/kernel-binary.spec.in: avoid conflicting suse-release
suse-release has arbitrary values in staging, we can't use it for
dependencies. The filesystem one has to be enough (boo#1184804).
- commit 56f2cba
- kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes).
- commit 53f17d6
- drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
(git-fixes).
- drm/amd/display: Remove invalid assert for ODM + MPC case
(git-fixes).
- drm/amdgpu: don't enable baco on boco platforms in runpm
(git-fixes).
- drm/amd/display: workaround for hard hang on HPD on native DP
(git-fixes).
- drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X
(git-fixes).
- drm/amdgpu: fix the doorbell missing when in CGPG issue for
renoir (git-fixes).
- commit fa96b1f
- usb: dwc3: gadget: Stop EP0 transfers during pullup disable
(git-fixes).
- usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes).
- Revert "/USB: serial: ch341: fix character loss at high transfer
rates"/ (git-fixes).
- can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange
of the CAN RX and TX error counters (git-fixes).
- dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if
controller is not yet available (git-fixes).
- dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
(git-fixes).
- usb: dwc3: gadget: Properly track pending and queued SG
(git-fixes).
- ath9k: Clear key cache explicitly on disabling hardware
(git-fixes).
- ath: Use safer key clearing with key cache entries (git-fixes).
- Bluetooth: hidp: use correct wait queue when removing ctrl_wait
(git-fixes).
- commit 6ee1085
- Revert "/mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN
on BCM2711"/ (git-fixes).
- PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes).
- mmc: dw_mmc: Fix hang on data CRC error (git-fixes).
- dmaengine: xilinx_dma: Fix read-after-free bug when terminating
transfers (git-fixes).
- USB: core: Avoid WARNings for 0-length descriptor requests
(git-fixes).
- media: drivers/media/usb: fix memory leak in zr364xx_probe
(git-fixes).
- media: zr364xx: fix memory leaks in probe() (git-fixes).
- media: zr364xx: propagate errors from zr364xx_start_readpipe()
(git-fixes).
- commit de359d6
- cpuidle: Consolidate disabled state checks (bsc#1175543)
patches.suse/cpuidle-Poll-for-a-minimum-of-30ns-and-poll-for-a-tick-if-lower-c-states-are-disabled.patch
was refreshed as well by this patch for code adjustment.
- commit 486ca9f
- cpuidle: cpuidle_state kABI fix (bsc#1175543)
The patch bsc1175543-cpuidle-Drop-disabled-field-from-struct-cpuidle_stat.patch
Dropped the 'disabled' field in struct cpuidle_state because no drivers
use it, They use the state flag instead.
Fix kABI to avoid offset changes.
- commit aa615e8
- intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc#1180347, bsc#1180141)
- commit da07134
- intel_idle: Fix max_cstate for processor models without C-state tables (bsc#1175543)
- commit 81641db
- intel_idle: Ignore _CST if control cannot be taken from the platform (bsc#1175543)
- commit b93fbf1
- cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543)
- commit d669a61
- cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc#1175543)
- commit 8d2d96f
- intel_idle: Customize IceLake server support (bsc#1175543)
- commit 25d205d
- intel_idle: Annotate init time data structures (bsc#1175543)
The patches.suse/intel_idle-Customize-IceLake-server-support.patch was
refreshed as well by this patch for code adjustment.
- commit 2ed77d7
- Documentation: admin-guide: PM: Add intel_idle document (bsc#1175543)
- commit 65d3c96
- intel_idle: Use ACPI _CST on server systems (bsc#1175543)
Below 2 patches were refreshed as well by this patch for code
adjustment:
patches.suse/intel_idle-convert-to-new-x86-cpu-match-macros.patch
patches.suse/intel_idle-Customize-IceLake-server-support.patch
- commit f10f8c4
- intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc#1175543)
- commit 79ec477
- intel_idle: Allow ACPI _CST to be used for selected known processors (bsc#1175543)
- commit ecacb28
- cpuidle: Allow idle states to be disabled by default (bsc#1175543)
- commit 48a3541
- intel_idle: Use ACPI _CST for processor models without C-state tables (bsc#1175543)
- commit 9dbf3f1
- intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543)
- commit 462302a
- ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543)
- commit 70c6258
- ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc#1175543)
- commit c99fda3
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543)
- commit 9eb9d8c
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543)
- commit c0d7249
- ACPI: processor: Export function to claim _CST control (bsc#1175543)
- commit 66eadb0
- cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543)
- commit c479621
- net: qrtr: fix another OOB Read in qrtr_endpoint_post
(CVE-2021-3743 bsc#1189883).
- net: qrtr: fix OOB Read in qrtr_endpoint_post (CVE-2021-3743
bsc#1189883).
- commit 78ff8ba
- rpm: fix kmp install path
- commit 22ec560
- x86/kvm: fix vcpu-id indexed array sizes (git-fixes).
- commit 3288077
- btrfs: fix NULL pointer dereference when deleting device by
invalid id (bsc#1189832 CVE-2021-3739).
- commit 6bfce07
- btrfs: fix NULL pointer dereference when deleting device by
invalid id (bsc#1189832 CVE-2021-3739).
- commit 0c26345
- xen/events: Fix race in set_evtchn_to_irq (git-fixes).
- commit cfb3b9b
- nvme: code command_id with a genctr for use-after-free
validation (bsc#1181972).
- nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
(bsc#1181972).
- nvme-pci: limit maximum queue depth to 4095 (bsc#1181972).
- params: lift param_set_uint_minmax to common code (bsc#1181972).
- nvme: avoid possible double fetch in handling CQE (bsc#1181972).
- nvme-pci: fix NULL req in completion handler (bsc#1181972).
- nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth
(bsc#1181972).
- nvme-pci: use unsigned for io queue depth (bsc#1181972).
- commit 01de302
- post.sh: detect /usr mountpoint too
- commit c7b3d74
- md/raid10: properly indicate failure when ending a failed
write request (git-fixes).
- Refresh for the above change,
patches.suse/md-display-timeout-error.patch.
- commit 2088aff
- kernel, fs: Introduce and use set_restart_fn() and
arch_set_restart_data() (bsc#1189153).
- commit 8bf2f14
- Refresh
patches.suse/blk-mq-sched-Fix-blk_mq_sched_alloc_tags-error-handl.patch.
- commit 6f36e1b
- perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (bsc#1189225).
- commit 8f47b8e
- kABI fix of usb_dcd_config_params (git-fixes).
- commit 8726268
- x86/fpu: Limit xstate copy size in xstateregs_set()
(bsc#1152489).
- commit 33182b7
- blacklist.conf: 9625895011d1 x86/fpu: Fix copy_xstate_to_kernel() gap handling
- commit 50f6bfa
- net: usb: lan78xx: don't modify phy_device state concurrently (bsc#1188270)
- commit 4e61642
- scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650).
- commit 41aa06c
- usb: gadget: Export recommended BESL values (git-fixes).
- commit 96bbeda
- ovl: prevent private clone if bind mount is not allowed
(bsc#1189706, CVE-2021-3732).
- commit d40514b
- blacklist.conf: 6c34df6f350d ("/tracing: Apply trace filters on all output channels"/)
Requires at least commit 8cfcf15503f6 ("/tracing: kprobes: Output kprobe
event to printk buffer"/) too. Let's wait if there is an actual problem
for someone.
- commit ef40598
- kernel-binary.spec.in: make sure zstd is supported by kmod if used
- commit f36412b
- kernel-binary.spec.in: add zstd to BuildRequires if used
- commit aa61dba
- tracing / histogram: Fix NULL pointer dereference on strcmp()
on NULL event name (git-fixes).
- commit bf4be33
- x86/sev: Use "/SEV: "/ prefix for messages from sev.c (jsc#SLE-14337).
- x86/sev: Split up runtime #VC handler for correct state tracking (jsc#SLE-14337).
- x86/sev: Make sure IRQs are disabled while GHCB is active (jsc#SLE-14337).
- commit 33b49b0
- net/mlx5e: Add missing capability check for uplink follow (bsc#1188412)
- commit db9b0eb
- net/mlx5: Add ts_cqe_to_dest_cqn related bits (bsc#1188412)
- commit 0a67f96
- x86/signal: Detect and prevent an alternate signal stack
overflow (bsc#1152489).
- commit 72c8a0d
- slimbus: ngd: reset dma setup during runtime pm (git-fixes).
- slimbus: messaging: check for valid transaction id (git-fixes).
- slimbus: messaging: start transaction ids from 1 instead of zero
(git-fixes).
- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
BCM2711 (git-fixes).
- mmc: sdhci-iproc: Cap min clock frequency on BCM2711
(git-fixes).
- commit cc02968
- Fix breakage of swap over NFS (bsc#1188924).
- commit 9f3f2ef
- Update Patch-mainline tags for patches that landed in 5.14-rc7.
- commit 118111d
- ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
(git-fixes).
- commit 7a5c94a
- ASoC: intel: atom: Fix breakage for PCM buffer address setup
(git-fixes).
- commit 0bed191
- Update config files: disable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH (bsc#1189696)
This option is only for special purpose, and rather harmful for the
usual operations.
- commit 1e546ed
- rpm: support gz and zst compression methods
Extend commit 18fcdff43a00 ("/rpm: support compressed modules"/) for
compression methods other than xz.
- commit 3b8c4d9
- ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10
(git-fixes).
- ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx
series (git-fixes).
- ALSA: hda/realtek - Add ALC285 HP init procedure (git-fixes).
- ALSA: hda/realtek - Add type for ALC287 (git-fixes).
- ALSA: hda/realtek: Change device names for quirks to barebone
names (git-fixes).
- ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms
(git-fixes).
- ALSA: hda/hdmi: let new platforms assign the pcm slot
dynamically (git-fixes).
- commit a13877e
- SUNRPC: 'Directory with parent 'rpc_clnt' already
present!' (bsc#1168202 bsc#1188924).
- SUNRPC: fix use-after-free in rpc_free_client_work()
(bsc#1168202 bsc#1188924).
- kabi fix for SUNRPC: defer slow parts of rpc_free_client()
to a workqueue (bsc#1168202 bsc#1188924).
- SUNRPC: defer slow parts of rpc_free_client() to a workqueue
(bsc#1168202 bsc#1188924).
- commit a690151
- ALSA: hda: Fix hang during shutdown due to link reset
(git-fixes).
- ALSA: hda: Release controller display power during
shutdown/reboot (git-fixes).
- commit 62c768e
- PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes).
- PCI/MSI: Correct misleading comments (git-fixes).
- PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes).
- PCI/MSI: Enforce that MSI-X table entry is masked for update
(git-fixes).
- PCI/MSI: Mask all unused MSI-X entries (git-fixes).
- i2c: dev: zero out array used for i2c reads from userspace
(git-fixes).
- commit 4d62c8f
- ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
(git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15
9510 laptop (git-fixes).
- ALSA: hda - fix the 'Capture Switch' value change notifications
(git-fixes).
- commit bb87ddf
- s390/boot: fix use of expolines in the DMA code (bsc#1188878
ltc#193771).
- commit 46381a6
- series.conf: cleanup
- move mainline backports to sorted section:
- patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch
- patches.suse/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested.patch
- commit 30636ef
- Refresh
patches.suse/x86-fpu-make-init_fpstate-correct-with-optimized-xsave.patch.
- commit 20ad695
- Refresh patches.suse/x86-fpu-make-init_fpstate-correct-with-optimized-xsave.patch.
- commit 9deb044
- Fix kabi of prepare_to_wait_exclusive() (bsc#1189575).
- commit da7e3ca
- powerpc/smp: Use existing L2 cache_map cpumask to find L3
cache siblings (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Remove the redundant get_shared_cpu_map()
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Lookup cache by dt node and thread-group id
(jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Make some symbols static (jsc#SLE-13615 bsc#1180100
ltc#190257 git-fixes).
- powerpc/cacheinfo: Improve diagnostics about malformed cache
lists (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Use name@unit instead of full DT path in
debug messages (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- commit f7e0183
- ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
(bsc#1189587).
- commit ae93a20
- ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
(bsc#1189586).
- commit 50b39b2
- ubifs: Only check replay with inode type to judge if inode
linked (bsc#1187455).
- commit 3cfd5e7
- ubifs: Fix error return code in alloc_wbufs() (bsc#1189585).
- blacklist.conf:
- commit d0fe9df
- ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583).
- commit abd23d2
- ocfs2: issue zeroout to EOF blocks (bsc#1189582).
- commit 7960ad8
- ocfs2: fix snprintf() checking (bsc#1189581).
- commit ca894bd
- ocfs2: fix zero out valid data (bsc#1189579).
- commit 42e68bc
- writeback: fix obtain a reference to a freeing memcg css
(bsc#1189577).
- commit b318f10
- ext4: fix potential htree corruption when growing large_dir
directories (bsc#1189576).
- commit 13d68f1
- rq-qos: fix missed wake-ups in rq_qos_throttle try two
(bsc#1189575).
- commit edbcd21
- fanotify: fix copy_event_to_user() fid error clean up
(bsc#1189574).
- commit a8937b5
- bdi: Do not use freezable workqueue (bsc#1189573).
- commit 60e4174
- mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
(bsc#1189569).
- commit 1b1dfcf
- ext4: cleanup in-core orphan list if ext4_truncate() failed
to get a transaction handle (bsc#1189568).
- commit 0ace36d
- ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567).
- commit 4329025
- ext4: fix avefreec in find_group_orlov (bsc#1189566).
- commit d7bfbbd
- ext4: remove check for zero nr_to_scan in ext4_es_scan()
(bsc#1189565).
- commit 3ca5f18
- ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
(bsc#1189564).
- commit cd60859
- ext4: return error code when ext4_fill_flex_info() fails
(bsc#1189563).
- commit 200d004
- ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562).
- commit fd9a225
- blacklist.conf: add Kconfig patch for BLK_DEV_INITRD
Add 481083ec0bfc ("/initramfs: Remove redundant dependency of RD_ZSTD
on BLK_DEV_INITRD"/) to blacklist. We don't have be1859bdc660 ("/initramfs:
remove redundant dependency on BLK_DEV_INITRD"/), on which this one is based,
either.
- commit 598e95d
- scsi: lpfc: Move initialization of phba->poll_list earlier to
avoid crash (git-fixes).
- commit 92c63a5
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
(bsc#1189399, CVE-2021-3653).
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
(bsc#1189400, CVE-2021-3656).
- KVM: X86: MMU: Use the correct inherited permissions to get
shadow page (CVE-2021-38198 bsc#1189262).
- commit 7902615
- usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes).
- commit 2a94579
- Revert "/xfrm: policy: Read seqcount outside of rcu-read side
in xfrm_policy_lookup_bytype"/ (bsc#1185675).
This revert was initially applied to SLE15-SP2-RT (70e4d04b75f). Since
the reverted commit went into SLE15-SP2 (96f285dfa8b), the revert needs
to move from SLE15-SP2-RT to SLE15-SP2.
- commit f32a28c
- Update
patches.suse/ibmvnic-Allow-device-probe-if-the-device-is-not-read.patch
(bsc#1167032 ltc#184087 bsc#1184114 ltc#192237).
- commit 8a87839
- blacklist.conf: add an entry for the reverted iTCO_wdt
- commit 4c97ae2
- usb: dwc3: gadget: Fix handling ZLP (git-fixes).
- commit 5e0eec9
- tracing: Reject string operand in the histogram expression
(git-fixes).
- commit edab067
- tracing / histogram: Give calculation hist_fields a size
(git-fixes).
- commit 49985ee
- blacklist.conf: 1e3bac71c505 ("/tracing/histogram: Rename "/cpu"/ to "/common_cpu"/"/)
Better not to backport the commit as it changes the semantics of an
existing field.
- commit 00d0183
- blacklist.conf: 6c881ca0b304 ("/afs: Fix tracepoint string placement with built-in AFS"/)
CONFIG_AFS_FS is not set on SLE15-SP2. It is on SLE15-SP3 but only as a
module, not built-in. No need to backport the commit.
- commit 43483b1
- bpf: Fix leakage due to insufficient speculative store
bypass mitigation (bsc#1188983, bsc#1188985, CVE-2021-34556,
CVE-2021-35477).
- bpf: Introduce BPF nospec instruction for mitigating Spectre v4
(bsc#1188983, bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit f87c7ce
- blk-iolatency: error out if blk_get_queue() failed in
iolatency_set_limit() (bsc#1189507).
- commit b15ef07
- blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling
(bsc#1189506).
- commit 7fe32f7
- block: fix trace completion for chained bio (bsc#1189505).
- commit 47344da
- blk-wbt: make sure throttle is enabled properly (bsc#1189504).
- commit 7b07185
- blk-wbt: introduce a new disable state to prevent false positive
by rwb_enabled() (bsc#1189503).
- commit 798c57a
- misc: rtsx: do not setting OC_POWER_DOWN reg in
rtsx_pci_init_ocp() (git-fixes).
- misc: atmel-ssc: lock with mutex instead of spinlock
(git-fixes).
- commit 55d9570
- gpio: eic-sprd: break loop when getting NULL device resource
(git-fixes).
- Revert "/gpio: eic-sprd: Use devm_platform_ioremap_resource()"/
(git-fixes).
- commit 990b695
- Revert a BT patch that was reverted on stable trees (git-fixes)
Delete patches.suse/Bluetooth-Shutdown-controller-after-workqueues-are-f.patch
- commit 127d54b
- mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
(git-fixes).
- commit 0a223c6
- x86/fpu: Make init_fpstate correct with optimized XSAVE
(bsc#1152489).
- commit 603fc19
- kernel-binary.spec: Require dwarves for kernel-binary-devel when BTF is
enabled (jsc#SLE-17288).
About the pahole version: v1.18 should be bare mnimum, v1.22 should be
fully functional, for now we ship git snapshot with fixes on top of
v1.21.
- commit 8ba3382
- x86/fpu: Reset state for all signal restore failures
(bsc#1152489).
- commit f42aa15
- blacklist.conf: blacklist davicom legacy ethernet driver
- commit 78e9c10
- usb: dwc3: gadget: Check MPS of the request length (git-fixes).
- commit 0d1e1fe
- Drop watchdog iTCO_wdt patch that causes incompatible behavior (bsc#1189449)
Also blacklisted
- commit e5dd4ab
- Update config files.
- commit 565c68c
- s390/ap: Fix hanging ioctl caused by wrong msg counter
(bsc#1188982 LTC#193817).
- commit 7e146ac
- s390/ap: Fix hanging ioctl caused by wrong msg counter
(bsc#1188982 LTC#193817).
- commit 0297522
- Bluetooth: switch to lock_sock in SCO (CVE-2021-3640
bsc#1188172).
- Bluetooth: avoid circular locks in sco_sock_connect
(CVE-2021-3640 bsc#1188172).
- commit f2d375d
- Update patch reference for a BT fix (CVE-2021-3640 bsc#1188172)
- commit 98aa089
- powerpc/pseries: Fix update of LPAR security flavor after LPM
(bsc#1188885 ltc#193722 git-fixes).
- commit fbccd6a
- pinctrl: tigerlake: Fix GPIO mapping for newer version of
software (git-fixes).
- commit 3483c38
- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep
disable (git-fixes).
- commit 5733c23
- usb: dwc3: gadget: Disable gadget IRQ during pullup disable
(git-fixes).
- usb: dwc3: gadget: Prevent EP queuing while stopping transfers
(git-fixes).
- commit 124c915
- PCI/MSI: Do not set invalid bits in MSI mask (git-fixes).
- PCI/MSI: Enable and mask MSI-X early (git-fixes).
- ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes).
- iio: adc: Fix incorrect exit of for-loop (git-fixes).
- iio: humidity: hdc100x: Add margin to the conversion time
(git-fixes).
- iio: adc: ti-ads7950: Ensure CS is deasserted after reading
channels (git-fixes).
- USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes).
- usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup
(git-fixes).
- usb: dwc3: Stop active transfers before halting the controller
(git-fixes).
- commit 627b67a
- config: refresh
- commit a299bb8
- bpf: Fix integer overflow involving bucket_size (bsc#1189233,
CVE#CVE-2021-38166).
- commit f4fe434
- Update patches.suse/s390-dasd-add-missing-discipline-function
(bsc#1188130 ltc#193581).
- commit 0a58311
- ceph: take snap_empty_lock atomically with snaprealm refcount
change (bsc#1189427).
- ceph: reduce contention in ceph_check_delayed_caps()
(bsc#1187468).
- commit 93c7440
- blacklist.conf: Add 'fix poly1305_core_setkey() declaration'
Commit 8d195e7a8ada ("/crypto: poly1305 - fix poly1305_core_setkey()
declaration"/) is a cleanup which breaks kABI.
- commit 37e4183
- scsi: blkcg: Fix application ID config options (bsc#1189385
jsc#SLE-18970).
- Update config files.
- commit 1317caa
- crypto: x86/curve25519 - fix cpu feature checking logic in
mod_exit (git-fixes).
- wireguard: allowedips: free empty intermediate nodes when
removing single node (git-fixes).
- wireguard: allowedips: allocate nodes in kmem_cache (git-fixes).
- wireguard: allowedips: remove nodes in O(1) (git-fixes).
- commit 6aa0bda
- USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
(git-fixes).
- USB: serial: option: add Telit FD980 composition 0x1056
(git-fixes).
- USB: serial: ch341: fix character loss at high transfer rates
(git-fixes).
- usb: gadget: f_hid: idle uses the highest byte for duration
(git-fixes).
- usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
(git-fixes).
- usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes).
- commit f089244
- drm/meson: fix colour distortion from HDR set during vendor
u-boot (git-fixes).
- drm/i915: Only access SFC_DONE when media domain is not fused
off (git-fixes).
- ASoC: SOF: Intel: hda-ipc: fix reply size checking (git-fixes).
- drm/amdgpu/display: fix DMUB firmware version info (git-fixes).
- drm/amdgpu/display: only enable aux backlight control for OLED
panels (git-fixes).
- commit 8d4d06f
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650
G8 Notebook PC (git-fixes).
- commit 71d7dbd
- ALSA: pcm: Fix mmap breakage without explicit buffer setup
(git-fixes).
- ASoC: amd: Fix reference to PCM buffer address (git-fixes).
- ASoC: uniphier: Fix reference to PCM buffer address (git-fixes).
- commit 8f53414
- ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes).
- ASoC: xilinx: Fix reference to PCM buffer address (git-fixes).
- ASoC: intel: atom: Fix reference to PCM buffer address
(git-fixes).
- ASoC: tlv320aic31xx: Fix jack detection after suspend
(git-fixes).
- spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes).
- virt_wifi: fix error on connect (git-fixes).
- commit 690710b
- staging: rtl8712: get rid of flush_scheduled_work (git-fixes).
- staging: rtl8723bs: Fix a resource leak in sd_int_dpc
(git-fixes).
- serial: 8250_mtk: fix uart corruption issue when rx power off
(git-fixes).
- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
- soc: ixp4xx: fix printing resources (git-fixes).
- spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
(git-fixes).
- spi: meson-spicc: fix memory leak in meson_spicc_remove
(git-fixes).
- pcmcia: i82092: fix a null pointer dereference bug (git-fixes).
- libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes).
- spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
(git-fixes).
- commit 24af025
- ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes).
- ASoC: cs42l42: Remove duplicate control for WNF filter frequency
(git-fixes).
- ASoC: cs42l42: Fix inversion of ADC Notch Switch control
(git-fixes).
- ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J (git-fixes).
- ASoC: cs42l42: Correct definition of ADC Volume control
(git-fixes).
- firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
fw_load_sysfs_fallback (git-fixes).
- Revert "/ACPICA: Fix memory leak caused by _CID repair function"/
(git-fixes).
- dmaengine: imx-dma: configure the generic DMA type to make it
work (git-fixes).
- ALSA: usb-audio: fix incorrect clock source setting (git-fixes).
- commit 20c4d69
- KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
(bsc#1187959).
- KVM: VMX: Extend VMXs #AC interceptor to handle split lock
[#]AC in guest (bsc#1187959).
- KVM: x86: Emulate split-lock access as a write in emulator
(bsc#1187959).
- commit 93dd7c1
- x86/split_lock: Provide handle_guest_split_lock() (bsc#1187959).
- Refresh
patches.suse/x86-resctrl-query-llc-monitoring-properties-once-during-boot.patch.
patches.suse/x86-split_lock-don-t-write-msr_test_ctrl-on-cpus-that-aren-t-whitelisted.patch.
- commit b9759ab
- scsi: qla2xxx: Remove redundant initialization of variable
num_cnt (bsc#1189392).
- scsi: qla2xxx: Fix use after free in debug code (bsc#1189392).
- scsi: qla2xxx: Fix spelling mistakes "/allloc"/ -> "/alloc"/
(bsc#1189392).
- scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392).
- scsi: qla2xxx: edif: Increment command and completion counts
(bsc#1189392).
- scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392).
- scsi: qla2xxx: edif: Add doorbell notification for app
(bsc#1189392).
- scsi: qla2xxx: edif: Add detection of secure device
(bsc#1189392).
- scsi: qla2xxx: edif: Add authentication pass + fail bsgs
(bsc#1189392).
- scsi: qla2xxx: edif: Add key update (bsc#1189392).
- scsi: qla2xxx: edif: Add extraction of auth_els from the wire
(bsc#1189392).
- scsi: qla2xxx: edif: Add send, receive, and accept for auth_els
(bsc#1189392).
- scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs
(bsc#1189392).
- scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392).
- scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392).
- scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI
(bsc#1189392).
- scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392).
- scsi: qla2xxx: Remove redundant continue statement in a for-loop
(bsc#1189392).
- scsi: qla2xxx: Add heartbeat check (bsc#1189392).
- scsi: qla2xxx: Use list_move_tail() instead of
list_del()/list_add_tail() (bsc#1189392).
- scsi: qla2xxx: Remove duplicate declarations (bsc#1189392).
- scsi: qla2xxx: Log PCI address in
qla_nvme_unregister_remote_port() (bsc#1189392).
- scsi: qla2xxx: Remove redundant assignment to rval
(bsc#1189392).
- scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
(bsc#1189392).
- scsi: qla2xxx: Fix error return code in
qla82xx_write_flash_dword() (bsc#1189392).
- commit 4f97d8a
- Update patch reference for a netfilter fix (CVE-2021-38209 bsc#1189393)
- commit 26cdeeb
- scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted()
(bsc#1189385).
- scsi: lpfc: Remove redundant assignment to pointer pcmd
(bsc#1189385).
- scsi: lpfc: Copyright updates for 14.0.0.0 patches
(bsc#1189385).
- scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385).
- scsi: lpfc: Add 256 Gb link speed support (bsc#1189385).
- scsi: lpfc: Revise Topology and RAS support checks for new
adapters (bsc#1189385).
- scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385).
- scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series
adapters (bsc#1189385).
- scsi: lpfc: Copyright updates for 12.8.0.11 patches
(bsc#1189385).
- scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385).
- scsi: lpfc: Skip issuing ADISC when node is in NPR state
(bsc#1189385).
- scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC
cmpl path (bsc#1189385).
- scsi: lpfc: Call discovery state machine when handling
PLOGI/ADISC completions (bsc#1189385).
- scsi: lpfc: Delay unregistering from transport until GIDFT or
ADISC completes (bsc#1189385).
- scsi: lpfc: Enable adisc discovery after RSCN by default
(bsc#1189385).
- scsi: lpfc: Use PBDE feature enabled bit to determine PBDE
support (bsc#1189385).
- scsi: lpfc: Clear outstanding active mailbox during PCI function
reset (bsc#1189385).
- scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi()
routine (bsc#1189385).
- scsi: lpfc: Remove REG_LOGIN check requirement to issue an
ELS RDF (bsc#1189385).
- scsi: lpfc: Fix memory leaks in error paths while issuing ELS
RDF/SCR request (bsc#1189385).
- scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF
handling (bsc#1189385).
- scsi: lpfc: Keep NDLP reference until after freeing the IOCB
after ELS handling (bsc#1189385).
- scsi: lpfc: Fix target reset handler from falsely returning
FAILURE (bsc#1189385).
- scsi: lpfc: Discovery state machine fixes for LOGO handling
(bsc#1189385).
- scsi: lpfc: Fix function description comments for vmid routines
(bsc#1189385).
- scsi: lpfc: Improve firmware download logging (bsc#1189385).
- scsi: lpfc: Remove use of kmalloc() in trace event logging
(bsc#1189385).
- scsi: lpfc: Fix NVMe support reporting in log message
(bsc#1189385).
- scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385).
- scsi: lpfc: Use list_move_tail() instead of
list_del()/list_add_tail() (bsc#1189385).
- scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker
thread (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Append the VMID to the wqe before sending
(bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement ELS commands for appid
(bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add support for VMID in mailbox command
(bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc
(bsc#1189385 jsc#SLE-18970).
- scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc#SLE-18970).
- Update config files
Add kABI fixup patch
- patches.kabi/blk-cgroup-kABI-fixes-for-new-fc_app_id-definition.patch
- scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: Remove redundant assignment to pointer temp_hdr
(bsc#1189385).
- commit e47f569
- nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384).
- commit da8a2b6
- README: Modernize build instructions.
- commit 8cc5c28
- ovl: allow upperdir inside lowerdir (bsc#1189323).
- ovl: fix missing revert_creds() on error path (bsc#1189323).
- ovl: skip getxattr of security labels (bsc#1189323).
- ovl: perform vfs_getxattr() with mounter creds (bsc#1189323).
- ovl: expand warning in ovl_d_real() (bsc#1189323).
- commit d2a0c13
- rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305)
- commit 7f9ade7
- platform/x86: pcengines-apuv2: Add missing terminating entries
to gpio-lookup tables (git-fixes).
- commit e6925d8
- fix patches metadata
- fix Patch-mainline:
- patches.suse/NFSv4-Initialise-connection-to-the-server-in-nfs4_al.patch
- patches.suse/NFSv4-pNFS-Don-t-call-_nfs4_pnfs_v3_ds_connect-multi.patch
- patches.suse/SUNRPC-Fix-the-batch-tasks-count-wraparound.patch
- patches.suse/SUNRPC-Should-wake-up-the-privileged-task-firstly.patch
- patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
- commit bd541fa
- net: ll_temac: Fix TX BD buffer overwrite (CVE-2021-38207
bsc#1189298).
- commit 64dedf9
- mac80211: Fix NULL ptr deref for injected rate info
(CVE-2021-38206 bsc#1189296).
- commit a4dbb10
- scsi: zfcp: Report port fc_security as unknown early during
remote cable pull (git-fixes).
- commit 071c9e5
- net: xilinx_emaclite: Do not print real IOMEM pointer
(CVE-2021-38205 bsc#1189292).
- commit 1e538f8
- Update patch reference for a USB max3421 HCD fix (CVE-2021-38204 bsc#1189291)
- commit 68d7672
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
state (bsc#1184180).
- commit 435d2bf
- drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH +
CML combos (bsc#1188700).
- drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH +
CML combos (bsc#1188700).
- drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings
(bsc#1188700).
- drm/i915/gen9_bc: Recognize TGP PCH + CML combos (bsc#1188700).
- drm/i915/rkl: new rkl ddc map for different PCH (bsc#1188700).
- drm/i915/dg1: provide port/phy mapping for vbt (bsc#1188700).
- drm/i915/dg1: gmbus pin mapping (bsc#1188700).
- drm/i915: Introduce HPD_PORT_TC<n> (bsc#1188700).
- drm/i915: Move hpd_pin setup to encoder init (bsc#1188700).
- drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6
(bsc#1188700).
- drm/i915: Nuke the redundant TC/TBT HPD bit defines
(bsc#1188700).
- drm/i915: Add VBT AUX CH H and I (bsc#1188700).
- drm/i915: Add VBT DVO ports H and I (bsc#1188700).
- drm/i915: Add more AUX CHs to the enum (bsc#1188700).
- commit 3f49445
- usb: dwc3: gadget: Don't setup more than requested (git-fixes).
- commit d278880
- usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init
(git-fixes).
- commit bc358f9
- ocfs2: initialize ip_next_orphan (bsc#1186731).
- commit fd80e8c
- NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
(git-fixes).
- SUNRPC: Should wake up the privileged task firstly (git-fixes).
- SUNRPC: Fix the batch tasks count wraparound (git-fixes).
- nfs: fix acl memory leak of posix_acl_create() (git-fixes).
- commit 1bdda2d
- NFSv4: Initialise connection to the server in
nfs4_alloc_client() (bsc#1040364).
- Delete
patches.suse/0001-NFSv4-don-t-let-hanging-mounts-block-other-mounts.patch.
Upstream now has a fix for this bug, so use their version instead of ours.
- commit 350271e
- usb: dwc3: gadget: Give back staled requests (git-fixes).
- commit c4cb23f
- usb: dwc3: support continuous runtime PM with dual role
(git-fixes).
- commit f340e0b
- iommu/vt-d: Global devTLB flush when present context entry
changed (bsc#1189220).
- iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229).
- iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214).
- iommu/amd: Fix extended features logging (bsc#1189213).
- iommu/vt-d: Define counter explicitly as unsigned int
(bsc#1189216).
- iommu/arm-smmu-v3: Decrease the queue size of evtq and priq
(bsc#1189210).
- crypto: ccp - Annotate SEV Firmware file names (bsc#1189212).
- iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218).
- iommu/vt-d: Check for allocation failure in aux_detach_device()
(bsc#1189215).
- iommu/vt-d: Force to flush iotlb before creating superpage
(bsc#1189219).
- iommu/vt-d: Invalidate PASID cache when root/context entry
changed (bsc#1189221).
- iommu/vt-d: Don't set then clear private data in
prq_event_thread() (bsc#1189217).
- iommu/vt-d: Reject unsupported page request modes (bsc#1189222).
- iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
(bsc#1189209).
- commit f116a8f
- blacklist.conf: Add two IOMMU fixes
b9abb19fa5fd iommu: Check dev->iommu in iommu_dev_xxx functions
474dd1c65064 iommu/vt-d: Fix clearing real DMA device's scalable-mode context entries
- commit 2db8dfc
- powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats
unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769
git-fixes).
- commit c109f3e
- Fix filesystem requirement and suse-release requires
Reduce filesystem conflict to anything less than 16 to allow pulling the
change into the next major stable version.
Don't require suse-release as that's not technically required. Conflict
with a too old one instead.
- commit 913f755
- iwlwifi: rs-fw: don't support stbc for HE 160 (git-fixes).
- commit 981ddc7
- blacklist.conf: obsoleted by 8d396bb0a5b62b326f6be7594d8bd46b088296bd
- commit d9ae913
- USB: usbtmc: Fix RCU stall warning (git-fixes).
- commit 8c8f7df
- powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148
ltc#190702 git-fixes).
- commit 8c2e999
- fpga: dfl: fme: Fix cpu hotplug issue in performance reporting
(git-fixes).
- commit 1278281
- powerpc/pseries: Fix regression while building external modules
(bsc#1160010 ltc#183046 git-fixes).
This changes a GPL symbol to general symbol which is kABI change but not
kABI break.
- commit 5db0ce9
- powerpc/papr_scm: Reduce error severity if nvdimm stats
inaccessible (bsc#1189197 ltc#193906).
- commit 9021659
- fpga: dfl: fme: Fix cpu hotplug issue in performance reporting
(git-fixes).
- staging: rtl8723bs: Fix a resource leak in sd_int_dpc
(git-fixes).
- serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts
(git-fixes).
- serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated
driver (git-fixes).
- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
- soc: ixp4xx: fix printing resources (git-fixes).
- dmaengine: imx-dma: configure the generic DMA type to make it
work (git-fixes).
- dmaengine: idxd: fix setup sequence for MSIXPERM table
(git-fixes).
- drm/i915: Correct SFC_DONE register offset (git-fixes).
- ASoC: ti: j721e-evm: Check for not initialized parent_clk_id
(git-fixes).
- ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking
during startup (git-fixes).
- ASoC: rt5682: Fix the issue of garbled recording after
powerd_dbus_suspend (git-fixes).
- drm/amd/display: Fix max vstartup calculation for modes with
borders (git-fixes).
- drm/amd/display: Fix comparison error in dcn21 DML (git-fixes).
- commit b4ad8ce
- firmware_loader: fix use-after-free in firmware_fallback_sysfs
(git-fixes).
- serial: tegra: Only print FIFO error message when an error
occurs (git-fixes).
- serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes).
- spi: mediatek: Fix fifo transfer (git-fixes).
- ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits
(git-fixes).
- spi: stm32h7: fix full duplex irq handler handling (git-fixes).
- regulator: rt5033: Fix n_voltages settings for BUCK and LDO
(git-fixes).
- commit 8f575e8
- fix patches metadata
- fix Patch-mainline:
- patches.suse/ALSA-hda-realtek-Fix-headset-mic-for-Acer-SWIFT-SF31.patch
- patches.suse/ALSA-hda-realtek-add-mic-quirk-for-Acer-SF314-42.patch
- patches.suse/ALSA-seq-Fix-racy-deletion-of-subscriber.patch
- patches.suse/ALSA-usb-audio-Add-registration-quirk-for-JBL-Quantu-4b0556b96e1f.patch
- patches.suse/ALSA-usb-audio-Fix-superfluous-autosuspend-recovery.patch
- commit 486a747
- Move upstreamed patch into sorted section
- commit a779693
- ALSA: usb-audio: Avoid unnecessary or invalid connector
selection at resume (git-fixes).
- commit a52bb92
- ALSA: seq: Fix racy deletion of subscriber (git-fixes).
- ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 600
(git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56
(ALC256) (git-fixes).
- ALSA: usb-audio: Fix superfluous autosuspend recovery
(git-fixes).
- commit 57d9208
- Update kabi files.
- Update from August 2021 maintenance update submission (commit 055c4fd5f13c)
- commit 0b9f7b1
- net: dsa: mv88e6xxx: also read STU state in
mv88e6250_g1_vtu_getnext (git-fixes).
- commit 4d3a9e0
- Bluetooth: defer cleanup of resources in hci_unregister_dev()
(git-fixes).
- commit 38ad73f
- fix patches metadata
- fix Patch-mainline:
- patches.suse/NFSv4.1-Don-t-rebind-to-the-same-source-port-when-re.patch
- patches.suse/SUNRPC-prevent-port-reuse-on-transports-which-don-t-.patch
- commit 5e54e89
- blacklist.conf: kABI changes due to kvm_mmu_rule struct.
- commit f3e0e69
- Refresh patches.suse/Input-ili210x-add-missing-negation-for-touch-indicat.patch
Fix missing parentheses in the input backport patch.
- commit 0913716
- rpm/kernel-source.rpmlintrc: ignore new include/config files
In 5.13, since 0e0345b77ac4, config files have no longer .h suffix.
Adapt the zero-length check.
Based on Martin Liska's change.
- commit b6f021b
- Revert "/gpio: mpc8xxx: change the gpio interrupt
flags."/ (git-fixes).
- drm/amd/display: ensure dentist display clock update finished
in DCN20 (git-fixes).
- commit 3d2a7da
- gpio: tqmx86: really make IRQ optional (git-fixes).
- media: videobuf2-core: dequeue if start_streaming fails
(git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes).
- clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
(git-fixes).
- cfg80211: Fix possible memory leak in function
cfg80211_bss_update (git-fixes).
- commit 7dd3f8c
- SUNRPC: prevent port reuse on transports which don't request it
(bnc#1186264 bnc#1189021).
- commit a89b568
- kabi fix for NFSv4.1: Don't rebind to the same source port when
reconnecting to the server
(bnc#1186264 bnc#1189021)
- commit 844eb4c
- NFSv4.1: Don't rebind to the same source port when
(bnc#1186264 bnc#1189021)
- commit 4b89a40
- ionic: fix up dim accounting for tx and rx (jsc#SLE-16649).
- ionic: remove intr coalesce update from napi (jsc#SLE-16649).
- ionic: make all rx_mode work threadsafe (jsc#SLE-16649).
- RDMA/bnxt_re: Fix stats counters (bsc#1188231).
- bnxt_en: Validate vlan protocol ID on RX packets
(jsc#SLE-15075).
- ionic: add handling of larger descriptors (jsc#SLE-16649).
- ionic: add new queue features to interface (jsc#SLE-16649).
- ionic: fix sizeof usage (jsc#SLE-16649).
- ionic: protect adminq from early destroy (jsc#SLE-16649).
- ionic: stop watchdog when in broken state (jsc#SLE-16649).
- ionic: block actions during fw reset (jsc#SLE-16649).
- ionic: fix unchecked reference (jsc#SLE-16649).
- ionic: simplify the intr_index use in txq_init (jsc#SLE-16649).
- ionic: code cleanup details (jsc#SLE-16649).
- ionic: aggregate Tx byte counting calls (jsc#SLE-16649).
- ionic: simplify tx clean (jsc#SLE-16649).
- ionic: generic tx skb mapping (jsc#SLE-16649).
- ionic: simplify TSO descriptor mapping (jsc#SLE-16649).
- ionic: simplify use of completion types (jsc#SLE-16649).
- ionic: rebuild debugfs on qcq swap (jsc#SLE-16649).
- ionic: simplify rx skb alloc (jsc#SLE-16649).
- ionic: optimize fastpath struct usage (jsc#SLE-16649).
- ionic: implement Rx page reuse (jsc#SLE-16649).
- ionic: move rx_page_alloc and free (jsc#SLE-16649).
- ionic: change mtu after queues are stopped (jsc#SLE-16649).
- ionic: remove some unnecessary oom messages (jsc#SLE-16649).
- ionic: useful names for booleans (jsc#SLE-16649).
- ionic: check for link after netdev registration (jsc#SLE-16649).
- ionic: start queues before announcing link up (jsc#SLE-16649).
- commit 55ca0a7
- btrfs: rework chunk allocation to avoid exhaustion of the
system chunk array (bsc#1189077).
- btrfs: fix deadlock with concurrent chunk allocations involving
system chunks (bsc#1189077).
- btrfs: move the chunk_mutex in btrfs_read_chunk_tree
(bsc#1189077).
- btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk
(bsc#1189077).
- btrfs: parameterize dev_extent_min for chunk allocation
(bsc#1189077).
- btrfs: factor out create_chunk() (bsc#1189077).
- btrfs: factor out decide_stripe_size() (bsc#1189077).
- btrfs: factor out gather_device_info() (bsc#1189077).
- btrfs: factor out init_alloc_chunk_ctl (bsc#1189077).
- btrfs: introduce alloc_chunk_ctl (bsc#1189077).
- btrfs: refactor find_free_dev_extent_start() (bsc#1189077).
- btrfs: introduce chunk allocation policy (bsc#1189077).
- btrfs: handle invalid profile in chunk allocation (bsc#1189077).
- commit 707ed65
- tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop
(CVE-2021-3679 bsc#1189057).
- commit 49b5ebf
- net/mlx5: Properly convey driver version to firmware
(git-fixes).
- commit 44d8f42
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- commit ac61742
- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
- commit 75096f3
- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
- commit 524d35f
- Update kabi files.
- update from August 2021 maintenance update submission (commit a13100d5f167)
- commit 75dc981
- blacklist.conf: add macsonic driver
- commit 688a554
- cifs: do not share tcp sessions of dfs connections
(bsc#1185902).
- commit 78eb685
- cifs: prevent NULL deref in cifs_compose_mount_options()
(bsc#1185902).
- commit a798607
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- commit 17b0494
- cifs: fix check of dfs interlinks (bsc#1185902).
- commit 1db4f4d
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- commit 064a32d
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- commit 65332c5
- cifs: set a minimum of 2 minutes for refreshing dfs cache
(bsc#1185902).
- commit 1a16c86
- cifs: fix path comparison and hash calc (bsc#1185902).
- commit 9ae40ff
- cifs: handle different charsets in dfs cache (bsc#1185902).
- commit 7b185cd
- cifs: keep referral server sessions alive (bsc#1185902).
- commit a6fba08
- workqueue: fix UAF in pwq_unbound_release_workfn()
(bsc#1188973).
- commit b02980f
- ALSA: pcm - fix mmap capability check for the snd-dummy driver
(git-fixes).
- commit b68f7e6
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- commit da4d5f8
- can: esd_usb2: fix memory leak (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma
initialization (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- nfc: nfcsim: fix use after free during module unload
(git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
(git-fixes).
- Revert "/ACPI: resources: Add checks for ACPI IRQ override"/
(git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of
pending messages (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer
overflow (git-fixes).
- commit 7ff2c84
- fix patch metadata
- fix Patch-mainline:
patches.suse/xfrm-xfrm_state_mtu-should-return-at-least-1280-for-.patch
- commit e52bdda
- ixgbe: Fix packet corruption due to missing DMA sync
(git-fixes).
- bnxt_en: Check abort error state in bnxt_half_open_nic()
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in
bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: don't disable an already disabled PCI device
(git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Check if num of q_vectors is smaller than max before
array access (git-fixes).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()'
(git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- ixgbe: Fix an error handling path in 'ixgbe_probe()'
(git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- virtio_net: move tx vq operation under tx queue lock
(git-fixes).
- Revert "/be2net: disable bh with spin_lock in be_process_mcc"/
(git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce()
(git-fixes).
- mvpp2: suppress warning (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe()
(git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel
(git-fixes).
- commit 3de5d62
- Refresh
patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
(bsc#1187591, bsc#1188694)
- Return EFI_UNSUPPORTED when accessing EFI_RNG_PROTOCOL failed.
- Improved the warning message.
- commit 6f32319
- powerpc/security: Fix link stack flush instruction (bsc#1188885
ltc#193722).
- commit 6d617e8
- cifs: get rid of @noreq param in __dfs_cache_find()
(bsc#1185902).
- commit 7f4ff26
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- commit 96ce669
- cifs: Remove unused inline function is_sysvol_or_netlogon()
(bsc#1185902).
- commit 7d7b6d5
- Update Patch-mainline tags for patches that landed in 5.14-rc3.
- commit 48a135a
- powerpc/64s: Move branch cache flushing bcctr variant to
ppc-ops.h (bsc#1188885 ltc#193722).
- commit 837e7fa
- powerpc/security: Allow for processors that flush the link
stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code
patching (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more
consistent (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush
type enum (bsc#1188885 ltc#193722).
- Delete patches.suse/powerpc-add-link-stack-flush-mitigation-in-debugfs.patch
- replaced with upstream security mitigation cleanup
- powerpc/security: re-name count cache flush to branch cache
flush (bsc#1188885 ltc#193722).
- commit e35bcce
- powerpc/pesries: Get STF barrier requirement from
H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier
(bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits
from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg
(bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to
_setup_security_mitigations (bsc#1188885 ltc#193722).
- Refresh patches.suse/powerpc-pseries-mobility-notify-network-peers-after-.patch.
- powerpc/pseries: add new branch prediction security bits for
link stack (bsc#1188885 ltc#193722).
- commit 3f019e2
- kABI workaround for btintel symbol changes (bsc#1188893).
- commit a0378fb
- Bluetooth: btusb: Fix failing to init controllers with operation
firmware (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while
in bootloader mode (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build
info in FW mode (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in
intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download
(bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing
(bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing
(bsc#1188893).
- commit 5d9b049
- Bluetooth: btintel: Move operational checks after version check
(bsc#1188893).
- Bluetooth: btintel: Check firmware version before download
(bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address
parameter (bsc#1188893).
- Bluetooth: btusb: print firmware file name on error loading
firmware (bsc#1188893).
- commit 02eefaa
- Bluetooth: btusb: Add support for GarfieldPeak controller
(bsc#1188893).
- Revert "/Bluetooth: btintel: Fix endianness issue for TLV
version information"/ (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers
(bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to
BTUSB_INTEL_NEWGEN (bsc#1188893).
- commit 8c5bc15
- Bluetooth: btusb: Helper function to download firmware to
Intel adapters (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware
filename (bsc#1188893).
- Bluetooth: btusb: Add *setup* function for new generation
Intel controllers (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version
information (bsc#1188893).
- commit 051ab9c
- Bluetooth: btintel: Replace zero-length array with
flexible-array member (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload
(bsc#1188893).
- Bluetooth: btintel: Add infrastructure to read controller
information (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function
(bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry()
(bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8
values (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU
(bsc#1188893).
- commit 29e3766
- Update patch-mainline and git-commit tags
Refresh:
- patches.suse/0001-netfilter-conntrack-add-new-sysctl-to-disable-RST-ch.patch
- patches.suse/0001-netfilter-conntrack-improve-RST-handling-when-tuple-.patch
- commit 758ec5c
- Move upstreamed patches to sorted section
- commit e174d5e
- Refresh patches.suse/efi-tpm-Differentiate-missing-and-invalid-final-even.patch.
Update upstream status.
- commit 871e8d7
- scsi: ibmvfc: Fix command state accounting and stale response
detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- commit e0dfe90
- net: mac802154: Fix general protection fault (CVE-2021-3659
bsc#1188876).
- commit 61caeac
- bonding: fix build issue (git-fixes).
- commit ba9e531
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a
machine (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid
(git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in
iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in
iwl_pcie_enqueue_hcmd() (git-fixes).
- commit aefa679
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
(git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family
(git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
(git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency
is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL)
calculations (git-fixes).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- spi: imx: add a check for speed_hz before calculating the clock
(git-fixes).
- commit cbaa23f
- firmware/efi: Tell memblock about EFI iomem reservations
(git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
(git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api
val argument (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- commit 4603b01
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6
(bsc#1185377).
- commit c3c4cb5
- use 3.0 SPDX identifier in rpm License tags
As requested by Maintenance, change rpm License tags from "/GPL-2.0"/
(SPDX 2.0) to "/GPL-2.0-only"/ (SPDX 3.0) so that their scripts do not have
to adjust the tags with each maintenance update submission.
- commit f888e0b
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake()
when using s2idle (git-fixes).
- commit 28541e7
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
(git-fixes).
- commit ffedcc6
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage
after platform_get_irq() (git-fixes).
- commit 4131c57
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding
gpiochip (git-fixes).
- commit 88a6182
- KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (bsc#1188838
CVE-2021-37576).
- commit 0162dcd
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup
(git-fixes).
- commit 017d588
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version
command (git-fixes).
- commit a8f01e1
- Input: ili210x - add missing negation for touch indication on
ili210x (git-fixes).
- commit 0575cf5
- KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790).
- commit 81b4c99
- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit
RSB path (bsc#1188788).
- commit f2e225f
- KVM: VMX: Enable machine check support for 32bit targets
(bsc#1188787).
- commit 388d3fb
- KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
(bsc#1188786).
- commit c5de014
- KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check
in !64-bit (bsc#1188784).
- commit 08b2951
- KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
(bsc#1188783).
- commit 5f8f317
- KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
(bsc#1188782).
- commit ef7bd2d
- KVM: nVMX: Reset the segment cache when stuffing guest segs
(bsc#1188781).
- commit 8984ecb
- KVM: nVMX: Really make emulated nested preemption timer pinned
(bsc#1188780).
- commit 597c5f3
- KVM: nVMX: Preserve exception priority irrespective of exiting
behavior (bsc#1188777).
- commit 9024fbf
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
(bsc#1188774).
- commit 7334e84
- KVM: nVMX: Consult only the "/basic"/ exit reason when routing
nested exit (bsc#1188773).
- commit f7ab15a
- kvm: LAPIC: Restore guard to prevent illegal APIC register
access (bsc#1188772).
- commit 8a9a1d5
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic
is hw disabled (bsc#1188771).
- commit 7610884
- kvm: i8254: remove redundant assignment to pointer s
(bsc#1188770).
- commit f768a8a
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory
reclaim (bsc#1188752).
- commit 80a0f40
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus
independent (bsc#1187495).
- Refresh
patches.suse/iwlwifi-pcie-free-IML-DMA-memory-allocation.patch.
- commit 55531dc
- blacklist.conf: kABI
- commit c1f6ea9
- ceph: don't WARN if we're still opening a session to an MDS
(bsc#1188748).
- rbd: don't hold lock_rwsem while running_list is being drained
(bsc#1188747).
- rbd: always kick acquire on "/acquired"/ and "/released"/
notifications (bsc#1188746).
- commit 5813020
- Update patches.suse/x86-intel-aggregate-microserver-naming.patch.
This was a search-and-replace patch - there were one _X -> _D
replacement missing in tools/power/x86/turbostat/turbostat.c
Update the patch to cover the missing replacement.
- commit 63c708b
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- commit aaa3cb6
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom
(git-fixes).
- commit 43e0b14
- mt76: mt7615: increase MCU command timeout (git-fixes).
- commit 1ca559f
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- commit 606bd07
- ibmvnic: retry reset if there are no other resets (bsc#1184350
ltc#191533).
- commit fccec64
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown()
for Loongson64 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to
SST (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- commit 0be6a2a
- drm/amdgpu: remove unsafe optimization to drop preamble ib
(git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption
(git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in
vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711
(git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize
(git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/nouveau: Don't set allow_fb_modifiers explicitly
(git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when
crtc_state->active is changed to be true (git-fixes).
- commit 0856190
- cifs: do not fail __smb_send_rqst if non-fatal signals are
pending (git-fixes).
- commit 80eef04
- cifs: fix interrupted close commands (git-fixes).
- commit 9eae08a
- cifs: Fix preauth hash corruption (git-fixes).
- commit a2ac7b0
- cifs: Return correct error code from smb2_get_enc_key
(git-fixes).
- commit ffe15e7
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- commit f974156
- uuid: Add inline helpers to import / export UUIDs (FATE#326628,
bsc#1113295, git-fixes).
- commit 5ef7dcb
- Drop media rtl28xxu fix patch (bsc#1188683)
The recent backport of
patches.suse/media-rtl28xxu-fix-zero-length-control-request.patch
caused a regression on Astrometa DVB-T2.
Revert and blacklist it for now.
- commit 1ae8d64
- series.conf: cleanup
- update upstream references and move into sorted section:
- patches.suse/r8152-Fix-a-deadlock-by-doubly-PM-resume.patch
- patches.suse/r8152-Fix-potential-PM-refcount-imbalance.patch
- commit 425c935
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- commit fb8c7fc
- ceph: clean up and optimize ceph_check_delayed_caps()
(bsc#1187468).
- commit 33a74a3
- sfp: Fix error handing in sfp_probe() (git-fixes).
- commit 3f0aed6
- cadence: force nonlinear buffers to be cloned (git-fixes).
- commit 4b76907
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- commit 6e609d3
- ravb: Fix bit fields checking in ravb_hwtstamp_get()
(git-fixes).
- commit ed39fda
- net: hns3: Clear the CMDQ registers before unmapping BAR region
(git-fixes).
- commit 57704e2
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- commit 23af1ba
- net: wilc1000: clean up resource in error path of init mon
interface (git-fixes).
- commit aa75b92
- Update patches.suse/ibmvnic-account-for-bufs-already-saved-in-indir_buf.patch
(jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290 bsc#1188620
ltc#192221).
- Update patches.suse/ibmvnic-free-tx_pool-if-tso_pool-alloc-fails.patch
(bsc#1085224 ltc#164363 bsc#1188620 ltc#192221).
- Update patches.suse/ibmvnic-parenthesize-a-check.patch
(bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes
bsc#1188620 ltc#192221).
- Update patches.suse/ibmvnic-set-ltb-buff-to-NULL-after-freeing.patch
(bsc#1094840 ltc#167098 bsc#1188620 ltc#192221).
- commit 8147958
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- commit 8bf9d02
- blacklist.conf: kABI
- commit 7c940a5
- blacklist.conf: cosmetic cleanup
- commit 29705c7
- blacklist.conf: kABI
- commit 839f900
- Update patches.suse/x86-intel-aggregate-big-core-mobile-naming.patch.
This was a search-and-replace patch - there were a handful of _ULT -> _L
and _MOBILE -> _L replacements missing in tools/power/x86/turbostat/turbostat.c
Update the patch to cover the missing replacements.
- Refresh patches.suse/x86-intel-aggregate-big-core-graphics-naming.patch.
- commit efd5300
- Update patches.suse/iommu-vt-d-do-not-use-flush-queue-when-caching-mode-is-on.
The definition of domain_use_flush_queue() was tucked inside
an #ifdef CONFIG_INTEL_IOMMU_SVM, whereas the function can be called
outside of that #ifdef. It does not affect SLE15-SP3 directly since our
configs always enable CONFIG_INTEL_IOMMU_SVM, but it's in the incorrect
place in general. Move it outside of the ifdef to match upstream behavior.
- commit e39afe2
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- commit 1045d0d
- docs: virt/kvm: close inline string literal (bsc#1188703).
- commit e83521c
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect
if SEV is available (bsc#1188703).
- commit 0f91585
- integrity: use arch_ima_get_secureboot instead of checking
EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- Update config files.
Add CONFIG_IMA_ARCH_POLICY=y and CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y
in x86_64/default.
- commit 8567c4b
- i40e: Fix missing rtnl locking when setting up pf switch
(jsc#SLE-13701).
- commit 27422dd
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type
(git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- thermal/core: Correct function name
thermal_zone_device_unregister() (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- commit c39f899
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- Revert "/USB: quirks: ignore remote wake-up on Fibocom L850-GL
LTE modem"/ (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode
(git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after
usb_pkt_pop() (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- commit c637f14
- ASoC: rt5682: Fix a problem with error handling in the io init
function of the soundwire (git-fixes).
- Refresh
patches.suse/ASoC-rt5682-sdw-set-regcache_cache_only-false-before.patch.
- commit c833aa0
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
(git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
(git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
(git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading
RT5682_DEVICE_ID (git-fixes).
- Bluetooth: btqca: Don't modify firmware contents in-place
(git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the
suspend_stress_test (git-fixes).
- commit 2fb44db
- ALSA: pcm: Call substream ack() method upon compat mmap commit
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830
G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
(git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360
830 G8 (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file
(git-fixes).
- commit 10136ed
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- commit 2c19bb5
- scsi: fc: Add 256GBit speed setting to SCSI FC transport
(bsc#1188101).
- commit 62c8708
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- commit 539ea44
- Revert "/drm/i915: Propagate errors on awaiting already signaled
fences"/ (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission
(git-fixes).
- commit 258f2b1
- drm/panel: raspberrypi-touchscreen: Prevent double-free
(git-fixes).
- media: ngene: Fix out-of-bounds bug in
ngene_command_config_free_buf() (git-fixes).
- liquidio: Fix unintentional sign extension issue on left shift
of u16 (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again
(git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- commit 44fe76d
- bcache: avoid oversized read request in cache missing code path
(bsc#1184631).
- bcache: remove bcache device self-defined readahead
(bsc#1184631).
- commit aaf8eb0
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- commit c73a425
- Update Patch-mainline tags for patches that landed in 5.14-rc2.
- commit 55eeb57
- KVM: do not allow mapping valid but non-reference-counted pages
(bsc#1186482, CVE-2021-22543).
- KVM: Use kvm_pfn_t for local PFN variable in
hva_to_pfn_remapped() (bsc#1186482, CVE-2021-22543).
- KVM: do not assume PTE is writable after follow_pfn
(bsc#1186482, CVE-2021-22543).
- commit 3795669
- xen/events: reset active flag for lateeoi events later
(git-fixes).
- Refresh patches.suse/xen-events-fix-setting-irq-affinity.patch.
- commit e51ccb0
- KVM: do not allow mapping valid but non-reference-counted pages
(bsc#1186482, CVE-2021-22543).
- KVM: Use kvm_pfn_t for local PFN variable in
hva_to_pfn_remapped() (bsc#1186482, CVE-2021-22543).
- KVM: do not assume PTE is writable after follow_pfn
(bsc#1186482, CVE-2021-22543).
- commit 50f4816
- RDMA/cma: Fix incorrect Packet Lifetime calculation
(jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- bpf: Fix integer overflow in argument calculation for
bpf_map_area_alloc (bsc#1154353).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for
efficiency (jsc#SLE-7926).
- commit 94fef56
- netfilter: ctnetlink: suspicious RCU usage in
ctnetlink_dump_helpinfo (bsc#1176447).
- bonding: fix incorrect return value of bond_ipsec_offload_ok()
(bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
(bsc#1176447).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload
(bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
(bsc#1176447).
- ixgbevf: use xso.real_dev instead of xso.dev in callback
functions of struct xfrmdev_ops (bsc#1176447).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback
functions of struct xfrmdev_ops (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa()
(bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
(bsc#1176447).
- skbuff: Release nfct refcount on napi stolen or re-used skbs
(jsc#SLE-15172).
- net/sched: act_ct: remove and free nf_table callbacks
(jsc#SLE-15172).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr
(jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and
stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a
reconnection (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions
(jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object
(jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection
(jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight
(jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading
its stats (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- xsk: Fix missing validation for skb and unaligned mode
(jsc#SLE-13706).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish
declarations (bsc#1176447).
- commit 2d7a0e6
- series.conf: cleanup
- update upstream reference and move into sorted section:
- patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- commit 07df461
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495)
iwlwifi driver consists of several modules and all exported symbols
are internal uses. Let's ignore kABI checks of those.
- commit 75aa507
- iwlwifi: pnvm: set the PNVM again if it was already loaded
(bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local
(bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly
(bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity
checks (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly
(bsc#1187495).
- iwlwifi: pnvm: don't try to load after failures (bsc#1187495).
- commit 7ff688f
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices
(bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability
flags (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV
(bsc#1187495).
- iwlwifi: mvm: don't check if CSA event is running before
removing (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later
(bsc#1187495).
- iwlwifi: pcie: don't disable interrupts for reg_lock
(bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: pnvm: don't skip everything when not reloading
(bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: dbg: Don't touch the tlv data (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- commit 8a657fa
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- Delete patches.suse/iwlwifi-SLE15-SP3-ucode-fixes.patch.
- commit bcab4a8
- Revert "/iwlwifi: remove wide_cmd_header field"/ (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- commit 8166979
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy
(bsc#1187495).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: don't send a CSA command the firmware doesn't know
(bsc#1187495).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices
(bsc#1187495).
- commit b1c507d
- iwlwifi: mvm: avoid possible NULL pointer dereference
(bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL
(bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load
completion (bsc#1187495).
- commit 53fae87
- iwlwifi: update prph scratch structure to include PNVM data
(bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries
(bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting
issues (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers
(bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers
(bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc
headers (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc
headers (bsc#1187495).
- commit 5ecfaae
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- Refresh patches.suse/iwlwifi-SLE15-SP3-ucode-fixes.patch.
- commit 35fc6ef
- iwlwifi: mvm: ops: Remove unused static struct
'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc
headers (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header
(bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers
(bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers
(bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers
(bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers
(bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3
(bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- commit 8a1ae62
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: support version 5 of the alive notification
(bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point
(bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq()
(bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd
(bsc#1187495).
- commit e6bd24d
- iwlwifi: thermal: support new temperature measurement API
(bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms
(bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code
(bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder
(bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an
associated station (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added
(bsc#1187495).
- commit 78b502b
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init
(bsc#1187495).
- commit 5e9faaf
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- Refresh
patches.suse/iwlwifi-follow-the-new-inclusive-terminology.patch.
- commit 18f1fc1
- iwlwifi: acpi: rename geo structs to contain versioning
(bsc#1187495).
- Refresh
patches.suse/iwlwifi-follow-the-new-inclusive-terminology.patch.
- commit 2a48685
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic
(bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command
version 3 (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11
(bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver
(bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates
(bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- commit b111b70
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple
sizes (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions
(bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile()
(bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export
(bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field
(bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version
(bsc#1187495).
- iwlwifi: don't export acpi functions unnecessarily
(bsc#1187495).
- commit 4e206c7
- iwlwifi: mvm: process ba-notifications also when sta rcu is
invalid (bsc#1187495).
- iwlwifi: mvm: add support for new version of
WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: Don't install CMAC/GMAC key in AP mode
(bsc#1187495).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header
(bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change
(bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT
(bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header
(bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code
(bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10
(bsc#1187495).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels
(bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family
(bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN !=
next SN (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware
(bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy
(bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability
(bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro
(bsc#1187495).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from
debug macros (bsc#1187495).
- commit 68d8e8f
- Update
patches.suse/ARM-ensure-the-signal-page-contains-defined-contents.patch
(CVE-2021-21781 bsc#1188445).
- commit 47f3aa1
- net: fec_ptp: fix issue caused by refactor the fec_devtype
(git-fixes).
- commit d15e1c0
- kABI workaround for intel_th_driver (git-fixes).
- commit c18c5e5
- drm/gma500: Add the missed drm_gem_object_put() in
psb_user_framebuffer_create() (git-fixes).
- intel_th: Wait until port is in reset before programming it
(git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry()
(git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC
and RT715 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical
interface in v2 protocol (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- commit 2f9e57e
- Rename patches to match SLE15-SP2 equivalents to prepare for the next SLE15-SP2->SLE15-SP3 merge
- commit 06bbd81
- watchdog: iTCO_wdt: Account for rebooting on second timeout
(git-fixes).
- watchdog: Fix possible use-after-free by calling
del_timer_sync() (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in
wdt_turnoff() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup()
(git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- commit 0fe04be
- virtio_console: Assure used length from device is limited
(git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Don't disable clocks at device remove time
(git-fixes).
- pwm: spear: Don't modify HW state in .remove callback
(git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE
(git-fixes).
- usb: gadget: hid: fix error return code in hid_bind()
(git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors
(git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error
handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division
or modulo by zero (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device
(git-fixes).
- commit 966e79d
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
(git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
(git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt
trigger type (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE
(git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE
(git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind
(git-fixes).
- commit 74628f5
- iio: magn: bmc150: Balance runtime pm + use
pm_runtime_resume_and_get() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use
pm_runtime_resume_and_get() (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
(git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one
(git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
(git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
(git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around
initrds (git-fixes).
- commit 14f42b7
- backlight: lm3630a: Fix return code of .update_status() callback
(git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value
(git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync
(git-fixes).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below
20 characters (git-fixes).
- ASoC: soc-core: Fix the error return code in
snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe()
(git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
(git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return
values (git-fixes).
- commit 006f207
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
(git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe()
(git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements
(git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove()
(git-fixes).
- ALSA: usx2y: Don't call free_pages_exact() with NULL address
(git-fixes).
- commit eaa8acd
- config: refresh
- drop GVE on arm64 and s390x (no longer available due to dependency update)
- commit d6ed2bf
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13
(git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient
(git-fixes).
- crypto: virtio: Fix dest length calculation in
__virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in
__virtio_crypto_skcipher_do_req() (git-fixes).
- commit 2b4c8a1
- blacklist.conf: add 4c9c26f1e67648f41f
- commit db6c764
- blacklist.conf: add dbc03e81586fc33e4945263fd6e09e22eb4b980f
- commit 32c5658
- powerpc/papr_scm: Properly handle UUID types and API
(FATE#326628, bsc#1113295, git-fixes).
- commit 9bcaa28
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- commit 01547d1
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- commit b063178
- powerpc/stacktrace: Fix spurious "/stale"/ traces in
raise_backtrace_ipi() (bsc#1156395).
- commit f074894
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- Refresh
patches.suse/gve-Fix-an-error-handling-path-in-gve_probe.patch.
- commit fc90ec1
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API
(bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset
(bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- gve: Add support for raw addressing in the tx path
(bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Add support for raw addressing to the rx path
(bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Replace zero-length array with flexible-array member
(bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Use link status register to report link status
(bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues
(bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags
(bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- commit ffc7e3d
- cpu/hotplug: Cure the cpusets trainwreck (git fixes
(sched/hotplug)).
- commit ea5f05d
- blacklist.conf: duplication
- commit eff56f7
- kprobes: Fix to check probe enabled before
disarm_kprobe_ftrace() (git-fixes).
- commit 9aba4a6
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE
(git-fixes).
- commit a579f68
- kABI workaround for pci/quirks.c (git-fixes).
- commit 04fb196
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value
(git-fixes).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection
response (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails
(git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent
coding format (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over
virtio (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: mvm: fix error print when session protection ends
(git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode
(git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue
(git-fixes).
- commit 4680cad
- Add a cherry-picked ID for AMDGPU fix patch
- commit ba73832
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan
(git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
(git-fixes).
- commit e3971fc
- PCI: iproc: Support multi-MSI only on uniprocessor kernel
(git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation
(git-fixes).
- PCI: aardvark: Implement workaround for the readback value of
VEND_ID (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
(git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler
(git-fixes).
- pinctrl/amd: Add device HID for new AMD GPIO controller
(git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user
enables ASPM (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
(git-fixes).
- commit 0ca454f
- PCI: aardvark: Fix checking for PIO Non-posted Request
(git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or
standby (git-fixes).
- media, bpf: Do not copy more entries than user space requested
(git-fixes).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: mvm: don't change band on bound PHY contexts
(git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
(git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if
supported (git-fixes).
- commit f7d13b4
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in
radeon_user_framebuffer_create() (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in
amdgpu_dm_atomic_check (git-fixes).
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init()
(git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer()
(git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats
(git-fixes).
- commit d72cf42
- drm/amd/amdgpu/sriov disable all ip hw status by default
(git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins()
(git-fixes).
- drm/zte: Don't select DRM_KMS_FB_HELPER (git-fixes).
- drm/mxsfb: Don't select DRM_KMS_FB_HELPER (git-fixes).
- drm/tegra: Don't set allow_fb_modifiers explicitly (git-fixes).
- commit b02b3f8
- ASoC: tegra: Set driver_name=tegra for all machine drivers
(git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly
(git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue
for qca btsoc (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed
or cancelled (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table
(git-fixes).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek
Chip (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer
workaround (git-fixes).
- commit c7cdd5b
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- commit a1eecda
- kprobes: fix kill kprobe which has been marked as gone
(git-fixes).
- commit ee1820f
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
(git-fixes).
- commit 865421f
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG
(git-fixes).
- commit e2cb2ae
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- commit 4278aab
- net/mlx5: Don't fail driver on failure to create debugfs (git-fixes).
- commit c19d4f7
- net: marvell: Fix OF_MDIO config check (git-fixes).
- commit f372318
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- commit c2ac3ff
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- commit 0997bfc
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- commit 2e479b6
- PCI: quirks: fix false kABI positive (git-fixes).
- commit a2a8059
- tpm: efi: Use local variable for calculating final log size
(git-fixes).
- commit 69be865
- tracing: Do not reference char * as a string in histograms
(git-fixes).
- commit 5ff7921
- PCI: iproc: Fix multi-MSI base vector number allocation
(git-fixes).
- commit 9e70011
- PCI: aardvark: Implement workaround for the readback value of
VEND_ID (git-fixes).
- commit 4bfb1fd
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
(git-fixes).
- commit dbaa5b3
- PCI: Leave Apple Thunderbolt controllers on for s2idle or
standby (git-fixes).
- commit 900ca03
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch
(bsc#1065729 bsc#1188405 ltc#193509 bsc#1187476 ltc#193646).
- commit f55c672
- blacklist.conf: 36fa06f9 KVM: x86: Add support for RDPID without RDTSCP
- commit db710b8
- blacklist.conf: 8aec21c0 KVM: VMX: Do not advertise RDPID if ENABLE_RDTSCP control is unsupported
- commit 202cd1e
- fix patch metadata
- fix Patch-mainline, drop Git-repo:
patches.suse/bpftool-Properly-close-va_list-ap-by-va_end-on-error.patch
- commit ec7585c
- Update kabi files.
- update from second July 2021 maintenance update submission (commit 44308a6ad508)
- commit ee121a0
- Refresh
patches.suse/0003-amdgpu-fix-GEM-obj-leak-in-amdgpu_display_user_frame.patch.
Drop _unlocked
- commit 942b7a3
- fbmem: Do not delete the mode that is still in use (git-fixes).
- dma-buf/sync_file: Don't leak fences on merge failure
(git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- commit 1116a4b
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch
(bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch
(bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- commit 5fcaf8a
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap
(boo#1184804).
- commit 5b51131
- bpftool: Properly close va_list 'ap' by va_end() on error
(bsc#1155518).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- commit a14bd1d
- blacklist.conf: add "/block: blk-mq.c: fix @at_head kernel-doc warning"/
Also removed a remnant of a merge conflict.
- commit ebd24f1
- netfilter: x_tables: fix compat match/target pad out-of-bound
write (CVE-2021-22555 bsc#1188116).
- commit 5d3d4da
- vmxnet3: fix cksum offload issues for tunnels with non-default
udp ports (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: gadget: eem: fix echo command packet response issue
(git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- [xarray] iov_iter_fault_in_readable() should do nothing in
xarray case (git-fixes).
- ssb: sdio: Don't overwrite const buffer if block_write fails
(git-fixes).
- commit 76c3ff9
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem
(git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init
(git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
(git-fixes).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in
pch_spi_process_messages() (git-fixes).
- spi: Make of_register_spi_device also set the fwnode
(git-fixes).
- regulator: da9052: Ensure enough delay time for
.set_voltage_time_sel (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE
(git-fixes).
- commit a2b1a60
- platform/x86: toshiba_acpi: Fix missing error code in
toshiba_acpi_setup_keyboard() (git-fixes).
- random32: Fix implicit truncation warning in
prandom_seed_state() (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source
(git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference
(git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- commit 0eb2f6b
- media: st-hva: Fix potential NULL pointer dereferences
(git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe
(git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
(git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct
(git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event
counters (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count
(git-fixes).
- commit ba1b2bc
- iio: adc: at91-sama5d2: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue
(git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf
(git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count
(git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count
(git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count
(git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count
(git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
(git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in
regmap_bulk_read calls (git-fixes).
- commit 74c2c06
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()'
(git-fixes).
- HID: do not use down_interruptible() when unbinding devices
(git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status
bits (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops
(git-fixes).
- crypto: nitrox - fix unchecked variable in
nitrox_register_interrupts (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles
(git-fixes).
- commit ac66984
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
(git-fixes).
- ath9k: Fix kernel NULL pointer dereference during
ath_reset_internal() (git-fixes).
- clocksource: Retry clock read if long delays detected
(git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg()
(git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path
(git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final()
(git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- commit fcdd7a0
- ALSA: hda/realtek: Add another ALC236 variant support
(git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path
(git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered
(git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function
(git-fixes).
- commit 930000b
- thermal/drivers/int340x/processor_thermal: Fix tcc setting
(git-fixes).
- commit c7a1614
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
(git-fixes).
- serial: 8250_pci: Add support for new HPE serial device
(git-fixes).
- commit bdbeac7
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined
shift (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- commit 27f2c49
- leds: class: The -ENOTSUPP should never be seen by user space
(git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed
mode set (git-fixes).
- net: phy: fix save wrong speed and duplex problem if autoneg
is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize
the lan87xx phy (git-fixes).
- commit 3654173
- Revert "/drm: add a locked version of drm_is_current_master"/
(git-fixes).
- commit 299bede
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply
for a u64 result (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect()
(git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
(git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the
SVGA3dCmdDXGenMips command (git-fixes).
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm/bridge: Fix the stop condition of
drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap()
(git-fixes).
- commit 92278ad
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- cw1200: Revert unnecessary patches that fix unreal
use-after-free bugs (git-fixes).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- commit 41694a6
- kABI compatibility fix for max98373_priv struct (git-fixes).
- commit 9bfc21b
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead
sof_block_read() (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in
rk3328_platform_probe() (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend
(git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
(git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume
(git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check
(git-fixes).
- commit 5211f08
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
(git-fixes).
- commit 0a94859
- Blacklist already cherry-picked ASoC commits
- commit 5cc6c21
- usb: gadget: f_fs: Fix setting of device and driver data
cross-references (git-fixes).
- commit 8174fed
- vfs: Convert functionfs to use the new mount API (git -fixes).
- commit bc4a6d0
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes
(kernel/futex)).
- commit b5af159
- Update Patch-mainline tags for patches that landed in 5.14-rc1.
- commit b2d9bab
- thunderbolt: Bond lanes only when dual_link_port != NULL in
alloc_dev_default() (git-fixes).
- commit a8440fd
- usb: typec: fusb302: fix "/op-sink-microwatt"/ default that was
in mW (git-fixes).
- commit dcf2645
- fuse: reject internal errno (bsc#1188269).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- commit ad3c8af
- kABI: restore struct tcpc_config definition (git-fixes).
- commit af96f3e
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- commit a677fa5
- tracing/histograms: Fix parsing of "/sym-offset"/ modifier
(git-fixes).
- commit e43cdf6
- usb: typec: fusb302: Always provide fwnode for the port
(git-fixes).
- commit 23df3ab
- math: Export mul_u64_u64_div_u64 (git-fixes).
- commit 3708119
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined
shift (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
(git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- commit 0c46818
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe
error path (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations
(git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init()
(git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure
(git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
(git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe()
(git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration
(git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement
(git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe()
(git-fixes).
- commit 8a2377b
- memory: fsl_ifc: fix leak of private memory on probe failure
(git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
(git-fixes).
- commit b522bcb
- Refresh patches.suse/rtc-pcf2127-handle-timestamp-interrupts.patch.
Switched to queued version.
- commit 1b185ef
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- refresh patches.suse/0001-kvm-Reintroduce-nopvspin-kernel-parameter.patch
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- refresh patches.suse/0001-kvm-Reintroduce-nopvspin-kernel-parameter.patch
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown
(bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown
(bsc#1185308).
- commit 80699a1
- fix patches metadata
- fix Patch-mainline:
patches.suse/tracepoint-Add-tracepoint_probe_register_may_exist-for-BPF-tracing.patch
patches.suse/tracing-Resize-tgid_map-to-pid_max-not-PID_MAX_DEFAULT.patch
patches.suse/tracing-Simplify-fix-saved_tgids-logic.patch
- commit fa5e842
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec
(bsc#1188176).
- commit ec1bcd7
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation
(git-fixes).
- commit d17e17c
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- commit 586c229
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- commit 3d9e50c
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- commit 85a9fc2
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- commit 7f97df2
- seq_file: Disallow extremely large seq buffer allocations (bsc#1188062, CVE-2021-33909).
- commit eb7ef76
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
(git-fixes).
- commit dfc48c9
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- commit c530730
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF
tracing (git-fixes).
- commit 1ab86c5
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- commit e620ef1
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
Refresh:
patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
Refresh:
patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
Refresh:
patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- commit 8290109
- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch
- commit d9e6471
- scsi: qedf: Do not put host in qedf_vport_create()
unconditionally (bsc#1170511).
- commit 8665594
- efi/tpm: Differentiate missing and invalid final event log table
(bsc#1188036).
- commit 8616099
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- commit d718cd9
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- commit 6ccb8a5
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- commit a286451
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- commit 79058fa
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data
(git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than
4 in set_protocol() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe()
(git-fixes).
- commit 6b8c8e1
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in
iio_push_to_buffers_with_timestamp() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx()
(git-fixes).
- staging: gdm724x: check for buffer overflow in
gdm_lte_multi_sdu_pkt() (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable
(git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init
(git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call
(git-fixes).
- commit b12d968
- iio: adc: mxs-lradc: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion
(git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
(git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1}
and PS_DATA as volatile, too (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 2299862
- iio: magn: bmc150: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 66bbafb
- serial: mvebu-uart: correctly calculate minimal possible
baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk
is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor
(git-fixes).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
(git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
(git-fixes).
- iio: accel: stk8312: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers
(git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400
mode (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect()
(git-fixes).
- Input: usbtouchscreen - fix control-request directions
(git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare()
on error in marvell_nfc_resume() (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node
(git-fixes).
- commit a219c27
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in
typec_register_altmode() (git-fixes).
- usb: dwc2: Don't reset the core after setting turnaround time
(git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
(git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function
(git-fixes).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- visorbus: fix error return code in visorchipset_init()
(git-fixes).
- commit e666eaf
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node()
(git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in
'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same
time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
(git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time
(git-fixes).
- Revert "/ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"/
(git-fixes).
- commit ea3fb69
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error
in hi6210_i2s_startup() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- lib/decompressors: remove set but not used variabled 'level'
(git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents
(git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500
SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC
(git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC
(git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- commit b4df049
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments
(git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init()
(git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call
(git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to
bind() (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare()
on error in cdn_dp_grf_write() (git-fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- commit fc44520
- can: peak_pciefd: pucan_handle_status(): fix a potential
starvation issue in TX path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry
(git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated
event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
(git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe()
(git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported
(git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling
path (git-fixes).
- brcmfmac: correctly report average RSSI in station info
(git-fixes).
- brcmfmac: fix setting of station info chains bitmask
(git-fixes).
- commit d8b0fc2
- can: hi311x: hi3110_can_probe(): silence clang warning
(git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB
(git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in
prep_dma (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still
current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler
(git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
(git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in
zynqmp_dma_alloc_chan_resourc() (git-fixes).
- commit 8be348d
- gve: Fix swapped vars when fetching max queues (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of
null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta
NDP tx (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx
(git-fixes).
- extcon: extcon-max8997: Fix IRQ freeing at error path
(git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- commit c400726
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
(git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings
(git-fixes).
- rsi: Assign beacon rate settings to the correct rate_info
descriptor field (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case
(git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode
(git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with
description_show() (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- commit 4b20cc3
- media: siano: Fix out-of-bounds warnings in
smscore_load_firmware_family2() (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
(git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: gspca/sunplus: fix zero-length control requests
(git-fixes).
- media: gspca/gl860: fix zero-length control requests
(git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12
(git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs
(git-fixes).
- commit 655a2af
- media: zr364xx: fix memory leak in zr364xx_start_readpipe
(git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of()
(git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release
(git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: I2C: change 'RST' to "/RSET"/ to fix multiple build errors
(git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe()
(git-fixes).
- commit 0231cde
- spi: stm32-qspi: Remove unused qspi field of struct
stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data
(git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank
(git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- commit c37129c
- can: bcm: delay release of struct bcm_op after synchronize_rcu()
(CVE-2021-3609 bsc#1187215).
- commit a57ee2f
- Input: joydev - prevent use of not validated data in
JSIOCSBTNMAP ioctl (CVE-2021-3612 bsc#1187585).
- commit 64519f9
- blacklist.conf: Append 'drm/vc4: hdmi: Move the HSM clock enable to runtime_pm'
- commit 23b3543
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
Backporting changes:
* context changes
* vc4_hdmi -> vc4->hdmi
- commit 84c924f
- drm/amdgpu: Don't query CE and UE errors (bsc#1152472)
Backporting changes:
* unsigned long -> uint32_t
- commit 1637ecb
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
Backporting changes:
* context changes
- commit f40c83c
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
Backporting changes:
* context changes
* GEM_WARN_ON() -> WARN_ON()
- commit f02a5b9
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
Backporting changes:
* context changes
- commit fee040e
- blacklist.conf: Append 'drm/vc4: hdmi: Restore cec physical address on reconnect'
- commit b32f423
- Update patch reference for patches.suse/module-limit-enabling-module.sig_enforce.patch
(git-fixes, CVE-2021-35039, bsc#1188080).
- commit 8d3fd9b
- blacklist.conf: Append 'drm/vc4: crtc: Reduce PV fifo threshold on hvs4'
- commit 3780e05
- tpm, tpm_tis: Reserve locality in tpm_tis_resume()
(bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in
tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with
request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with
request_locality() (bsc#1188036).
- commit 2c323b1
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
Backporting changes:
* context changes
- commit b16ae28
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
Backporting changes:
* only panel-samsung-s6d16d0.c exists
- commit 83514d0
- drm/stm: Fix bus_flags handling (bsc#1152472)
- commit eaa7b7a
- usb: typec: tcpm: Move
mod_delayed_work(&port->vdm_state_machine) call into
tcpm_queue_vdm() (git-fixes).
- Refresh
patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request-payl.patch.
- Refresh
patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request.patch.
- commit 25ab009
- usb: typec: tcpm: Error handling for
tcpm_register_partner_altmodes (git-fixes).
- commit d172a56
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for
DRP (git-fixes).
- commit 44e186b
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- commit d27b294
- usb: typec: tcpm: Remove tcpc_config configuration mechanism
(git-fixes).
- commit 20564c3
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX()
(git-fixes).
- commit 69ab721
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- commit b4b2308
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload
handling (git-fixes).
- commit 9417ed4
- usb: typec: ucsi: Put fwnode in any case during ->probe()
(git-fixes).
- commit ec4c8d0
- usb: typec: ucsi: Hold con->lock for the entire duration of
ucsi_register_port() (git-fixes).
- commit 9f0dcac
- usb: typec: tcpm: update power supply once partner accepts
(git-fixes).
- commit 54348d7
- docs: admin-guide: update description for kernel.hotplug sysctl
(git-fixes).
- blacklist.conf: we do ship the kernel sources and the documentation.
They may just as well be up to date.
- commit 7d1b971
- kernel-binary.spec: Remove obsolete and wrong comment
mkmakefile is repleced by echo on newer kernel
- commit d9209e7
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114
ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114
ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr
(bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114
ltc#192237).
- ibmvnic: Allow device probe if the device is not ready at boot
(bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c
(bsc#1184114 ltc#192237).
- commit 6f12df4
- ibmvnic: account for bufs already saved in indir_buf
(jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset
(jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- commit 4925dab
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224
ltc#164363).
- commit badd4e0
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237
bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840
ltc#167098).
- Revert "/ibmvnic: remove duplicate napi_schedule call in open
function"/ (bsc#1065729).
- commit e5fa23c
- blk-mq: Rerun dispatching in the case of budget contention
(bsc#1180092).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() "/no budget"/ is a reason
to kick (bsc#1180092).
- commit e31a7fc
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no
budget (bsc#1180092).
- commit ccd1ac3
- blk-mq: insert flush request to the front of dispatch queue
(bsc#1180092).
- commit acc744b
- blk-mq: insert passthrough request into hctx->dispatch directly
(bsc#1180092).
- Refresh
patches.suse/blk-mq-call-commit_rqs-while-list-empty-but-error-ha.patch.
- Refresh
patches.suse/blk-mq-insert-request-not-through-queue_rq-into-sw-s.patch.
- commit 4ba4b0f
- UsrMerge the kernel (boo#1184804)
- Move files in /boot to modules dir
The file names in /boot are included as %ghost links. The %post script
creates symlinks for the kernel, sysctl.conf and System.map in
/boot for compatibility. Some tools require adjustments before we
can drop those links. If boot is a separate partition, a copy is
used instead of a link.
The logic for /boot/vmlinuz and /boot/initrd doesn't change with
this patch.
- Use /usr/lib/modules as module dir when usermerge is active in the
target distro.
- commit 6f5ed04
- cifs: constify get_normalized_path() properly (bsc#1185902).
- commit f4ccabe
- cifs: don't cargo-cult strndup() (bsc#1185902).
- commit 2296da2
- Update config files: enable zstd decompression for initramfs (bsc#1187483, jsc#SLE-18766)
- commit 0fe9f47
- usr: Add support for zstd compressed initramfs (bsc#1187483, jsc#SLE-18766).
- commit a9bf6b8
- lib: Add zstd support to decompress (bsc#1187483, jsc#SLE-18766).
- commit 8fa709b
- btrfs: track ordered bytes instead of just dio ordered bytes (bsc#1135481).
- commit 9c3cf71
- btrfs: account for new extents being deleted in total_bytes_pinned (bsc#1135481).
- commit fed2922
- btrfs: handle space_info::total_bytes_pinned inside the delayed ref itself (bsc#1135481).
- commit 5426822
- btrfs: shrink delalloc pages instead of full inodes (bsc#1135481).
- commit 5e89cd2
- btrfs: fix possible infinite loop in data async reclaim (bsc#1135481).
- commit f95f181
- btrfs: add a comment explaining the data flush steps (bsc#1135481).
- commit a308556
- btrfs: do async reclaim for data reservations (bsc#1135481).
- commit deae828
- btrfs: flush delayed refs when trying to reserve data space (bsc#1135481).
- commit d82c207
- btrfs: run delayed iputs before committing the transaction for data (bsc#1135481).
- commit 6af13e4
- btrfs: don't force commit if we are data (bsc#1135481).
- commit 3380b09
- btrfs: drop the commit_cycles stuff for data reservations (bsc#1135481).
- commit c6ed5f3
- btrfs: use the same helper for data and metadata reservations (bsc#1135481).
- commit 188e042
- btrfs: serialize data reservations if we are flushing (bsc#1135481).
- commit 9a68295
- btrfs: use ticketing for data space reservations (bsc#1135481).
- commit 0cad012
- btrfs: add btrfs_reserve_data_bytes and use it (bsc#1135481).
- commit 7c494a4
- btrfs: add the data transaction commit logic into may_commit_transaction (bsc#1135481).
- commit 9327930
- btrfs: add flushing states for handling data reservations (bsc#1135481).
- commit ee0a32c
- btrfs: check tickets after waiting on ordered extents (bsc#1135481).
- commit e9723f6
- btrfs: use btrfs_start_delalloc_roots in shrink_delalloc (bsc#1135481).
- commit 08a821e
- btrfs: use the btrfs_space_info_free_bytes_may_use helper for delalloc (bsc#1135481).
- commit e18060c
- btrfs: call btrfs_try_granting_tickets when reserving space (bsc#1135481).
- commit e684a31
- btrfs: call btrfs_try_granting_tickets when unpinning anything (bsc#1135481).
- commit df0d484
- btrfs: call btrfs_try_granting_tickets when freeing reserved bytes (bsc#1135481).
- commit 4167827
- btrfs: make ALLOC_CHUNK use the space info flags (bsc#1135481).
- commit 6287797
- btrfs: make shrink_delalloc take space_info as an arg (bsc#1135481).
- commit 1eb212c
- btrfs: handle U64_MAX for shrink_delalloc (bsc#1135481).
- commit acedfaf
- btrfs: remove orig from shrink_delalloc (bsc#1135481).
- commit 02659bb
- btrfs: change nr to u64 in btrfs_start_delalloc_roots (bsc#1135481).
- commit 5b57ee8
- bluetooth: eliminate the potential race condition when removing
the HCI controller (bsc#1184611 CVE-2021-32399).
- commit b57a022
- usb: dwc3: core: don't do suspend for device mode if already
suspended (git-fixes).
- commit 82b18d4
- usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set
(git-fixes).
- commit 072728a
- usb: dwc3: gadget: Set link state to RX_Detect on disconnect
(git-fixes).
- commit 6a1e8b7
- usb: dwc3: gadget: Don't send unintended link state change
(git-fixes).
- commit acdee65
- usb: dwc3: of-simple: add a shutdown (git-fixes).
- commit 15b84b1
- usb: dwc3: debug: Remove newline printout (git-fixes).
- commit 5104cc5
- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
- commit a403162
- usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes).
- commit e16e74a
- usb: dwc3: gadget: Set BESL config parameter (git-fixes).
- commit b02b13d
- usb: dwc3: Separate field holding multiple properties
(git-fixes).
- commit 1087836
- usb: dwc3: st: Add of_dev_put() in probe function (git-fixes).
- commit b4290b9
- usb: dwc3: st: Add of_node_put() before return in probe function
(git-fixes).
- commit a5796ab
- usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes).
- commit 638e28a
- usb: dwc3: Use devres to get clocks (git-fixes).
- commit e717ac7
- Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731).
- commit f037781
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it
(bsc#1184114 ltc#192237).
- commit 52ca26e
- kmod
-
- Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190).
* Refres no-stylesheet-download.patch
- Add ZSTD support on Tumbleweed only. Add a way to detect ZSTD.
- Display module information even for modules built into the running kernel
(bsc#1189537).
+ libkmod-Provide-info-even-for-modules-built-into-the.patch
- Enable support for ZSTD compressed modules
- /usr/lib should override /lib where both are available. Support /usr/lib for
depmod.d as well.
* Refresh usr-lib-modprobe.patch
- Remove test patches included in release 29
- kmod-populate-modules-Use-more-bash-more-quotes.patch
- kmod-testsuite-compress-modules-if-feature-is-enabled.patch
- kmod-also-test-xz-compression.patch
- Update to release 29
* Fix `modinfo -F` not working for built-in modules and
certain fields.
* Fix a memory leak, overflow and double free on error path.
- Drop 0001-Fix-modinfo-F-always-shows-name-for-built-ins.patch,
0001-libkmod-config-revamp-kcmdline-parsing-into-a-state-.patch,
0002-libkmod-config-re-quote-option-from-kernel-cmdline.patch
(all merged)
- krb5
-
- Fix KDC null pointer dereference via a FAST inner body that
lacks a server field; (CVE-2021-37750); (bsc#1189929);
- Added patches:
* 0012-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
- Fix KDC null deref on bad encrypted challenge; (CVE-2021-36222);
(bsc#1188571);
- Added patches:
* 0011-Fix-KDC-null-deref-on-bad-encrypted-challenge.patch
- ldb
-
- Add ldb-cve-2020-25718.patch &
CVE-2020-25718-lib-Add-hex_byte-to-replace.h.patch to backport all
changes from ldb-2.4.1.
+ CVE-2020-25718: samba: An RODC can issue (forge) administrator
tickets to other servers; (bsc#1192246); (bso#14558)
+ CVE-2021-3738: samba: crash in dsdb stack;
(bsc#1192215);(bso#14848)
- Release ldb 2.2.2
+ Corrected python behaviour for 'in' for LDAP attributes
contained as part of ldb.Message;(bso#14845).
+ Fix memory handling in ldb.msg_diff
Corrected python docstrings;(bso#14836)
+ Backport bronze bit fixes, tests, and selftest improvements;
(bso#14881).
- less
-
- Add missing runtime dependency on which, which is used by lessopen.sh.
Fix bsc#1190552.
- libesmtp
-
- Add libesmtp-fix-cve-2019-19977.patch: Fix stack-based buffer
over-read in ntlm/ntlmstruct.c (bsc#1160462 bsc#1189097).
- libsndfile
-
- Fix heap buffer overflow vulnerability in msadpcm_decode_block
(CVE-2021-3246, bsc#1188540):
ms_adpcm-Fix-and-extend-size-checks.patch
- Fix segfault in wav conversion due to the invalid loop count
(CVE-2018-19758, bsc#1117954):
libsndfile-wav-loop-count-fix.patch
- Fix buffer overflow in sndfile-deinterleave, which isn't really a
security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
CVE-2018-19432):
- libsolv
-
- fix misparsing of '&' in attributes with libxml2
- choice rules: treat orphaned packages as newest [bsc#1190465]
- fix compatibility with Python 3.10
- new SOLVER_EXCLUDEFROMWEAK job type
- support for environments in comps parser
- bump version to 0.7.20
- Disable python2 usage on suse_version >= 1550 by default (still
possible to use osc build --with=python).
- libyui
-
- Fixed crash in NCurses online update when retracted packages
are present (bsc#1191130)
- 4.1.5
- Fixed using an uninitialized variable, in some situations
the patch category could be missing in the Qt UI (bsc#1174390)
- 4.1.4
- Obsolete older -doc packages in all main packages that have them
to prevent outdated -doc packages being installed (bsc#1184363)
- 4.1.3
- libzypp
-
- Downloader does not respect checkExistsOnly flag (bsc#1190712)
A missing check causes zyppng::Downloader to always download full
files even if the checkExistsOnly flag is set. This patch adds
the missing logic.
- Fix kernel-*-livepatch removal in purge-kernels (bsc#1190815)
The kernel-*-livepatch packages are supposed to serve as a stable
handle for the ephemeral kernel livepatch packages. See
FATE#320268 for details. As part of the kernel live patching
ecosystem, kernel-*-livepatch packages should not block the
purge-kernels step.
- version 17.28.5 (22)
- Make sure to keep states alives while transitioning
(bsc#1190199)
- May set techpreview variables for testing in /etc/zypp/zypp.conf.
If environment variables are unhandy one may enable the desired
techpreview in zypp.conf as well:
[main]
techpreview.ZYPP_SINGLE_RPMTRANS=1
techpreview.ZYPP_MEDIANETWORK=1
- version 17.28.4 (22)
- CMake/spec: Add option to force SINGLE_RPMTRANS as default for
zypper (fixes #340)
- Make sure singleTrans is zypper-only for now.
- Do not double check signatures and keys (bsc#1190059)
- version 17.28.3 (22)
- Workaround Bug 1189788: Don't allow ZYPP_SINGLE_RPMTRANS=1 on a
not UsrMerged Tumbleweed system.
- version 17.28.2 (22)
- Fix crashes in logging code when shutting down (bsc#1189031)
- version 17.28.1 (22)
- Rephrase vendor conflict message in case 2 packages are
involved (bsc#1187760)
This covers the case where not the packages itself would change
its vendor, but replaces a package from a different vendor.
- Fix solver jobs for PTFs (bsc#1186503)
- spec: switch to pkgconfig(openssl)
- Show key fpr from signature when signature check fails
(bsc#1187224)
Rpm by default only shows the short key ID when checking the
signature of a package fails. This patch reads the signatures
from the RPM headers and replaces she short IDs with the key
fingerprints fetched from the signatures.
- Implement alternative single transaction commit strategy.
This patch adds a experimental commit strategy that runs all
operations in a single rpm transaction, speeding up the execution
a lot.
- Use ZYPP_MEDIANETWORK=1 to enable the experimental new media
backend.
- Implement zchunk download, refactor Downloader backend.
- Fix purge-kernels fails with kernels from Kernel:HEAD
(bsc#1187738)
There recently was a change in the kernel package naming scheme
in regards to rc kernels. Since kernel upstream uses characters
in the version that are not allowed in rpm versions a "/-rc"/ was
previously replaced with "/.rc"/ which broke sorting by version, to
fix this issue it was replaced with "/~rc"/, which unfortunately
broke the purge-kernels logic. This patch makes sure purge-kernel
does apply the same conversion.
- version 17.28.0 (22)
- lvm2
-
- vgextend crash when extending VG with missing PV (bsc#1191019)
+ bug-1191019_vgextend-check-missing-device-during-block-size-chec.patch
- man-pages
-
- install kernel_lockdown.7 man page [bsc#1185534]
- added sources
+ kernel_lockdown.7
- mozilla-nspr
-
- update to version 4.32:
* implement new socket option PR_SockOpt_DontFrag
* support larger DNS records by increasing the default buffer
size for DNS queries
- update to version 4.31:
* Lock access to PRCallOnceType members in PR_CallOnce* for
thread safety bmo#1686138
- update to version 4.30
* support longer thread names on macOS
* fix a build failure on OpenBSD
- update to version 4.29
* Remove macOS Code Fragment Manager support code
* Remove XP_MACOSX and OS_TARGET=MacOSX
* Refresh config.guess and config.sub
* Remove NSPR's patch to config.sub
* Add support for e2k target (64-bit Elbrus 2000)
- update to version 4.28
* Fix a compiler warning
* Add rule for cross-compiling with cygwin
- update to version 4.27
* the macOS platform code for shared library loading was
* An include statement for a Windows system library header
was added
- update to version 4.26
* PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
information about the operating system build version.
* Better support parallel building on Windows.
* The internal release automatic script requires python 3.
- mozilla-nss
-
- Removed nss-fips-kdf-self-tests.patch. This was made
obsolete by upstream changes. (bmo#1660304)
- Rebase nss-fips-stricter-dh.patch needed due to upstream changes.
- Update nss-fips-constructor-self-tests.patch to fix crashes
reported by upstream. This was likely affecting WebRTC calls.
- update to NSS 3.68
* bmo#1713562 - Fix test leak.
* bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
* bmo#1693206 - Implement PKCS8 export of ECDSA keys.
* bmo#1712883 - DTLS 1.3 draft-43.
* bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
* bmo#1713562 - Validate ECH public names.
* bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
- update to NSS 3.67
* bmo#1683710 - Add a means to disable ALPN.
* bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
* bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
- update to NSS 3.66
* bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
* bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* bmo#1708307 - Remove Trustis FPS Root CA from NSS.
* bmo#1707097 - Add Certum Trusted Root CA to NSS.
* bmo#1707097 - Add Certum EC-384 CA to NSS.
* bmo#1703942 - Add ANF Secure Server Root CA to NSS.
* bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
* bmo#1709291 - Add VerifyCodeSigningCertificateChain.
* Use GNU tar for the release helper script.
- update to NSS 3.65
* bmo#1709654 - Update for NetBSD configuration.
* bmo#1709750 - Disable HPKE test when fuzzing.
* bmo#1566124 - Optimize AES-GCM for ppc64le.
* bmo#1699021 - Add AES-256-GCM to HPKE.
* bmo#1698419 - ECH -10 updates.
* bmo#1692930 - Update HPKE to final version.
* bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* bmo#1703936 - New coverity/cpp scanner errors.
* bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
- refreshed patches
- Firefox 90.0 requires NSS 3.66
- update to NSS 3.64
* bmo#1705286 - Properly detect mips64.
* bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
disable_crypto_vsx.
* bmo#1698320 - replace __builtin_cpu_supports("/vsx"/) with
ppc_crypto_support() for clang.
* bmo#1613235 - Add POWER ChaCha20 stream cipher vector
acceleration.
- update to NSS 3.63.1
* no upstream release notes for 3.63.1 (yet)
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the “Staat der
Nederlanden Root CA - G3” root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008’.
* bmo#1694291 - Tracing fixes for ECH.
- required for Firefox 88
- update to NSS 3.62
* bmo#1688374 - Fix parallel build NSS-3.61 with make
* bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
can corrupt "/cachedCertTable"/
* bmo#1690583 - Fix CH padding extension size calculation
* bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
* bmo#1690421 - Install packaged libabigail in docker-builds image
* bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
* bmo#1674819 - Fixup a51fae403328, enum type may be signed
* bmo#1681585 - Add ECH support to selfserv
* bmo#1681585 - Update ECH to Draft-09
* bmo#1678398 - Add Export/Import functions for HPKE context
* bmo#1678398 - Update HPKE to draft-07
- required for Firefox 87
- Add nss-btrfs-sqlite.patch to address bmo#1690232
- update to NSS 3.61
* required for Firefox 86
* bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
values under certain conditions.
* bmo#1684300 - Fix default PBE iteration count when NSS is compiled
with NSS_DISABLE_DBM.
* bmo#1651411 - Improve constant-timeness in RSA operations.
* bmo#1677207 - Upgrade Google Test version to latest release.
* bmo#1654332 - Add aarch64-make target to nss-try.
- update to NSS 3.60.1
Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
implementation. See bmo#1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated
to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
for more information.
- removed obsolete ppc-old-abi-v3.patch
- update to NSS 3.59.1
* bmo#1679290 - Fix potential deadlock with certain third-party
PKCS11 modules
- update to NSS 3.59
Notable changes
* Exported two existing functions from libnss:
CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
Bugfixes
* bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
* bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
* bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
root certs when SHA1 signatures are disabled.
* bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
solve some test intermittents
* bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
our CVE-2020-25648 fix that broke purple-discord
(boo#1179382)
* bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
* bmo#1667989 - Fix gyp linking on Solaris
* bmo#1668123 - Export CERT_AddCertToListHeadWithData and
CERT_AddCertToListTailWithData from libnss
* bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* bmo#1663091 - Remove unnecessary assertions in the streaming
ASN.1 decoder that affected decoding certain PKCS8
private keys when using NSS debug builds
* bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
- update to NSS 3.58
Bugs fixed:
* bmo#1641480 (CVE-2020-25648)
Tighten CCS handling for middlebox compatibility mode.
* bmo#1631890 - Add support for Hybrid Public Key Encryption
(draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
(draft-ietf-tls-esni).
* bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
extensions.
* bmo#1668328 - Handle spaces in the Python path name when using
gyp on Windows.
* bmo#1667153 - Add PK11_ImportDataKey for data object import.
* bmo#1665715 - Pass the embedded SCT list extension (if present)
to TrustDomain::CheckRevocation instead of the notBefore value.
- install libraries in %{_libdir} (boo#1029961)
- Fix build with RPM 4.16: error: bare words are no longer
supported, please use "/..."/: lib64 == lib64.
- update to NSS 3.57
* The following CA certificates were Added:
bmo#1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
bmo#1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
bmo#1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
- requires NSPR 4.29
- removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256)
- introduced _constraints due to high memory requirements especially
for LTO on Tumbleweed
- Add patch to fix build on aarch64 - boo#1176934:
* nss-freebl-fix-aarch64.patch
- Update nss-fips-approved-crypto-non-ec.patch to match RC2 code
being moved to deprecated/.
- Remove nss-fix-dh-pkcs-derive-inverted-logic.patch. This was made
obsolete by upstream changes.
- update to NSS 3.56
Notable changes
* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting "/all"/ as the default
makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28
- do not hard require mozilla-nss-certs-32bit via baselibs
(boo#1176206)
- update to NSS 3.55
Notable changes
* P384 and P521 elliptic curve implementations are replaced with
verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
* PK11_FindCertInSlot is added. With this function, a given slot
can be queried with a DER-Encoded certificate, providing performance
and usability improvements over other mechanisms. (bmo#1649633)
* DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
Relevant Bugfixes
* bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
* bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
* bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
* bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
ChaCha20 (which was not functioning correctly) and more strictly
enforce tag length.
* bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1653202 - Fix initialization bug in blapitest when compiled
with NSS_DISABLE_DEPRECATED_SEED.
* bmo#1646594 - Fix AVX2 detection in makefile builds.
* bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
for a DER-encoded certificate.
* bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
* bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
* bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
* bmo#1649226 - Add Wycheproof ECDSA tests.
* bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
* bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
RSA_CheckSignRecover.
* bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
signature_algorithms extension.
- update to NSS 3.54
Notable changes
* Support for TLS 1.3 external pre-shared keys (bmo#1603042).
* Use ARM Cryptography Extension for SHA256, when available
(bmo#1528113)
* The following CA certificates were Added:
bmo#1645186 - certSIGN Root CA G2.
bmo#1645174 - e-Szigno Root CA 2017.
bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
* The following CA certificates were Removed:
bmo#1645199 - AddTrust Class 1 CA Root.
bmo#1645199 - AddTrust External CA Root.
bmo#1641718 - LuxTrust Global Root 2.
bmo#1639987 - Staat der Nederlanden Root CA - G2.
bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
* A number of certificates had their Email trust bit disabled.
See bmo#1618402 for a complete list.
Bugs fixed
* bmo#1528113 - Use ARM Cryptography Extension for SHA256.
* bmo#1603042 - Add TLS 1.3 external PSK support.
* bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
* bmo#1645186 - Add "/certSIGN Root CA G2"/ root certificate.
* bmo#1645174 - Add Microsec's "/e-Szigno Root CA 2017"/ root certificate.
* bmo#1641716 - Add Microsoft's non-EV root certificates.
* bmo1621151 - Disable email trust bit for "/O=Government
Root Certification Authority; C=TW"/ root.
* bmo#1645199 - Remove AddTrust root certificates.
* bmo#1641718 - Remove "/LuxTrust Global Root 2"/ root certificate.
* bmo#1639987 - Remove "/Staat der Nederlanden Root CA - G2"/ root
certificate.
* bmo#1618402 - Remove Symantec root certificates and disable email trust
bit.
* bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
* bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
* bmo#1642153 - Fix infinite recursion building NSS.
* bmo#1642638 - Fix fuzzing assertion crash.
* bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
* bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
* bmo#1643557 - Fix numerous compile warnings in NSS.
* bmo#1644774 - SSL gtests to use ClearServerCache when resetting
self-encrypt keys.
* bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
* bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
- ncurses
-
- Add patch bsc1190793-63ca9e06.patch to fix bsc#1190793 for
CVE-2021-39537: ncurses: heap-based buffer overflow in
_nc_captoinfo in captoinfo.c
- netcfg
-
- add submissions port number [bsc#1189683]
- modified patches
% services-suse.diff
- numactl
-
- Update to version 2.0.14.20.g4ee5e0c:
* Fix system call numbers on s390x
* numactl.c: fixed debug verify for --preferred option
* numactl.c: Fixed description for the usage of numactl
- Update to version 2.0.14.17.g498385e:
* numactl.c: fix use after free
* sysfs.c: prevent mem leak in sysfs_node_read()
* sysfs.c: don't leak fd if fail in sysfs_read()
* shm.c: fix memleak in verify_shm()
* shm.c: fix memleak in dump_shm()
* fix description for numa_node_size64 in man as well
* fix numa_node_size definition in manpage numa.3
* link with -latomic if needed
* libnuma: make numa_police_memory() free of race
* numademo: Use first two nodes instead of node 0 and 1
- Enhance _service magic
- Enable automake
- update to 2.0.14 (SLE-17217):
- open-iscsi
-
- Merge latest upstream, which includeds:
* Support the "/qede"/ CMA-card driver. (bsc#1188579)
* iscsistart: fix null pointer deref before exit
- Merge latest upstream, which added fix (bsc#1185930):
* Set default 'startup' to 'onboot' for FW nodes
- Local (SUSE) change: update iscsi.service so that it tries to
logon to any "/onboot"/ and firmware targets, in case a target
was offline when booted but back up when the service is started.
(bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
* Add "/no wait"/ option to iscsiadm firmware login
* Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
* Log proper error message when AUTH failure occurs
- openssl-1_1
-
- Other OpenSSL functions that print ASN.1 data have been found to assume that
the ASN1_STRING byte array will be NUL terminated, even though this is not
guaranteed for strings that have been directly constructed. Where an application
requests an ASN.1 structure to be printed, and where that ASN.1 structure
contains ASN1_STRINGs that have been directly constructed by the application
without NUL terminating the "/data"/ field, then a read buffer overrun can occur.
* CVE-2021-3712 continued
* bsc#1189521
* Add CVE-2021-3712-other-ASN1_STRING-issues.patch
* Sourced from openssl-CVE-2021-3712.tar.bz2 posted on bsc-1189521
2021-08-24 00:47 PDT by Marcus Meissner
- A bug in the implementation of the SM2 decryption code means that the
calculation of the buffer size required to hold the plaintext returned by the
first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
called by the application a second time with a buffer that is too small.
* CVE-2021-3711
* bsc#1189520
* Add:
CVE-2021-3711-1-Correctly-calculate-the-length-of-SM2-plaintext-give.patch
CVE-2021-3711-2-Extend-tests-for-SM2-decryption.patch
CVE-2021-3711-3-Check-the-plaintext-buffer-is-large-enough-when-decr.patch
- The function X509_aux_print() has a bug which may cause a read buffer overrun
when printing certificate details. A malicious actor could construct a
certificate to deliberately hit this bug, which may result in a crash of the
application (causing a Denial of Service attack).
* CVE-2021-3712
* bsc#1189521
* Add CVE-2021-3712-Fix-read-buffer-overrun-in-X509_aux_print.patch
- pam
-
- Corrected a bad directive file which resulted in
the "/securetty"/ file to be installed as "/macros.pam"/.
[pam.spec]
- Added tmpfiles for pam to set up directory for pam_faillock.
[pam.conf]
- Corrected macros.pam entry for %_pam_moduledir
Cleanup in pam.spec:
* Replaced all references to ${_lib}/security in pam.spec by
%{_pam_moduledir}
* Removed definition of (unused) "/amdir"/.
- Added new file macros.pam on request of systemd.
[bsc#1190052, macros.pam]
- Added pam_faillock to the set of modules.
[jsc#sle-20638, pam-sle20638-add-pam_faillock.patch]
- patterns-base
-
- Use the same icon in the fips pattern as the previous pattern had
(bsc#1189550)
- Remove duplicate provides
- Fix bug in create_32bit-patterns_file.pl leading to bogus
"/Recommends: pattern()-32bit"/
- Ignore boolean deps in create_32bit-patterns_file.pl for now
- Run pre_checkin.sh, was overdue
- Make the fips pattern supersede "/patterns-server-enterprise-fips"/,
take missing pieces and obsolete it
- Add pattern to install necessary packages for FIPS (bsc#1183154)
- patterns-suse-manager
-
- virtualization-host-formula was renamed to virtualization-formulas
- pcre
-
- pcre 8.45 (the final release)
* Fixed a small (*MARK) bug in the interpreter (Bugzilla #2771).
- pcre 8.44
* Small patch to pcreposix.c to set the erroroffset field to -1 immediately
after a successful compile, instead of at the start of matching to avoid a
sanitizer complaint (regexec is supposed to be thread safe).
* Check the size of the number after (?C as it is read, in order to avoid
integer overflow. (bsc#1172974, CVE-2020-14155)
* Tidy up left shifts to avoid sanitize warnings; also fix one NULL deference
in pcretest.
- pcre 8.43
* In a pattern such as /[^x{100}-x{ffff}]*[x80-xff]/ which has a repeated
negative class with no characters less than 0x100 followed by a positive class
with only characters less than 0x100, the first class was incorrectly being
auto-possessified, causing incorrect match failures.
* If the only branch in a conditional subpattern was anchored, the whole
subpattern was treated as anchored, when it should not have been, since the
assumed empty second branch cannot be anchored. Demonstrated by test patterns
such as /(?(1)^())b/ or /(?(?=^))b/.
* Fix subject buffer overread in JIT when UTF is disabled and X or R has
a greater than 1 fixed quantifier. This issue was found by Yunho Kim.
(bsc#1172973 CVE-2019-20838)
* If a pattern started with a subroutine call that had a quantifier with a
minimum of zero, an incorrect "/match must start with this character"/ could be
recorded. Example: /(?&xxx)*ABC(?<xxx>XYZ)/ would (incorrectly) expect 'A' to
be the first character of a match.
- pcre 8.42
* If a backreference with a minimum repeat count of zero was first in a
pattern, apart from assertions, an incorrect first matching character could be
recorded. For example, for the pattern /(?=(a))1?b/, "/b"/ was incorrectly set
as the first character of a match.
* Fix out-of-bounds read for partial matching of /./ against an empty string
when the newline type is CRLF.
* When matching using the the REG_STARTEND feature of the POSIX API with a
non-zero starting offset, unset capturing groups with lower numbers than a
group that did capture something were not being correctly returned as "/unset"/
(that is, with offset values of -1).
* Matching the pattern /(*UTF)C[^v]+x80/ against an 8-bit string
containing multi-code-unit characters caused bad behaviour and possibly a
crash. This issue was fixed for other kinds of repeat in release 8.37 by change
38, but repeating character classes were overlooked.
- pcre2
-
- Added 0001-Fixed-atomic-group-backtracking-bug.patch
* bsc#1187937
* PHP 7.6.4 on s390x returns different results for preg_match
function as compared to older PHP versions and x86
* Sourced from upstream subversion commit:
$ svn log -r965 svn://vcs.pcre.org/pcre2/code/trunk
- perl-Bootloader
-
- merge gh#openSUSE/perl-bootloader#136
- report error if config file could not be updated (bsc#1188768)
- 0.936
- merge gh#openSUSE/perl-bootloader#135
- fix typo in update-bootloader
- 0.935
- polkit-default-privs
-
- Update to version 13.2+20210813.1c5fb05:
* malcontent: loosen restrictive ReadOwn actions to prevent spurious auth requests (#56) (#57)
- Update to version 13.2+20210811.0c80127:
* whitelisting of GNOME malcontent parental controls (bsc#1177974) (#55)
- postfix
-
- config.postfix not updatet after lmdb switch
(bsc#1190945)
Adapt config.postfix
- postfix master.cf: to include "/submissions"/ service
(bsc#1189684)
Adapt master.cf patch
- postgresql
-
- Bump version to 14, leave default at 13.
- postgresql13
-
- Stop building the mini and lib packages as they are now coming
from postgresql14.
- Let genlists skip non-existing binaries to avoid lots of version
conditionals in the file lists.
- Remove postgresql-testsuite-int8.sql.patch, because its purpose
is unclear. This affects only the test subpackage.
- bsc#1185952: fix build with llvm12 on s390x.
0001-jit-Workaround-potential-datalayout-mismatch-on-s390.patch
- bsc#1179945: Re-enable icu for PostgreSQL 10.
- Upgrade to version 13.4:
https://www.postgresql.org/docs/13/release-13-4.html
* CVE-2021-3677 (boo#1189748)
The planner could create an incorrect plan in cases where two
ProjectionPaths were stacked on top of each other. The only
known way to trigger that situation involves parallel sort
operations, but there may be other instances. The result would
be crashes or incorrect query results. Disclosure of server
memory contents is also possible.
- bsc#1187751: Make the dependency of postgresqlXX-server-devel on
llvm and clang optional (postgresql-llvm-optional.patch).
- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.
Use llvm11 as a workaround.
- publicsuffix
-
- Update to version 20210804 (bsc#1189124):
* Add elementor.cloud and elementor.cool (#1386)
* add eero ddns domains (#1359)
* add Adobe Project Helix domains to the list (#1378)
* util: gTLD data autopull updates for 2021-07-24T15:13:29 UTC (#1384)
* Add Spreadshop hosting domains: myspreadshop.com plus country-specific (#1368)
* Add Supabase domains (#1363)
* Add YunoHost DynDns domains: ynh.fr (#1380)
* Update public_suffix_list.dat (#1376)
* add new domains for thingdust AG (#1361)
* Update public_suffix_list.dat (#1381)
* Adding sellfy.store pages which render user generated content (#1379)
* Add itcouldbewor.se to public suffix list (#1375)
* Adding bitbucket.io pages which render user generated content (#1374)
* Add rs.ba suffix (#1367)
* Add tuleap-partners.com (#1360)
* Add drr.ac and ju.mp (#1355)
* Add cdn.prod.atlassian-dev.net (#1357)
* Remove uwu.nu (#1377)
* util: gTLD data autopull updates for 2021-07-22T15:14:11 UTC (#1382)
- Update to version 20210707:
* util: gTLD data autopull updates for 2021-07-07T15:17:15 UTC (#1369)
* util: gTLD data autopull updates for 2021-06-26T15:13:32 UTC (#1362)
- Update to version 20210615:
* Removing a private subregistry in .CL due to deprecation. (#1352)
* Add ddns5.com to private section (#1353)
* Add shop.brendly.rs (#1309)
* add mediatech.by and mediatech.dev domains (#1333)
* newgtlds.go : update Autopull - Added URL for the IANA PSL for #1325 (#1347)
* Add minisite.ms (#1344)
* Revert "/Add multibaas.app and multibaas.com (#1233)"/ (#1337)
* Add appudo.net (#1340)
* Adding adimo.co.uk (#1343)
* Add postman dev domains (#1339)
* Reverting change
* set default project to list modification and assign to jothan
* Tickboxes and text added to help reduce self-harm requests
* submitter affirm not working around 3p limits; ask DNS leaf remain
* Remove github.dev from PSL (#1335)
* Add novecore.site (#1331)
* Add jotelulu.cloud (#1330)
* Add bluebite.io (#1313)
* Added onavstack.net (#1299)
* Update public_suffix_list.dat (#1273)
- Update to version 20210519:
* Update Contributing.md
* Change domain list for PE Ulyanov Kirill Sergeevic (#1306)
* Remove wildcard (#1318)
- Update to version 20210511:
* util: gTLD data autopull updates for 2021-05-11T15:13:51 UTC (#1316)
* Add authgearapps.com authgear-staging.com (#1304)
* Add goupile.fr (#1307)
* Add hosp.uk to our existing domains (#1308)
* Update README.md
* Add noop.app and *.developer.app to PSL (#1265)
* Add github dev domains (#1290)
* added Storebase.store (#1291)
* Update to pythonanywhere entries (#1298)
* Update README.md - added Apple / Facebook note
* addition of ss sld's sch.ss and me.ss (#1247)
* util: gTLD data autopull updates for 2021-04-22T15:17:15 UTC (#1292)
- Update to version 20210419:
* exclude gov.st from publicsuffix since host act as public domain (#1257)
* util: gTLD data autopull updates for 2021-04-17T15:15:54 UTC (#1284)
* Add wixsite.com and editorx.io (#927)
* Update public_suffix_list.dat (#1263)
* Adding reserve-online.net, reserve-online.com, bookonline.app, hotelwithflight.com (#1254)
* Update Platform.sh domains (#1256)
* New Jelastic public domains are added and existing ones are reviewed (#1259)
- Update to version 20210330:
* Fix-up ordering of entries (#1255)
* Adding mazeplay.com (#1253)
* Adding Tradable Bits (#1240)
* Update forgeblocks, add subdomain to psl (#1252)
* Additional suffix `id.repl.co` for Repl.it (#1239)
* Add ravpage.co.il (#1250)
* accesso - Adding devcdnaccesso (#1248)
* util: gTLD data autopull updates for 2021-03-27T15:15:49 UTC (#1249)
* Added forgeblocks.com to psl (#1238)
* Update atl/njs/ric.jelastic.vps host.net (#1242)
* util: gTLD data autopull updates for 2021-03-24T15:07:34 UTC (#1243)
* add paywhirl.com for site users (#1237)
* Add shiftcrypto.dev and shiftcrypto.io (#1236)
* Add hra.health to PSL (#1234)
* Add multibaas.app and multibaas.com (#1233)
* added service magnet to PSL (#1232)
* Add subdomains of pythonanywhere.com and eu.pythonanywhere.com (#1229)
* Add cafjs.com (#1228)
* Update public_suffix_list.dat (#1225)
* Switch the TLD update workflow to daily (#1226)
* util: gTLD data autopull updates for 2021-03-04T15:37:37 UTC (#1224)
* Update Email address for GOV.UK PaaS (#1220)
* Add Clerk staging domains, change email to systems@ (#1222)
* sourcehut: add srht.site (#1218)
* Add cloudsite.builders (#1219)
* Add service.gov.scot (#1221)
* Add framer.app and framercanvas.com to PSL (#1217)
- Update to version 20210221:
* Add noticeable.news (#1216)
* CI: remove "/labels"/ config from tld-update.yml workflow. (#1215)
* util: gTLD data autopull updates for 2021-02-20T20:31:36 UTC (#1214)
* Update .my in ICANN section (#1213)
* Add edgecompute.app (#1212)
* tools: improved newgtlds.go, removed replace-between. (#1204)
* Update PSL for broader use-cases for northflank.app and code.run domains. (#1210)
* Added eurodir.ru (#1207)
- Update to version 20210211:
* Add mcpre.ru, mcdir.me to mchost.ru subsection (#1206)
* Add awsglobalaccelerator.com (#1199)
* Add northflank.app and code.run to PSL (#1198)
* gTLD autopull: 2021-02-07 (#1203)
- Update to version 20210128:
* Add Appspace to PSL (#1197)
* add torproject.net (#1196)
* Public suffixes KU Leuven (#1194)
* added clickrising.net (#1192)
* Add hosting and paas from OVHcloud (#1193)
* add missing IDN ccTLDs: for Bahrain and Laos ( .xn--mgbcpq6gpa1a and .xn--q7ce6a ) (#1175)
* Add try-snowplow.com to PSL (#1184)
* Update public_suffix_list.dat (#1189)
* Update public_suffix_list.dat (#1187)
* removal of scapp.io and applicationcloud.io (#1186)
* Update public_suffix_list.dat (#1185)
* Added fireweb.app to PSL (#1181)
* Update and rename tld-update.yml to tld-update.yml.hold
* CI: Add Github Actions workflow for TLD updates PRs. (#1166)
- Update to version 20210108:
* Added ghost.io to PSL (#1180)
* Add myshopify.com (#1179)
- Update to version 20201223:
* gTLD autopull: 2020-12-21 (#1172)
* Featherhead: Remove defunct project (#1171)
* Add needed suffixes for WPMU DEV hosting and CDNs (#1169)
* Add GünstigBestellen domains (#1170)
* add deno.dev (#1167)
* Update WoltLab Cloud Domains (#1168)
* gTLD autopull: 2020-12-11 (#1165)
* Update public_suffix_list.dat (#1162)
* Add lohmus.me to the private section (#1161)
* Add flap.id domain (#1160)
* UPDATE TO SLD ON HOSTBIP SECTION (#1130)
* Third level .рус domains for the PRIVATE section (#1159)
* Add orsites.com to the list of domains (#1157)
* Add webthings.io and krellian.net (#1154)
* gTLD autopull: 2020-12-10 (#1164)
* gTLD autopull: 2020-11-30 (#1155)
* The list of Jelastic public domains was extended. Addition to #1023 #1063 #1092 #1095 (#1151)
* gTLD autopull: 2020-11-21 (#1152)
* Add ondigitalocean.app to the list of domains (#1150)
* Add private domains for airy.host (#1149)
* gTLD autopull: 2020-11-11 (#1148)
* Update public_suffix_list.dat (#1147)
* Add of.je (#1131)
* Update the existing Names.of.London Public List (#1146)
* Del linkitools.space nxd from Private (#1145)
* Del ptplus.fit NXD from Private (#1144)
* Del cloudeity.net NXD from Private (#1143)
* Del uklugs.org NXD from Private section (#1142)
* Del xenapponazure.com from Private (#1141)
* Added an RSS feed URL (#1140)
* gTLD autopull: 2020-11-03 (#1139)
* Add secaas.hk (#1138)
* Adding qoto.io (#1129)
* Add fh-muenster.io to PSL (#1134)
* gTLD autopull: 2020-10-28 (#1135)
* Update pull_request_template.md (#1116)
- Update to version 20201026:
* gTLD autopull: 2020-10-12
* Remove algorithmia.com
* Add azurestaticapps.net dns suffixes
* Adds *.gateway.dev
* Add cdn-edges.net
* Sort Alphabet entries by TLD first and then by SLDD
* Add service.one as a public suffix
* Add tlon.network
* Add iopsys.se
* The list of Jelastic public domains was extended
* Add wapblog's domain
* added localzone.xyz
* Adds translate.goog and tr-test.goog
* Add bip.sh
* Add .tm.dz
* Add js.wpenginepowered.com
* Updated comments with new URLs to the different lists of domains
- Update to version 20200909:
* Update gTLD list to 2020-09-09
* Add pages.dev
* Add gsj.bz
* Added gitapp.si
* Add small-web.org domain under Small Technology Foundation
* Update to ICANN and private SLDs on CentralNic registry platform
* The list of Jelastic public domains was extended
* Add forte.id
* Add Danger Science Group domains
* Switch cloud.metacentrum.cz from suffix to wildcard notation
* Added mcpe.me
* Add omniwe.site
* Add GOV.UK Pay test environment domain
- Update to version 20200810:
* Add algorithmia.com (#1071)
* Added Mythic Beasts (#1075)
* gTLD autopull: 2020-08-07 (#1085)
* add rdv.to domains for pcarrier.ca Software Inc. (#1039)
* thingdust AG: added in-house domains of internal services (#1031)
* Add mcdir.ru and vps.mcdir.ru (#1051)
* Add na4u.ru to list (#998)
* gTLD autopull: 2020-07-29 (#1079)
* gTLD autopull: 2020-07-28 (#1077)
* add impertrix.com and impertrixcdn.com (#1060)
* gTLD autopull: 2020-07-18 (#1069)
* Add 12 sub zones to .br [20200714 update] (#1068)
- Update to version 20200715:
* Add cn.vu (#987)
* Add opensocial.site (#1056)
* Add wpenginepowered.com (#1064)
* The list of Jelastic public domains was extended. Addition to #1023 (#1063)
* Update platform.sh (#1061)
* add pages.wiardweb.com (#1035)
* Update public_suffix_list.dat (#1036)
* gTLD autopull: 2020-06-27 (#1059)
* Removal of education.tas.edu.au (#977)
* gTLD autopull: 2020-06-24 (#1057)
* gTLD autopull: 2020-06-20 (#1055)
- Update to version 20200616:
* Fix broken links in nic.lk (#1053)
* Remove fastpanel.direct for FASTVPS EESTI OU (#1024)
* Add gitpage.si to private domains section (#1013)
* add hostyhosting.io (#1046)
* Add wien.funkfeuer.at to private section (#1041)
* Update public_suffix_list.dat (#1029)
* Update public_suffix_list.dat (#1050)
* Add plesk.page and pleskns.com suffix to private section (#1048)
* gTLD autopull: 2020-06-11 (#1049)
* gTLD autopull: 2020-06-05 (#1047)
* gTLD autopull: 2020-05-28 (#1045)
* gTLD autopull: 2020-05-27 (#1044)
* add g.vbrplsbx.io domain (#994)
* Jelastic public domains are added (#1023)
* Add vercel.app and vercel.dev and update now.sh listing in private section (#1019)
* Add *.backyards.banzaicloud.io and *.banzai.cloud (#1025)
* add seidat.net private domain (#974)
* Added gentlentapis.com (#984)
* Update public_suffix_list.dat (#1037)
* Remove bitballoon.com and netlify.com (#1020)
* Add *.owo.codes (#973)
* Add plesk.page and pdns.page suffix to private section (#1022)
* Add kasserver.com to Private Section (#1016)
* Update Linode PSL entries (#1026)
* Add fly.io suffixes (#1015)
* Update public_suffix_list.dat (#1000)
* Add Voxel.sh DNS public suffixes (#1014)
- py26-compat-salt
-
- Exclude the full path of a download URL to prevent injection of
malicious code (bsc#1190265) (CVE-2021-21996)
- Added:
* exclude-the-full-path-of-a-download-url-to-prevent-i.patch
- Fix error handling in openscap module (bsc#1188647)
- Added:
* fix-error-handling-in-openscap-module-bsc-1188647-41.patch
- Define license macro as doc in spec file if not existing
- py26-compat-tornado
-
- Added compatibility to Enterprise Linux 8
- py27-compat-salt
-
- Fix the regression of docker_container state module
- Added:
* fix-the-regression-brought-in-with-pr-402-422.patch
- Support querying for JSON data in external sql pillar
- Added:
* 3000.3-postgresql-json-support-in-pillar-425.patch
- Exclude the full path of a download URL to prevent injection of
malicious code (bsc#1190265) (CVE-2021-21996)
- Added:
* exclude-the-full-path-of-a-download-url-to-prevent-i.patch
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
- Added:
* templates-move-the-globals-up-to-the-environment-jin.patch
- Add missing aarch64 to rpm package architectures
- Consolidate some state requisites (bsc#1188641)
- Added:
* add-missing-aarch64-to-rpm-package-architectures-407.patch
* consolidate-some-state-requisites-55974-bsc-1188641-.patch
- Fix failing unit test for systemd
- Fix error handling in openscap module (bsc#1188647)
- Better handling of bad public keys from minions (bsc#1189040)
- Added:
* fix-error-handling-in-openscap-module-bsc-1188647-41.patch
* better-handling-of-bad-public-keys-from-minions-bsc-.patch
* fix-failing-unit-tests-for-systemd.patch
- Define license macro as doc in spec file if not existing
- python
-
- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
(CVE-2019-20907, bpo#39017) avoiding possible infinite loop
in specifically crafted tarball.
Add recursion.tar as a testing tarball for the patch.
- Provide the newest setuptools wheel (bsc#1176262,
CVE-2019-20916) in their correct form (bsc#1180686).
- Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211
(CVE-2020-26116, bpo#39603) no longer allowing special characters in
the method parameter of HTTPConnection.putrequest in httplib, stopping
injection of headers. Such characters now raise ValueError.
- Renamed patch for assigned CVE:
* bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
(boo#1189241, CVE-2021-3737)
- Renamed patch for assigned CVE:
* bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
(boo#1189287, CVE-2021-3733)
- Fix python-doc build (bpo#35293):
* sphinx-update-removed-function.patch
- Update documentation formatting for Sphinx 3.0 (bpo#40204).
- Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in
request (bpo#43075, boo#1189287).
- Add missing security announcement to
bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch.
- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
which fixes http client infinite line reading (DoS) after a http
100 (bpo#44022, boo#1189241).
- Modify Lib/ensurepip/__init__.py to contain the same version
numbers as are in reality the ones in the bundled wheels
(bsc#1187668).
- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
_ctypes/callproc.c, which may lead to remote code execution.
- (bsc#1180125) We really don't Require python-rpm-macros package.
Unnecessary dependency.
- Add patch configure_PYTHON_FOR_REGEN.patch which makes
configure.ac to consider the correct version of
PYTHON_FO_REGEN (bsc#1078326).
- Use python3-Sphinx on anything more recent than SLE-15 (inclusive).
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
Caller.
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
hostnames in http.client. Such potentially malicious header
- Fixed possible leak in `PyArg_Parse` and similar
`PY_SSIZE_T_CLEAN` is not defined.
- python-2.7.14-CVE-2017-1000158.patch
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
- CVE-2018-1061-DOS-via-regexp-difflib.patch
- CVE-2019-10160-netloc-port-regression.patch
- CVE-2019-16056-email-parse-addr.patch
- bsc#1109847 (CVE-2018-14647): add
CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing
bpo-34623.
fixing bpo-35746 (CVE-2019-5010).
- python-base
-
- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
(CVE-2019-20907, bpo#39017) avoiding possible infinite loop
in specifically crafted tarball.
Add recursion.tar as a testing tarball for the patch.
- Provide the newest setuptools wheel (bsc#1176262,
CVE-2019-20916) in their correct form (bsc#1180686).
- Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211
(CVE-2020-26116, bpo#39603) no longer allowing special characters in
the method parameter of HTTPConnection.putrequest in httplib, stopping
injection of headers. Such characters now raise ValueError.
- Renamed patch for assigned CVE:
* bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
(boo#1189241, CVE-2021-3737)
- Renamed patch for assigned CVE:
* bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
(boo#1189287, CVE-2021-3733)
- Fix python-doc build (bpo#35293):
* sphinx-update-removed-function.patch
- Update documentation formatting for Sphinx 3.0 (bpo#40204).
- Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in
request (bpo#43075, boo#1189287).
- Add missing security announcement to
bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch.
- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
which fixes http client infinite line reading (DoS) after a http
100 (bpo#44022, boo#1189241).
- Modify Lib/ensurepip/__init__.py to contain the same version
numbers as are in reality the ones in the bundled wheels
(bsc#1187668).
- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
_ctypes/callproc.c, which may lead to remote code execution.
- (bsc#1180125) We really don't Require python-rpm-macros package.
Unnecessary dependency.
- Add patch configure_PYTHON_FOR_REGEN.patch which makes
configure.ac to consider the correct version of
PYTHON_FO_REGEN (bsc#1078326).
- Use python3-Sphinx on anything more recent than SLE-15 (inclusive).
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
Caller.
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
hostnames in http.client. Such potentially malicious header
- Fixed possible leak in `PyArg_Parse` and similar
`PY_SSIZE_T_CLEAN` is not defined.
- python-2.7.14-CVE-2017-1000158.patch
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
- CVE-2018-1061-DOS-via-regexp-difflib.patch
- CVE-2019-10160-netloc-port-regression.patch
- CVE-2019-16056-email-parse-addr.patch
- bsc#1109847 (CVE-2018-14647): add
CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing
bpo-34623.
fixing bpo-35746 (CVE-2019-5010).
- python-dbus-python
-
- Update to latest version from tumbleweed jira#OPENSUSE-22
boo#1183818
- Enable testsuite
- update to 1.2.16:
* All tests are run even if the tap.py module is not available, although
diagnostics for failing tests will be better if it is present.
* Forbid unexpanded AX-prefixed macros more selectively
- Support builds with more than one python3 flavor
gh#openSUSE/python-rpm-macros#66
- Remove shebang from examples (rpmlint warning, is in common doc)
- Clean duplicate python flavor variables for configure
- Update the provides/obsoletes tags for old-style dbus-1-$python
- Version update to version 1.2.14:
* Ensure that the numeric types from dbus.types get the same
str() under Python 3.8 that they did under previous versions.
* Disable -Winline.
* Add Python 3.8 to CI.
- Changes in version 1.2.12:
* Don't save and restore the exception indicator when called
from C code.
- Changes in version 1.2.10:
* Rewrite CONTRIBUTING.md document, based on Wayland's equivalent
* Add clearer license information using SPDX-License-Identifier.
* Improve test coverage.
* Don't set deprecated tp_print to NULL under Python 3.
* Include inherited methods and properties when documenting
objects, which regressed when migrating from epydoc to sphinx.
* Add missing variant_level member to UnixFd type, for parity
with the other dbus.types types (dbus-python!3.
- Note that this is a potentially incompatible change: unknown
keyword arguments were previously ignored (!) and are now an
error.
* Don't reply to method calls if they have the NO_REPLY_EXPECTED
flag (fd.o#32529, dbus-python#26.
* Silence -Wcast-function-type with gcc 8.
* Fix distcheck with python3.7 by deleting __pycache__ during
uninstall.
* Consistently save and restore the exception indicator when
called from C code.
* Avoid a long-standing race condition in the automated tests.
* Fix Qt website URL.
- Up dbus dependency; 1.8 is now required.
- Add missing dependency for pkg-config files
- Version update to version 1.2.8:
* Python 2.7 required or 3.4 respectively
* Tests use tap.py functionality
* Upstream dropped epydoc completely
* See NEWS for more
- Use requires_ge instead of the rpm calls
- python-pyasn1
-
- python-pycparser
-
- python-rpm
-
- update to rpm-4.14.3
- python3
-
- Rebuild to get new headers, avoid building in support for
stropts.h (bsc#1187338).
- release-notes-sles
-
- 15.3.20211025 (tracked in bsc#933411)
- Added note about NVMe-oF TCP support (bsc#1190394)
- Added note about manual pages (bsc#1188302)
- Added keepalived to support exceptions (bsc#1183906)
- Updated note about support information (bsc#1189989)
- Updated SELinux note to include warning (bsc#1186099)
- 15.3.20210903 (tracked in bsc#933411)
- Added note about NVIDIA vGPU support (jsc#SLE-17881)
- Added note about Intel technologies (bsc#1189786)
- Added note about ODBC drivers (jsc#SLE-17703)
- Added note about NVIDIA BlueField-2 tech preview (jsc#SLE-13565)
- Added note about kubevirt-virt-* (bsc#1187693)
- Fixed typo in note about compat-libpthread-nonshared (bsc#1188511)
- Removed mention of SES (bsc#1188305)
- rpm
-
- backport zstd detection fix [bsc#1187670]
new patch: zstddetection.diff
- backport ndb rofs support [bsc#1188548]
new patch: ndbrofs.diff
- backport pgp hardening changes from upstream [bsc#1185299]
new patch: pgpharden.diff
- fix deadlock when multiple rpm processes try tp acquire the
database lock [bsc#1183659]
new patch: deadlock.diff
- set default package verification level to 'none' to be compatible
to rpm-4.14.1
new patch: verifylevel_none.diff
- make illegal obsoletes a warning
new patch: badobsoletewarn.diff
- backport header check security fixes from upstream [CVE-2021-3421]
[CVE-2021-20271] [CVE-2021-20266]
[bsc#1183543] [bsc#1183545]
new patch: headerchk3.diff
- fix potential access of freed mem in ndb's glue code [bnc#1179416]
new patch: ndbglue.diff
- permit secondary index open to fail for bdb_ro
new patch: bdbro_missingidx.diff
- update to rpm-4.14.3 [jsc#SLE-17817]
* add support for enforcing signature policy and payload
verification step to transactions
* add :humansi and :hmaniec query formatters for human readable output
* add query selectors –-whatobsoletes and –-whatconflicts
* add support for sorting caret (‘^’) higher than base version
- refreshed patches:
* checksepwarn.diff
* dbrointerruptable.diff
* finddebuginfo.diff
* ndb-backport.diff
* pythondistdeps.diff
* remove-brp-strips.diff
* whatrequires-doc.diff
- dropped patches:
* debugedit-bnc1076819.diff
* debugedit-riscv.patch
* disttag-macro.diff
* hardlinks.diff
* reproducible-debuginfo.patch
* rpm-4.14.1-initialize-verifyflags.diff
* safesymlinks.diff
* signbadregion.diff
* verifynodup.diff
- Do not require the signature header to be in a contiguous
region when signing [bnc#1181805]
* new patch: signbadregion.diff
- rpm-config-SUSE
-
- Support ZSTD compressed kernel modules
[bsc#1190850,
bsc1190850-support-zstd-compressed-kernel-modules.patch]
- rpm-ndb
-
- update to rpm-4.14.3
- rsync
-
- Fix a segmentation fault in iconv [bsc#1188258]
* Add rsync-iconv-segfault.patch
- runc
-
- Update to runc v1.0.2. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.2
* Fixed a failure to set CPU quota period in some cases on cgroup v1.
* Fixed the inability to start a container with the "/adding seccomp filter
rule for syscall ..."/ error, caused by redundant seccomp rules (i.e. those
that has action equal to the default one). Such redundant rules are now
skipped.
* Made release builds reproducible from now on.
* Fixed a rare debug log race in runc init, which can result in occasional
harmful "/failed to decode ..."/ errors from runc run or exec.
* Fixed the check in cgroup v1 systemd manager if a container needs to be
frozen before Set, and add a setting to skip such freeze unconditionally.
The previous fix for that issue, done in runc 1.0.1, was not working.
- Update to runc v1.0.1. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.1
* Fixed occasional runc exec/run failure ("/interrupted system call"/) on an
Azure volume.
* Fixed "/unable to find groups ... token too long"/ error with /etc/group
containing lines longer than 64K characters.
* cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
frozen. This is a regression in 1.0.0, not affecting runc itself but some
of libcontainer users (e.g Kubernetes).
* cgroupv2: bpf: Ignore inaccessible existing programs in case of
permission error when handling replacement of existing bpf cgroup
programs. This fixes a regression in 1.0.0, where some SELinux
policies would block runc from being able to run entirely.
* cgroup/systemd/v2: don't freeze cgroup on Set.
* cgroup/systemd/v1: avoid unnecessary freeze on Set.
- Remove upstreamed patches:
+ boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch
- Backport <https://github.com/opencontainers/runc/pull/3055> to fix issues
with runc under openSUSE MicroOS's SELinux policy. boo#1187704
+ boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch
- Update to runc v1.0.0. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.0
! The usage of relative paths for mountpoints will now produce a warning
(such configurations are outside of the spec, and in future runc will
produce an error when given such configurations).
* cgroupv2: devices: rework the filter generation to produce consistent
results with cgroupv1, and always clobber any existing eBPF
program(s) to fix runc update and avoid leaking eBPF programs
(resulting in errors when managing containers).
* cgroupv2: correctly convert "/number of IOs"/ statistics in a
cgroupv1-compatible way.
* cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
* cgroupv2: wait for freeze to finish before returning from the freezing
code, optimize the method for checking whether a cgroup is frozen.
* cgroups/systemd: fixed "/retry on dbus disconnect"/ logic introduced in rc94
* cgroups/systemd: fixed returning "/unit already exists"/ error from a systemd
cgroup manager (regression in rc94)
+ cgroupv2: support SkipDevices with systemd driver
+ cgroup/systemd: return, not ignore, stop unit error from Destroy
+ Make "/runc --version"/ output sane even when built with go get or
otherwise outside of our build scripts.
+ cgroups: set SkipDevices during runc update (so we don't modify
cgroups at all during runc update).
+ cgroup1: blkio: support BFQ weights.
+ cgroupv2: set per-device io weights if BFQ IO scheduler is available.
- Update to runc v1.0.0~rc95. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95
This release of runc contains a fix for CVE-2021-30465, and users are
strongly recommended to update (especially if you are providing
semi-limited access to spawn containers to untrusted users). bsc#1185405
- Update to runc v1.0.0~rc94. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94
Breaking Changes:
* cgroupv1: kernel memory limits are now always ignored, as kmemcg has
been effectively deprecated by the kernel. Users should make use of regular
memory cgroup controls.
Regression Fixes:
* seccomp: fix 32-bit compilation errors
* runc init: fix a hang caused by deadlock in seccomp/ebpf loading code
* runc start: fix "/chdir to cwd: permission denied"/ for some setups
- Remove upstreamed patches:
- 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch
syscalls unusable for glibc.
- salt
-
- Support querying for JSON data in external sql pillar
- Exclude the full path of a download URL to prevent injection of
malicious code (bsc#1190265) (CVE-2021-21996)
- Added:
* 3002.2-postgresql-json-support-in-pillar-424.patch
* exclude-the-full-path-of-a-download-url-to-prevent-i.patch
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
- Don't pass shell="//sbin/nologin"/ to onlyif/unless checks (bsc#1188259)
- Add missing aarch64 to rpm package architectures
- Backport of upstream PR#59492
- Fix failing unit test for systemd
- Fix error handling in openscap module (bsc#1188647)
- Better handling of bad public keys from minions (bsc#1189040)
- Define license macro as doc in spec file if not existing
- Add standalone formulas configuration for salt minion and remove salt-master requirement (bsc#1168327)
- Added:
* fix-failing-unit-tests-for-systemd.patch
* add-missing-aarch64-to-rpm-package-architectures-405.patch
* don-t-use-shell-sbin-nologin-in-requisites.patch
* better-handling-of-bad-public-keys-from-minions-bsc-.patch
* templates-move-the-globals-up-to-the-environment-jin.patch
* fix-error-handling-in-openscap-module-bsc-1188647-40.patch
* backport-of-upstream-pr59492-to-3002.2-404.patch
- samba
-
- CVE-2020-25717: samba: A user on the domain can become root on
domain members; (bsc#1192284); (bso#14556).
- CVE-2020-25721: auth: Fill in the new HAS_SAM_NAME_AND_SID
values; (bsc#1192505); (bso#14564).
- CVE-2020-25718: An RODC can issue (forge) administrator tickets
to other servers; (bsc#1192246);(bso#14558).
- CVE-2020-25719: samba: AD DC Username based races when no PAC
is given;(bsc#1192247);(bso#14561).
- CVE-2020-25722: samba: AD DC UPN vs samAccountName not checked
(top-level bug for AD DC validation issues);(bsc#1192283);
(bso#14564).
- CVE-2021-3738: samba: crash in dsdb stack;(bsc#1192215);
(bso#14468).
- CVE-2021-23192: samba: dcerpc requests don't check all fragments
against the first auth_state;(bsc#1192214);(bso#14875).
- CVE-2016-2124: don't fallback to non spnego authentication if we
require kerberos; (bsc#1014440); (bso#12444).
- Update to 4.13.13
* rodc_rwdc test flaps;(bso#14868).
* Backport bronze bit fixes, tests, and selftest improvements;
(bso#14881).
* Provide a fix for MS CVE-2020-17049 in Samba [SECURITY]
'Bronze bit' S4U2Proxy Constrained Delegation bypass in Samba
with embedded Heimdal;(bso#14642).
* Python ldb.msg_diff() memory handling failure;(bso#14836).
* "/in"/ operator on ldb.Message is case sensitive;(bso#14845).
* Fix Samba support for UF_NO_AUTH_DATA_REQUIRED;(bso#14871).
* Allow special chars like "/@"/ in samAccountName when generating
the salt;(bso#14874).
* Fix transit path validation;(bso#12998).
* Prepare to operate with MIT krb5 >= 1.20;(bso#14870).
* rpcclient NetFileEnum and net rpc file both cause lock order
violation: brlock.tdb, share_entries.tdb;(bso#14645).
* Python ldb.msg_diff() memory handling failure;(bso#14836).
* Release LDB 2.3.1 for Samba 4.14.9;(bso#14848).
- Update to 4.13.12
* Address a signifcant performance regression in database access
in the AD DC since Samba 4.12;(bso#14806).
* Fix performance regression in lsa_LookupSids3/LookupNames4
since Samba 4.9 by using an explicit database handle cache;
(bso#14807).
* An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ;(bso#14817).
* Address flapping samba_tool_drs_showrepl test;(bso#14818).
* Address flapping dsdb_schema_attributes test;(bso#14819).
* An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ;(bso#14817).
* Fix CTDB flag/status update race conditions(bso#14784).
- Update to 4.13.11
* smbd: panic on force-close share during offload write;
(bso#14769).
* Fix returned attributes on fake quota file handle and avoid
hitting the VFS;(bso#14731).
* smbd: "/deadtime"/ parameter doesn't work anymore;(bso#14783).
* net conf list crashes when run as normal user;(bso#14787).
* Work around special SMB2 READ response behavior of NetApp Ontap
7.3.7;(bso#14607).
* Start the SMB encryption as soon as possible;(bso#14793).
* Winbind should not start if the socket path for the privileged
pipe is too long;(bso#14792).
- Fix 'net rpc' authentication when using the machine account;
(bsc#1189017); (bso#14796);
- Fix dependency problem upgrading from libndr0 to libndr1;
(bsc#1189875);
- Fix dependency problem upgrading from libsmbldap0 to libsmbldap2;
(bsc#1189875);
- Fix wrong kvno exported to keytab after net ads changetrustpw due
to replication delay; (bsc#1188727);
- Add Certificate Auto Enrollment Policy; (jsc#SLE-18456).
- Update to 4.13.10
* s3: smbd: Ensure POSIX default ACL is mapped into returned
Windows ACL for directory handles; (bso#14708);
* Take a copy to make sure we don't reference free'd memory; (bso#14721);
* s3: lib: Fix talloc heirarcy error in parent_smb_fname(); (bso#14722);
* s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in
change_file_owner_to_parent() error path; (bso#14736);
* samba-tool: Give better error information when the
'domain backup restore' fails with a duplicate SID; (bso#14575);
* smbd: Correctly initialize close timestamp fields; (bso#14714);
* Spotlight RPC service doesn't work with vfs_glusterfs; (bso#14740);
* ctdb: Fix a crash in run_proc_signal_handler(); (bso#14475);
* gensec_krb5: Restore ipv6 support for kpasswd; (bso#14750);
* smbXsrv_{open,session,tcon}: Protect
smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records; (bso#14752);
* samba-tool domain backup offline doesn't work against bind DLZ
backend; (bso#14027);
* netcmd: Use next_free_rid() function to calculate a SID for
restoring a backup; (bso#14669);
- Update to 4.13.9
* s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success; (bso#14696);
* Add documentation for dsdb_group_audit and dsdb_group_json_audit
to "/log level"/, synchronise "/log level"/ in smb.conf with the code; (bso#14689);
* Fix smbd panic when two clients open same file; (bso#14672);
* Fix memory leak in the RPC server; (bso#14675);
* s3: smbd: Fix deferred renames; (bso#14679);
* s3-iremotewinspool: Set the per-request memory context; (bso#14675);
* rpc_server3: Fix a memleak for internal pipes; (bso#14675);
* third_party: Update socket_wrapper to version 1.3.2; (bso#11899);
* third_party: Update socket_wrapper to version 1.3.3; (bso#14639);
* idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict; (bso#14663);
* Fix the build on OmniOS; (bso#14288);
- Update to 4.13.8
* CVE-2021-20254: Fix buffer overrun in sids_to_unixids(); (bso#14571
- Update to 4.13.7
* Release with dependency on ldb version 2.2.1.
- CVE-2021-20254 Buffer overrun in sids_to_unixids();
(bnc#14571); (bsc#1184677).
- Fix offline domain backup not possible using lmdb version >= 0.9.26;
(bso#14676);
- Require libldb >= 2.2.1; (bsc#1183572); (bsc#1183574);
- Update to 4.13.6
* CVE-2020-27840: samba: Unauthenticated remote heap corruption
via bad DNs; (bso#14595); (bsc#1183572).
* CVE-2021-20277: samba: out of bounds read in ldb_handler_fold;
(bso#14655); (bsc#1183574).
- Update to 4.13.5
* s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
start-up failure; (bso#14634);
* s3: libsmb: Add missing cli_tdis() in error path if encryption setup
failed on temp proxy connection; (bso#13992);
* smbd: In conn_force_tdis_done() when forcing a connection closed force
a full reload of services; (bso#14604);
* dbcheck: Check Deleted Objects and reduce noise in reports about
expired tombstones (bso#14593);
* s3: Fix fcntl waf configure check; (bso#14503);
* s3/auth: Implement "/winbind:ignore domains"/; (bso#14602);
* smbd: Use fsp->conn->session_info for the initial delete-on-close
token; (bso#14617);
* s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error path;
(bso#14648);
* classicupgrade: Treat old never expires value right; (bso#14624);
* g_lock: Fix uninitalized variable reads; (bso#14636);
* s3:pysmbd: Fix fd leak in py_smbd_create_file(); (bso#13898);
* lib:util: Avoid free'ing our own pointer; (bso#14625);
* HEIMDAL: krb5_storage_free(NULL) should work; (bso#12505);
- Spec file fixes around systemd and requires; (bsc#1182830);
- Align systemd service unit files with upstream provided ones.
- spacecmd
-
- version 4.2.13-1
* Update translation strings
* configchannel_updatefile handles directory properly (bsc#1190512)
* Add schedule_archivecompleted to mass archive actions (bsc#1181223)
* Remove whoami from the list of unauthenticated commands (bsc#1188977)
- version 4.2.12-1
- Update translation strings
- Make schedule_deletearchived to get all actions without display limit
- Allow passing a date limit for schedule_deletearchived on spacecmd (bsc#1181223)
- Use correct API endpoint in list_proxies (bsc#1188042)
- Add schedule_deletearchived to bulk delete archived actions (bsc#1181223)
- spacewalk-admin
-
- version 4.2.9-1
* Fix setup with rhn-config-satellite (bsc#1190300)
* Allow admins to modify only spacewalk config files with
rhn-config-satellite.pl (bsc#1190040) (CVE-2021-40348)
- spacewalk-backend
-
- version 4.2.17-1
* Update translations strings
* handle download of metadata filesnames with checksums (bsc#1188315)
* Sanitize cached filename for custom SSL certs used by reposync (bsc#1190751)
- version 4.2.16-1
- Update translation strings
- fix typo "/verfication"/ instead of "/verification"/
- spacewalk-certs-tools
-
- version 4.2.13-1
* add GPG keys using apt-key on debian machines (bsc#1187998)
- version 4.2.12-1
- Prepare the bootstrap script generator for Rocky Linux 8
- spacewalk-client-tools
-
- version 4.2.14-1
* Update translation strings
- version 4.2.13-1
- Update translation strings
- spacewalk-java
-
- version 4.2.30-1
* Fix datetime format parsing with moment (bsc#1191348)
- version 4.2.29-1
* Update translation strings
* fix logging of the spark framework and map requests to media.1
directory in the download controller (bsc#1189933)
* Add 'Last build date' column to CLM project list (jsc#PM-2644)
(jsc#SUMA-61)
* Improve exception handling and logging for mgr-libmod calls
* Add checksums to repository metadata filenames (bsc#1188315)
* Fix ISE in product migration if base product is missing (bsc#1190151)
* use TLSv1.3 if it is a supported Protocol
* Adapt auto errata update to respect maintenance windows
* Adapt auto errata update to skip during CLM build (bsc#1189609)
* add CentOS 7/8 aarch64
* add Oracle Linux 7/8 aarch64
* add Rocky Linux 8 aarch64
* add AlmaLinux 8 aarch64
* add Amazon Linux 2 aarch64
* Add new endpoints to saltkeys API: acceptedList, pendingList, rejectedList,
deniedList, accept and reject
* fix ISE in SSM when scheduling patches on multiple systems (bsc#1190396, bsc#1190275)
* Add 'Flush cache' option to Ansible playbook execution
(bsc#1190405)
* Update kernel live patch version on minion startup (bsc#1190276)
* Allow getting all completed actions via XMLRPC without display limit (bsc#1181223)
* Support syncing patches with advisory status 'pending' (bsc#1190455)
* Add XMLRPC API to force refreshing pillar data (bsc#1190123)
* Add missing string on XCCDF scan results (bsc#1190164)
* Ignore duplicates in 'pkg.installed' result when applying patches (bsc#1187572)
* Improved timezone support
* implement package locking for salt minions
- version 4.2.28-1
- Show AppStreams tab just for modular channels
- Fix Json null comparison in virtual network info parsing (bsc#1189167)
- Update translation strings
- 'AppStreams with defaults' filter template in CLM
- Add a link to OS image store dir in image list page
- Do not log XMLRPC fault exceptions as errors (bsc#1188853)
- XMLRPC: Add call for listing application monitoring endpoints
- AppStreams tab for modular channels
- Link to CLM filter creation from system details page
- Allow getting all archived actions via XMLRPC without display limit (bsc#1181223)
- fix NPE when no redhat info could be fetched
- Java enablement for Rocky Linux 8
- Delete ActionChains when the last action is a Reboot and it completes (bsc#1188163)
- Properly handle virtual networks without defined bridge (bsc#1189167)
- Mark SSH minion actions when they're picked up (bsc#1188505)
- Add UEFI support for VM creation / editing
- Add virt-tuner templates to VM creation
- Fix cleanup always being executed on delete system (bsc#1189011)
- Warning in Overview page for SLE Micro system (bsc#1188551)
- Add support for Kiwi options
- Ensure XMLRPC returns 'issue_date' in ISO format when listing erratas (bsc#1188260)
- Fix NullPointerException in HardwareMapper.getUpdatedGuestMemory
- Fix entitlements not being updated during system transfer (bsc#1188032)
- Simplify the VM creation action in DB
- Get CPU data for AArch64
- Handle virtual machines running on pacemaker cluster
- Refresh virtual host pillar to clear the virtpoller beacon (bsc#1188393)
- Add Beijing timezone to selectable timezones (bsc#1188193)
- Fix updating primary net interface on hardware refresh (bsc#1188400)
- Fix issues when removing archived actions using XMLRPC api (bsc#1181223)
- Readable error when "/mgr-sync add channel"/ is called with a no-existing label (bsc#1173143)
- spacewalk-setup
-
- version 4.2.8-1
- Enable logging for salt SSH
- Increase max size for uploaded files to Salt master
- spacewalk-utils
-
- version 4.2.14-1
* When renaming: don't regenerate CA, allow using third-party
certificate and trigger pillar refresh (bsc#1190123)
- version 4.2.13-1
- Add Rocky Linux 8 repositories
- spacewalk-web
-
- version 4.2.23-1
* Fix datetime format parsing with moment (bsc#1191348)
- version 4.2.22-1
* Add 'Last build date' column to CLM project list (jsc#PM-2644)
(jsc#SUMA-61)
* Fix 'Type' input in CLM source edit form (bsc#1190820)
* Add 'Flush cache' checkbox to Ansible playbook execution page
(bsc#1190405)
* Fix the VM creation and editing submit button action (bsc#1190602)
* Improved timezone support
* Enhance the default base channel help message (bsc#1171520)
- version 4.2.21-1
- Don't capitalize acronyms
- Update translation strings
- 'AppStreams with defaults' filter template in CLM
- Add a link to OS image store dir in image list page
- Link to CLM filter creation from system details page
- Expose UEFI parameters in the VM creation/editing pages
- Add virt-tuner templates to VM creation
- Fix cleanup always being executed on delete system (bsc#1189011)
- Add support for Kiwi options
- Fix virtualization guests to handle null HostInfo
- Compare lowercase CPU arch with libvirt domain capabilities
- Refresh JWT virtual console token before it expires
- Handle virtual machines running on pacemaker cluster
- subscription-matcher
-
- Version 0.27
* update subscription rules for new SKUs (bsc#1189818)
- supportutils-plugin-susemanager
-
- version 4.2.3-1
* detect broken symlinks in tomcat, taskomatic and search daemon
- suse-module-tools
-
- Update to version 15.3.13:
* fixup "/rpm-script: fix bad exit status in OpenQA (bsc#1191922)"/
- Update to version 15.3.12:
* rpm-script: fix bad exit status in OpenQA (bsc#1191922)
* cert-script: Ignore kernel keyring for kernel certificates (bsc#1191480).
* cert-script: Deal with existing $cert.delete file (bsc#1191804).
- Update to version 15.3.11:
* inkmp-script(postun): don't pass existing files to weak-modules2
(boo#1191200)
* kernel-scriptlets: skip cert scriptlet on non-UEFI systems
(boo#1191260)
- Update to version 15.3.10:
* Import kernel scriptlets from kernel-source
(bsc#1189841, bsc#1190598)
* Provide "/suse-kernel-rpm-scriptlets"/
- Update to version 15.3.9:
* fix problem that initrd may not be rebuilt after installing
kernel-$flavor-extra (bsc#1189441)
- susemanager
-
- version 4.2.25-1
* Add python-mako, python-gnupg and gnupg1 to the Debian 9 bootstrap repository
so bootstrapping without any enabled repositories is possible (bsc#1191898)
- version 4.2.24-1
* Fix syntax error on migration script (bsc#1191551)
- version 4.2.23-1
* Add aarch64 bootstrap repositories for CentOS 7/8, Oracle Linux 7/8,
Rocky Linux8, AlmaLinux8, Amazon Linux 2 and openSUSE Leap 15.3
* Add the gnupg package for ubuntu which is then needed by apt-key (bsc#1187998)
* Add SLE 15 SAP Product ID to SLE15 bootstrap repositories, as
it is required to get python3-M2Crypto (bsc#1189422)
- version 4.2.22-1
- Abort migration if data_directory is defined at the PostgreSQL
configuration file
- Update translation strings
- Add bootstrap repository definitions for Rocky Linux 8
- susemanager-build-keys
-
- Version 15.3.5
- Add Debian 11
- Added:
* debian-archive-key-11-security-A48449044AAD5C5D.asc
* debian-archive-key-11-73A4F27B8DD47936.asc
* debian-release-11-605C66F00D6C9793.asc
- Version 15.3.4
- Add Rocky Linux 8
- Added:
* RPM-GPG-KEY-rockyofficial
- susemanager-doc-indexes
-
- Added aarch64 support for selection of clients in the Installation
Guide and Client Configuration Guide
- Documented Amazon Web Services permissions for Virtual Host Manager
in the Virtual Host Manager and Amazon Web Service chapters in the
Client Configuration Guide
- Fixed unpublished patches note in the server update chapter of the
Upgrade Guide
- Updated Proxy installation screenshots to reflect SUSE Manager 4.2
version in the Installation Guide
- Updated migration instructions to help avoid migration from Proxy 4.0
to 4.1 if 4.2 is already available to the Upgrade Guide
- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the
commands on the client (bsc#1190166)
- Removed Portus and CaaSP references from the image management chapter
of the Administration Guide
- Documented package lock as a supported feature for some Salt clients
in the Client Configuration Guide.
- Added SUSE Linux Enterprise 15 Service Pack 3 to clients list
- Add information about pam service name limitations
- Add SLE Micro to supported features table
- Add SLE Micro client to support matrix page
- Replaced remaining occurrences of "/Service Pack Migration"/ to
"/Product Migration"/
- Reworded the Advanced virtual guest management description for
clarity in Client Configuration Guide
- Added missing Rocky instructions to the Client Configuration Guide
- Updated setup section in the Installation Guide about trouble
shooting freely available products
- Added channel synchronization warning in the product migration chapter
of the Client Configuration Guide
- Removed Red Hat Enterprise Linux 6, SUSE Linux Enterprise Server
Expanded Support 6, Oracle Linux 6, CentOS 6, and Ubuntu 16.04 LTS
as supported client systems in the Client Configuration Guide
(bsc#1188656)
- In the Prometheus chapter of the Administration Guide advise to store
data locally (bsc#1188855)
- Additional information added for Inter Server Sync v2 on limitations
and configuration
- Documented required SUSE Linux Enterprise Server version for the Ansible
control node in the Ansible Integration chapter of the
Administration Guide (bsc#1189419)
- Added information about installing Python 3.6 on CentOS, Oracle
Linux, Almalinux, SUSE Linux Enterprise Server with Expanded Support,
and Red Hat in the Client Configuration Guide (bsc#1187335)
- Corrected the package name for PAM authentication (bsc#1171483)
- Client Configuration Guide: reorganized navigation bar to list SUSE Linux
Enterprise Server, openSUSE and other clients in alphabetical order
for better user experience
- In the Ansible chapter of the Administration Guide mention that
Ansible is available on Proxy and Retail Branch Server
- Added a warning on Ansible hardware requirements to the Retail Guide
- Improved warning on over-writing images in public cloud in the Client
Configuration Guide
- Reference Guide: removed underscores in page titles and nav bar links.
- Provide more information about Salt SSH user configuration in the Salt
Guide (bsc#1187549)
- Documented KIWI options and profile selection in Administration Guide
- Added note about autoinstallation kernel options and Azure clients
- Added general information about SUSE Manager registration code that you
can obtain from a "/SUSE Manager Lifecycle Management+"/ subscription
- Document new Salt SSH logs at the Client Configuration Guide, Troubleshooting
section
- In the monitoring chapter of the Administration Guide mention that
Prometheus is available on Proxy and Retail Branch Server
- Added warning on Prometheus hardware requirements in the Retail Guide (bsc#1186339)
- Documented spacecmd installation on Ubuntu 18.04 and 20.04 in Client
Configuration Guide
- Amended Client Configuration Guide to exclude paragraphs that are Uyuni
specific for CentOS, AlmaLinux and Oracle clients
- susemanager-docs_en
-
- Added aarch64 support for selection of clients in the Installation
Guide and Client Configuration Guide
- Documented Amazon Web Services permissions for Virtual Host Manager
in the Virtual Host Manager and Amazon Web Service chapters in the
Client Configuration Guide
- Fixed unpublished patches note in the server update chapter of the
Upgrade Guide
- Updated Proxy installation screenshots to reflect SUSE Manager 4.2
version in the Installation Guide
- Updated migration instructions to help avoid migration from Proxy 4.0
to 4.1 if 4.2 is already available to the Upgrade Guide
- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the
commands on the client (bsc#1190166)
- Removed Portus and CaaSP references from the image management chapter
of the Administration Guide
- Documented package lock as a supported feature for some Salt clients
in the Client Configuration Guide.
- Added SUSE Linux Enterprise 15 Service Pack 3 to clients list
- Add information about pam service name limitations
- Add SLE Micro to supported features table
- Add SLE Micro client to support matrix page
- Replaced remaining occurrences of "/Service Pack Migration"/ to
"/Product Migration"/
- Reworded the Advanced virtual guest management description for
clarity in Client Configuration Guide
- Added missing Rocky instructions to the Client Configuration Guide
- Updated setup section in the Installation Guide about trouble
shooting freely available products
- Added channel synchronization warning in the product migration chapter
of the Client Configuration Guide
- Removed Red Hat Enterprise Linux 6, SUSE Linux Enterprise Server
Expanded Support 6, Oracle Linux 6, CentOS 6, and Ubuntu 16.04 LTS
as supported client systems in the Client Configuration Guide
(bsc#1188656)
- In the Prometheus chapter of the Administration Guide advise to store
data locally (bsc#1188855)
- Additional information added for Inter Server Sync v2 on limitations
and configuration
- Documented required SUSE Linux Enterprise Server version for the Ansible
control node in the Ansible Integration chapter of the
Administration Guide (bsc#1189419)
- Added information about installing Python 3.6 on CentOS, Oracle
Linux, Almalinux, SUSE Linux Enterprise Server with Expanded Support,
and Red Hat in the Client Configuration Guide (bsc#1187335)
- Corrected the package name for PAM authentication (bsc#1171483)
- Client Configuration Guide: reorganized navigation bar to list SUSE Linux
Enterprise Server, openSUSE and other clients in alphabetical order
for better user experience
- In the Ansible chapter of the Administration Guide mention that
Ansible is available on Proxy and Retail Branch Server
- Added a warning on Ansible hardware requirements to the Retail Guide
- Improved warning on over-writing images in public cloud in the Client
Configuration Guide
- Reference Guide: removed underscores in page titles and nav bar links.
- Provide more information about Salt SSH user configuration in the Salt
Guide (bsc#1187549)
- Documented KIWI options and profile selection in Administration Guide
- Added note about autoinstallation kernel options and Azure clients
- Added general information about SUSE Manager registration code that you
can obtain from a "/SUSE Manager Lifecycle Management+"/ subscription
- Document new Salt SSH logs at the Client Configuration Guide, Troubleshooting
section
- In the monitoring chapter of the Administration Guide mention that
Prometheus is available on Proxy and Retail Branch Server
- Added warning on Prometheus hardware requirements in the Retail Guide (bsc#1186339)
- Documented spacecmd installation on Ubuntu 18.04 and 20.04 in Client
Configuration Guide
- Amended Client Configuration Guide to exclude paragraphs that are Uyuni
specific for CentOS, AlmaLinux and Oracle clients
- susemanager-schema
-
- version 4.2.18-1
* create unique index on package details action id (bsc#1190396, bsc#1190275)
* Add 'flush_cache' flag to Ansible playbook execution action
(bsc#1190405)
* Support syncing patches with advisory status 'pending' (bsc#1190455)
* allow Ansible Control Node entitlement for aarch64, ppc64le and
s390x (bsc#1189799)
* implement package locking for salt minions
- version 4.2.17-1
- Add Rocky Linux 8 key and vendor
- Fix wrongly assigned entitlements due to system transfer (bsc#1188032)
- Force a one-off VACUUM ANALYZE
- Add Kiwi commandline options to Kiwi profile
- Upgrade scripts idempotency fixes
- Simplify the VM creation action in DB
- Handle virtual machines running on pacemaker cluster
- Refresh virtual host pillar to clear the virtpoller beacon (bsc#1188393)
- Add Beijing timezone to selectable timezones (bsc#1188193)
- susemanager-sls
-
- version 4.2.18-1
* revert disable unaccessible local repos before bootstrapping (bsc#1186405)
- version 4.2.17-1
* Fix cpuinfo grain and virt_utils state python2 compatibility
(bsc#1191139, bsc#1191123)
* deploy certificate on SLE Micro 5.1
* Realign pkgset cookie path for Salt Bundle changes
* Fix pkgset beacon to work with salt-minion 2016.11.10 (bsc#1189260)
* Fix virt grain python2 compatibility
* disable unaccessible local repos before bootstrapping (bsc#1186405)
* Fix mgrcompat state module to work with Salt 3003 and 3004
* Add 'flush_cache' flag to 'ansible.playbooks' call (bsc#1190405)
* Update kernel live patch version on minion startup (bsc#1190276)
* don't use libvirt API to get its version for the virt features grain
* implement package locking for salt minions
- version 4.2.16-1
- Add Rocky Linux 8 support
- Enable logrotate configuration for Salt SSH minion logs
- Add UEFI support for VM creation
- Add virt-tuner templates to VM creation
- Handle more ocsf2 setups in virt_utils module
- Add missing symlinks to generate the "/certs"/ state for
SLE Micro 5.0 and openSUSE MicroOS minions (bsc#1188503)
- Add findutils to Kiwi bootstrap packages
- Remove systemid file on salt client cleanup
- Add support for Kiwi options
- Skip 'update-ca-certificates' run if the certs are updated automatically
- Use lscpu to provide more CPU grains for all architectures
- Fix deleting stopped virtual network (bsc#1186281)
- Handle virtual machines running on pacemaker cluster
- susemanager-sync-data
-
- version 4.2.9-1
* add CentOS 7/8 aarch64
* add Oracle Linux 7/8 aarch64
* add Rocky Linux 8 aarch64
* add AlmaLinux 8 aarch64
* add Amazon Linux 2 aarch64
- version 4.2.8-1
- support Rocky Linux 8 x86_64
- add channel family for MicroOS Z
- set OES 2018 SP3 to released
- systemd
-
- Import commit 263f7076bc77475045193653a785bbdc0457b5c6
239e0ce5e7 journalctl: never fail at flushing when the flushed flag is set (bsc#1188588)
0db7e590e1 manager: reexecute on SIGRTMIN+25, user instances only
ef8afc4545 core: Make sure cgroup_oom_queue is flushed on manager exit
f794e01080 cgroup: do 'catchup' for unit cgroup inotify watch files
54369b7660 manager: Fix HW watchdog when systemd starts before driver loaded (bsc#1189446)
1d0524bd54 pid1: various minor watchdog modernizations
- Drop 1007-tmpfiles-follow-SUSE-policies.patch
Since most of the tmpfiles config files shipped by upstream are
ignored (see previous commit "/Drop most of the tmpfiles that deal
with generic paths"/), this patch is no more relevant.
- Update 60-io-scheduler.rules (jsc#SLE-21032, bsc#1134353)
* rules weren't applied to dm devices (multipath), fix it
(bsc#1188713)
* ignore obsolete "/elevator"/ kernel parameter (bsc#1184994)
("/elevator"/ did falsely overide settings even for blk-mq, fixed).
* remove support for single-queue block IO which the kernel doesn't
support any more.
- Make sure the versions of both udev and systemd packages are always the same (bsc#1189480)
- Import commit f5c33d9f82d3d782d28938df9ff09484360c540d (merge of v246.16)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/8d8f5fc31eece95644b299b784bbfb8f836d0108...f5c33d9f82d3d782d28938df9ff09484360c540d
- Avoid the error message when udev is updated due to udev being
already active when the sockets are started again (bsc#1188291)
- Import commit 8d8f5fc31eece95644b299b784bbfb8f836d0108 (merge of v246.15)
cfd14c6537 basic/unit-name: do not use strdupa() on a path (bsc#1188063 CVE-2021-33910)
7b6b7abf46 unit-name: generate a clear error code when converting an overly long fs path to a unit name
[...]
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b9e4f4c71159b216a16f1c5121134aee2654be56...8d8f5fc31eece95644b299b784bbfb8f836d0108
- Drop 6000-unit-name-generate-a-clear-error-code-when-convertin.patch
and 6001-basic-unit-name-do-not-use-strdupa-on-a-path.patch as they
were merged in v246.15.
- Drop 6002-basic-unit-name-adjust-comments.patch as it was merged in
branch SUSE/v246.
- Import commit b9e4f4c71159b216a16f1c5121134aee2654be56 (merge of v246.14)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/5157b666a0d744a2ff9f4511780e43bd74fcc280...b9e4f4c71159b216a16f1c5121134aee2654be56
- Import commit 5157b666a0d744a2ff9f4511780e43bd74fcc280
2288448f47 logind: add …WithFlags methods to policy
0acc4f0413 logind: simplify flags handling a bit
d632dfd6e3 logind: Introduce RebootWithFlags and others
8fba5f3715 Added option --check-inhibitors for non-tty usage (bsc#1166028)
114387d358 sd-dhcp-client: tentatively ignore FORCERENEW command (bsc#1185972 CVE-2020-13529)
f2cd82a359 sd-dhcp-client: logs when dhcp client unexpectedly gains a new lease
6efb9a77f3 sd-dhcp-client: shorten code a bit
9e1cd2172c sd-dhcp-client: check error earlier and reduce indentation
- Rebase 1003-logind-store-a-timestamp-when-the-ACPI-power-button-.patch
- systemd-hwdb-update.service should be shipped by the udev package
- Allow the sysusers config files shipped by systemd rpms to be
overriden during system installation (bsc#1171962)
- While at it, add a comment to explain why we don't use
%sysusers_create in %pre and why it should be safe in %post.
- Added fix for bsc#1184994 to skip udev rules if 'elevator=' is used
- systemd-rpm-macros
-
- Bump to version 8
- Make use of "/Suggests:"/ in %systemd_ordering
Until libzypp supports "/OrderWithRequires:"/, we need to specify a
similar ordering constraint that can be understood by the dep solver
as well. Hence the use of "/Suggests:"/ in %systemd_ordering
(workaround for bsc#1187332).
- Introduce %sysusers_create_package
%sysusers_create and %sysusers_create_inline are now deprecated and
the new macro should be used instead.
Upstream commit 07a7d4a0040d221ff09e527e91c112b4ffab1dba.
- %sysusers_create_inline: use here-docs instead of echo (bsc#1186282)
Upstream commit dd2490ae12ad1e1795ecbf8f8944b950da9c8d06.
- util-linux
-
- ipcutils: Avoid potential memory allocation overflow
(bsc#1188921, CVE-2021-37600,
util-linux-ipcutils-overflow-CVE-2021-37600.patch).
- Add bc to BuildRequires to run more complete testsuite,
fix testsuite (bsc#1178236#c19,
util-linux-ipcs-shmall-overflow-ts.patch).
- util-linux-systemd
-
- ipcutils: Avoid potential memory allocation overflow
(bsc#1188921, CVE-2021-37600,
util-linux-ipcutils-overflow-CVE-2021-37600.patch).
- Add bc to BuildRequires to run more complete testsuite,
fix testsuite (bsc#1178236#c19,
util-linux-ipcs-shmall-overflow-ts.patch).
- xen
-
- bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in
XENMAPSPACE_grant_table handling (XSA-384)
xsa384.patch
- Upstream bug fixes (bsc#1027519)
61001231-x86-work-around-GNU-ld-2-37-issue.patch
611a7e38-x86-CET-shstk-WARN-manipulation.patch
611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
6128a856-gnttab-radix-tree-node-init.patch
61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces
credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch)
6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch)
6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch)
61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch)
6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch)
6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch)
612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch)
612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch)
612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch)
612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch)
6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch
6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch)
6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch)
61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch)
- bsc#1189882 - refresh libxc.sr.superpage.patch
prevent superpage allocation in the LAPIC and ACPI_INFO range
- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
xsa378-1.patch
xsa378-2.patch
xsa378-3.patch
xsa378-4.patch
xsa378-5.patch
xsa378-6.patch
xsa378-7.patch
xsa378-8.patch
- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
pages may remain accessible after de-allocation. (XSA-379)
xsa379.patch
- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
grant table handling. (XSA-380)
xsa380-1.patch
xsa380-2.patch
- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
status frames array bounds check. (XSA-382)
xsa382.patch
- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
limit for dom0less domUs. (XSA-383)
xsa383.patch
- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
See also bsc#1179246.
credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch
- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.
- bsc#1176189 - xl monitoring process exits during xl save -p|-c
keep the monitoring process running to cleanup the domU during shutdown
xl-save-pc.patch
- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
60be0e24-credit2-pick-runnable-unit.patch
60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
- Upstream bug fixes (bsc#1027519)
60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
60afe617-x86-TSX-minor-cleanup-and-improvements.patch
60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
60c0bf86-x86-TSX-cope-with-deprecation.patch
60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
60c8de6e-osdep_xenforeignmemory_map-prototype.patch
60d49689-VT-d-undo-device-mappings-upon-error.patch
60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
- Dropped gcc11-fixes.patch
- bsc#1183243 - L3: Core cannot be opened when using xl dump-core
of VM with PTF
60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
- bsc#1180350 - some long deprecated commands were finally removed
in qemu6. Adjust libxl to use supported commands.
libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
libxl-qemu6-vnc-password.patch
libxl-qemu6-scsi.patch
- Update logrotate.conf, move global options into per-file sections
to prevent globbering of global state (bsc#1187406)
- Fix shell macro expansion in xen.spec, so that ExecStart=
in xendomains-wait-disks.service is created correctly (bsc#1183877)
- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
are not scrubbed (XSA-372)
xsa372-1.patch
xsa372-2.patch
- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
timeout detection / handling (XSA-373)
xsa373-1.patch
xsa373-2.patch
xsa373-3.patch
xsa373-4.patch
xsa373-5.patch
- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
Bypass (XSA-375)
xsa375.patch
- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
protections not restored after S3 (XSA-377)
xsa377.patch
- Upstream bug fixes (bsc#1027519)
60a27288-x86emul-gas-2-36-test-harness-build.patch
60af933d-x86-gcc11-hypervisor-build.patch
60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
- Upstream bug fix (bsc#1027519)
608676f2-VT-d-register-based-invalidation-optional.patch
- Add xen.sysconfig-fillup.patch to make sure xencommons is in a
format as expected by fillup. (bsc#1185682)
Each comment needs to be followed by an enabled key. Otherwise
fillup will remove manually enabled key=value pairs, along with
everything that looks like a stale comment, during next pkg update
- Refresh xenstore-launch.patch to cover also daemon case
- Update to Xen 4.14.2 bug fix release (bsc#1027519)
xen-4.14.2-testing-src.tar.bz2
- Drop patches contained in new tarball
5fedf9f4-x86-hpet_setup-fix-retval.patch
5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
5ff71655-x86-dpci-EOI-regardless-of-masking.patch
5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
600999ad-x86-dpci-do-not-remove-pirqs-from.patch
600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
6011bbc7-x86-timer-fix-boot-without-PIT.patch
6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
6013e546-x86-HVM-reorder-domain-init-error-path.patch
601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
602bd768-page_alloc-only-flush-after-scrubbing.patch
602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
60410127-gcc11-adjust-rijndaelEncrypt.patch
60422428-x86-shadow-avoid-fast-fault-path.patch
604b9070-VT-d-disable-QI-IR-before-init.patch
60535c11-libxl-domain-soft-reset.patch
60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
60787714-x86-HPET-avoid-legacy-replacement-mode.patch
- xfsprogs
-
- xfs_bmap: remove -c from manpage (bsc#1189552)
- xfs_bmap: don't reject -e (bsc#1189552)
* Add xfsprogs-xfs_bmap-remove-c-from-manpage.patch
* Add xfsprogs-xfs_bmap-don-t-reject-e.patch
- xfs_repair: check plausibility of root dir pointer before trashing it
(bsc#1188651)
* Add xfsprogs-xfs_repair-refactor-fixed-inode-location-checks.patch
* Add xfsprogs-xfs_repair-check-plausibility-of-root-dir-pointer-be.patch
- xfsprogs: split libhandle1 into a separate package, since nothing
within xfsprogs dynamically links against it. The shared library
is still required by xfsdump as a runtime dependency.
- mkfs.xfs: fix ASSERT on too-small device with stripe geometry
(bsc#1181536)
* Add xfsprogs-mkfs.xfs-fix-ASSERT-on-too-small-device-with-stripe-.patch
- mkfs.xfs: if either sunit or swidth is nonzero, the other must be as
well (bsc#1085917, bsc#1181535)
* Add xfsprogs-mkfs.xfs-if-either-sunit-or-swidth-is-nonzero-the-ot.patch
- xfs_growfs: refactor geometry reporting (bsc#1181306)
* Add xfsprogs-xfs_growfs-refactor-geometry-reporting.patch
- xfs_growfs: allow mounted device node as argument (bsc#1181299)
* Add xfsprogs-libfrog-fs_table_lookup_mount-should-realpath-the-ar.patch
* Add xfsprogs-xfs_fsr-refactor-mountpoint-finding-to-use-libfrog-p.patch
* Add xfsprogs-xfs_growfs-allow-mounted-device-node-as-argument.patch
- xfs_repair: rebuild directory when non-root leafn blocks claim block 0
(bsc#1181309)
* Add xfsprogs-xfs_repair-rebuild-directory-when-non-root-leafn-blo.patch
- xstream
-
- Upgrade to 1.4.18
* Security fixes
+ This maintenance release addresses following security
vulnerabilities, when unmarshalling with an XStream instance
using the default blacklist of an uninitialized security
framework. XStream is therefore now using a whitelist by
default. (CVE-2021-39139, CVE-2021-39140, CVE-2021-39141,
CVE-2021-39144, CVE-2021-39145, CVE-2021-39146,
CVE-2021-39147, CVE-2021-39148, CVE-2021-39149,
CVE-2021-39150, CVE-2021-39151, CVE-2021-39152,
CVE-2021-39153, CVE-2021-39154, bsc#1189798)
* Minor changes
+ Support serializable types with non-serializable parent with
PureJavaReflectionConverter.
* Stream compatibility
+ Starting with version 1.14.12 nine years ago, XStream contains
a Security Framework to implement a black- or whitelist for
the allowed types at deserialization time. Until version
1.4.17, XStream kept a default blacklist in order to deny all
types of the Java runtime, which are used for all kinds of
security attacks, in order to guarantee optimal runtime
compatibility for existing users. However, this approach has
failed. The last months have shown, that the Java runtime
alone contains dozens of types that can be used for an attack,
not even looking at the 3rd party libraries on a classpath.
The new version of XStream uses therefore now by default a
whitelist, which is recommended since nine years. It also has
been complaining on the console for a long time about an
uninitialized security framework the first time it was run.
Anyone who has followed the advice and initialized the
security framework for their own scenario can easily update
to the new version without any problem. Everyone else will
have to do a proper initialization now, otherwise the new
version will fail with certainty at deserialization time.
- Modified patch:
* Revert-MXParser-changes.patch
+ rediff to changed context
- yast2
-
- Do not escape "/$"/ in URL paths (bsc#1187581).
- 4.3.65
- Don't crash with UI exception in Progress.rb if a popup is in the way
(bsc#1187676)
- 4.3.64
- yast2-add-on
-
- Auto client does not crash when trying to import from an
empty add-on section (bsc#1189154).
- 4.3.9
- yast2-country
-
- Use official China timezone Asia/Shanghai (bsc#1187857)
- 4.3.18
- Move the keyboards database to lib/ to make the module compatible
with the self-update mechanism (bsc#1189461).
- 4.3.17
- AutoYaST: allow empty /profile/timezone/timezone setting,
meaning to keep the UTC default (bsc#1188406).
- 4.3.16
- Fix the Comment entry in the desktop file so the tooltip
in the control center is properly translated (bsc#1187270).
- 4.3.15
- yast2-installation
-
- Fix file copying when using relurl:// and file:// naming schemes
(bsc#1191160).
- 4.3.43
- Display release notes during upgrade (bsc#1186044)
- 4.3.42
- Activate devices before probing (bsc#1187220).
- 4.3.41
- yast2-network
-
- bnc#1185524, bsc#1187512
- do not crash at the end of installation when storing wifi
configuration for NetworkManager at the target
- 4.3.77
- Do not crash when the interfaces table contains a not configured
one (bnc#1190645, bsc#1190915)
- Fix the shown description using the interface friendly name when
it is empty (bsc#1190933)
- 4.3.76
- Consider aliases sections as case insensitive (bsc#1190739).
- 4.3.75
- bnc#1190645
- display user defined device name in the devices overview
- 4.3.74
- Do not crash when the aliases defined in the AutoYaST profile
are not defined as a map (bsc#1188344)
- 4.3.73
- Support 'boot' and 'on' as aliases for the 'auto' startmode
(bsc#1186910)
- 4.3.72
- Fix the Comment entry in the desktop file so the tooltip
in the control center is properly translated (bsc#1187270).
- 4.3.71
- Use the linuxrc proxy settings for the HTTPS and FTP proxies
(bsc#1185016)
- 4.3.70
- yast2-nfs-client
-
- Support systemd mount options in fstab (bsc#1187781)
- 4.3.4
- yast2-nfs-server
-
- Fix the corresponding section name in the package specification
(bsc#1188618).
- 4.3.4
- Set X-SuSE-YaST-AutoInstClient in the desktop file to properly
determine the client name (bsc#1188618).
- 4.3.3
- yast2-nis-server
-
- Set X-SuSE-YaST-AutoInstClient in the desktop file to properly
determine the client name (bsc#1188644).
- 4.3.2
- yast2-packager
-
- Use the "/armv7hl"/ packages on the "/armv7l"/ architecture
(bsc#1183795)
- 4.3.22
- yast2-schema
-
- Add the "/hostname"/ element to the rules schema (bsc#1190696).
- 4.3.25
- Add missing elements to rules.xml schema:
- installed_product and installed_product_version (boo#1176089)
- dialog section (bsc#1188153)
- 4.3.24
- yast2-storage-ng
-
- Fix (un)masking systemd units by using the systemctl --plain
flag for getting an output without status glyphs (bsc#1191347).
- 4.3.56
- Recommend to install libyui-qt-graph package (bsc#1191109) in
order to offer the View/Device Graphs menu option.
- 4.3.55
- Fix the Comment entry in the desktop file so the tooltip
in the control center is properly translated (bsc#1187270).
- 4.3.54
- yast2-update
-
- Avoid to bind-mount /run twice (bsc#1181066).
- 4.3.3
- zypper
-
- Avoid calling 'su' to detect a too restrictive sudo user umask
(bsc#1186602)
- Fix typo in German translation (fixes #395)
- BuildRequires: libzypp-devel >= 17.28.3.
- version 1.14.49
- Support new reports for singletrans rpm commit.
- BuildRequires: libzypp-devel >= 17.27.1.
For lock/query comments.
- Prompt: choose exact match if prompt options are not prefix
free (bsc#1188156)
- Install summary: Show new and removed packages closer to the
prompt (fixes #403)
These packages are usually more interesting than the updated
ones. In case of doubt less scrolling is needed to see them.
- Add need reboot/restart hint to XML install summary
(bsc#1188435)
- Add comment option for lock command (fixes #388).
- version 1.14.48
- Quick fix obs:// platform guessing for Leap (bsc#1187425)
- man: point out more clearly that patches update affected
packages to the latest version (bsc#1187466)
- version 1.14.47