SUSEConnect
- Update to 0.3.29
- replace env ruby path with native ruby path during build phase
aaa_base
- Add patch git-33-d12420cc66e6d26a9dff6c0e86e00de232151c82.patch
  * Avoid semicolon within (t)csh login script on S/390.
    (bsc#1179431)
bind
- Added special make instruction for the "/Administrator Reference
  Manual"/ which is built using python3-Sphinx
  [bsc#1177983, bind.spec]
- Add /usr/lib64/named to the files and directories in
  bind-chrootenv.conf. This directory contains plugins loaded
  after the chroot().
- Replaced named's dependency on time-sync with a dependency on time-set
  in named.service. The former leads to a dependency-loop.
- Removed "/dnssec-enable"/ from named.conf as it has been obsoleted.
  Added a comment for reference which should be removed
  in the future.
- Added a comment to the "/dnssec-validation"/ in named.conf
  with a reference to forwarders which do not return signed responses.
- Replaced an INSIST macro which calls abort with a test and a
  diagnostic output.
  [bsc#1177913,bsc#1178078,bsc#1177790,bsc#1177603,bsc#1175894,
  bsc#1177915,
  bind-Print-diagnostics-on-dns_name_issubdomain-failure-in.patch,
  bind-chrootenv.conf,vendor-files.tar.bz2]
binutils
- Add binutils-fix-relax.diff to fix linking relaxation problems
  with old object files hitting some enterprise software. [bsc#1179341]
- Update binutils-2.35-branch.diff.gz to commit 1c5243df:
  * Fixes PR26520, aka [bsc#1179036], a problem in addr2line with
    certain DWARF variable descriptions.
  * Also fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878,
    PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869,
    PR26711
  * The above includes fixes for dwo files produced by modern dwp,
    fixing several problems in the DWARF reader.
- Reapply spec file cleanup from format_spec_file
- Remove a SLE10 version check
- Update to 2.35.1 and rebased branch diff:
  * This is a point release over the previous 2.35 version, containing bug
  fixes, and as an exception to the usual rule, one new feature.  The
  new feature is the support for a new directive in the assembler:
  "/.nop"/.  This directive creates a single no-op instruction in whatever
  encoding is correct for the target architecture.  Unlike the .space or
  .fill this is a real instruction, and it does affect the generation of
  DWARF line number tables, should they be enabled.
- Amend binutils-revert-plt32-in-branches.diff to adjust also new
  testcases.
btrfsprogs
- Add patches to fix the logical-resolve lookup process and to accept the 'ignore
  offsets' kernel feature (bsc#1174206)
  - Add 0001-btrfs-progs-add-LOGICAL_INO_V2-to-ioctl.h.patch
  - Add 0001-btrfs-progs-build-add-libmount-dependency.patch
  - Add 0001-btrfs-progs-inspect-add-support-for-LOGICAL_INO_V2-i.patch
  - Add 0001-btrfs-progs-inspect-increase-logical-resolve-default.patch
  - Add 0002-btrfs-progs-utils-introduce-find_mount_fsroot.patch
  - Add 0003-btrfs-progs-inspect-use-find_mount_fsroot-in-logical.patch
c-ares
- add BR for pkg-config to get the provides in the devel package
- ares_dns.h, missing_header.patch: re-add missing header in last release
- Version update to 1.17.0
  Security:
  * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
    fuzzing
  * Avoid theoretical buffer overflow in RC4 loop comparison
  * Empty hquery->name could lead to invalid memory access
  * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
    passed in (bsc#1178882, CVE-2020-8277)
  Changes:
  * Update help information for adig, acountry, and ahost
  * Test Suite now uses dynamic system-assigned ports rather than hardcoded
    ports to prevent failures in containers
  * Detect remote DNS server does not support EDNS using rules from RFC 6891
  * Source tree has been reorganized to use a more modern layout
  * Allow parsing of CAA Resource Record
  Bug fixes:
  * readaddrinfo bad sizeof()
  * Test cases should honor HAVE_WRITEV flag, not depend on WIN32
  * FQDN with trailing period should be queried first
  * ares_getaddrinfo() was returning members of the struct as garbage values if
    unset, and was not honoring ai_socktype and ai_protocol hints.
  * ares_gethostbyname() with AF_UNSPEC and an ip address would fail
  * Properly document ares_set_local_ip4() uses host byte order
  For details, see https://c-ares.haxx.se/changelog.html
- add missing upstream sources, to be removed for next release
- remove unnecessary BuildRequires
- fix building on SLE12 systems
- simplify conditions bit to make it tad more readable
- Implement multibuild specfile to split out tests into its own
  flavor; this way we can build and run tests, which require
  static lib, as well as avoid packaging the latter without issues
  with the installed cmake file..
- Version update to 1.16.1
  Security:
  * Prevent possible use-after-free and double-free in ares_getaddrinfo() if
    ares_destroy() is called prior to ares_getaddrinfo() completing.
  Reported by Jann Horn at Google Project Zero.
  Changes:
  * Allow TXT records on CHAOS qclass. Used for retriving things like
    version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3]
  Bug fixes:
  * Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1]
  * Silence false cast-align compiler warnings due to valid casts of struct
    sockaddr to struct sockaddr_in and struct sockaddr_in6.
  * MacOS should use libresolv for retrieving DNS servers, like iOS
  * CMake build system should populate the INCLUDE_DIRECTORIES property of
    installed targets [2]
  * Correct macros in use for the ares_getaddrinfo.3 man page
- Changes in version 1.16.0
  Changes:
  * Introduction of ares_getaddrinfo() API which provides similar output
    (including proper sorting as per RFC 6724) to the system native API, but
  utilizes different data structures in order to provide additional
  information such as TTLs and all aliases. Please reference the respective
  man pages for usage details.
  * Parse SOA records from ns_t_any response
  * CMake: Provide c-ares version in package export file
  * CMake: Add CPACK functionality for DEB and RPM
  * CMake: Generate PDB files during build
  * CMake: Support manpage installation
  Bug fixes:
  * Fix bad expectation in IPv6 localhost test.
  * AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to
    prevent complaints about CPPFLAGS in CFLAGS.
  * Fix .onion handling
  * Command line usage was out of date for adig and ahost.
  * Typos in manpages
  * If ares_getenv is defined, it must return a value on all platforms
  * If /etc/resolv.conf has invalid lookup values, use the defaults.
  * Tests: Separate live tests from SetServers* tests as only live tests
    should require internet access.
  * ares_gethostbyname() should return ENODATA if no valid A or AAAA record
    is found, but a CNAME was found.
  * CMake: Rework library function checking to prevent unintended linking
    with system libraries that aren't needed.
  * Due to use of inet_addr() it was not possible to return 255.255.255.255
    from ares_gethostbyname().
  * CMake: Fix building of tests on Windows
- Drop regression.patch which have been fixed upstream
- Refresh disable-live-tests.patch
- Remove static lib since its required when doing tests and we dont want it
  included in package
- Run spec-cleaner
cdrtools
- fix_junk_in_partition.patch: Initialize memory that created the
  partition table instead of writing random bytes to it (bsc#1178692)
cloud-init
- Add wget as a requirement (bsc#1178029)
  + wget is used in the CloudStack data source
- Add cloud-init-azure-def-usr-pass.patch (bsc#1179150, bsc#1179151)
  + Properly set the password for the default user in all circumstances
- Patch the full package version into the cloud-init version file
- Update cloud-init-write-routes.patch (bsc#1177526)
  + Fix missing default route when dual stack network setup is used. Once
    a default route was configured for Ipv6 or IPv4 the default route
    configuration for the othre protocol was skipped.
- Update cloud-init-write-routes.patch (bsc#1177526)
  + Avoid exception if no gateway information is present and warning
    is triggered for existing routing.
- Update to version 20.2 (bsc#1174443, bsc#1174444)
  + Remove patches included upstream:
  - 0001-Make-tests-work-with-Python-3.8-139.patch
  - cloud-init-ostack-metadat-dencode.patch
  - cloud-init-use-different-random-src.diff
  - cloud-init-long-pass.patch
  - cloud-init-mix-static-dhcp.patch
  + Remove patches build switched to Python 3 for all distributions
    (jsc#PM-2335)
  - cloud-init-python2-sigpipe.patch
  - cloud-init-template-py2.patch
  + Add
  - cloud-init-after-kvp.diff
  - cloud-init-recognize-hpc.patch
  + doc/format: reference make-mime.py instead of an inline script (#334)
  + Add docs about  creating parent folders (#330) [Adrian Wilkins]
  + DataSourceNoCloud/OVF: drop claim to support FTP (#333) (LP: #1875470)
  + schema: ignore spurious pylint error (#332)
  + schema: add json schema for write_files module (#152)
  + BSD: find_devs_with_ refactoring (#298) [Gonéri Le Bouder]
  + nocloud: drop work around for Linux 2.6 (#324) [Gonéri Le Bouder]
  + cloudinit: drop dependencies on unittest2 and contextlib2 (#322)
  + distros: handle a potential mirror filtering error case (#328)
  + log: remove unnecessary import fallback logic (#327)
  + .travis.yml: don't run integration test on ubuntu/* branches (#321)
  + More unit test documentation (#314)
  + conftest: introduce disable_subp_usage autouse fixture (#304)
  + YAML align indent sizes for docs readability  (#323) [Tak Nishigori]
  + network_state: add missing space to log message (#325)
  + tests: add missing mocks for get_interfaces_by_mac (#326) (LP: #1873910)
  + test_mounts: expand happy path test for both happy paths (#319)
  + cc_mounts: fix incorrect format specifiers (#316) (LP: #1872836)
  + swap file "/size"/ being used before checked if str (#315) [Eduardo Otubo]
  + HACKING.rst: add pytest version gotchas section (#311)
  + docs: Add steps to re-run cloud-id and cloud-init (#313) [Joshua Powers]
  + readme: OpenBSD is now supported (#309) [Gonéri Le Bouder]
  + net: ignore 'renderer' key in netplan config (#306) (LP: #1870421)
  + Add support for NFS/EFS mounts (#300) [Andrew Beresford] (LP: #1870370)
  + openbsd: set_passwd should not unlock user (#289) [Gonéri Le Bouder]
  + tools/.github-cla-signers: add beezly as CLA signer (#301)
  + util: remove unnecessary lru_cache import fallback (#299)
  + HACKING.rst: reorganise/update CLA signature info (#297)
  + distros: drop leading/trailing hyphens from mirror URL labels (#296)
  + HACKING.rst: add note about variable annotations (#295)
  + CiTestCase: stop using and remove sys_exit helper (#283)
  + distros: replace invalid characters in mirror URLs with hyphens (#291)
    (LP: #1868232)
  + rbxcloud: gracefully handle arping errors (#262) [Adam Dobrawy]
  + Fix cloud-init ignoring some misdeclared mimetypes in user-data.
    [Kurt Garloff]
  + net: ubuntu focal prioritize netplan over eni even if both present
    (#267) (LP: #1867029)
  + cloudinit: refactor util.is_ipv4 to net.is_ipv4_address (#292)
  + net/cmdline: replace type comments with annotations (#294)
  + HACKING.rst: add Type Annotations design section (#293)
  + net: introduce is_ip_address function (#288)
  + CiTestCase: remove now-unneeded parse_and_read helper method (#286)
  + .travis.yml: allow 30 minutes of inactivity in cloud tests (#287)
  + sources/tests/test_init: drop use of deprecated inspect.getargspec (#285)
  + setup.py: drop NIH check_output implementation (#282)
  + Identify SAP Converged Cloud as OpenStack [Silvio Knizek]
  + add Openbsd support (#147) [Gonéri Le Bouder]
  + HACKING.rst: add examples of the two test class types (#278)
  + VMWware: support to update guest info gc status if enabled (#261)
    [xiaofengw-vmware]
  + Add lp-to-git mapping for kgarloff (#279)
  + set_passwords: avoid chpasswd on BSD (#268) [Gonéri Le Bouder]
  + HACKING.rst: add Unit Testing design section (#277)
  + util: read_cc_from_cmdline handle urlencoded yaml content (#275)
  + distros/tests/test_init: add tests for _get_package_mirror_info (#272)
  + HACKING.rst: add links to new Code Review Process doc (#276)
  + freebsd: ensure package update works (#273) [Gonéri Le Bouder]
  + doc: introduce Code Review Process documentation (#160)
  + tools: use python3 (#274)
  + cc_disk_setup: fix RuntimeError (#270) (LP: #1868327)
  + cc_apt_configure/util: combine search_for_mirror implementations (#271)
  + bsd: boottime does not depend on the libc soname (#269)
    [Gonéri Le Bouder]
  + test_oracle,DataSourceOracle: sort imports (#266)
  + DataSourceOracle: update .network_config docstring (#257)
  + cloudinit/tests: remove unneeded with_logs configuration (#263)
  + .travis.yml: drop stale comment (#255)
  + .gitignore: add more common directories (#258)
  + ec2: render network on all NICs and add secondary IPs as static (#114)
    (LP: #1866930)
  + ec2 json validation: fix the reference to the 'merged_cfg' key (#256)
    [Paride Legovini]
  + releases.yaml: quote the Ubuntu version numbers (#254) [Paride Legovini]
  + cloudinit: remove six from packaging/tooling (#253)
  + util/netbsd: drop six usage (#252)
  + workflows: introduce stale pull request workflow (#125)
  + cc_resolv_conf: introduce tests and stabilise output across Python
    versions (#251)
  + fix minor issue with resolv_conf template (#144) [andreaf74]
  + doc: CloudInit also support NetBSD (#250) [Gonéri Le Bouder]
  + Add Netbsd support (#62) [Gonéri Le Bouder]
  + tox.ini: avoid substition syntax that causes a traceback on xenial (#245)
  + Add pub_key_ed25519 to cc_phone_home (#237) [Daniel Hensby]
  + Introduce and use of a list of GitHub usernames that have signed CLA
    (#244)
  + workflows/cla.yml: use correct username for CLA check (#243)
  + tox.ini: use xenial version of jsonpatch in CI (#242)
  + workflows: CLA validation altered to fail status on pull_request (#164)
  + tox.ini: bump pyflakes version to 2.1.1 (#239)
  + cloudinit: move to pytest for running tests (#211)
  + instance-data: add cloud-init merged_cfg and sys_info keys to json
    (#214) (LP: #1865969)
  + ec2: Do not fallback to IMDSv1 on EC2 (#216)
  + instance-data: write redacted cfg to instance-data.json (#233)
    (LP: #1865947)
  + net: support network-config:disabled on the kernel commandline (#232)
    (LP: #1862702)
  + ec2: only redact token request headers in logs, avoid altering request
    (#230) (LP: #1865882)
  + docs: typo fixed: dta → data [Alexey Vazhnov]
  + Fixes typo on Amazon Web Services (#217) [Nick Wales]
  + Fix docs for OpenStack DMI Asset Tag (#228)
    [Mark T. Voelker] (LP: #1669875)
  + Add physical network type: cascading to openstack helpers (#200)
    [sab-systems]
  + tests: add focal integration tests for ubuntu (#225)
- From 20.1 (first vesrion after 19.4)
  + ec2: Do not log IMDSv2 token values, instead use REDACTED (#219)
    (LP: #1863943)
  + utils: use SystemRandom when generating random password. (#204)
    [Dimitri John Ledkov]
  + docs: mount_default_files is a list of 6 items, not 7 (#212)
  + azurecloud: fix issues with instances not starting (#205) (LP: #1861921)
  + unittest: fix stderr leak in cc_set_password random unittest
    output. (#208)
  + cc_disk_setup: add swap filesystem force flag (#207)
  + import sysvinit patches from freebsd-ports tree (#161) [Igor Galić]
  + docs: fix typo (#195) [Edwin Kofler]
  + sysconfig: distro-specific config rendering for BOOTPROTO option (#162)
    [Robert Schweikert] (LP: #1800854)
  + cloudinit: replace "/from six import X"/ imports (except in util.py) (#183)
  + run-container: use 'test -n' instead of 'test ! -z' (#202)
    [Paride Legovini]
  + net/cmdline: correctly handle static ip= config (#201)
    [Dimitri John Ledkov] (LP: #1861412)
  + Replace mock library with unittest.mock (#186)
  + HACKING.rst: update CLA link (#199)
  + Scaleway: Fix DatasourceScaleway to avoid backtrace (#128)
    [Louis Bouchard]
  + cloudinit/cmd/devel/net_convert.py: add missing space (#191)
  + tools/run-container: drop support for python2 (#192) [Paride Legovini]
  + Print ssh key fingerprints using sha256 hash (#188) (LP: #1860789)
  + Make the RPM build use Python 3 (#190) [Paride Legovini]
  + cc_set_password: increase random pwlength from 9 to 20 (#189)
    (LP: #1860795)
  + .travis.yml: use correct Python version for xenial tests (#185)
  + cloudinit: remove ImportError handling for mock imports (#182)
  + Do not use fallocate in swap file creation on xfs. (#70)
    [Eduardo Otubo] (LP: #1781781)
  + .readthedocs.yaml: install cloud-init when building docs (#181)
    (LP: #1860450)
  + Introduce an RTD config file, and pin the Sphinx version to the RTD
    default (#180)
  + Drop most of the remaining use of six (#179)
  + Start removing dependency on six (#178)
  + Add Rootbox & HyperOne to list of cloud in README (#176) [Adam Dobrawy]
  + docs: add proposed SRU testing procedure (#167)
  + util: rename get_architecture to get_dpkg_architecture (#173)
  + Ensure util.get_architecture() runs only once (#172)
  + Only use gpart if it is the BSD gpart (#131) [Conrad Hoffmann]
  + freebsd: remove superflu exception mapping (#166) [Gonéri Le Bouder]
  + ssh_auth_key_fingerprints_disable test: fix capitalization (#165)
    [Paride Legovini]
  + util: move uptime's else branch into its own boottime function (#53)
    [Igor Galić] (LP: #1853160)
  + workflows: add contributor license agreement checker (#155)
  + net: fix rendering of 'static6' in network config (#77) (LP: #1850988)
  + Make tests work with Python 3.8 (#139) [Conrad Hoffmann]
  + fixed minor bug with mkswap in cc_disk_setup.py (#143) [andreaf74]
  + freebsd: fix create_group() cmd (#146) [Gonéri Le Bouder]
  + doc: make apt_update example consistent (#154)
  + doc: add modules page toc with links (#153) (LP: #1852456)
  + Add support for the amazon variant in cloud.cfg.tmpl (#119)
    [Frederick Lefebvre]
  + ci: remove Python 2.7 from CI runs (#137)
  + modules: drop cc_snap_config config module (#134)
  + migrate-lp-user-to-github: ensure Launchpad repo exists (#136)
  + docs: add initial troubleshooting to FAQ (#104) [Joshua Powers]
  + doc: update cc_set_hostname frequency and descrip (#109)
    [Joshua Powers] (LP: #1827021)
  + freebsd: introduce the freebsd renderer (#61) [Gonéri Le Bouder]
  + cc_snappy: remove deprecated module (#127)
  + HACKING.rst: clarify that everyone needs to do the LP->GH dance (#130)
  + freebsd: cloudinit service requires devd (#132) [Gonéri Le Bouder]
  + cloud-init: fix capitalisation of SSH (#126)
  + doc: update cc_ssh clarify host and auth keys
    [Joshua Powers] (LP: #1827021)
  + ci: emit names of tests run in Travis (#120)
- Disable testing to aid elimination of unittest2 in Factory
cloud-netconfig
- Update to version 1.5:
  + Add support for GCE (bsc#1159460, bsc#1178486)
  + Improve default gateway determination
cups
- cups-2.2.7-CVE-2020-10001.patch fixes CVE-2020-10001
  access to uninitialized buffer in ipp.c (bsc#1180520)
- cups-2.2.7-CVE-2019-8842.patch fixes CVE-2019-8842 (bsc#1170671)
  the ippReadIO function may under-read an extension field
curl
- Security fix: [bsc#1179593, CVE-2020-8286]
  * Inferior OCSP verification: libcurl offers "/OCSP stapling"/ via
    the 'CURLOPT_SSL_VERIFYSTATUS' option that, when set, verifies
    the OCSP response that a server responds with as part of the TLS
    handshake. It then aborts the TLS negotiation if something is
    wrong with the response. The same feature can be enabled with
    '--cert-status' using the curl tool.
  * As part of the OCSP response verification, a client should verify
    that the response is indeed set out for the correct certificate.
    This step was not performed by libcurl when built or told to use
    OpenSSL as TLS backend.
- Add curl-CVE-2020-8286.patch
- Security fix: [bsc#1179399, CVE-2020-8285]
  * FTP wildcard stack overflow: The wc_statemach() internal
    function has been rewritten to use an ordinary loop instead of
    the recursive approach.
- Add curl-CVE-2020-8285.patch
- Security fix: [bsc#1179398, CVE-2020-8284]
  * Trusting FTP PASV responses: When curl performs a passive FTP
    transfer, it first tries the 'EPSV' command and if that is not
    supported, it falls back to using 'PASV'. A malicious server
    can use the 'PASV' response to trick curl into connecting
    back to a given IP address and port, and this way potentially
    make curl extract information about services that are otherwise
    private and not disclosed.
  * The IP address part of the response is now ignored by default,
    by making 'CURLOPT_FTP_SKIP_PASV_IP' default to '1L'. The same
    goes for the command line tool, which then might need
    '--no-ftp-skip-pasv-ip' set to prevent curl from ignoring the
    address in the server response.
- Add curl-CVE-2020-8284.patch
device-mapper
- lvm2 should use 'external_device_info_source="/udev"/' by default (bsc#1179691)
  - change lvm.conf item external_device_info_source from none to udev
- comment out lvm.conf item preferred_names by default (bsc#1179738)
  - comment out preferred_names
- pvmove destination LV always has KRahead=0 (bsc#1179326)
  + bug-1179326_pvmove-correcting-read_ahead-setting.patch
- Update lvm2.spec file (bsc#1177533)
  - in %postun, disable restart blk-availability.service & lvm2-monitor.service
- update patch according to systemd version/behaviour changed (bsc#1123327)
  - bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
  + bug-1123327-pvscan-service-use-StartLimitIntervalSec.patch
- lvm scan: Too many open files (bsc#1173503)
  + bug-1173503_lvmetad-fix-pvs-for-many-devices.patch
- LVM failing to activate hot spare on surprise removal (bsc#1175110)
  + bug-1175110_dmeventd-avoid-bail-out-preventing-repair-in-raid-pl.patch
- change lvm2.spec source URL
  - lvm2.spec
- add missing patches
  systemd lvm2-pvscan@.service StartLimitInterval misplaced (bsc#1123327)
  + bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
- modify patch according to changing patch:
  bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
  + bug-998893_make_pvscan_service_after_multipathd.patch (bsc#998893)
- use COMMON-PATCH to manage clvm patch
  + lvm2-clvm.spec
  - Patch3001: bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch
    + Patch1006: bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch
dmidecode
1 recommended fix from upstream:
- dmidecode-missing-commas.patch: Two missing commas in data arrays
  cause off-by-one or mangling during index resolution
  (bsc#1174257).
Partial support for SMBIOS 3.4.0:
- dmidecode-add-memory-device-types-from-smbios-3.4.0.patch,
  dmidecode-add-processor-characteristics-bits-from-smbios-3.4.0.patch,
  dmidecode-add-processor-upgrades-from-smbios-3.4.0.patch,
  dmidecode-add-slot-characteristics2-from-smbios-3.4.0.patch,
  dmidecode-add-system-slot-types-from-smbios-3.4.0.patch: Add
  enumerated values from SMBIOS 3.4.0 (bsc#1174257).
  1 presentation fix from upstream:
- dmidecode-skip-details-of-uninstalled-memory-modules.patch:
  Skip details of uninstalled memory modules (bsc#1174257).
fence-agents
- (bsc#1178343) `fence_gce` updates to be pulled to the SLE versions
  The last update broke fencing in GCE
  * add-upstream patch
    0001-Adds-service-account-authentication-to-GCE-fence-age.patch
- Update to version 4.7.0+git.1607346448.17bd8552:
  * fence_mpath, fence_scsi: Improve logging for failed res/key get
  * fence_mpath, fence_scsi: Capture stderr in run_cmd()
  * build: depend on config changes to rebuild when running make after running ./configure
  * fence_redfish: Fix typo in help.
  * fence_aws: add support for IMDSv2
- (bsc#1178343) `fence_gce` updates to be pulled to the SLE versions
- Update to version 4.6.0+git.1605185986.7b0f11c1:
  * spec: add pkg-config file, and set version for obsoletes to avoid failing to build on Fedora 33
  * Add pkg-config file
  * fence_scsi: dont write key to device if it's already registered, and open file correctly to avoid using regex against end-of-file
  * fencing: fix run_command() to allow timeout=0 to mean forever
  * fencing: fix to make timeout(s)=0 be treated as forever for agents using pexpect
  * Add a fence_crosslink agent
  * fencing: fix power-timeout when using new disable-timeout parameter
  * spec: make telnet a weak dependency
- remove patch contained by the update:
  - 0001-Update-fence_aliyun.py-279.patch
  - 0001-Update-fence_aliyun.xml.patch
  - gcp-vpc-move-disable-google-api-cache-discovery.patch
  - fence_vmware_rest-improve-exception-handling-in-send_command.patch
findutils
- The following is patch was provided by Jie GONG <jie.gong@suse.com>
- fts-dont-unconditionally-use-leaf-optimization-for-nfs.patch
  (bsc#1174232)
    fts: don't unconditionally use leaf optimization for NFS
    NFS st_nlink are not accurate on all implementations,
    leading to aborts() if that assumption is made.
    See <https://bugzilla.redhat.com/1299169>
  * lib/fts.c (leaf_optimization_applies): Remove NFS from
    the white list, and document the issue.
flac
- Fix memory leak (CVE-2020-0487 bsc#1180112):
  stream_decoder.c-Fix-a-memory-leak.patch
- Fix out-of-bounds access (CVE-2020-0499 bsc#1180099):
  libFLAC-bitreader.c-Fix-out-of-bounds-read.patch
gcc7
- Amend gcc7-aarch64-moutline-atomics.patch for glibc namespace
  violation with getauxval.  [bsc#1167939]
- Add gcc7-aarch64-sls-miti-1.patch, gcc7-aarch64-sls-miti-2.patch,
  gcc7-aarch64-sls-miti-3.patch to backport aarch64 Straight Line
  Speculation mitigation [bsc#1172798, CVE-2020-13844]
- Add gcc7-fix-retrieval-of-testnames.patch to support usage in
  testcases added by the above.
- Enable fortran for the nvptx offload compiler.
- Do not specify alternate offload compiler location at
  configure time.
- Update README.First-for.SuSE.packagers
- Add gcc7-pr88522.patch to avoid assembler errors with AVX512
  gather and scatter instructions when using -masm=intel.
- Amend gcc7-remove-Wexpansion-to-defined-from-Wextra.patch to
  reflect changes in option handling in the testsuite.
- Add gcc7-testsuite-fixes.patch to fix PR98001 and PR98002 which
  are broken testcases showing with malloc debugging enabled.
- Add gcc7-aarch64-moutline-atomics.patch to backport the aarch64
  - moutline-atomics feature and accumulated fixes but not its
  default enabling.  [jsc#SLE-12209, bsc#1167939]
- Order gcc7-pr92692.patch after gcc7-aarch64-moutline-atomics.patch
  and refresh.
- Revert gcc7-pr97774.patch as it causes gdb to crash.
- Fix 32bit libgnat.so link.  [bsc#1178675]
- Quote %{cross_arch} consistently when comparing expansion
  against string in RPM %if condition.
- Add gcc7-pr97535.patch to fix memcpy miscompilation on aarch64.
  [bsc#1178624, bsc#1178577]
- Add gcc7-pr97774.patch to fix debug line info for try/catch.
  [bsc#1178614]
- Remove -mbranch-protection=standard (aarch64 flag) when gcc7 is
  used to build gcc7 (ie when ada is enabled)
- Add gcc7-pr94148.patch to fix corruption of pass private ->aux
  via DF.  [gcc#94148]
- Add gcc7-pr93888.patch to fix debug information issue with
  inlined functions and passed by reference arguments.  [gcc#93888]
- Add gcc7-pr93965.patch in order to fix binutils release
  date detection issue.
- Add gcc48-bsc1161913.patch to fix register allocation issue with
  exception handling code on s390x.  [bsc#1161913]
- Add gcc7-pr92692.patch: Backport PR target/92692 to fix
  miscompilation of some atomic code on aarch64. [bsc#1150164]
- Add gcc7-pr93246.patch: Backport PR middle-end/93246
- gcc7-pr92154.patch: Backport PR sanitizer/92154
glib2
- Add patches to support for slim format of timezone (bsc#1178346):
  + glib2-add-g_canonicalize_filename.patch: a helper function
    needed by other patch.
  + glib2-add-support-for-slim-timezone-format.patch: basic support
    for slim format (glgo#GNOME/glib!1533).
  + glib2-fix-6-days-until-the-end-of-the-month.patch: fix DST
    incorrect end day when using slim format
    (glgo#GNOME/glib!1683).
gmp
- adjusted to be the same license as in factory (bsc#1180603)
- correct license statement (library itself is no GPL-3.0)
gnutls
- Avoid spurious audit messages about incompatible signature algorithms
  (bsc#1172695)
  * add 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch
groff
- Add 0001-make-package-build-reproducible.patch
    0002-Implement-SOURCE_DATE_EPOCH-for-reproducible-builds.patch
  to make corosync build reproducibly (bsc#1180276)
grub2
- Fix boot failure in blocklist installation (bsc#1178278)
  * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
- Fix grub2-install error with "/failed to get canonical path of
  `/boot/grub2/i386-pc'."/ (bsc#1177957)
  * modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
- Fix https boot interrupted by unrecognised network address error message
  (bsc#1172952)
  * modified 0001-add-support-for-UEFI-network-protocols.patch
- Improve the error handling when grub2-install fails with short mbr gap
  (bsc#1176062)
  * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch
  * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
gzip
- Enable DFLTCC compression for s390x for levels 1-6 (i. e. to make
  it used by default) by adding -DDFLTCC_LEVEL_MASK=0x7e to CLFAGS.
  [jsc#SLE-13775]
- refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data
  corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914]
- add gzip-1.10-ibm_dfltcc_support.patch [jsc#SLE-5818] [jsc#SLE-8914]
  * it adds support for DFLTCC (hardware-accelerated deflation)
    for s390x arch
  * enable it via "/--enable-dfltcc"/ option
- gzip 1.10:
  * Compressed gzip output no longer contains the current time as
    a timestamp when the input is not a regular file.  Instead, the
    output contains a null (zero) timestamp.  This makes gzip's
    behavior more reproducible when used as part of a pipeline.
  * A use of uninitialized memory on some malformed inputs has been
    fixed.
  * A few theoretical race conditions in signal handers have been
    fixed.
- drop upstreamed patches:
  * gnulib-libio.patch
  * gzip-1.8-deprecate_netstat.patch
- gnulib-libio.patch: Update gnulib for libio.h removal
hwdata
- Add merge-pciids.pl to fully duplicate behavior of pciutils-ids
  * Resolves SLE issue bsc#1180422 bsc#1180482
- Update to version 0.343:
  + Updated pci, usb and vendor ids.
- Update to version 0.342:
  + Updated pci, usb and vendor ids.
- Update to version 0.341:
  + Updated pci, usb and vendor ids.
- Update to version 0.340:
  + Updated pci, usb and vendor ids.
- Update to version 0.339:
  + Updated pci, usb and vendor ids.
- Update to version 0.338:
  + Updated pci, usb and vendor ids.
- Update to version 0.337:
  + Updated pci, usb and vendor ids.
- Update to version 0.336:
  + Updated pci, usb and vendor ids.
- Update to version 0.335:
  * Updated pci, usb and vendor ids.
java-11-openjdk
- Update to upstream tag jdk-11.0.10-9 (January 2021 CPU,
  bsc#1181239)
  * Security fixes
    + JDK-8247619: Improve Direct Buffering of Characters
  * Other changes
    + JDK-6722928: Support SSPI as a native GSS-API provider
    + JDK-7185258: [macosx] Deadlock in SunToolKit.realSync()
    + JDK-8152332: [macosx] JFileChooser cannot be serialized on
    Mac OS X
    + JDK-8161684: [testconf] Add VerifyOops' testing into compiler
    tiers
    + JDK-8171279: Support X25519 and X448 in TLS
    + JDK-8173361: various crashes in
    JvmtiExport::post_compiled_method_load
    + JDK-8173658: JvmtiExport::post_class_unload() is broken for
    non-JavaThread initiators
    + JDK-8191006: hsdis disassembler plugin does not compile with
    binutils 2.29+
    + JDK-8197981: Missing return statement in
    __sync_val_compare_and_swap_8
    + JDK-8198334: java/awt/FileDialog/8003399/bug8003399.java
    fails in headless mode
    + JDK-8200151: Add 8 JNDI tests to com/sun/jndi/dns/ConfigTests/
    + JDK-8208279: Add 8 JNDI tests to com/sun/jndi/dns/EnvTests/
    + JDK-8208483: Add 5 JNDI tests to
    com/sun/jndi/dns/FactoryTests/
    + JDK-8208542: Add 4 JNDI tests to com/sun/jndi/dns/ListTests/
    + JDK-8208665: Amend cross-compilation docs with
    qemu-debootstrap recipe
    + JDK-8210088: ProblemList gc/epsilon/TestMemoryMXBeans.java
    + JDK-8210339: Add 10 JNDI tests to com/sun/jndi/dns/FedTests/
    + JDK-8211450: UndetVar::dup is not copying the kind field to
    the duplicated instance
    + JDK-8212160: JVMTI agent crashes with "/assert(_value != 0LL)
    failed: resolving NULL _value"/
    + JDK-8212226: SurfaceManager throws "/Invalid Image variant"/
    for MultiResolutionImage (Windows)
    + JDK-8213400: Support choosing group name in keytool keypair
    generation
    + JDK-8213535: Windows HiDPI html lightweight tooltips are
    truncated
    + JDK-8213698: Improve devkit creation and add support for
    linux/ppc64/ppc64le/s390x
    + JDK-8214025: assert(t->singleton()) failed: must be a
    constant when ScavengeRootsInCode < 2
    + JDK-8214242: compiler/arguments/TestScavengeRootsInCode.java
    fails because of missing UnlockDiagnosticVMOptions
    + JDK-8214787: Zero builds fail with "/undefined
    JavaThread::thread_state()"/
    + JDK-8215583: Exclude
    runtime/handshake/HandshakeWalkSuspendExitTest.java
    + JDK-8216012: Infinite loop in RSA KeyPairGenerator
    + JDK-8216324: GetClassMethods is confused by the presence of
    default methods in super interfaces
    + JDK-8217429: WebSocket over authenticating proxy fails to
    send Upgrade headers
    + JDK-8217976: test/jdk/java/net/httpclient/websocket/
    /WebSocketProxyTest.java fails intermittently
    + JDK-8218021: Have jarsigner preserve posix permission
    attributes
    + JDK-8218287: jshell tool: input behavior unstable after
    12-ea+24 on Windows
    + JDK-8218851: JVM crash in custom classloader stress test, JDK
    12 & 13
    + JDK-8220420: Cleanup c1_LinearScan
    + JDK-8222072: JVMTI GenerateEvents() sends CompiledMethodLoad
    events to wrong jvmtiEnv
    + JDK-8222286: Fix for JDK-8213419 is broken on s390
    + JDK-8222527: HttpClient doesn't send HOST header when
    tunelling HTTP/1.1 through http proxy
    + JDK-8222533: jtreg test jdk/internal/platform/cgroup/
    /TestCgroupMetrics.java fails on SLES12.3 linux ppc64le
    machine
    + JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails
    with exitValue = 137
    + JDK-8224555: vmTestbase/nsk/jvmti/scenarios/contention/TC02/
    /tc02t001/TestDescription.java failed
    + JDK-8224650: Add tests to support X25519 and X448 in TLS
    + JDK-8225072: Add LuxTrust certificate that is expiring in
    March 2021 to list of allowed but expired certs
    + JDK-8225329: -XX:+PrintBiasedLockingStatistics causes crash
    during initialization on Windows platforms
    + JDK-8225687: Newly added sspi.cpp in JDK-6722928 still
    contains some small errors
    + JDK-8227006: [linux] Runtime.availableProcessors execution
    time increased by factor of 100
    + JDK-8227275: Within native OOM error handling, assertions may
    hang the process
    + JDK-8227647: [Graal] Test8009761.java fails due to
    "/RuntimeException: static java.lang.Object
    compiler.uncommontrap.Test8009761.m3(boolean,boolean) not
    compiled"/
    + JDK-8229495: SIGILL in C2 generated OSR compilation
    + JDK-8230910: libsspi_bridge does not build on Windows 32bit
    + JDK-8232114: JVM crashed at imjpapi.dll in native code
    + JDK-8234147: Avoid looking up standard charsets in core
    libraries
    + JDK-8234393: [macos] printing ignores printer tray
    + JDK-8234863: Increase default value of MaxInlineLevel
    + JDK-8235218: Minimal VM is broken after JDK-8173361
    + JDK-8235456: Minimal VM is broken after JDK-8212160
    + JDK-8235829: graal crashes with Zombie.java test
    + JDK-8236124: Minimal VM slowdebug build failed after
    JDK-8212160
    + JDK-8236512: PKCS11 Connection closed after Cipher.doFinal
    and NoPadding
    + JDK-8236944: The legVecZ operand should be limited to
    zmm0-zmm15 registers
    + JDK-8237186: Fix typo in copyright header of
    java/io/Reader/TransferTo.java
    + JDK-8237499: JFR: Include stack trace in the ThreadStart event
    + JDK-8237512: AArch64: aarch64TestHook leaks a BufferBlob
    + JDK-8237524: AArch64: String.compareTo() may return incorrect
    result
    + JDK-8237950: C2 compilation fails with "/Live Node limit
    exceeded limit"/ during ConvI2L::Ideal optimization
    + JDK-8238579: HttpsURLConnection drops the timeout and hangs
    forever in read
    + JDK-8239105: Add exception for expiring Digicert root
    certificates to VerifyCACerts test
    + JDK-8239477: jdk/jfr/jcmd/TestJcmdStartStopDefault.java fails
  - XX:+VerifyOops with "/verify_oop: rsi: broken oop"/
    + JDK-8239497: SEGV in EdgeUtils::field_name_symbol(Edge const&)
    + JDK-8239886: Minimal VM build fails after JDK-8237499
    + JDK-8240633: Memory leaks in the implementations of
    FileChooserUI
    + JDK-8240690: Race condition between EDT and
    BasicDirectoryModel.FilesLoader.run0()
    + JDK-8241234: Unify monitor enter/exit runtime entries.
    + JDK-8241311: Move some charset mapping tests from closed to
    open
    + JDK-8241797: Add some tests to the problem list
    + JDK-8242029: AArch64: skip G1 array copy pre-barrier if
    marking not active
    + JDK-8242335: Additional Tests for RSASSA-PSS
    + JDK-8242480: Negative value may be returned by
    getFreeSwapSpaceSize() in the docker
    + JDK-8242614: cleanup duplicated test ldap server in some
    com/sun/jndi/ldap/ tests
    + JDK-8242846: Bring back test/jdk/tools/jlink/plugins/
    /OrderResourcesPluginTest.java
    + JDK-8243114: Implement montgomery{Multiply,Square}intrinsics
    on Windows
    + JDK-8243290: Improve diagnostic messages for class
    verification and redefinition failures
    + JDK-8243488: Add tests for set/get SendBufferSize and
    getReceiveBufferSize in DatagramSocket
    + JDK-8243549: sun/security/ssl/CipherSuite/
    /NamedGroupsWithCipherSuite.java failed with Unsupported
    signature algorithm: DSA
    + JDK-8243617: compiler/onSpinWait/TestOnSpinWaitC1.java test
    uses wrong class
    + JDK-8243619: compiler/codecache/CheckSegmentedCodeCache.java
    test misses -version
    + JDK-8244142: some hotspot/runtime tests don't check exit code
    of forked JVM
    + JDK-8244278: Excessive code cache flushes and sweeps
    + JDK-8244282: test/hotspot/jtreg/compiler/intrinsics/
    /Test8237524.java fails with --illegal-access=deny
    + JDK-8244621: [macos10.15] Garbled FX printing plus CoreText
    warnings on Catalina when building with Xcode 11
    + JDK-8244819: hsdis does not compile with binutils 2.34+
    + JDK-8245051: c1 is broken if it is compiled by gcc without
  - fno-lifetime-dse
    + JDK-8245168: jlink should not be treated as a "/small"/ tool
    + JDK-8245400: Upgrade to LittleCMS 2.11
    + JDK-8246381: VM crashes with "/Current BasicObjectLock* below
    than low_mark"/
    + JDK-8246434: Threads::print_on_error assumes that the heap
    has been set up
    + JDK-8246648: issue with OperatingSystemImpl
    getFreeSwapSpaceSize in docker after 8242480
    + JDK-8247201: Print potential pointer value of readable stack
    memory in hs_err file
    + JDK-8247763: assert(outer->outcnt() == 2) failed: 'only phis'
    failure in LoopNode::verify_strip_mined()
    + JDK-8247867: Upgrade to freetype 2.10.2
    + JDK-8248190: Enable Power10 system and implement new
    byte-reverse instructions
    + JDK-8248226: TestCloneAccessStressGCM fails with
  - XX:-ReduceBulkZeroing
    + JDK-8248347: windows build broken by JDK-8243114
    + JDK-8248532: Every time I change keyboard language at my
    MacBook, Java crashes
    + JDK-8248552: C2 crashes with SIGFPE due to division by zero
    + JDK-8248596: [TESTBUG] compiler/loopopts/
    /PartialPeelingUnswitch.java times out with Graal enabled
    + JDK-8248745: Add jarsigner and keytool tests for restricted
    algorithms
    + JDK-8248791: sun/util/resources/cldr/TimeZoneNamesTest.java
    fails with -XX:-ReduceInitialCardMarks -XX:-ReduceBulkZeroing
    + JDK-8248845: AArch64: stack corruption after spilling vector
    register
    + JDK-8249176: Update GlobalSignR6CA test certificates
    + JDK-8249183: JVM crash in "/AwtFrame::WmSize"/ method
    + JDK-8249192: MonitorInfo stores raw oops across safepoints
    + JDK-8249602: C2: assert(cnt == _outcnt) failed: no insertions
    allowed
    + JDK-8249603: C1: assert(has_error == false) failed: register
    allocation invalid
    + JDK-8249605: C2: assert(no_dead_loop) failed: dead loop
    detected
    + JDK-8249607: C2: assert(!had_error) failed: bad dominance
    + JDK-8249608: Vector register used by C2 compiled method
    corrupted at safepoint
    + JDK-8249672: Include microcode revision in features_string on
    x86
    + JDK-8249748: gtest silently ignores bad jvm arguments
    + JDK-8249821: Separate libharfbuzz from libfontmanager
    + JDK-8250598: Hyper-V is detected in spite of running on host
    OS
    + JDK-8250605: Linux x86_32 builds fail after JDK-8249821
    + JDK-8250636: iso8601_time returns incorrect offset part on
    MacOS
    + JDK-8250665: Wrong translation for the month name of May in
    ar_JO,LB,SY
    + JDK-8250772: Test com/sun/jndi/ldap/
    /NamingExceptionMessageTest.java fails intermittently with
    javax.naming.ServiceUnavailableException
    + JDK-8250825: C2 crashes with assert(field != __null) failed:
    missing field
    + JDK-8250894: Provide a configure option to build and run
    against the platform libharfbuzz
    + JDK-8250928: JFR: Improve hash algorithm for stack traces
    + JDK-8250968: Symlinks attributes not preserved when using
    jarsigner on zip files
    + JDK-8250984: Memory Docker tests fail on some Linux kernels
    w/o cgroupv1 swap limit capabilities
    + JDK-8251118: BiasedLocking::preserve_marks should not have a
    HandleMark
    + JDK-8251189: com/sun/jndi/ldap/LdapDnsProviderTest.java
    failed due to timeout
    + JDK-8251257: NMT: jcmd VM.native_memory scale=1 crashes
    target VM
    + JDK-8251365: Build failure on AIX after 8250636
    + JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray
    + JDK-8251456: [TESTBUG] compiler/vectorization/
    /TestVectorsNotSavedAtSafepoint.java failed OutOfMemoryError
    + JDK-8251458: Parse::do_lookupswitch fails with "/assert(_cnt
    >= 0) failed"/
    + JDK-8251535: Partial peeling at unsigned test adds incorrect
    loop exit check
    + JDK-8251949: ZGC: Set explicit heap size for
    compiler/gcbarriers tests
    + JDK-8252090: JFR: StreamWriterHost::write_unbuffered() stucks
    in an infinite loop OpenJDK (build 13.0.1+9)
    + JDK-8252415: Bump update version for OpenJDK: jdk-11.0.10
    + JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/
    /DisposeFrameOnDragTest.java fails on Windows
    + JDK-8252497: Incorrect numeric currency code for ROL
    + JDK-8252660: Shenandoah: support manageable SoftMaxHeapSize
    option
    + JDK-8252679: Two windows specific FileDIalog tests may fail
    on some Windows_Server_2016_Standard
    + JDK-8252696: Loop unswitching may cause out of bound array
    load to be executed
    + JDK-8252754: Hash code calculation of JfrStackTrace is
    inconsistent
    + JDK-8253219: Epsilon: clean up unnecessary includes
    + JDK-8253224: Shenandoah: ShenandoahStrDedupQueue destructor
    calls virtual num_queues()
    + JDK-8253226: Shenandoah: remove unimplemented
    ShenandoahStrDedupQueue::verify
    + JDK-8253269: The CheckCommonColors test should provide more
    info on failure
    + JDK-8253284: Zero OrderAccess barrier mappings are incorrect
    + JDK-8253375: OSX build fails with Xcode 12.0 (12A7209)
    + JDK-8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint
    should not access VMThread state from other threads
    + JDK-8253791: Issue with useAppleColor check in CSystemColors.m
    + JDK-8254016: Test8237524 fails with -XX:-CompactStrings option
    + JDK-8254081: java/security/cert/PolicyNode/
    /GetPolicyQualifiers.java fails due to an expired certificate
    + JDK-8254144: Non-x86 Zero builds fail with return-type
    warning in os_linux_zero.cpp
    + JDK-8254166: Zero: return-type warning in
    zeroInterpreter_zero.cpp
    + JDK-8254177: (tz) Upgrade time-zone data to tzdata2020b
    + JDK-8254185: Fix Code cache sweeper heuristics for JDK 11
    + JDK-8254190: [s390] interpreter misses exception check after
    calling monitorenter
    + JDK-8254790: SIGSEGV in string_indexof_char and
    stringL_indexof_char intrinsics
    + JDK-8254854: [cgroups v1] Metric limits not properly detected
    on some join controller combinations
    + JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c
    + JDK-8255050: Add pkcs11/KeyStore/ClientAuth.sh to Problem list
    + JDK-8255065: Zero: accessor_entry misses the IRIW case
    + JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d
    + JDK-8255269: Unsigned overflow in g1Policy.cpp
    + JDK-8255365: Problem list failing client manual tests
    + JDK-8255457: Shenandoah: cleanup ShenandoahMarkTask
    + JDK-8255466: C2 crashes at ciObject::get_oop() const+0x0
    + JDK-8255550: x86: Assembler::cmpq(Address dst, Register src)
    encoding is incorrect
    + JDK-8255603: Memory/Performance regression after JDK-8210985
    + JDK-8255760: Shenandoah: match constants style in
    ShenandoahMarkTask fallback
    + JDK-8255781: Bump patch update version for OpenJDK:
    jdk-11.0.9.1
    + JDK-8255937: Better cleanup for
    test/jdk/javax/imageio/stream/StreamFlush.java
    + JDK-8256427: Test com/sun/jndi/dns/ConfigTests/
    /PortUnreachable.java does not work on AIX
    + JDK-8256452: Integrate missing part of JDK-8232370 to 11u
    + JDK-8256483: [TESTBUG] serviceability/jvmti/GetClassMethods/
    /libOverpassMethods.c fails to compile on gcc 4.4.x
    + JDK-8256557: libharfbuzz fails to link on gcc 4.4.x due to
  - Wl,-z,defs
    + JDK-8256618: Zero: Linux x86_32 build still fails
    + JDK-8256736: Zero: GTest tests fail with "/unsuppported vm
    variant"/
    + JDK-8256809: Annotation processing causes NPE during flow
    analysis
    + JDK-8257181: s390x builds are very noisy with gc-sections
    messages
    + JDK-8257242: [macOS] Java app crashes while switching input
    methods
    + JDK-8257545: SunJSSE FIPS regression in key exchange after
    JDK-8171279 11u backport
    + JDK-8257641: Shenandoah: Query is_at_shenandoah_safepoint()
    from control thread should return false
    + JDK-8257701: Shenandoah: objArrayKlass metadata is not marked
    with chunked arrays
    + JDK-8258630: Add expiry exception for QuoVadis root
    certificate
- New upstream dependency on libharfbuzz
- Regenerated patches: missing-return.patch system-pcsclite.patch
- Update to upstream tag jdk-11.0.9.1-1
  * Fix:
    + JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)
- Removed patch:
  * JDK-8250861.patch
    + Integrated upstream
- Enable Sheandoah GC for x86_64 (jsc#ECO-3171)
- Update to upstream tag jdk-11.0.9-11 (October 2020 CPU,
  bsc#1177943)
  * New features
    + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector
  * Security fixes
    + JDK-8233624: Enhance JNI linkage
    + JDK-8236196: Improve string pooling
    + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
    + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
    + JDK-8237995, CVE-2020-14782: Enhance certificate processing
    + JDK-8240124: Better VM Interning
    + JDK-8241114, CVE-2020-14792: Better range handling
    + JDK-8242680, CVE-2020-14796: Improved URI Support
    + JDK-8242685, CVE-2020-14797: Better Path Validation
    + JDK-8242695, CVE-2020-14798: Enhanced buffer support
    + JDK-8243302: Advanced class supports
    + JDK-8244136, CVE-2020-14803: Improved Buffer supports
    + JDK-8244479: Further constrain certificates
    + JDK-8244955: Additional Fix for JDK-8240124
    + JDK-8245407: Enhance zoning of times
    + JDK-8245412: Better class definitions
    + JDK-8245417: Improve certificate chain handling
    + JDK-8248574: Improve jpeg processing
    + JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
    + JDK-8253019: Enhanced JPEG decoding
  * Other changes
    + JDK-6532025: GIF reader throws misleading exception with
    truncated images
    + JDK-6949753: [TEST BUG]: java/awt/print/PageFormat/
    /PDialogTest.java needs update by removing an infinite loop
    + JDK-8022535: [TEST BUG] javax/swing/text/html/parser/
    /Test8017492.java fails
    + JDK-8062947: Fix exception message to correctly represent
    LDAP connection failure
    + JDK-8067354: com/sun/jdi/GetLocalVariables4Test.sh failed
    + JDK-8134599: TEST_BUG: java/rmi/transport/closeServerSocket/
    /CloseServerSocket.java fails intermittently with Address
    already in use
    + JDK-8151678: com/sun/jndi/ldap/LdapTimeoutTest.java failed
    due to timeout on DeadServerNoTimeoutTest is incorrect
    + JDK-8160768: Add capability to custom resolve host/domain
    names within the default JNDI LDAP provider
    + JDK-8172404: Tools should warn if weak algorithms are used
    before restricting them
    + JDK-8193367: Annotated type variable bounds crash javac
    + JDK-8202117: com/sun/jndi/ldap/RemoveNamingListenerTest.java
    fails intermittently: Connection reset
    + JDK-8203026: java.rmi.NoSuchObjectException: no such object
    in table
    + JDK-8203281: [Windows] JComboBox change in ui when
    editor.setBorder() is called
    + JDK-8203382: Rename SystemDictionary::initialize_wk_klass to
    resolve_wk_klass
    + JDK-8203393: com/sun/jdi/JdbMethodExitTest.sh and
    JdbExprTest.sh fail due to timeout
    + JDK-8203928: [Test] Convert non-JDB scaffolding
    serviceability shell script tests to java
    + JDK-8204963: javax.swing.border.TitledBorder has a memory leak
    + JDK-8204994: SA might fail to attach to process with "/Windbg
    Error: WaitForEvent failed"/
    + JDK-8205534: Remove SymbolTable dependency from
    serviceability agent
    + JDK-8206309: Tier1 SA tests fail
    + JDK-8208281: java/nio/channels/
    /AsynchronousSocketChannel/Basic.java timed out
    + JDK-8209109: [TEST] rewrite com/sun/jdi shell tests to java
    version - step1
    + JDK-8209332: [TEST] test/jdk/com/sun/jdi/CatchPatternTest.sh
    is incorrect
    + JDK-8209342: Problemlist SA tests on Solaris due to Error
    attaching to process: Can't create thread_db agent!
    + JDK-8209343: Test javax/swing/border/TestTitledBorderLeak.java
    should be marked as headful
    + JDK-8209517: com/sun/jdi/BreakpointWithFullGC.java fails with
    timeout
    + JDK-8209604: [TEST] rewrite com/sun/jdi shell tests to java
    version - step2
    + JDK-8209605: com/sun/jdi/BreakpointWithFullGC.java fails with
    ZGC
    + JDK-8209608: Problem list com/sun/jdi/BreakpointWithFullGC.java
    + JDK-8210131: vmTestbase/nsk/jvmti/scenarios/allocation/AP10/
    /ap10t001/TestDescription.java failed with ObjectFree:
    GetCurrentThreadCpuTimerInfo returned unexpected error code
    + JDK-8210243: [TEST] rewrite com/sun/jdi shell tests to java
    version - step3
    + JDK-8210527: JShell: NullPointerException in
    jdk.jshell.Eval.translateExceptionStack
    + JDK-8210560: [TEST] convert com/sun/jdi redefineClass-related
    tests
    + JDK-8210725: com/sun/jdi/RedefineClearBreakpoint.java fails
    with waitForPrompt timed out after 60 seconds
    + JDK-8210748: [TESTBUG] lib.jdb.Jdb.waitForPrompt() should
    clarify which output is the pending reply after a timeout
    + JDK-8210760: [TEST] rewrite com/sun/jdi shell tests to java
    version - step4
    + JDK-8210977: jdk/jfr/event/oldobject/TestThreadLocalLeak.java
    fails to find ThreadLocalObject
    + JDK-8211292: [TEST] convert com/sun/jdi/DeferredStepTest.sh
    test
    + JDK-8211694: JShell: Redeclared variable should be reset
    + JDK-8212200: assert when shared java.lang.Object is redefined
    by JVMTI agent
    + JDK-8212629: [TEST] wrong breakpoint in
    test/jdk/com/sun/jdi/DeferredStepTest
    + JDK-8212665: com/sun/jdi/DeferredStepTest.java: jj1 (line 57)
  - unexpected. lastLine=52, minLine=52, maxLine=55
    + JDK-8212807: tools/jar/multiRelease/Basic.java times out
    + JDK-8213182: Minimal VM build failure after JDK-8212200
    (assert when shared java.lang.Object is redefined by JVMTI
    agent)
    + JDK-8213214: Set -Djava.io.tmpdir= when running tests
    + JDK-8213275: ReplaceCriticalClasses.java fails with
    jdk.internal.vm.PostVMInitHook not found
    + JDK-8213574: Deadlock in string table expansion when dumping
    lots of CDS classes
    + JDK-8213703: LambdaConversionException: Invalid receiver type
    not a subtype of implementation type interface
    + JDK-8214074: Ghash optimization using AVX instructions
    + JDK-8214491: Upgrade to JLine 3.9.0
    + JDK-8214797: TestJmapCoreMetaspace.java timed out
    + JDK-8215243: JShell tests failing intermitently with
    "/Problem cleaning up the following threads:"/
    + JDK-8215244: jdk/jshell/ToolBasicTest.java
    testHistoryReference failed
    + JDK-8215354: x86_32 build failures after JDK-8214074 (Ghash
    optimization using AVX instructions)
    + JDK-8215438: jshell tool: Ctrl-D causes EOF
    + JDK-8216021: RunTest.gmk might set concurrency level to 1 on
    Windows
    + JDK-8216974: HttpConnection not returned to the pool after
    204 response
    + JDK-8218948: SimpleDateFormat :: format - Zone Names are not
    reflected correctly during run time
    + JDK-8219712: code_size2 (defined in stub_routines_x86.hpp) is
    too small on new Skylake CPUs
    + JDK-8220150: macos10.14 Mojave returns anti-aliased glyphs
    instead of aliased B&W glyphs
    + JDK-8221658: aarch64: add necessary predicate for ubfx
    patterns
    + JDK-8221759: Crash when completing "/java.io.File.path"/
    + JDK-8221918: runtime/SharedArchiveFile/serviceability/
    /ReplaceCriticalClasses.java fails: Shared archive not found
    + JDK-8222074: Enhance auto vectorization for x86
    + JDK-8222079: Don't use memset to initialize fields decode_env
    constructor in disassembler.cpp
    + JDK-8222769: [TESTBUG] TestJFRNetworkEvents should not rely
    on hostname command
    + JDK-8223688: JShell: crash on the instantiation of raw
    anonymous class
    + JDK-8223777: In posix_spawn mode, failing to exec()
    jspawnhelper does not result in an error
    + JDK-8223940: Private key not supported by chosen signature
    algorithm
    + JDK-8224184: jshell got IOException at exiting with AIX
    + JDK-8224234: compiler/codegen/TestCharVect2.java fails in
    test_mulc
    + JDK-8225037: java.net.JarURLConnection::getJarEntry() throws
    NullPointerException
    + JDK-8225625: AES Electronic Codebook (ECB) encryption and
    decryption optimization using AVX512 + VAES instructions
    + JDK-8226536: Catch OOM from deopt that fails rematerializing
    objects
    + JDK-8226575: OperatingSystemMXBean should be made container
    aware
    + JDK-8226697: Several tests which need the @key headful
    keyword are missing it.
    + JDK-8226809: Circular reference in printed stack trace is not
    correctly indented & ambiguous
    + JDK-8227059: sun/security/tools/keytool/
    /DefaultSignatureAlgorithm.java timed out
    + JDK-8227269: Slow class loading when running with JDWP
    + JDK-8227595: keytool/fakegen/DefaultSignatureAlgorithm.java
    fails due to "/exitValue = 6"/
    + JDK-8228448: Jconsole can't connect to itself
    + JDK-8228967: Trust/Key store and SSL context utilities for
    tests
    + JDK-8229378: jdwp library loader in linker_md.c quietly
    truncates on buffer overflow
    + JDK-8229815: Upgrade Jline to 3.12.1
    + JDK-8230000: some httpclients testng tests run zero test
    + JDK-8230002: javax/xml/jaxp/unittest/transform/
    /SecureProcessingTest.java runs zero test
    + JDK-8230010: Remove jdk8037819/BasicTest1.java
    + JDK-8230094: CCE in createXMLEventWriter(Result) over an
    arbitrary XMLStreamWriter
    + JDK-8230402: Allocation of compile task fails with assert:
    "/Leaking compilation tasks?"/
    + JDK-8230767: FlightRecorderListener returns null recording
    + JDK-8230870: (zipfs) Add a ZIP FS test that is similar to
    test/jdk/java/util/zip/EntryCount64k.java
    + JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes()
    can be quicker for self thread
    + JDK-8231586: enlarge encoding space for OopMapValue offsets
    + JDK-8231953: Wrong assumption in assertion in
    oop::register_oop
    + JDK-8231968: getCurrentThreadAllocatedBytes default
    implementation s/b getThreadAllocatedBytes
    + JDK-8232083: Minimal VM is broken after JDK-8231586
    + JDK-8232161: Align some one-way conversion in MS950 charset
    with Windows
    + JDK-8232855: jshell missing word in /help help
    + JDK-8233027: OopMapSet::all_do does oms.next() twice during
    iteration
    + JDK-8233228: Disable weak named curves by default in TLS,
    CertPath, and Signed JAR
    + JDK-8233386: Initialize NULL fields for unused decorations
    + JDK-8233452: java.math.BigDecimal.sqrt() with
    RoundingMode.FLOOR results in incorrect result
    + JDK-8233686: XML transformer uses excessive amount of memory
    + JDK-8233741: AES Countermode (AES-CTR) optimization using
    AVX512 + VAES instructions
    + JDK-8233829: javac cannot find non-ASCII module name under
    non-UTF8 environment
    + JDK-8233958: Memory retention due to HttpsURLConnection
    finalizer that serves no purpose
    + JDK-8234011: (zipfs) Memory leak in
    ZipFileSystem.releaseDeflater()
    + JDK-8234058: runtime/CompressedOops/
    /CompressedClassPointers.java fails with 'Narrow klass base:
    0x0000000000000000' missing from stdout/stderr
    + JDK-8234149: Several regression tests do not dispose Frame at
    end
    + JDK-8234347: "/Turkey"/ meta time zone does not generate
    composed localized names
    + JDK-8234385: [TESTBUG] java/awt/EventQueue/6980209/
    /bug6980209.java fails in linux nightly
    + JDK-8234535: Cross compilation fails due to missing CFLAGS
    for the BUILD_CC
    + JDK-8234541: C1 emits an empty message when it inlines
    successfully
    + JDK-8234687: change javap reporting on unknown attributes
    + JDK-8236464: SO_LINGER option is ignored by SSLSocket in JDK
    11
    + JDK-8236548: Localized time zone name inconsistency between
    English and other locales
    + JDK-8236617: jtreg test containers/docker/
    /TestMemoryAwareness.java fails after 8226575
    + JDK-8237182: Update copyright header for shenandoah and
    epsilon files
    + JDK-8237888: security/infra/java/security/cert/
    /CertPathValidator/certification/LuxTrustCA.java fails when
    checking validity interval
    + JDK-8237977: Further update
    javax/net/ssl/compatibility/Compatibility.java
    + JDK-8238270: java.net HTTP/2 client does not decrease stream
    count when receives 204 response
    + JDK-8238284: [macos] Zero VM build fails due to an obvious
    typo
    + JDK-8238380: java.base/unix/native/libjava/childproc.c
    "/multiple definition"/ link errors with GCC10
    + JDK-8238386: (sctp) jdk.sctp/unix/native/libsctp/SctpNet.c
    "/multiple definition"/ link errors with GCC10
    + JDK-8238388: libj2gss/NativeFunc.o "/multiple definition"/ link
    errors with GCC10
    + JDK-8238448: RSASSA-PSS signature verification fail when
    using certain odd key sizes
    + JDK-8238710: LingeredApp doesn't log stdout/stderr if exits
    with non-zero code
    + JDK-8239083: C1 assert(known_holder == NULL ||
    (known_holder->is_instance_klass() &&
    (!known_holder->is_interface() ||
    ((ciInstanceKlass*)known_holder)->has_nonstatic_concrete_methods())),
    "/should be non-static concrete method"/);
    + JDK-8239385: KerberosTicket client name refers wrongly to
    sAMAccountName in AD
    + JDK-8240169: javadoc fails to link to non-modular api docs
    + JDK-8240295: hs_err elapsed time in seconds is not accurate
    enough
    + JDK-8240360: NativeLibraryEvent has wrong library name on
    Linux
    + JDK-8240676: Meet not symmetric failure when running lucene
    on jdk8
    + JDK-8241007: Shenandoah: remove
    ShenandoahCriticalControlThreadPriority support
    + JDK-8241065: Shenandoah: remove leftover code after
    JDK-8231086
    + JDK-8241086: Test runtime/NMT/HugeArenaTracking.java is
    failing on 32bit Windows
    + JDK-8241130: com.sun.jndi.ldap.EventSupport.removeDeadNotifier:
    java.lang.NullPointerException
    + JDK-8241138: http.nonProxyHosts=* causes
    StringIndexOutOfBoundsException in DefaultProxySelector
    + JDK-8241319: WB_GetCodeBlob doesn't have ResourceMark
    + JDK-8241478: vmTestbase/gc/gctests/Steal/steal001/steal001.java
    fails with OOME
    + JDK-8241574: Shenandoah: remove ShenandoahAssertToSpaceClosure
    + JDK-8241750: x86_32 build failure after JDK-8227269
    + JDK-8242184: CRL generation error with RSASSA-PSS
    + JDK-8242283: Can't start JVM when java home path includes
    non-ASCII character
    + JDK-8242556: Cannot load RSASSA-PSS public key with non-null
    params from byte array
    + JDK-8243029: Rewrite javax/net/ssl/compatibility/
    /Compatibility.java with a flexible interop test framework
    + JDK-8243138: Enhance BaseLdapServer to support starttls
    extended request
    + JDK-8243320: Add SSL root certificates to Oracle Root CA
    program
    + JDK-8243321: Add Entrust root CA - G4 to Oracle Root CA
    program
    + JDK-8243389: enhance os::pd_print_cpu_info on linux
    + JDK-8243453: java --describe-module failed with non-ASCII
    module name under non-UTF8 environment
    + JDK-8243470: [macos] bring back O2 opt level for unsafe.cpp
    + JDK-8243489: Thread CPU Load event may contain wrong data for
    CPU time under certain conditions
    + JDK-8243925: Toolkit#getScreenInsets() returns wrong value on
    HiDPI screens (Windows)
    + JDK-8244087: 2020-04-24 public suffix list update
    + JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest
    release 1.8.26
    + JDK-8244164: AArch64: jaotc generates incorrect code for
    compressed OOPs with non-zero heap base
    + JDK-8244196: adjust output in os_linux
    + JDK-8244225: stringop-overflow warning on strncpy call from
    compile_the_world_in
    + JDK-8244287: JFR: Methods samples have line number 0
    + JDK-8244703: "/platform encoding not initialized"/ exceptions
    with debugger, JNI
    + JDK-8244719: CTW: C2 compilation fails with
    "/assert(!VerifyHashTableKeys || _hash_lock == 0) failed:
    remove node from hash table before modifying it"/
    + JDK-8244729: Shenandoah: remove resolve paths from
    SBSA::generate_shenandoah_lrb
    + JDK-8244763: Update --release 8 symbol information after JSR
    337 MR3
    + JDK-8244818: Java2D Queue Flusher crash while moving
    application window to external monitor
    + JDK-8245151: jarsigner should not raise duplicate warnings on
    verification
    + JDK-8245616: Bump update version for OpenJDK: jdk-11.0.9
    + JDK-8245714: "/Bad graph detected in build_loop_late"/ when
    loads are pinned on loop limit check uncommon branch
    + JDK-8245801: StressRecompilation triggers assert "/redundunt
    OSR recompilation detected. memory leak in CodeCache!"/
    + JDK-8245832: JDK build make-static-libs should build all JDK
    libraries
    + JDK-8245880: Shenandoah: check class unloading flag early in
    concurrent code root scan
    + JDK-8245981: Upgrade to jQuery 3.5.1
    + JDK-8246027: Minimal fastdebug build broken after JDK-8245801
    + JDK-8246094: [macos] Sound Recording and playback is not
    working
    + JDK-8246153: TestEliminateArrayCopy fails with
  - XX:+StressReflectiveCode
    + JDK-8246193: Possible NPE in ENC-PA-REP search in AS-REQ
    + JDK-8246196: javax/management/MBeanServer/OldMBeanServerTest
    fails with AssertionError
    + JDK-8246203: Segmentation fault in verification due to stack
    overflow with -XX:+VerifyIterativeGVN
    + JDK-8246330: Add TLS Tests for Legacy ECDSA curves
    + JDK-8246453: TestClone crashes with "/all collected exceptions
    must come from the same place"/
    + JDK-8247246: Add explicit ResolvedJavaType.link and expose
    presence of default methods
    + JDK-8247350: [aarch64] assert(false) failed: wrong size of
    mach node
    + JDK-8247502: PhaseStringOpts crashes while optimising
    effectively dead code
    + JDK-8247615: Initialize the bytes left for the heap sampler
    + JDK-8247824: CTW: C2 (Shenandoah) compilation fails with SEGV
    in SBC2Support::pin_and_expand
    + JDK-8247874: Replacement in VersionProps.java.template not
    working when --with-vendor-bug-url contains '&'
    + JDK-8247979: aarch64: missing side effect of killing flags
    for clearArray_reg_reg
    + JDK-8248214: Add paddings for TaskQueueSuper to reduce
    false-sharing cache contention
    + JDK-8248219: aarch64: missing memory barrier in
    fast_storefield and fast_accessfield
    + JDK-8248348: Regression caused by the update to BCEL 6.0
    + JDK-8248385: [testbug][11u] Adapt TestInitiExceptions to
    jtreg 5.1
    + JDK-8248495: [macos] zerovm is broken due to libffi headers
    location
    + JDK-8248851: CMS: Missing memory fences between free chunk
    check and klass read
    + JDK-8248987: AOT's Linker.java seems to eagerly fail-fast on
    Windows
    + JDK-8249159: Downport test rework for SSLSocketTemplate from
    8224650
    + JDK-8249215: JFrame::setVisible crashed with
  - Dfile.encoding=UTF-8 on Japanese Windows.
    + JDK-8249251: [dark_mode ubuntu 20.04] The selected menu is
    not highlighted in GTKLookAndFeel
    + JDK-8249255: Build fails if source code in cygwin home dir
    + JDK-8249277: TestVerifyIterativeGVN.java is failing with
    timeout in OpenJDK 11
    + JDK-8249278: Revert JDK-8226253 which breaks the spec of
    AccessibleState.SHOWING for JList
    + JDK-8249560: Shenandoah: Fix racy GC request handling
    + JDK-8249801: Shenandoah: Clear soft-refs on requested GC cycle
    + JDK-8249953: Shenandoah: gc/shenandoah/mxbeans tests should
    account for corner cases
    + JDK-8250582: Revert Principal Name type to NT-UNKNOWN when
    requesting TGS Kerberos tickets
    + JDK-8250609: C2 crash in IfNode::fold_compares
    + JDK-8250627: Use -XX:+/-UseContainerSupport for
    enabling/disabling Java container metrics
    + JDK-8250755: Better cleanup for
    jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java
    + JDK-8250787: Provider.put no longer registering aliases in
    FIPS env
    + JDK-8250826: jhsdb does not work with coredump which comes
    from Substrate VM
    + JDK-8250827: Shenandoah: needs to reset/finish StringTable's
    dead count before/after parallel walk
    + JDK-8250844: Make sure {type,obj}ArrayOopDesc accessors check
    the bounds
    + JDK-8251117: Cannot check P11Key size in P11Cipher and
    P11AEADCipher
    + JDK-8251354: Shenandoah: Fix jdk/jfr/tool/TestPrintJSON.java
    test failure
    + JDK-8251451: Shenandoah: Remark ObjectSynchronizer roots with
    I-U
    + JDK-8251469: Better cleanup for
    test/jdk/javax/imageio/SetOutput.java
    + JDK-8251487: Shenandoah: missing detail timing tracking for
    final mark cleaning phase
    + JDK-8252120: compiler/oracle/TestCompileCommand.java
    misspells "/occured"/
    + JDK-8252157: JDK-8231209 11u backport breaks jmm binary
    compatibility
    + JDK-8252258: [11u] JDK-8242154 changes the default vendor
    + JDK-8252804: [test] Fix 'ReleaseDeflater.java' test after
    downport of 8234011
    + JDK-8253134: JMM_VERSION should remain at 0x20020000 (JDK 10)
    in JDK 11
    + JDK-8253283: [11u] Test build/translations/
    /VerifyTranslations.java failing after JDK-8252258
    + JDK-8253813: Backout JDK-8244287 from 11u: it causes several
    crashes
- Removed patch:
  * gcc-fno-common-fix.patch
    + not needed any more with this version
- Added patch:
  * JDK-8250861.patch
    + Fix regression "/8250861: Crash in MinINode::Ideal(PhaseGVN*,
    bool)"/ introduced in jdk 11.0.9
kdump
- kdump-remove-console-hvc0-from-commandline.patch: remove
  console=hvc0 from commandline (bsc#1173914).
- kdump-set-serial-console-from-Xen-cmdline.patch: set serial
  console from Xen cmdline (bsc#1173914).
- kdump-do-not-add-rd.neednet.patch: Do not add 'rd.neednet=1' to
  dracut command line (bsc#1177196).
kernel-default
- blacklist.conf: misattributed patch. The upstream tag is wrong.
- commit 565f00f
- target: fix XCOPY NAA identifier lookup (CVE-2020-28374,
  bsc#1178372).
- commit 2765e76
- mwifiex: Fix possible buffer overflows in
  mwifiex_cmd_802_11_ad_hoc_start (CVE-2020-36158 bsc#1180559).
- commit a833298
- Refresh patches.suse/ceph-fix-race-in-concurrent-_ceph_remove_cap-invocations.patch.
  Patch has been merged into mainline; refreshing Git-commit and Path-mainline
  tags in patch.
- commit adfe820
- usb: gadget: configfs: Fix missing spin_lock_init() (git-fixes).
- commit c3f05ce
- powerpc/pci: Remove legacy debug code (bsc#1172145 ltc#184630
  git-fixes).
- commit fa7242a
- md/cluster: fix deadlock when node is doing resync job
  (bsc#1163727).
- md/cluster: block reshape with remote resync job (bsc#1163727).
- md/bitmap: fix memory leak of temporary bitmap (bsc#1163727).
- md/bitmap: md_bitmap_get_counter returns wrong blocks
  (bsc#1163727).
- md/bitmap: md_bitmap_read_sb uses wrong bitmap blocks
  (bsc#1163727).
- md-cluster: fix rmmod issue when md_cluster convert bitmap to
  none (bsc#1163727).
- md-cluster: fix safemode_delay value when converting to
  clustered bitmap (bsc#1163727).
- md-cluster: fix wild pointer of unlock_all_bitmaps()
  (bsc#1163727).
- commit 4237378
- s390/dasd: fix hanging device offline processing (bsc#1144912).
- commit 1bce0a7
- powerpc/pci: Fix broken INTx configuration via OF (bsc#1172145
  ltc#184630).
- powerpc/pci: Use of_irq_parse_and_map_pci() helper (bsc#1172145
  ltc#184630).
- powerpc: Convert to using %pOF instead of full_name (bsc#1172145
  ltc#184630).
- commit 3f7f68e
- powerpc/pci: Remove LSI mappings on device teardown (bsc#1172145
  ltc#184630).
- commit 871ada7
- staging: wlan-ng: fix out of bounds read in
  prism2sta_probe_usb() (git-fixes).
- video: fbdev: neofb: fix memory leak in neo_scan_monitor()
  (git-fixes).
- usb: gadget: net2280: fix memory leak on probe error handling
  paths (git-fixes).
- staging: wlan-ng: properly check endpoint types (git-fixes).
- vt: Reject zero-sized screen buffer size (git-fixes).
- usb: hso: Fix debug compile warning on sparc32 (git-fixes).
- usb: gadget: udc: gr_udc: fix memleak on error handling path
  in gr_ep_init() (git-fixes).
- usblp: poison URBs upon disconnect (git-fixes).
- watchdog: da9062: No need to ping manually before setting
  timeout (git-fixes).
- wireless: Use linux/stddef.h instead of stddef.h (git-fixes).
- vt: don't hardcode the mem allocation upper bound (git-fixes).
- wireless: Use offsetof instead of custom macro (git-fixes).
- watchdog: da9062: do not ping the hw during stop() (git-fixes).
- usb: gadget: serial: fix Tx stall after buffer overflow
  (git-fixes).
- usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
  (git-fixes).
- usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
  (git-fixes).
- usb: gadget: udc: fix possible sleep-in-atomic-context bugs
  in gr_probe() (git-fixes).
- usb: dwc2: Fix IN FIFO allocation (git-fixes).
- USB: Fix: Don't skip endpoint descriptors with maxpacket=0
  (git-fixes).
- staging: vt6656: set usb_set_intfdata on driver fail
  (git-fixes).
- usb: gadget: fix wrong endpoint desc (git-fixes).
- usb: usbfs: Suppress problematic bind and unbind uevents
  (git-fixes).
- USB: ldusb: use unsigned size format specifiers (git-fixes).
- USB: Skip endpoints with 0 maxpacket length (git-fixes).
- usb: dwc3: remove the call trace of USBx_GFLADJ (git-fixes).
- usb: gadget: configfs: fix concurrent issue between composite
  APIs (git-fixes).
- usb: gadget: composite: Fix possible double free memory bug
  (git-fixes).
- usb: fsl: Check memory resource before releasing it (git-fixes).
- commit b2d9cc9
- kABI workaround for HD-audio generic parser (git-fixes).
- commit d802b74
- media: gspca: Fix memory leak in probe (git-fixes).
- commit 6d853e6
- media: platform: add missing put_device() call in
  mtk_jpeg_probe() and mtk_jpeg_remove() (git-patches).
- commit 00b1c5e
- spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe
  error path (git-fixes).
- Revert "/serial: amba-pl011: Make sure we initialize the
  port.lock spinlock"/ (git-fixes).
- PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI
  bridge (git-fixes).
- commit 25a7685
- blacklist.conf: Add PM/devfreq commit that is inapplicable
- commit b54b598
- blacklist.conf: Add a net/phy patch that causes a kABI breakage
- commit aaab49a
- blacklist.conf: d9a9280a0d0a ("/seq_buf: Avoid type mismatch for seq_buf_init"/)
  It breaks kABI. It is not worth the hassle to backport.
- commit 6a8dc6f
- Revert "/ALSA: hda - Fix silent audio output and corrupted
  input on MSI X570-A PRO"/ (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT +
  AXP288 model (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT +
  AXP288 model (git-fixes).
- gpiolib: acpi: Rework honor_wakeup option into an ignore_wake
  option (git-fixes).
- commit a225bd4
- spi: dw: Return any value retrieved from the dma_transfer
  callback (git-fixes).
- Refresh
  patches.suse/spi-dw-Add-SPI-Rx-done-wait-method-to-DMA-based-tran.patch.
- Refresh
  patches.suse/spi-dw-Add-SPI-Tx-done-wait-method-to-DMA-based-tran.patch.
- commit 6060b5d
- mei: protect mei_cl_mtu from null dereference (git-fixes).
- serial: txx9: add missing platform_driver_unregister() on
  error in serial_txx9_init (git-fixes).
- mac80211: fix use of skb payload instead of header (git-fixes).
- PM: hibernate: remove the bogus call to get_gendisk() in
  software_resume() (git-fixes).
- serial: 8250_pci: Add Realtek 816a and 816b (git-fixes).
- spi: Fix memory leak on splited transfers (git-fixes).
- spi: spi-loopback-test: Fix out-of-bounds read (git-fixes).
- NFC: st95hf: Fix memleak in st95hf_in_send_cmd (git-fixes).
- nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame
  (git-fixes).
- regmap: dev_get_regmap_match(): fix string comparison
  (git-fixes).
- mei: bus: don't clean driver pointer (git-fixes).
- mac80211: allow rx of mesh eapol frames with default rx key
  (git-fixes).
- pinctrl: amd: fix npins for uart0 in kerncz_groups (git-fixes).
- spi: spidev: fix a potential use-after-free in spidev_release()
  (git-fixes).
- serial: amba-pl011: Make sure we initialize the port.lock
  spinlock (git-fixes).
- PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
  (git-fixes).
- mfd: wm8994: Fix driver operation if loaded as modules
  (git-fixes).
- PCI: Don't disable decoding when mmio_always_on is set
  (git-fixes).
- spi: dw: Fix Rx-only DMA transfers (git-fixes).
- spi: dw: Enable interrupts in accordance with DMA xfer mode
  (git-fixes).
- regmap: debugfs: check count when read regmap file (git-fixes).
- PM: hibernate: Freeze kernel threads in software_resume()
  (git-fixes).
- PM: ACPI: Output correct message on target power state
  (git-fixes).
- power: supply: bq27xxx_battery: Silence deferred-probe error
  (git-fixes).
- rtc: 88pm860x: fix possible race condition (git-fixes).
- soc: imx: gpc: fix power up sequencing (git-fixes).
- mac80211: fix authentication with iwlwifi/mvm (git-fixes).
- mac80211: Check port authorization in the ieee80211_tx_dequeue()
  case (git-fixes).
- staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
  (git-fixes).
- tty:serial:mvebu-uart:fix a wrong return (git-fixes).
- Revert "/PM / devfreq: Modify the device name as devfreq(X)
  for sysfs"/ (git-fixes).
- serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
  (git-fixes).
- radeon: insert 10ms sleep in dce5_crtc_load_lut (git-fixes).
- media: sti: bdisp: fix a possible sleep-in-atomic-context bug
  in bdisp_device_run() (git-fixes).
- media: i2c: mt9v032: fix enum mbus codes and frame sizes
  (git-fixes).
- media: v4l2-device.h: Explicitly compare grp{id,mask} to zero
  in v4l2_device macros (git-fixes).
- tty: synclink_gt: Adjust indentation in several functions
  (git-fixes).
- tty: synclinkmp: Adjust indentation in several functions
  (git-fixes).
- staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
  (git-fixes).
- tty: always relink the port (git-fixes).
- rfkill: Fix incorrect check to avoid NULL pointer dereference
  (git-fixes).
- tty: link tty and port before configuring it as console
  (git-fixes).
- spi: spi-cavium-thunderx: Add missing pci_release_regions()
  (git-fixes).
- remoteproc: Fix wrong rvring index computation (git-fixes).
- staging: rtl8188eu: fix possible null dereference (git-fixes).
- staging: rtl8192u: fix multiple memory leaks on error path
  (git-fixes).
- parport: load lowlevel driver if ports not found (git-fixes).
- pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler()
  (git-fixes).
- pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B (git-fixes).
- media: si470x-i2c: add missed operations in remove (git-fixes).
- media: pvrusb2: Fix oops on tear-down when radio support is
  not present (git-fixes).
- media: v4l2-core: fix touch support in v4l_g_fmt (git-fixes).
- media: ti-vpe: vpe: ensure buffers are cleaned up properly in
  abort cases (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure about frame
  sequence number (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid
  sizeimage (git-fixes).
- media: ti-vpe: vpe: Make sure YUYV is set as default format
  (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid
  pixel format (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure causing a
  kernel panic (git-fixes).
- media: cx88: Fix some error handling path in 'cx8800_initdev()'
  (git-fixes).
- media: cec-funcs.h: add status_req checks (git-fixes).
- media: i2c: ov2659: Fix missing 720p register config
  (git-fixes).
- media: i2c: ov2659: fix s_stream return value (git-fixes).
- media: am437x-vpfe: Setting STD to current value is not an error
  (git-fixes).
- PM / hibernate: memory_bm_find_bit(): Tighten node optimisation
  (git-fixes).
- spi: st-ssc4: add missed pm_runtime_disable (git-fixes).
- spi: tegra20-slink: add missed clk_unprepare (git-fixes).
- spi: pxa2xx: Add missed security checks (git-fixes).
- spi: img-spfi: fix potential double release (git-fixes).
- spi: Add call to spi_slave_abort() function when spidev driver
  is released (git-fixes).
- regulator: max8907: Fix the usage of uninitialized variable
  in max8907_regulator_probe() (git-fixes).
- rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt()
  (git-fixes).
- rtl8xxxu: fix RTL8723BU connection failure issue after warm
  reboot (git-fixes).
- regulator: pfuze100-regulator: Variable "/val"/ in
  pfuze100_regulator_probe() could be uninitialized (git-fixes).
- regulator: ti-abb: Fix timeout in
  ti_abb_wait_txdone/ti_abb_clear_all_txdone (git-fixes).
- net: usb: sr9800: fix uninitialized local variable (git-fixes).
- thunderbolt: Use 32-bit writes when writing ring
  producer/consumer (git-fixes).
- commit d4306cc
- HID: hid-sensor-hub: Fix issue with devices with no report ID
  (git-fixes).
- HID: cypress: Support Varmilo Keyboards' media hotkeys
  (git-fixes).
- Input: i8042 - allow insmod to succeed on devices without an
  i8042 controller (git-fixes).
- cfg80211: regulatory: Fix inconsistent format argument
  (git-fixes).
- ath9k_htc: Use appropriate rs_datalen type (git-fixes).
- staging: comedi: check validity of wMaxPacketSize of usb
  endpoints found (git-fixes).
- i2c: i801: Fix resume bug (git-fixes).
- i2c: algo: pca: Reapply i2c bus settings after reset
  (git-fixes).
- HID: core: Correctly handle ReportSize being zero (git-fixes).
- iio: dac: ad5592r: fix unbalanced mutex unlocks in
  ad5592r_read_raw() (git-fixes).
- Bluetooth: add a mutex lock to avoid UAF in do_enale_set
  (git-fixes).
- hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
  (git-fixes).
- HID: apple: Disable Fn-key key-re-mapping on clone keyboards
  (git-fixes).
- Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
  (git-fixes).
- gpio: arizona: handle pm_runtime_get_sync failure case
  (git-fixes).
- i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
  (git-fixes).
- i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
  (git-fixes).
- i2c: piix4: Detect secondary SMBus controller on AMD AM4
  chipsets (git-fixes).
- clk: qcom: msm8916: Fix the address location of pll->config_reg
  (git-fixes).
- clk: ti: composite: fix memory leak (git-fixes).
- clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
  (git-fixes).
- geneve: change from tx_error to tx_dropped on missing metadata
  (git-fixes).
- drivers: base: Fix NULL pointer exception in
  __platform_driver_probe() if a driver developer is foolish
  (git-fixes).
- iio: bmp280: fix compensation of humidity (git-fixes).
- backlight: lp855x: Ensure regulators are disabled on probe
  failure (git-fixes).
- ath9k_htc: Silence undersized packet warnings (git-fixes).
- hwmon: (jc42) Fix name to have no illegal characters
  (git-fixes).
- clk: tegra: Fix Tegra PMC clock out parents (git-fixes).
- clk: at91: usb: continue if clk_hw_round_rate() return zero
  (git-fixes).
- gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
  (git-fixes).
- gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs
  in grgpio_irq_map/unmap() (git-fixes).
- ipw2x00: Fix -Wcast-function-type (git-fixes).
- gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism
  (git-fixes).
- gpiolib: acpi: Turn dmi_system_id table into a generic quirk
  table (git-fixes).
- gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP
  (git-fixes).
- gpiolib: fix up emulated open drain outputs (git-fixes).
- gpio: mpc8xxx: Add platform device to gpiochip->parent
  (git-fixes).
- staging: comedi: gsc_hpdi: check dma_alloc_coherent() return
  value (git-fixes).
- iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel
  reporting (git-fixes).
- clocksource/drivers/asm9260: Add a check for of_clk_get
  (git-fixes).
- firmware: qcom: scm: Ensure 'a0' status code is treated as
  signed (git-fixes).
- Input: atmel_mxt_ts - disable IRQ across suspend (git-fixes).
- HID: logitech-hidpp: Silence intermittent get_battery_capacity
  errors (git-fixes).
- HID: Improve Windows Precision Touchpad detection (git-fixes).
- HID: core: check whether Usage Page item is after Usage ID items
  (git-fixes).
- clk: qcom: Allow constant ratio freq tables for rcg (git-fixes).
- iio: adc: max1027: Reset the device at probe time (git-fixes).
- iio: light: bh1750: Resolve compiler warning and make code
  more readable (git-fixes).
- iwlwifi: mvm: fix unaligned read of rx_pkt_status (git-fixes).
- Bluetooth: Fix advertising duplicated flags (git-fixes).
- ath9k_htc: Discard undersized packets (git-fixes).
- ath9k_htc: Modify byte order for an error message (git-fixes).
- gpio: max77620: Fixup debounce delays (git-fixes).
- iio: srf04: fix wrong limitation in distance measuring
  (git-fixes).
- clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call
  (git-fixes).
- HID: intel-ish-hid: fix wrong error handling in
  ishtp_cl_alloc_tx_ring() (git-fixes).
- iio: fix center temperature of bmc150-accel-core (git-fixes).
- gpio: max77620: Use correct unit for debounce times (git-fixes).
- commit ed5e05c
- xhci: Give USB2 ports time to enter U3 in bus suspend
  (git-fixes).
- commit a8da5e3
- ALSA: usb-audio: Add delay quirk for all Logitech USB devices
  (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Qu-16
  (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for MODX
  (git-fixes).
- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas
  devices (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2
  (git-fixes).
- ALSA: usb-audio: Add delay quirk for H570e USB headsets
  (git-fixes).
- ALSA: hda/realtek: Enable front panel headset LED on Lenovo
  ThinkStation P520 (git-fixes).
- ALSA: hda/realtek - Couldn't detect Mic if booting with headset
  plugged (git-fixes).
- ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity
  check (git-fixes).
- ALSA: hda - Fix silent audio output and corrupted input on
  MSI X570-A PRO (git-fixes).
- ALSA: hda/hdmi: always check pin power status in i915 pin fixup
  (git-fixes).
- ALSA: ca0106: fix error code handling (git-fixes).
- ACPICA: Do not increment operation_region reference counts
  for field units (git-fixes).
- ALSA: info: Drop WARN_ON() from buffer NULL sanity check
  (git-fixes).
- ALSA: usb-audio: Fix race against the error recovery URB
  submission (git-fixes).
- ALSA: line6: Perform sanity check for each URB creation
  (git-fixes).
- ALSA: usb-audio: Fix OOB access of mixer element list
  (git-fixes).
- ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG)
  (git-fixes).
- ALSA: usb-audio: Add registration quirk for Kingston HyperX
  Cloud Flight S (git-fixes).
- ALSA: usb-audio: add quirk for Denon DCD-1500RE (git-fixes).
- ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch
  table (git-fixes).
- ata/libata: Fix usage of page address by page_address in
  ata_scsi_mode_select_xlat function (git-fixes).
- ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel
  failed (git-fixes).
- ALSA: hda: Fix potential race in unsol event handler
  (git-fixes).
- ALSA: isa/wavefront: prevent out of bounds write in ioctl
  (git-fixes).
- ALSA: usb-audio: Add registration quirk for Kingston HyperX
  Cloud Alpha S (git-fixes).
- ALSA: ctl: allow TLV read operation for callback type of
  element in locked case (git-fixes).
- ACPICA: Disassembler: create buffer fields in
  ACPI_PARSE_LOAD_PASS1 (git-fixes).
- ASoC: sti: fix possible sleep-in-atomic (git-fixes).
- ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile (git-fixes).
- ASoC: wm8904: fix regcache handling (git-fixes).
- ALSA: timer: Limit max amount of slave instances (git-fixes).
- ath10k: fix get invalid tx rate for Mesh metric (git-fixes).
- ath10k: fix offchannel tx failure when no
  ath10k_mac_tx_frm_has_freq (git-fixes).
- ath10k: fix backtrace on coredump (git-fixes).
- ASoC: wm_adsp: Don't generate kcontrols without READ flags
  (git-fixes).
- ASoC: pcm3168a: The codec does not support S32_LE (git-fixes).
- commit 7b07b51
- USB: dummy-hcd: Fix uninitialized array use in init()
  (git-fixes).
- commit 7885392
- irqchip/alpine-msi: Fix freeing of interrupts on allocation
  error path (git-fixes).
- iio:imu:bmi160: Fix too large a buffer (git-fixes).
- serial_core: Check for port state when tty is in error state
  (git-fixes).
- USB: gadget: f_midi: setup SuperSpeed Plus descriptors
  (git-fixes).
- USB: gadget: f_acm: add support for SuperSpeed Plus (git-fixes).
- USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
  (git-fixes).
- media: msi2500: assign SPI bus number dynamically (git-fixes).
- media: sunxi-cir: ensure IR is handled when it is continuous
  (git-fixes).
- Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
  (git-fixes).
- Input: cm109 - do not stomp on control URB (git-fixes).
- Input: i8042 - add Acer laptops to the i8042 reset list
  (git-fixes).
- Input: cros_ec_keyb - send 'scancodes' in addition to key events
  (git-fixes).
- pinctrl: amd: remove debounce filter setting in IRQ type setting
  (git-fixes).
- pinctrl: baytrail: Avoid clearing debounce value when turning
  it off (git-fixes).
- pinctrl: merrifield: Set default bias in case no particular
  value given (git-fixes).
- gpio: mvebu: fix potential user-after-free on probe (git-fixes).
- iwlwifi: mvm: fix kernel panic in case of assert during CSA
  (git-fixes).
- iwlwifi: pcie: limit memory read spin time (git-fixes).
- platform/x86: acer-wmi: add automatic keyboard background
  light toggle key as KEY_LIGHTS_TOGGLE (git-fixes).
- usb: gadget: goku_udc: fix potential crashes in probe
  (git-fixes).
- commit 2c823bd
- USB: UAS: introduce a quirk to set no_write_same (git-fixes).
- commit 22516b6
- ALSA: pcm: oss: Fix a few more UBSAN fixes (git-fixes).
- ALSA: usb-audio: Disable sample read check if firmware doesn't
  give back (git-fixes).
- watchdog: coh901327: add COMMON_CLK dependency (git-fixes).
- watchdog: qcom: Avoid context switch in restart handler
  (git-fixes).
- watchdog: sirfsoc: Add missing dependency on HAS_IOMEM
  (git-fixes).
- ACPI: PNP: compare the string length in the matching_id()
  (git-fixes).
- clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (git-fixes).
- clk: sunxi-ng: Make sure divider tables have sentinel
  (git-fixes).
- clk: s2mps11: Fix a resource leak in error handling paths in
  the probe function (git-fixes).
- clk: ti: Fix memleak in ti_fapll_synth_setup (git-fixes).
- clk: tegra: Fix duplicated SE clock entry (git-fixes).
- ALSA: pcm: oss: Fix potential out-of-bounds shift (git-fixes).
- ALSA: usb-audio: Fix potential out-of-bounds shift (git-fixes).
- ALSA: usb-audio: Fix control 'access overflow' errors from chmap
  (git-fixes).
- ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with
  ALC255 (git-fixes).
- cfg80211: initialize rekey_data (git-fixes).
- ALSA: hda/generic: Add option to enforce preferred_dacs pairs
  (git-fixes).
- net: phy: Avoid multiple suspends (git-fixes).
- commit 2149019
- USB: add RESET_RESUME quirk for Snapscan 1212 (git-fixes).
- commit 16b0392
- ocfs2: fix unbalanced locking (bsc#1180506).
- commit 099ccd0
- net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
  (git-fixes).
- commit c49f357
- net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes).
- commit 1fd70ca
- cirrus: cs89x0: remove set but not used variable 'lp'
  (git-fixes).
- commit 6687442
- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify
  code (git-fixes).
- commit 4c54ea7
- net: dsa: bcm_sf2: Do not assume DSA master supports WoL
  (git-fixes).
- commit 5fb1080
- phy: Revert toggling reset changes (git-fixes).
- Refresh
  patches.suse/powerpc-perf-Fix-crash-with-is_sier_available-when-p.patch.
- commit 62de49e
- blacklist.conf: update blacklist
- commit 87a267c
- ibmvnic: continue fatal error reset after passive init
  (bsc#1171078 ltc#184239 git-fixes).
- commit b7607e6
- powerpc: Fix incorrect stw{, ux, u, x} instructions in
  __set_pte_at (bsc#1065729).
- commit b54cca9
- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).
- commit 03768a2
- powerpc/64: Set up a kernel stack for secondaries before
  cpu_restore() (bsc#1065729).
- commit 3691693
- Move upstreamed bt fixes into sorted section
- commit adeed42
- powerpc/smp: Add __init to init_big_cores() (bsc#1109695
  ltc#171067 git-fixes).
- commit 1c279b3
- Refresh patches.suse/powerpc-rtas-fix-typo-of-ibm-open-errinjct-in-rtas-f.patch
  Refresh to upstream version.
- commit 76e9945
- powerpc/pseries/hibernation: remove redundant cacheinfo update
  (bsc#1138374 ltc#178199 git-fixes).
- commit 266cbfe
- Revert "/powerpc/pseries/hotplug-cpu: Remove double free in
  error path"/ (bsc#1065729).
- commit fc70ab6
- blacklist.conf: Add e91d8d78237d mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING
  The option is not enabled.
- commit e440c95
- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231
  git-fixes).
- commit 17726be
- btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1174784).
- commit 291590a
- blacklist.conf: already gone in by another ID
- commit 05679b8
- USB: serial: digi_acceleport: fix write-wakeup deadlocks
  (git-fixes).
- commit 04432c4
- USB: serial: digi_acceleport: clean up set_termios (git-fixes).
- commit 2f23f9d
- USB: serial: digi_acceleport: clean up modem-control handling
  (git-fixes).
- commit 1d56162
- USB: serial: digi_acceleport: rename tty flag variable
  (git-fixes).
- commit 88c9db6
- USB: serial: digi_acceleport: use irqsave() in USB's complete
  callback (git-fixes).
- Refresh
  patches.suse/USB-serial-digi_acceleport-remove-redundant-assignme.patch.
- commit 793718c
- USB: serial: digi_acceleport: remove in_interrupt() usage.
- commit 0518924
- USB: serial: digi_acceleport: remove redundant assignment to
  pointer priv (git-fixes).
- commit 4451caf
- blacklist.conf: fix not relevant in our kernel configs
- commit acef26c
- Delete the following patch as a quick workaround
  patches.suse/0001-dm-fix-redundant-IO-accounting-for-bios-that-need-sp.patch.
  due to  bug report for special configuration, it will be added
  back after the problem solved. (bsc#1179444)
- commit 9d32dc4
- blacklist.conf: 3d51507f29f2 x86/entry/32: Add missing ASM_CLAC to general_protection entry
- commit dc56fa2
- x86/apic: Fix integer overflow on 10 bit left shift of cpu_khz
  (bsc#1112178).
- commit f39ec16
- KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid
  bits (bsc#1112178).
- commit 066a4f5
- x86/mm/ident_map: Check for errors from ident_pud_init()
  (bsc#1112178).
- commit 0f2605a
- mm,memory_failure: always pin the page in madvise_inject_error
  (bsc#1180258).
- commit 200d6f3
- blacklist.conf: ff17bbe0bb40 x86/vdso: Prevent segfaults due to hoisted vclock reads
- commit 564d16e
- rtc: hym8563: enable wakeup when applicable (git-fixes).
- commit 5b645ec
- power: supply: bq24190_charger: fix reference leak (git-fixes).
- HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
  (git-fixes).
- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).
- Bluetooth: Fix slab-out-of-bounds read in
  hci_le_direct_adv_report_evt() (git-fixes).
- inet_ecn: Fix endianness of checksum update when setting ECT(1)
  (git-fixes).
- commit 532c400
- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: If fcport is undergoing deletion complete I/O
  with retry (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix the call trace for flush workqueue
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian
  machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle aborts correctly for port undergoing
  deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix N2N and NVMe connect retry failure
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix FW initialization error on big endian
  machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix crash during driver load on big endian
  machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Don't check for fw_started while posting NVMe
  command (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Tear down session if FW say it is down
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Limit interrupt vectors to number of CPUs
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Change post del message from debug level to
  log level (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove trailing semicolon in macro definition
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt())
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix return of uninitialized value in rval
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Initialize variable in qla8044_poll_reg()
  (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not consume srb greedily (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Use constant when it is known (bsc#1172538
  bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1172538
  bsc#1179142 bsc#1179810).
- commit 54e4d29
- tracing: Fix race in trace_open and buffer resize call
  (CVE-2020-27825 bsc#1179960).
- commit 8b99744
- ring-buffer: speed up buffer resets by avoiding synchronize_rcu
  for each CPU (CVE-2020-27825 bsc#1179960).
- commit 0d53945
- ring-buffer: Make resize disable per cpu buffer instead of
  total buffer (CVE-2020-27825 bsc#1179960).
- commit 39cee5c
- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1164780).
- scsi: lpfc: Correct null ndlp reference on routine exit
  (bsc#1164780).
- scsi: lpfc: Use generic power management (bsc#1164780).
- scsi: lpfc: Fix variable 'vport' set but not used in
  lpfc_sli4_abts_err_handler() (bsc#1164780).
- scsi: lpfc: Fix missing prototype for
  lpfc_nvmet_prep_abort_wqe() (bsc#1164780).
- scsi: lpfc: Fix set but unused variables in
  lpfc_dev_loss_tmo_handler() (bsc#1164780).
- scsi: lpfc: Fix set but not used warnings from Rework remote
  port lock handling (bsc#1164780).
- scsi: lpfc: Fix missing prototype warning for
  lpfc_fdmi_vendor_attr_mi() (bsc#1164780).
- scsi: lpfc: Fix memory leak on lcb_context (bsc#1164780).
- scsi: lpfc: Remove dead code on second !ndlp check
  (bsc#1164780).
- scsi: lpfc: Fix pointer defereference before it is null checked
  issue (bsc#1164780).
- scsi: lpfc: Update changed file copyrights for 2020
  (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1164780).
- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers
  (bsc#1164780).
- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4
  handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI path to use common I/O submission path
  (bsc#1164780).
- scsi: lpfc: Enable common send_io interface for SCSI and NVMe
  (bsc#1164780).
- scsi: lpfc: Enable common wqe_template support for both SCSI
  and NVMe (bsc#1164780).
- scsi: lpfc: Refactor WQE structure definitions for common use
  (bsc#1164780).
- scsi: lpfc: Fix NPIV Fabric Node reference counting
  (bsc#1164780).
- scsi: lpfc: Fix NPIV discovery and Fabric Node detection
  (bsc#1164780).
- scsi: lpfc: Unsolicited ELS leaves node in incorrect state
  while dropping it (bsc#1164780).
- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI
  ultimately fails (bsc#1164780).
- scsi: lpfc: Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs
  (bsc#1164780).
- scsi: lpfc: Fix removal of SCSI transport device get and put
  on dev structure (bsc#1164780).
- scsi: lpfc: Rework locations of ndlp reference taking
  (bsc#1164780).
- scsi: lpfc: Rework remote port ref counting and node freeing
  (bsc#1164780).
- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation
  issues (bsc#1164780).
- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc
  misdemeanours (bsc#1164780).
- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined
  functions (bsc#1164780).
- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues
  (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1164780).
- scsi: lpfc: Reject CT request for MIB commands (bsc#1164780).
- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1164780).
- scsi: lpfc: Enlarge max_sectors in scsi host templates
  (bsc#1164780).
- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1164780).
- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1164780).
- commit 3a954de
- net: sonic: replace dev_kfree_skb in sonic_send_packet
  (git-fixes).
- commit 597c84a
- forcedeth: use per cpu to collect xmit/recv statistics
  (git-fixes).
- commit ed24dc6
- net: sonic: return NETDEV_TX_OK if failed to map buffer
  (git-fixes).
- commit 16e3e9e
- net: seeq: Fix the function used to release some memory in an
  error handling path (git-fixes).
- commit a8513c7
- Drop a backported uvcvideo patch that caused a regression (bsc#1180117)
  Also blacklisting the commit
- commit d0a83ca
- net:ethernet:aquantia: Extra spinlocks removed (git-fixes).
- commit 673b7af
- ravb: Fix use-after-free ravb_tstamp_skb (git-fixes).
- commit 3b19bd7
- can: mcp251x: add error check when wq alloc failed (git-fixes).
- commit 83dec18
- net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
  (git-fixes).
- commit 432aa93
- net: macb: add missing barriers when reading descriptors
  (git-fixes).
- commit e0bb50a
- net: macb: fix dropped RX frames due to a race (git-fixes).
- commit daca00d
- Refresh patches.suse/ibmvnic-add-some-debugs.patch.
- commit d50d59c
- blacklist.conf: update blacklist
- commit 0c5fc8b
- blacklist: Add e5785d3ec32f ("/scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()"/)
  We don't need e5785d3ec32f ("/scsi: lpfc: Re-fix use after free in
  lpfc_rq_buf_free()"/) as we dont have 6c621a2229b0 ("/scsi: lpfc:
  Separate NVMET RQ buffer posting from IO resources SGL/iocbq/context"/)
  which undoes the fix by 9816ef6ecbc1 ("/scsi: lpfc: Use after free in
  lpfc_rq_buf_free()"/)
- commit 824fa9a
- scsi: lpfc: Fix scheduling call while in softirq context in
  lpfc_unreg_rpi (bsc#1164780).
- scsi: lpfc: Fix invalid sleeping context in
  lpfc_sli4_nvmet_alloc() (bsc#1164780).
- scsi: Remove unneeded break statements (bsc#1164780).
- scsi: lpfc: Remove unneeded variable 'status' in
  lpfc_fcp_cpu_map_store() (bsc#1164780).
- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req()
  (bsc#1164780).
- scsi: lpfc: Remove set but not used 'qp' (bsc#1164780).
- scsi: lpfc: Fix spelling mistake "/Cant"/ -> "/Can't"/
  (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1164780).
- scsi: lpfc: Extend the RDF FPIN Registration descriptor for
  additional events (bsc#1164780).
- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt
  discovery (bsc#1164780).
- commit 08cb9ae
- series.conf: cleanup
- update upstream reference and resort:
  patches.suse/ibmvnic-add-some-debugs.patch
- commit b715549
- platform/x86: mlx-platform: remove an unused variable
  (git-fixes).
- commit 225af87
- crypto: af_alg - avoid undefined behavior accessing salg_name
  (git-fixes).
- commit 983a9c1
- wimax: fix duplicate initializer warning (git-fixes).
- crypto: omap-aes - Fix PM disable depth imbalance in
  omap_aes_probe (git-fixes).
- crypto: talitos - Fix return type of current_desc_hdr()
  (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: mtk-vcodec: add missing put_device() call in
  mtk_vcodec_release_dec_pm() (git-fixes).
- drm/msm/dsi_phy_10nm: implement PHY disabling (git-fixes).
- drm/msm/dpu: Add newline to printks (git-fixes).
- drm/meson: dw-hdmi: Register a callback to disable the regulator
  (git-fixes).
- drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
  (git-fixes).
- drm/amdgpu: fix build_coefficients() argument (git-fixes).
- drm/amd/display: remove useless if/else (git-fixes).
- matroxfb: avoid -Warray-bounds warning (git-fixes).
- drm/dp_aux_dev: check aux_dev before use in
  drm_dp_aux_dev_get_by_minor() (git-fixes).
- drm/gma500: fix double free of gma_connector (git-fixes).
- commit b0a0e8e
- USB: serial: option: add interface-number sanity check to flag
  handling (git-fixes).
- USB: serial: mos7720: fix parallel-port state restore
  (git-fixes).
- USB: serial: keyspan_pda: fix write unthrottling (git-fixes).
- USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
  (git-fixes).
- USB: serial: keyspan_pda: fix write-wakeup use-after-free
  (git-fixes).
- USB: serial: keyspan_pda: fix stalled writes (git-fixes).
- USB: serial: keyspan_pda: fix write deadlock (git-fixes).
- USB: serial: keyspan_pda: fix dropped unthrottle interrupts
  (git-fixes).
- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).
- commit e793376
- spi: davinci: Fix use-after-free on unbind (git-fixes).
- spi: pic32: Don't leak DMA channels in probe error path
  (git-fixes).
- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on
  error in bcm63xx_hsspi_resume (git-fixes).
- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).
- usb: ehci-omap: Fix PM disable depth umbalance in
  ehci_hcd_omap_probe (git-fixes).
- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag
  to imx6ul (git-fixes).
- commit ff557b2
- platform/x86: mlx-platform: Fix item counter assignment for
  MSN2700, MSN24xx systems (git-fixes).
- platform/x86: dell-smbios-base: Fix error return code in
  dell_smbios_init (git-fixes).
- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
  (git-fixes).
- spi: tegra20-slink: fix reference leak in slink ops of tegra20
  (git-fixes).
- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
  (git-fixes).
- spi: spi-mem: fix reference leak in spi_mem_access_start
  (git-fixes).
- spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes).
- spi: img-spfi: fix reference leak in img_spfi_resume
  (git-fixes).
- regmap: Remove duplicate `type` field from regmap
  `regcache_sync` trace event (git-fixes).
- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
  (git-fixes).
- commit fce435e
- PCI: Fix pci_slot_release() NULL pointer dereference
  (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x
  platform configuration (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from default
  platform configuration (git-fixes).
- Revert "/platform/x86: wmi: Destroy on cleanup rather than
  unregister"/ (git-fixes).
- memstick: r592: Fix error return in r592_probe() (git-fixes).
- staging: olpc_dcon: Do not call platform_device_unregister()
  in dcon_probe() (git-fixes).
- nfc: s3fwrn5: Release the nfc firmware (git-fixes).
- orinoco: Move context allocation after processing the skb
  (git-fixes).
- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
  (git-fixes).
- staging: olpc_dcon: add a missing dependency (git-fixes).
- commit a67a0cb
- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).
- Input: omap4-keypad - fix runtime PM error handling (git-fixes).
- Input: ads7846 - fix unaligned access on 7845 (git-fixes).
- memstick: fix a double-free bug in memstick_check (git-fixes).
- mac80211: don't set set TDLS STA bandwidth wider than possible
  (git-fixes).
- media: saa7146: fix array overflow in vidioc_s_audio()
  (git-fixes).
- media: siano: fix memory leak of debugfs members in
  smsdvb_hotplug (git-fixes).
- media: solo6x10: fix missing snd_card_free in error handling
  case (git-fixes).
- commit 7e8f579
- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Input: ads7846 - fix integer overflow on Rt calculation
  (git-fixes).
- Input: ads7846 - fix race that causes missing releases
  (git-fixes).
- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare()
  on error in rockchip_saradc_resume (git-fixes).
- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).
- iio: buffer: Fix demux update (git-fixes).
- extcon: max77693: Fix modalias string (git-fixes).
- cw1200: fix missing destroy_workqueue() on error in
  cw1200_init_common (git-fixes).
- commit 3738e1e
- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).
- staging: comedi: mf6x4: Fix AI end-of-conversion detection
  (git-fixes).
- bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
  (git-fixes).
- ASoC: cx2072x: Fix doubly definitions of Playback and Capture
  streams (git-fixes).
- Bluetooth: btusb: Fix detection of some fake CSR controllers
  with a bcdDevice val of 0x0134 (git-fixes).
- Bluetooth: Fix null pointer dereference in hci_event_packet()
  (git-fixes).
- ath10k: Release some resources in an error handling path
  (git-fixes).
- ath10k: Fix an error handling path (git-fixes).
- ath6kl: fix enum-conversion warning (git-fixes).
- commit 977d977
- Revert "/ACPI / resources: Use AE_CTRL_TERMINATE to terminate
  resources walks"/ (git-fixes).
- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).
- ASoC: wm8998: Fix PM disable depth imbalance on error
  (git-fixes).
- ASoC: pcm: DRAIN support reactivation (git-fixes).
- ASoC: wm_adsp: remove "/ctl"/ from list on error in
  wm_adsp_create_control() (git-fixes).
- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).
- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).
- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).
- ALSA: hda: Fix regressions on clear and reconfig sysfs
  (git-fixes).
- commit 99727ca
- drivers: soc: ti: knav_qmss_queue: Fix error return code in
  knav_queue_probe (git-fixes).
- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).
- soc: ti: knav_qmss: fix reference leak in knav_queue_probe
  (git-fixes).
- soc: qcom: smp2p: Safely acquire spinlock without IRQs
  (git-fixes).
- soc: mediatek: Check if power domains can be powered on at
  boot time (git-fixes).
- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).
- pinctrl: falcon: add missing put_device() call in
  pinctrl_falcon_probe() (git-fixes).
- mfd: rt5033: Fix errorneous defines (git-fixes).
- drm/rockchip: Avoid uninitialized use of endpoint id in LVDS
  (git-fixes).
- commit 4d43e7b
- fix regression in "/epoll: Keep a reference on files added to the check list"/  (bsc#1180031, git-fixes).
- commit d9c444f
- do_epoll_ctl(): clean the failure exits up a bit
  (bsc#1180031,CVE-2020-0466).
- epoll: Keep a reference on files added to the check list
  (bsc#1180031).
- commit e792e5d
- blacklist.conf: bcee52789588 ("/tracing: Fix userstacktrace option for instances"/)
  The kernel is missing many prerequisities. It is not worth it as it is.
- commit c9bd898
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
  (CVE-2020-27068 bsc#1180086).
- commit 886ad61
- x86/resctrl: Fix incorrect local bandwidth when mba_sc is
  enabled (bsc#1112178).
- x86/resctrl: Remove unused struct mbm_state::chunks_bw
  (bsc#1112178).
- commit e69f129
- HID: Fix slab-out-of-bounds read in hid_field_extract
  (bsc#1180052).
- commit 5b124d9
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- commit e88bce8
- kABI: ath10k: move a new structure member to the end
  (git-fixes).
- commit a09f969
- ath10k: Remove msdu from idr when management pkt send fails
  (git-fixes).
- commit 18aa5a0
- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP
  (bsc#1112178).
- commit 537b04d
- Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset
  lists (git-fixes).
- commit 3be4f5a
- Input: trackpoint - add new trackpoint variant IDs (git-fixes).
- commit 4e28298
- blacklist.conf: misattributed
- commit 3901fbf
- blacklist.conf: misattributed patch
- commit dc93bbb
- HID: Add another Primax PIXART OEM mouse quirk (git-fixes).
- commit 4856fe1
- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
  (git-fixes).
- commit 3f777ce
- HID: core: Sanitize event code and type when mapping input
  (CVE-2020-0465 bsc#1180029).
- commit ebf9f0e
- audit: fix error handling in audit_data_to_entry()
  (CVE-2020-0444 bsc#1180027).
- commit f2e7691
- kABI workaround for dsa/b53 changes (git-fixes).
- commit 91cef6b
- blacklist.conf: update blacklist
- commit 3be6f55
- scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).
- commit e765599
- USB: serial: ch341: sort device-id entries (git-fixes).
- commit 82a21d7
- USB: serial: ch341: add new Product ID for CH341A (git-fixes).
- commit 441ce2e
- USB: serial: option: add support for Thales Cinterion EXS82
  (git-fixes).
- commit f0f391f
- USB: serial: option: add Fibocom NL668 variants (git-fixes).
- commit ac04fe0
- blacklist.conf: build fix
- commit 7fd9334
- blacklist.conf: build fix
- commit d198655
- blacklist.conf: for tools for kernel development
- commit c0358a7
- fbcon: Remove the superfluous break (bsc#1129770)
  Backporting changes:
  * updated path drivers/video/fbcon/core to drivers/video/console
  * context changes
- commit e25cc3c
- drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (bsc#1129770)
- commit cf162c2
- fbcon: Fix user font detection test at fbcon_resize(). (bsc#1112178)
  Backporting changes:
  * updated path drivers/video/fbcon/core to drivers/video/console
- commit b08c154
- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID
  flag (git-fixes).
- NFS: fix nfs_path in case of a rename retry (git-fixes).
- NFSv4.2: fix client's attribute cache management for
  copy_file_range (git-fixes).
- xprtrdma: fix incorrect header size calculations (git-fixes).
- SUNRPC: Properly set the @subbuf parameter of
  xdr_buf_subsegment() (git-fixes).
- pNFS/flexfiles: Fix list corruption if the mirror count changes
  (git-fixes).
- sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).
- SUNRPC: The RDMA back channel mustn't disappear while requests
  are outstanding (git-fixes).
- commit 7d0cc0f
- blacklist.conf: some git-fixes that aren't wanted.
- commit 6565891
- md/raid5: fix oops during stripe resizing (git-fixes).
- commit 66e0a61
- btrfs: fix use-after-free on readahead extent after failure
  to create it (bsc#1179963).
- commit 110503c
- x86/traps: Simplify pagefault tracing logic (bsc#1179895).
- Refresh
  patches.suse/10-x86-xen-get-rid-of-paravirt-op-adjust_exception_frame.patch.
- Refresh
  patches.suse/msft-hv-1590-x86-hyperv-Reenlightenment-notifications-support.patch.
- Refresh
  patches.suse/msft-hv-1616-Drivers-hv-vmbus-Implement-Direct-Mode-for-stimer0.patch.
- commit 65edff3
- x86/tracing: Introduce a static key for exception tracing
  (bsc#1179895).
- commit c8c1b50
- net: dsa: b53: Ensure the default VID is untagged (git-fixes).
- commit ee7b5d7
- net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (git-fixes).
- commit d77dec2
- can: softing: softing_netdev_open(): fix error handling
  (git-fixes).
- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).
- commit d70481b
- tty: Fix ->session locking (bsc#1179745 CVE-2020-29660).
- tty: Fix ->pgrp locking in tiocspgrp() (bsc#1179745
  CVE-2020-29661).
- commit a59c61c
- kABI: genirq: add back irq_create_mapping (bsc#1065729).
- commit 33424fe
- genirq/irqdomain: Add an irq_create_mapping_affinity() function
  (bsc#1065729).
- commit b6d89d7
- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest
  kernels (bsc#1179888 ltc#190253).
- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation
  (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- commit 0a5bcee
- powerpc/pseries: Pass MSI affinity to irq_create_mapping()
  (bsc#1065729).
- ibmvnic: delay next reset if hard reset fails (bsc#1094840
  ltc#167098 git-fixes).
- ibmvnic: restore adapter state on failed reset (bsc#1152457
  ltc#174432 git-fixes).
- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231
  git-fixes).
- ibmvnic: enhance resetting status check during module exit
  (bsc#1065729).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
  (FATE#322021 bsc#1040855 ltc#155067 git-fixes).
- ibmvnic: notify peers when failover and migration happen
  (bsc#1044120 ltc#155423 git-fixes).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431
  ltc#171853 git-fixes).
- commit 41d7e0e
- ibmvnic: add some debugs (bsc#1179896 ltc#190255).
- commit ad19f68
- powerpc/rtas: fix typo of ibm,open-errinjct in rtas filter
  (CVE-2020-27777 bsc#1179107 bsc#1179887 ltc#190092).
- commit 153fdda
- blacklist.conf: 5861381d4866 PM / arch: x86: Rework the MSR_IA32_ENERGY_PERF_BIAS handling
- commit 14d58b3
- net: aquantia: fix LRO with FCS error (git-fixes).
- commit ea8c575
- net: stmmac: fix csr_clk can't be zero issue (git-fixes).
- commit adf66bd
- net: macb: fix error format in dev_err() (git-fixes).
- commit 8695ebc
- net: dsa: qca8k: remove leftover phy accessors (git-fixes).
- commit 8133bc6
- net: sh_eth: fix a missing check of of_get_phy_mode (git-fixes).
- commit 8dfd281
- net: dsa: b53: Properly account for VLAN filtering (git-fixes).
- commit 4a18e4f
- net: dsa: b53: Fix default VLAN ID (git-fixes).
- commit 027d280
- net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() (git-fixes).
- commit 9dd1cb2
- timer: Fix wheel index calculation on last level (git fixes)
- commit 3d19ae6
- timer: Prevent base->clk from moving backward (git-fixes)
- commit dc0c942
- x86/insn-eval: Use new for_each_insn_prefix() macro to loop
  over prefixes bytes (bsc#1112178).
- commit b0c9a61
- Input: xpad - support Ardwiino Controllers (git-fixes).
- Input: i8042 - add ByteSpeed touchpad to noloop table
  (git-fixes).
- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).
- commit 7180cbf
- x86/uprobes: Do not use prefixes.nbytes when looping over
  prefixes.bytes (bsc#1112178).
- commit 217789f
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (git-fixes).
- commit 3f679b5
- usb: gadget: f_fs: Use local copy of descriptors for userspace
  copy (git-fixes).
- commit 828ad1d
- kgdb: Fix spurious true from in_dbg_master() (git-fixes).
- commit 2f24ae4
- blacklist.conf: kABI issues
- commit ea26da1
- blacklist.conf: known to be faulty
- commit ffb8bbb
- kABI workaround for net/ipvlan changes (git-fixes).
- commit 1e1bd88
- btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).
- commit 12f09de
- Update kabi files: sync with 2020-12 update (commit b3ff9f627d17)
- commit 75f73d9
- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).
- commit 83a4d6a
- reiserfs: Fix oops during mount (bsc#1179715).
- commit da0b6c2
- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).
- commit a9af12c
- reiserfs: Initialize inode keys properly (bsc#1179713).
- commit 8725996
- fs: Don't invalidate page buffers in block_write_full_page()
  (bsc#1179711).
- commit bc27d05
- ocfs2: initialize ip_next_orphan (bsc#1179724).
- commit d783ef4
- ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
  (bsc#1179673).
- commit 73b3913
- ext4: correctly report "/not supported"/ for {usr,grp}jquota
  when !CONFIG_QUOTA (bsc#1179672).
- commit b5db6a5
- ext4: fix invalid inode checksum (bsc#1179723).
- commit 8bd755f
- ext4: limit entries returned when counting fsmap records
  (bsc#1179671).
- commit 1b09384
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- commit 4d9a78d
- ext4: fix leaking sysfs kobject after failed mount
  (bsc#1179670).
- commit d275bba
- net/x25: prevent a couple of overflows (bsc#1178590).
- commit 3f48ad3
- SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- commit 9af0dc4
- SMB3: Honor 'handletimeout' flag for multiuser mounts
  (bsc#1176558).
- commit c329fee
- SMB3: Honor lease disabling for multiuser mounts (git-fixes).
- commit 46e76fa
- net: macb: fix random memory corruption on RX with 64-bit DMA (git-fixes). - blacklist.conf:
- commit 8f3e7a6
- media: xirlink_cit: add missing descriptor sanity checks
  (bsc#1168952 CVE-2020-11668).
- commit e978e80
- net: ethernet: ti: cpsw: fix runtime_pm while add/kill vlan (git-fixes).
- commit 7051077
- net: ethernet: ti: cpsw: clear all entries when delete vid (git-fixes).
- commit 0e0028e
- ppp: remove the PPPIOCDETACH ioctl (git-fixes).
- commit 44baa88
- ipvlan: use per device spinlock to protect addrs list updates (git-fixes). - Refresh patches.suse/ipvlan-do-not-add-hardware-address-of-master-to-its-.patch. - Refresh patches.suse/ipvlan-fix-IFLA_MTU-ignored-on-NEWLINK.patch.
- commit ef3234d
- net: stmmac: Fix reception of Broadcom switches tags (git-fixes).
- commit 76370d0
- uapi/if_ether.h: prevent redefinition of struct ethhdr (git-fixes).
- commit c699bc8
- blacklist.conf: update blacklist
- commit 5abd0c8
- Avoid a GCC warning about "//*"/ within a comment.
- commit 338fc13
- Update
  patches.suse/sched-fair-Don-t-free-p-numa_faults-with-concurrent-.patch
  (bsc#1144920, bsc#1179663, CVE-2019-20934).
- commit fad2215
- kABI fix for g2d (git-fixes).
- commit 7e9c2d3
- s390/pci: fix CPU address in MSI for directed IRQ (git-fixes).
- s390/qeth: fix tear down of async TX buffers (git-fixes).
- s390/qeth: fix af_iucv notification race (git-fixes).
- s390/qeth: make af_iucv TX notification call more robust
  (git-fixes).
- s390/dasd: fix null pointer dereference for ERP requests
  (git-fixes).
- s390/cpum_sf.c: fix file permission for cpum_sfb_size
  (git-fixes).
- s390/stp: add locking to sysfs functions (git-fixes).
- net/smc: fix valid DMBE buffer sizes (git-fixes).
- s390/bpf: Fix multiple tail calls (git-fixes).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (git-fixes).
- s390/cpuinfo: show processor physical address (git-fixes).
- commit 44903bb
- tty: Fix ->pgrp locking in tiocspgrp() (git-fixes).
- USB: serial: kl5kusb105: fix memleak on open (git-fixes).
- USB: serial: option: fix Quectel BG96 matching (git-fixes).
- coredump: fix core_pattern parse error (git-fixes).
- commit 5eec673
- Input: i8042 - fix error return code in i8042_setup_aux()
  (git-fixes).
- i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc()
  (git-fixes).
- commit cb6c842
- blacklist.conf: 586b58cac8b4 exit: Move preemption fixup up, move blocking operations down
- commit bea10a1
- kABI workaround for snd_rawmidi buffer_ref field addition
  (CVE-2020-27786 bsc#1179601).
- commit 0e8d69d
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
  (CVE-2020-27786 bsc#1179601).
- commit 3c00a93
- blacklist.conf: update blacklist
- commit c2d6bf2
- powerpc/perf: Fix crash with is_sier_available when pmu is
  not set (bsc#1179578 ltc#189313).
- commit 7521d8f
- Delete patches.suse/fs-select.c-batch-user-writes-in-do_sys_poll.patch.
  (CVE-2020-4788 bsc#1179419).
  Patch causes DLM regression. Drop for now.
- commit a422074
- cifs: fix potential use-after-free in cifs_echo_request()
  (bsc#1139944).
- commit 68b342e
- cifs: allow syscalls to be restarted in __smb_send_rqst()
  (bsc#1176956).
- commit d71fec6
- Add missing RESTORE_CTR (CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64s-Convert-slb_miss_common-to-use-RFI_TO_US.patch.
- Refresh patches.suse/powerpc-64s-Set-assembler-machine-type-to-POWER4.patch.
  patches.suse/powerpc-64s-SLB-miss-already-has-CTR-saved-for-reloc.patch
  adds RESTORE_CTR to the SLB miss handler so
  patches.suse/powerpc-64s-Convert-slb_miss_common-to-use-RFI_TO_US.patch
  must now copy it in the other fork of the exit code as well.
- commit a382dc2
- ALSA: hda/realtek: Add mute LED quirk to yet another HP x360
  model (git-fixes).
- ALSA: usb-audio: US16x08: fix value count for level meters
  (git-fixes).
- ALSA: hda/realtek - Add new codec supported for ALC897
  (git-fixes).
- ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA
  with ALC294 (git-fixes).
- ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220)
  (git-fixes).
- commit 13118e3
- x86/speculation: Fix prctl() when
  spectre_v2_user={seccomp,prctl},ibpb (bsc#1112178).
- commit 2a7ed1e
- x86/resctrl: Add necessary kernfs_put() calls to prevent
  refcount leak (bsc#1112178).
- commit 835979d
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
  refcount leak (bsc#1112178).
- commit e2c3455
- mm/userfaultfd: do not access vma->vm_mm after calling
  handle_userfault() (bsc#1179204).
- commit d3ad4f2
- splice: only read in as much information as there is pipe
  buffer  space (bsc#1179520).
- commit e4a54f3
- btrfs: qgroup: don't commit transaction when we already hold
  the handle (bsc#1178634).
- commit 12019de
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam()
  with mutex (bsc#1050242 FATE#322914).
- commit cdfc450
- media: mtk-mdp: Fix a refcounting bug on error in init
  (git-fixes).
- commit 321e276
- media: s5p-g2d: Fix a memory leak in an error handling path in
  'g2d_probe()' (git-fixes).
- commit beb2b48
- blacklist.conf: cosmetic fix
- commit e651872
- media: uvcvideo: Silence shift-out-of-bounds warning
  (git-fixes).
- commit b045f99
- media: uvcvideo: Set media controller entity functions
  (git-fixes).
- commit b0b0fbf
- net: ena: fix packet's addresses for rx_offset feature
  (bsc#1174852).
- net: ena: handle bad request id in ena_netdev (git-fixes).
- tcp: Set INET_ECN_xmit configuration in
  tcp_reinit_congestion_control (bsc#1109837).
- net/tls: missing received data after fast remote close
  (bsc#1109837).
- qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536
  FATE#322898 bsc#1050545 FATE#322893).
- igc: Fix returning wrong statistics (bsc#1118657 FATE#325278).
- mlxsw: core: Fix memory leak on module removal (bsc#1112374).
- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545
  FATE#322893).
- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
  (bsc#1103992 FATE#326009).
- svcrdma: fix bounce buffers for unaligned offsets and multiple
  pages (bsc#1103992 FATE#326009).
- nfp: use correct define to return NONE fec (bsc#1109837).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990
  FATE#326006).
- cxgb4: Fix offset when clearing filter byte counters
  (bsc#1064802 bsc#1066129).
- net/tls: Fix kmap usage (bsc#1109837).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
  (bsc#1103992 FATE#326009).
- net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
  (bsc#1110096).
- qed: suppress false-positives interrupt error messages on HW
  init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: suppress "/don't support RoCE & iWARP"/ flooding on HW init
  (bsc#1050536 FATE#322898 bsc#1050545 FATE#322893).
- bnxt_en: Fix race when modifying pause settings (bsc#1050242
  FATE#322914).
- net_sched: fix a memory leak in atm_tc_init() (bsc#1056657
  FATE#322189 bsc#1056653 FATE#322190 bsc#1056787).
- net: qed: fix "/maybe uninitialized"/ warning (bsc#1136460
  jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix use-after-free on recovery and AER handling
  (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix PTP initialization on recovery (bsc#1136460
  jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qed: fix async event callbacks unregistering (bsc#1104393
  FATE#325891 bsc#1104389 FATE#325890).
- RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532
  (bsc#1050545 FATE#322893).
- commit 6f45bee
- blacklist.conf: false positive
- commit 37fb76a
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
  (boo#1179082).
- commit 76a9256
- kABI workaround for usermodehelper changes (bsc#1179406).
- commit 987e580
- blacklist.conf: Remove duplicate entry (git-fixes)
- commit 7ac6460
- xfrm: Fix memleak on xfrm state destroy (bsc#1158775).
- commit 23790eb
- romfs: fix uninitialized memory leak in romfs_dev_read()
  (CVE-2020-29371 bsc#1179429).
- commit c4cfc72
- block: Fix use-after-free in blkdev_get() (bsc#1173834
  bsc#1179141 CVE-2020-15436).
- commit 0475fee
- cifs: remove bogus debug code (bsc#1179427).
- commit e65025b
- cifs: Return the error from crypt_message when enc/dec key
  not found (bsc#1179426).
- commit 3b3a5c2
- Convert trailing spaces and periods in path components
  (bsc#1179424).
- commit 3737055
- blacklist.conf: printk: cosmetic, documentation
- commit 78e2348
- reboot: fix overflow parsing reboot cpu number (bsc#1179421).
- commit d34d078
- Revert "/kernel/reboot.c: convert simple_strtoul to kstrtoint"/
  (bsc#1179418).
- commit 45d71b4
- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1111666)
- commit 5ebb055
- RDMA/qedr: Endianness warnings cleanup (bsc#1111666)
- commit c4ffd65
- i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)
- commit 9a35e08
- usermodehelper: reset umask to default before executing user
  process (bsc#1179406).
- commit 14548c8
- docs: ABI: stable: remove a duplicated documentation (git-fixes).
- commit 564fbcc
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- blacklist.conf: add non applicable infiniband git-fixes
- commit 53f874e
- tracing: Fix out of bounds write in get_trace_buf (bsc#1179403).
- commit e8c1fc0
- Drivers: hv: vmbus: Remove the unused "/tsc_page"/ from struct
  hv_context (git-fixes).
- commit d040207
- IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)
- commit f7f0712
- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
- commit f0ab574
- IB/rdmavt: Fix sizeof mismatch (bsc#1111666)
- commit b654a5e
- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)
- commit 4fd8928
- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)
- commit d166d3a
- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)
- commit eb7773e
- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)
- commit 0dd30ca
- RDMA/hns: Set the unsupported wr opcode (bsc#1111666)
- commit 8c9094a
- RDMA/qedr: Fix use of uninitialized field (bsc#1111666)
- commit 97b81fb
- RDMA/qedr: Fix doorbell setting (bsc#1111666)
- commit 1768681
- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)
- commit 5319974
- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)
- commit b863390
- IB/mlx4: Add support for MRA (bsc#1111666)
- commit 335d725
- IB/mlx4: Add and improve logging (bsc#1111666)
- commit a452537
- RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)
- commit d325454
- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1111666)
- commit dcd50fb
- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1111666)
- commit 1631664
- RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1111666)
- commit b76b147
- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1111666)
- commit 6c70296
- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1111666)
- commit b095d40
- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)
- commit d33e46a
- RDMA/rxe: Skip dgid check in loopback mode (bsc#1111666)
- commit b337db3
- RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)
- commit 901b7be
- RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)
- commit dd7c8d8
- IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)
- commit e36a90e
- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1111666)
- commit 699ce30
- RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)
- commit 627e59c
- RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)
- commit 15cc03a
- RDMA/rxe: Set default vendor ID (bsc#1111666)
- commit 80b3c96
- RDMA/rxe: Remove useless rxe_init_device_param assignments (bsc#1111666)
- commit f19a3eb
- RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)
- commit 6d0956c
- IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- commit 9a7cd34
- RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)
- commit 7106852
- efivarfs: revert "/fix memory leak in efivarfs_create()"/
  (git-fixes).
- efi: provide empty efi_enter_virtual_mode implementation
  (git-fixes).
- efi/esrt: Fix reference count leak in esre_create_sysfs_entry
  (git-fixes).
- efi/efivars: Add missing kobject_put() in sysfs entry creation
  error path (git-fixes).
- efi/x86: Ignore the memory attributes table on i386 (git-fixes).
- efi/x86: Don't panic or BUG() on non-critical error conditions
  (git-fixes).
- efi/x86: Map the entire EFI vendor string before copying it
  (git-fixes).
- efi: cper: Fix possible out-of-bounds access (git-fixes).
- commit 4db4448
- blacklist.conf: add a patch that depends on printf %px support
- commit aecbc4b
- USB: core: Fix regression in Hercules audio card (git-fixes).
- usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
- commit f8227e2
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
  (git-fixes).
- can: gs_usb: fix endianess problem with candleLight firmware
  (git-fixes).
- batman-adv: set .owner to THIS_MODULE (git-fixes).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
  (git-fixes).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment
  (git-fixes).
- commit 53ffb24
- xfs: revert "/xfs: fix rmap key and record comparison functions"/
  (git-fixes).
- commit d5cc04b
- x86/hyperv: Clarify comment on x2apic mode (git-fixes).
- commit f9675cb
- x86/hyperv: Make vapic support x2apic mode (git-fixes).
- commit d91c17f
- blacklist.conf: 26515699863d x86/pgtable/32: Fix LOWMEM_PAGES constant
- commit 218b281
- sched/x86: SaveFLAGS on context switch (bsc#1112178).
- commit c0ca4c7
- efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
- commit b20332d
- ceph: fix race in concurrent __ceph_remove_cap invocations
  (bsc#1178635).
- commit 6e30e6e
- scripts/git_sort/git_sort.py: add ceph maintainers git tree
- commit 9d39ad1
- ceph: check session state after bumping session->s_seq
  (bsc#1179259).
- ceph: add check_session_state() helper and make it global
  (bsc#1179259).
- commit 83769e4
- RDMA/qedr: SRQ's bug fixes (bsc#1111666)
- commit 9022646
- RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)
- commit f052706
- IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)
- commit 4e3a1ba
- IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)
- commit e89d03b
- i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)
- commit e216b10
- RDMA/core: Fix race between destroy and release FD object (bsc#1111666)
- commit a68decf
- RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)
- commit b4dcd90
- RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)
- commit 20860b6
- RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)
- commit 790430d
- IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- commit ef4ec06
- IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)
- commit af2fc8e
- RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (bsc#1111666)
- commit d737ec0
- RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)
- commit a4bc37c
- i40iw: Report correct firmware version (bsc#1111666)
- commit fb20f57
- RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)
- commit 1cbba60
- RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)
- commit 04ef8bc
- kABI: powerpc: Add back __clear_user (CVE-2020-4788
  bsc#1177666).
- commit 9ab0140
- RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)
- commit 4a77b03
- x86/PCI: Fix intel_mid_pci.c build error when ACPI is not
  enabled (git-fixes).
- commit a5504bd
- kABI: powerpc: avoid including pgtable.h in kup.h (CVE-2020-4788
  bsc#1177666).
- commit 81cd22b
- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916
  LTC#187937).
- commit d2a21a3
- powerpc/pmem: Fix kernel crash due to wrong range value usage
  in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
- commit 103144c
- x86/microcode/intel: Check patch signature before saving
  microcode for early loading (bsc#1112178).
- commit bb76a80
- RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666)
- commit 8afa3bf
- RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666)
- commit 096fa3c
- RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)
- commit 30433a0
- make 'user_access_begin()' do 'access_ok()' (CVE-2020-4788 bsc#1177666).
- Delete patches.suse/drm-i915-CVE-2018-20669-access-check.patch.
- commit ffc3685
- RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
- commit 6789635
- RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
- commit 2b52fb7
- IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
- commit d347a29
- RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666)
- commit dc653fe
- fuse: fix page dereference after free (bsc#1179213).
- commit ef6e5aa
- cifs: Fix incomplete memory allocation on setxattr path
  (bsc#1179211).
- commit d8c7074
- Update references in patches.suse/net-smc-tolerate-future-smcd-versions
  (bsc#1172542 LTC#186070 git-fixes).
- commit 5e7c7f7
- IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
- commit 7135af3
- RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666)
- commit 5ec5a38
- RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666)
- commit 7d8c638
- RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
- commit c829de0
- IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
- commit 879c91a
- IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
- commit 9dfb84c
- IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
- commit 172fb53
- IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
- commit 8a97df2
- IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
- commit c12c1de
- IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
- commit 8a4b734
- RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
- commit fa668f4
- RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
- commit 0da8369
- blacklist mlx5 ODP patches causing kABI breakage
- commit 4ecba69
- RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666)
- commit c7738ac
- IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
- commit b15d3b4
- IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
- commit 5ef3bb4
- RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666)
- commit 944d5f5
- RDMA/core: Don't depend device ODP capabilities on kconfig option (bsc#1111666)
- commit b7eacbc
- RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
- commit a1e87cb
- IB/mlx5: Fix implicit MR release flow (bsc#1111666)
- commit bc71e4b
- IB/mlx5: Improve ODP debugging messages (bsc#1111666)
- commit 49a50fc
- IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
- commit 4417caf
- IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
- commit 36165e3
- efivarfs: fix memory leak in efivarfs_create() (git-fixes).
- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids
  (git-fixes).
- commit d7e3ab0
- IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
- commit 0d80cfe
- IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666)
- commit 8755da8
- RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666)
- commit 3e96137
- IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
- commit 5c1f4af
- x86/speculation: Allow IBPB to be conditionally enabled on
  CPUs with always-on STIBP (bsc#1112178).
- commit acfd086
- blacklist.conf: 4d6ffa27b8e5 x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S
- commit f8ceda7
- NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
- commit 66fa021
- Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable
  authmode (git-fixes).
- commit 850e7de
- ath10k: Acquire tx_lock in tx error paths (git-fixes).
- commit 6b19967
- x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
  (git-fixes).
- commit e645426
- mm: always have io_remap_pfn_range() set pgprot_decrypted()
  (bsc#1112178).
- commit a002581
- x86/sysfb_efi: Add quirks for some devices with swapped width
  and height (git-fixes).
- commit 2c617fe
- blacklist.conf: kABI - removes symbols
- commit a603d65
- x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).
- commit f74eda5
- s390/dasd: Fix zero write for FBA devices (bsc#1177808
  LTC#188739).
- s390/cio: add cond_resched() in the slow_eval_known_fn() loop
  (bsc#1177805 LTC#188737).
- s390: kernel/uv: handle length extension properly (bsc#1178940
  LTC#189323).
- commit 18cbc8b
- sched/core: Fix PI boosting between RT and DEADLINE tasks
  (bsc#1112178).
- commit 46636c9
- serial: 8250: fix null-ptr-deref in serial8250_start_tx()
  (CVE-2020-15437 bsc#1179140).
- commit 76da61e
- blacklist.conf: an optimization that breaks kABI
- commit 3cf3c91
- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
  (git-fixes).
- commit e4d5feb
- usb: host: xhci-mtk: avoid runtime suspend when removing hcd
  (git-fixes).
- commit a8c6c26
- blacklist.conf: kABI breakage
- commit e851a1f
- Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
- commit b941301
- powerpc/64s: SLB miss already has CTR saved for relocatable kernel
  (CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64s-Set-assembler-machine-type-to-POWER4.patch.
- commit 741f364
- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64-Call-setup_barrier_nospec-from-setup_arch.patch
- Refresh patches.suse/powerpc-pmem-Update-ppc64-to-use-the-new-barrier-ins.patch.
- Update config files.
- commit b0085a7
- powerpc/rtas: Restrict RTAS requests from userspace
  (CVE-2020-27777 bsc#1179107).
- Update config files.
- commit 3ed445b
- vt: Disable KD_FONT_OP_COPY (CVE-2020-28974 bsc#1178589).
- commit d9af9e6
- powerpc/64s: flush L1D after user accesses (CVE-2020-4788
  bsc#1177666).
- Refresh patches.kabi/kABI-powerpc-avoid-including-pgtable.h-in-kup.h.patch.
- powerpc/uaccess: Evaluate macro arguments once, before user
  access is allowed (CVE-2020-4788 bsc#1177666).
- powerpc: Fix __clear_user() with KUAP enabled (CVE-2020-4788
  bsc#1177666).
- powerpc: Implement user_access_begin and friends (CVE-2020-4788
  bsc#1177666).
- powerpc: Add a framework for user access tracking (CVE-2020-4788
  bsc#1177666).
- powerpc/64s: flush L1D on kernel entry (CVE-2020-4788
  bsc#1177666).
- powerpc/64s: move some exception handlers out of line
  (CVE-2020-4788 bsc#1177666).
- powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
  (CVE-2020-4788 bsc#1177666).
- powerpc/64s: Rename slb_miss_realmode() to slb_miss_common()
  (CVE-2020-4788 bsc#1177666).
- powerpc/64s: Use BRANCH_TO_COMMON() for slb_miss_realmode
  (CVE-2020-4788 bsc#1177666).
- commit f7d6c42
- blacklist.conf: e81e07244325 objtool: Support Clang non-section symbols in ORC generation
- commit 1f4e76b
- mac80211: free sta in sta_info_insert_finish() on errors
  (git-fixes).
- commit 2c6357f
- btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897).
- commit 3b268c1
- PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
- commit 6752c94
- hv_balloon: disable warning when floor reached (git-fixes).
- commit 955414c
- blacklist.conf: extreme changes to the kABI needed
- commit 925540d
- Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth
  controllers (git-fixes).
- commit 4e7a227
- rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045)
  egrep is only a deprecated bash wrapper for "/grep -E"/. So use the latter
  instead.
- commit 63d7072
- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- commit adf56a8
- btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
- Refresh  patches.suse/btrfs-run-btrfs_try_granting_tickets-if-a-priority-ticket-fails.patch.
- commit 75170ea
- btrfs: account ticket size at add/delete time (bsc#1178897).
- Refresh patches.suse/btrfs-improve-global-reserve-stealing-logic.patch.
- Refresh patches.suse/btrfs-only-check-priority-tickets-for-priority-flushing.patch.
- commit 42065ea
- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for
  setting tablet-mode (git-fixes).
- iio: accel: kxcjk1013: Replace is_smo8500_device with an
  acpi_type enum (git-fixes).
- tty: serial: imx: keep console clocks always on (git-fixes).
- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
- ALSA: mixart: Fix mutex deadlock (git-fixes).
- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf()
  (git-fixes).
- ALSA: ctl: fix error path at adding user-defined element set
  (git-fixes).
- drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).
- drm/sun4i: dw-hdmi: fix error return code in
  sun8i_dw_hdmi_bind() (git-fixes).
- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
- pinctrl: amd: fix incorrect way to disable debounce filter
  (git-fixes).
- pinctrl: aspeed: Fix GPI only function problem (git-fixes).
- ACPI: GED: fix -Wformat (git-fixes).
- mac80211: always wind down STA state (git-fixes).
- commit e7383c6
- rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014)
  %split_extra still contained two.
- commit d9b4c40
- IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
- commit ec7702d
- IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
- commit 8251c37
- IB/umad: Avoid additional device reference during open()/close() (bsc#1111666)
- commit a8fab73
- IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
- commit 78baf95
- IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
- commit ea1e1f9
- IB/hfi1: Remove unused define (bsc#1111666)
- commit bf8a925
- IB/iser: Fix dma_nents type definition (bsc#1111666)
- commit 594ad99
- RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666)
- commit a4b1d7b
- IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
- commit 6f8b927
- RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666)
- commit 992bd37
- IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666)
- commit 4ecafe8
- rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)
- commit bfca67c
- RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666)
- commit 5088c5f
- RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666)
- commit dbd0cfb
- RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)
- commit 6324199
- RDMA/qib: Delete extra line (bsc#1111666)
- commit 49b856d
- RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
- commit 8f6e746
- RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
- commit f3bdb08
- RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
- commit b4758ff
- RDMA/mlx5: Return proper error value (bsc#1111666)
- commit 808e7b0
- RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
- commit 6de775e
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015).
  RPM_BUILD_ROOT is cleared before %%install. Do the unpack into
  RPM_BUILD_ROOT in %%install
- commit 13bd533
- RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
- commit bfe0bd0
- IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
- commit 4e64a80
- RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
- commit bc59dd8
- RDMA/qedr: Fix reported firmware version (bsc#1111666)
- commit ffa9ea2
- RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
- commit 98fc55b
- iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
- commit 4efe04f
- RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
- commit 420c281
- RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
- commit ff97bf8
- IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666)
- commit b7638eb
- RDMA/cma: Fix false error message (bsc#1111666)
- commit d501338
- RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666)
- commit dc0beb5
- RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
- commit 2348c6d
- IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
- commit 97b1f8b
- IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
- commit 0ecf8ac
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666)
- commit b32477d
- IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
- commit cd4698b
- IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666)
- commit 5a12b20
- IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666)
- commit b87bd80
- IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
- commit d3086a1
- IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
- commit 92326cd
- RDMA/core: Fix race when resolving IP address (bsc#1111666)
- commit fa908b4
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
- commit f7edde8
- RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
- commit b959392
- RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
- commit a68b4da
- RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666)
- commit f1e21bb
- RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
- commit fdd9dba
- IB/hfi1: Handle port down properly in pio (bsc#1111666)
- commit 31f4eba
- IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
- commit efafeeb
- IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
- commit 934ad88
- IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
- commit 8fa6df2
- IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
- commit 3b65c3d
- IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
- commit 0786010
- IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
- commit 2f33450
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
- commit b41b3d5
- IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666)
- commit 76a1aee
- IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
- commit 47a0b3d
- RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
- commit 5a39d5b
- IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
- commit 8d79491
- IB/qib: Remove a set-but-not-used variable (bsc#1111666)
- commit d3cc311
- RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
- commit a69ca59
- RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666)
- commit 1a5b9e4
- RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)
- commit 562e505
- RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)
- commit 1d6f4e4
- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666)
- commit cd2ea6d
- scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)
- commit 8d6eb40
- IB/mlx5: Don't override existing ip_protocol (bsc#1111666)
- commit 76a7e23
- IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666)
- commit 3943f6d
- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
- commit 3b1e686
- RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
- commit 56bb257
- IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
- commit 27648ae
- RDMA/srp: Rework SCSI device reset handling (bsc#1111666)
- commit 8a32e09
- IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
- commit 8dce0fc
- IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
- commit 06279df
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666)
- commit 2aa06a3
- IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
- commit d82c074
- IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
- commit 37cef8a
- IB/rxe: Make counters thread safe (bsc#1111666)
- commit 02fb142
- IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
- commit 713bfb0
- IB/mlx4: Remove unneeded NULL check (bsc#1111666)
- commit 6e1fa2d
- RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)
- commit 7253c65
- IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
- commit b49e48a
- iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
- commit 954a669
- rxe: fix error completion wr_id and qp_num (bsc#1111666)
- commit 57db719
- rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014)
  Author: Dominique Leuenberger <dimstar@opensuse.org>
- commit 21f8205
- rpm/mkspec: do not build kernel-obs-build on x86_32
  We want to use 64bit kernel due to various bugs (bsc#1178762 to name
  one).
  There is:
  ExportFilter: ^kernel-obs-build.*.x86_64.rpm$ . i586
  in Factory's prjconf now. No other actively maintained distro (i.e.
  merging packaging branch) builds a x86_32 kernel, hence pushing to
  packaging directly.
- commit 8099b4b
- fs/select.c: batch user writes in do_sys_poll (CVE-2020-4788
  bsc#1177666).
- commit 011abbd
- net: ena: Fix all static chekers' warnings (bsc#1177397).
- net: ena: Change RSS related macros and variables names
  (bsc#1177397).
- net: ena: Remove redundant print of placement policy
  (bsc#1177397).
- net: ena: Capitalize all log strings and improve code
  readability (bsc#1177397).
- net: ena: Change log message to netif/dev function
  (bsc#1177397).
- net: ena: Change license into format to SPDX in all files
  (bsc#1177397).
- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
- net: ena: ethtool: add stats printing to XDP queues
  (bsc#1177397).
- net: ena: ethtool: Add new device statistics (bsc#1177397).
- net: ena: ethtool: convert stat_offset to 64 bit resolution
  (bsc#1177397).
- commit 8a8bbf0
- net/mlx4_core: Fix init_hca fields offset (git-fixes).
- commit 58eddc8
- Fonts: Replace discarded const qualifier (CVE-2020-28915
  bsc#1178886).
- fbcon: Fix global-out-of-bounds read in fbcon_get_font()
  (CVE-2020-28915 bsc#1178886).
- Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
  (CVE-2020-28915 bsc#1178886).
- fbdev, newport_con: Move FONT_EXTRA_WORDS macros into
  linux/font.h (CVE-2020-28915 bsc#1178886).
- commit 8016c83
- inet_diag: Fix error path to cancel the meseage in
  inet_req_diag_fill() (git-fixes).
- can: m_can: m_can_stop(): set device to software init mode
  before closing (git-fixes).
- can: m_can: m_can_handle_state_change(): fix state change
  (git-fixes).
- can: peak_usb: fix potential integer overflow on shift of a int
  (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then
  pass to can_put_echo_skb() (git-fixes).
- can: dev: can_restart(): post buffer from the right context
  (git-fixes).
- can: af_can: prevent potential access of uninitialized member
  in canfd_rcv() (git-fixes).
- can: af_can: prevent potential access of uninitialized member
  in can_rcv() (git-fixes).
- mac80211: minstrel: fix tx status processing corner case
  (git-fixes).
- mac80211: minstrel: remove deferred sampling code (git-fixes).
- regulator: ti-abb: Fix array out of bound read access on the
  first transition (git-fixes).
- regulator: workaround self-referent regulators (git-fixes).
- regulator: avoid resolve_supply() infinite recursion
  (git-fixes).
- regulator: fix memory leak with repeated
  set_machine_constraints() (git-fixes).
- commit 17dc56b
- Refresh patches.suse/btrfs-fix-RWF_NOWAIT-writes-blocking-on-extent-locks.patch.
  This fixes a double unlock and subsequently a deadlock on generic/083
- commit 5cd6dff
- usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe()
  (git-fixes).
- commit bc4a589
- USB: serial: cyberjack: fix write-URB completion race
  (git-fixes).
- commit f2de2db
- btrfs: do not delete mismatched root refs (bsc#1178962).
- commit 34e9f99
- btrfs: fix invalid removal of root ref (bsc#1178962).
- commit 08194fc
- btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
- commit c480ca6
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549).
- commit 1d8ca8d
- futex: Don't enable IRQs unconditionally in put_pi_state()
  (bsc#1067665).
- futex: Handle transient "/ownerless"/ rtmutex state correctly
  (bsc#1067665).
- commit 96fc4b8
- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count
  (bsc#1050549).
- locktorture: Print ratio of acquisitions, not failures
  (bsc#1050549).
- locking/lockdep: Add debug_locks check in __lock_downgrade()
  (bsc#1050549).
- commit bd58a65
- blacklist.conf: add inapplicable qspinlock changes
  These were deemed too risky long ago for SLE15-SP1 and
  instead only made it for SLE12-SP5.
- commit c9a2a62
- blacklist.conf: add inapplicable futex fix
- commit c4392ce
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
  (git-fixes).
- commit 9ef9a3c
- hv_netvsc: make recording RSS hash depend on feature flag
  (bsc#1178853, bsc#1178854).
- commit 4799b2b
- hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
- commit 402d366
- btrfs: Update patches with their upstream tags
- Refresh   patches.suse/btrfs-account-for-trans_block_rsv-in-may_commit_transaction.patch.
- Refresh   patches.suse/btrfs-allow-us-to-use-up-to-90-of-the-global-rsv-for-unlink.patch.
- Refresh  patches.suse/btrfs-force-chunk-allocation-if-our-global-rsv-is-larger-than-metadata.patch.
- Refresh   patches.suse/btrfs-improve-global-reserve-stealing-logic.patch.
- Refresh   patches.suse/btrfs-only-check-priority-tickets-for-priority-flushing.patch.
- Refresh   patches.suse/btrfs-run-btrfs_try_granting_tickets-if-a-priority-ticket-fails.patch.
- commit 35cb1ba
- powerpc/pmem: Initialize pmem device on newer hardware
  (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402
  jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Update ppc64 to use the new barrier instruction
  (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- libnvdimm/nvdimm/flush: Allow architecture to override the flush
  barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add flush routines using new pmem store and
  sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109
  ltc#187964).
- powerpc/pmem: Add new instructions for persistent storage and
  sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402
  jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc: Chunk calls to flush_dcache_range in arch_*_memory
  (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
- powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402
  jsc#SLE-16497 bsc#1176109 ltc#187964).
- commit e9665a5
- kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497
  bsc#1176109 ltc#187964).
- commit 23f09db
- powerpc/64: reuse PPC32 static inline flush_dcache_range()
  (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- Delete patches.suse/v2-powerpc-Allow-flush_-inval_-dcache_range-to-work-across-ranges-4GB.patch.
- commit 2e8f1e0
- powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402
  jsc#SLE-16497 bsc#1176109 ltc#187964).
- commit d2e3fc6
- powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range()
  (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- Refresh patches.suse/v2-powerpc-Allow-flush_-inval_-dcache_range-to-work-across-ranges-4GB.patch.
- commit 0e25e71
- powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402
  jsc#SLE-16497 bsc#1176109 ltc#187964).
- commit 707502b
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
- commit 45c80ad
- btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
- Refresh   patches.suse/0001-btrfs-take-overcommit-into-account-in-inc_block_grou.patch.
- commit 7fe1674
- btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
- commit 6e32b54
- btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
- Refresh patches.suse/0001-btrfs-take-overcommit-into-account-in-inc_block_grou.patch.
- commit 197dc10
- btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897).
- commit cf4b2c3
- Input: adxl34x - clean up a data type in adxl34x_probe()
  (git-fixes).
- commit 882b5e9
- btrfs: split dev-replace locking helpers for read and write (bsc#1178897).
  Needed as a prep patch for further improvements around btrfs.
- Refresh patches.suse/0001-btrfs-scrub-Require-mandatory-block-group-RO-for-dev.patch.
- Refresh patches.suse/btrfs-ensure-btrfs_init_dev_replace_tgtdev-sees-up-to-date-values.patch.
- Refresh patches.suse/btrfs-ensure-replaced-device-doesn-t-have-pending-chunk-allocation.patch.
- Refresh patches.suse/btrfs-fix-error-handling-in-btrfs_dev_replace_start.patch.
- commit ce24a58
- Input: sunkbd - avoid use-after-free in teardown paths
  (CVE-2020-25669 bsc#1178182).
- commit e6736dd
- hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819,
  bsc#1177820).
- commit cc66607
- NFSv4.1: fix handling of backchannel binding in
  BIND_CONN_TO_SESSION (bsc#1170630).
- commit 63b3f50
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- commit 031c3eb
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- Refresh
  patches.suse/USB-serial-option-add-Telit-FN980-composition-0x1055.patch.
- commit 098fa81
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- commit 67385fd
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART
  adapters (git-fixes).
- commit e9d2800
- Revert "/cdc-acm: hardening against malicious devices"/
  (git-fixes).
- commit 8952774
- usb: core: driver: fix stray tabs in error messages (git-fixes).
- commit e51a673
- time: Prevent undefined behaviour in timespec64_to_ns()
  (git-fixes).
- commit 9c7eca4
- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
- commit 74fa765
- Refresh
  patches.suse/0002-x86-speculation-Enable-Spectre-v1-swapgs-mitigations.patch.
- commit b25cf8c
- blacklist.conf: breaks crypto ABI into numerous small pieces
- commit 52940a7
- netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
- commit d440944
- bpf: Zero-fill re-used per-cpu map element (git-fixes).
- commit 0837a7d
- blacklist.conf: 11d6761218d1 mm, memcg: fix error return value of mem_cgroup_css_alloc()
- commit cd17076
- xfs: fix a missing unlock on error in xfs_fs_map_blocks
  (git-fixes).
- commit ced2a71
- xfs: fix rmap key and record comparison functions (git-fixes).
- commit bcdcb04
- xfs: fix flags argument to rmap lookup when converting shared
  file rmaps (git-fixes).
- commit 5f0318f
- thunderbolt: Add the missed ida_simple_remove() in
  ring_request_msix() (git-fixes).
- pinctrl: intel: Set default bias in case no particular value
  given (git-fixes).
- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for
  more SoCs (git-fixes).
- commit 49bba86
- NFS: only invalidate dentrys that are clearly invalid
  (bsc#1178669 bsc#1170139).
- commit 20e5a61
- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map()
  (bsc#1172873).
- drbd: code cleanup by using sendpage_ok() to check page for
  kernel_sendpage() (bsc#1172873).
- nvme-tcp: check page by sendpage_ok() before calling
  kernel_sendpage() (bsc#1172873).
- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy
  send (bsc#1172873).
- net: introduce helper sendpage_ok() in include/linux/net.h
  (bsc#1172873).
  kABI workaround for including mm.h in include/linux/net.h
  (bsc#1172873).
- commit 37a4ebc
- icmp: randomize the global rate limiter (CVE-2020-25705
  bsc#1175721 git-fixes).
- commit 5acc8a6
- powerpc/pseries/cpuidle: add polling idle for shared processor
  guests (bsc#1178765 ltc#188968).
- commit 7f1d757
- Refresh patches.suse/powerpc-vnic-Extend-failover-pending-window.patch.
  Update patch metadata
- commit 21a0f4c
- mm/memcg: fix refcount error while moving and swapping
  (bsc#1178686).
- commit 52ea917
- vt: Disable KD_FONT_OP_COPY (bsc#1178589).
- USB: serial: option: add Telit FN980 composition 0x1055
  (git-fixes).
- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230,
  0x1231 (git-fixes).
- USB: serial: option: add Quectel EC200T module support
  (git-fixes).
- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition
  (git-fixes).
- kthread_worker: prevent queuing delayed work from timer_fn
  when it is being canceled (git-fixes).
- ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
- drm/vc4: drv: Add error handding for bind (git-fixes).
- drm/i915: Break up error capture compression loops with
  cond_resched() (git-fixes).
- commit 01c63df
- powerpc/vnic: Extend "/failover pending"/ window (bsc#1176855
  ltc#187293).
- commit 0b133a3
- Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455 bsc#1176983).
  The patch was missing a call site in show_mountinfo so simply add it.
- commit ab85dd9
- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs
  (bsc#1177819, bsc#1177820).
- commit 74794c2
- hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
- commit 01a7c52
- hyperv_fb: Update screen_info after removing old framebuffer
  (bsc#1175306).
- commit f80d8cf
- x86/kexec: Use up-to-dated screen_info copy to fill boot params
  (bsc#1175306).
- commit 51a4847
- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV
  Gen 1 VMs (bsc#1175306).
- commit 02cd933
- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V
  frame buffer driver (bsc#1175306).
- commit cc714a4
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V
  host (bsc#1175306).
- commit b2a5cc0
- ring-buffer: Fix recursion protection transitions between
  interrupt context (git-fixes).
- commit 8e95b82
- Move the upstreamed powercap fix into sorted sectio
- commit ee434c5
- ftrace: Handle tracing when switching between context
  (git-fixes).
- commit 39bf93a
- ftrace: Fix recursion check for NMI test (git-fixes).
- commit f86a9fb
- usb: typec: tcpm: reset hard_reset_count for any disconnect
  (git-fixes).
- commit 1eca2e1
- usb: cdc-acm: fix cooldown mechanism (git-fixes).
- commit a73fcff
- perf/core: Fix a memory leak in perf_event_parse_addr_filter()
  (bsc#1178393, CVE-2020-25704).
- commit 03f6dc5
- regulator: defer probe when trying to get voltage from
  unresolved supply (git-fixes).
- commit 7dfc94d
- usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
- ALSA: hda: prevent undefined shift in
  snd_hdac_ext_bus_get_link() (git-fixes).
- drm/imx: tve remove extraneous type qualifier (git-fixes).
- can: peak_canfd: pucan_handle_can_rx(): fix echo management
  when loopback is on (git-fixes).
- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
  (git-fixes).
- can: peak_usb: add range checking in decode operations
  (git-fixes).
- can: can_create_echo_skb(): fix echo skb generation: always
  use skb_clone() (git-fixes).
- can: dev: __can_get_echo_skb(): fix real payload length return
  value for RTR frames (git-fixes).
- can: dev: can_get_echo_skb(): prevent call to kfree_skb()
  in hard IRQ context (git-fixes).
- can: rx-offload: don't call kfree_skb() from IRQ context
  (git-fixes).
- ALSA: hda - Fix the return value if cb func is already
  registered (git-fixes).
- 9P: Cast to loff_t before multiplying (git-fixes).
- regulator: resolve supply after creating regulator (git-fixes).
- crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
- commit b75e48a
- xfs: flush new eof page on truncate to avoid post-eof corruption
  (git-fixes).
- commit 1cb8cc0
- staging: comedi: cb_pcidas: Allow 2-channel commands for AO
  subdevice (git-fixes).
- staging: octeon: Drop on uncorrectable alignment or FCS error
  (git-fixes).
- staging: octeon: repair "/fixed-link"/ support (git-fixes).
- drm/amd/display: Don't invoke kgdb_breakpoint() unconditionally
  (git-fixes).
- drm/amdgpu: don't map BO in reserved region (git-fixes).
- ata: sata_rcar: Fix DMA boundary mask (git-fixes).
- ACPI: debug: don't allow debugging when ACPI is disabled
  (git-fixes).
- acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
  (git-fixes).
- drm/i915: Force VT'd workarounds when running as a guest OS
  (git-fixes).
- drm/ttm: fix eviction valuable range check (git-fixes).
- clk: ti: clockdomain: fix static checker warning (git-fixes).
- power: supply: test_power: add missing newlines when printing
  parameters by sysfs (git-fixes).
- mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
- p54: avoid accessing the data mapped to streaming DMA
  (git-fixes).
- ath10k: fix VHT NSS calculation when STBC is enabled
  (git-fixes).
- ath10k: start recovery process when payload length exceeds
  max htc length for sdio (git-fixes).
- drm/amd/display: HDMI remote sink need mode validation for Linux
  (git-fixes).
- drm/bridge/synopsys: dsi: add support for non-continuous HS
  clock (git-fixes).
- drm/brige/megachips: Add checking if ge_b850v3_lvds_init()
  is working correctly (git-fixes).
- video: fbdev: pvr2fb: initialize variables (git-fixes).
- bus/fsl_mc: Do not rely on caller to provide non NULL mc_io
  (git-fixes).
- USB: adutux: fix debugging (git-fixes).
- usb: typec: tcpm: During PR_SWAP, source caps should be sent
  only after tSwapSourceStart (git-fixes).
- leds: bcm6328, bcm6358: use devres LED registering function
  (git-fixes).
- ACPI / extlog: Check for RDMSR failure (git-fixes).
- ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
- media: tw5864: check status of tw5864_frameinterval_get
  (git-fixes).
- media: platform: Improve queue set up flow for bug fixing
  (git-fixes).
- efivarfs: Replace invalid slashes with exclamation marks in
  dentries (git-fixes).
- commit 5e86420
- memcg: fix NULL pointer dereference in
  __mem_cgroup_usage_unregister_event (bsc#1177703).
- commit cedbb17
- KVM host: kabi fixes for psci_version (bsc#1174726).
- commit ddeee04
- KVM: arm64: Add missing #include of <linux/string.h> in guest.c
  (bsc#1174726).
- Refresh
  patches.suse/KVM-arm64-Factor-out-core-register-ID-enumeration.patch.
- commit b07f55a
- KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance
  (bsc#1174726).
- Refresh
  patches.suse/KVM-arm64-Reject-ioctl-access-to-FPSIMD-V-regs-on-SV.patch.
- commit 2592383
- arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
- Refresh
  patches.suse/KVM-arm64-Factor-out-core-register-ID-enumeration.patch.
- Refresh
  patches.suse/KVM-arm64-Reject-ioctl-access-to-FPSIMD-V-regs-on-SV.patch.
- Refresh
  patches.suse/arm64-KVM-Fix-system-register-enumeration.patch.
- commit 814c577
- xfs: don't update mtime on COW faults (bsc#1167030).
- commit 5299c92
- Refresh
  patches.suse/scsi-ibmvscsi-Fix-potential-race-after-loss-of-trans.patch.
  series_sort applied
- commit 9950526
- tty: make FONTX ioctl use the tty pointer they were actually
  passed (bsc#1178123 CVE-2020-25668).
- commit 2fb3bcf
- icmp: randomize the global rate limiter (git-fixes).
- commit 41c7510
- Updated Copyright line in rpm templates with SUSE LLC
- commit 39a1fcf
- rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
- commit 33ded45
- usb: host: fsl-mph-dr-of: check return of dma_set_mask()
  (git-fixes).
- device property: Don't clear secondary pointer for shared
  primary firmware node (git-fixes).
- device property: Keep secondary firmware node secondary by type
  (git-fixes).
- ACPI: dock: fix enum-conversion warning (git-fixes).
- mmc: sdhci-of-esdhc: set timeout to max before tuning
  (git-fixes).
- commit 72279f3
- rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886)
  The in-tree KMP that is built with SLE kernels have a different scriptlet
  that is embedded in kernel-binary.spec.in rather than *.sh files.
- commit e32ee2c
- vt: keyboard, extend func_buf_lock to readers (bnc#1177766
  CVE-2020-25656).
- vt: keyboard, simplify vt_kdgkbsent (bnc#1177766
  CVE-2020-25656).
- commit 933e7f7
- Disable ipa-clones dump for KMP builds (bsc#1178330)
  The feature is not really useful for KMP, and rather confusing,
  so let's disable it at building out-of-tree codes
- commit 2b41562
- kbuild: enforce -Werror=return-type (bsc#1177281).
- commit b96ec4b
- x86/unwind/orc: Fix inactive tasks with stack pointer in %sp
  on GCC 10 compiled kernels (bsc#1058115 bsc#1176907).
- commit 240a7b0
- livepatch: Test if -fdump-ipa-clones is really available
  As of now we add -fdump-ipa-clones unconditionally. It does not cause a
  trouble if the kernel is build with the supported toolchain. Otherwise
  it could fail easily. Do the correct thing and test for the
  availability.
- commit 1de866d
- Refresh patches.suse/ibmveth-Fix-use-of-ibmveth-in-a-bridge.patch.
  Update to upstream version.
- commit 20fb48d
- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
- commit d71742f
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- commit 2fd7b70
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- commit 0293f73
- video: fbdev: vga16fb: fix setting of pixclock because a
  pass-by-value error (git-fixes).
- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
  (git-fixes).
- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets
  (git-fixes).
- usb: gadget: function: printer: fix use-after-free in
  __lock_acquire (git-fixes).
- USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync()
  (git-fixes).
- USB: cdc-acm: handle broken union descriptors (git-fixes).
- usb: ohci: Default to per-port over-current protection
  (git-fixes).
- usb: core: Solve race condition in anchor cleanup functions
  (git-fixes).
- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
- tty: ipwireless: fix error handling (git-fixes).
- commit d1c5d8b
- NTB: hw: amd: fix an issue about leak system resources
  (git-fixes).
- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
  nfc_genl_fw_download() (git-fixes).
- mtd: mtdoops: Don't write panic data twice (git-fixes).
- mtd: lpddr: fix excessive stack usage with clang (git-fixes).
- rtl8xxxu: prevent potential memory leak (git-fixes).
- mwifiex: don't call del_timer_sync() on uninitialized timer
  (git-fixes).
- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
- net: usb: rtl8150: set random MAC address when
  set_ethernet_addr() fails (git-fixes).
- commit 3774d4e
- misc: vop: add round_up(x,4) for vring_size to avoid kernel
  panic (git-fixes).
- commit 38dcae6
- memory: fsl-corenet-cf: Fix handling of platform_get_irq()
  error (git-fixes).
- memory: omap-gpmc: Fix a couple off by ones (git-fixes).
- mic: vop: copy data to kernel space then write to io memory
  (git-fixes).
- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
- media: firewire: fix memory leak (git-fixes).
- media: ati_remote: sanity check for both endpoints (git-fixes).
- media: st-delta: Fix reference count leak in delta_run_work
  (git-fixes).
- media: sti: Fix reference count leaks (git-fixes).
- media: exynos4-is: Fix several reference count leaks due to
  pm_runtime_get_sync (git-fixes).
- commit f19fc25
- media: exynos4-is: Fix a reference count leak due to
  pm_runtime_get_sync (git-fixes).
- media: exynos4-is: Fix a reference count leak (git-fixes).
- media: ti-vpe: Fix a missing check and reference count leak
  (git-fixes).
- media: s5p-mfc: Fix a reference count leak (git-fixes).
- media: platform: fcp: Fix a reference count leak (git-fixes).
- media: vsp1: Fix runtime PM imbalance on error (git-fixes).
- media: platform: s3c-camif: Fix runtime PM imbalance on error
  (git-fixes).
- media: platform: sti: hva: Fix runtime PM imbalance on error
  (git-fixes).
- media: bdisp: Fix runtime PM imbalance on error (git-fixes).
- media: media/pci: prevent memory leak in bttv_probe (git-fixes).
- commit df724c3
- mailbox: avoid timer start from callback (git-fixes).
- lib/crc32.c: fix trivial typo in preprocessor condition
  (git-fixes).
- mac80211: handle lack of sband->bitrates in rates (git-fixes).
- media: tc358743: initialize variable (git-fixes).
- media: omap3isp: Fix memleak in isp_probe (git-fixes).
- media: uvcvideo: Ensure all probed info is returned to v4l2
  (git-fixes).
- media: saa7134: avoid a shift overflow (git-fixes).
- media: m5mols: Check function pointer in m5mols_sensor_power
  (git-fixes).
- media: Revert "/media: exynos4-is: Add missed check for
  pinctrl_lookup_state()"/ (git-fixes).
- media: tuner-simple: fix regression in simple_set_radio_freq
  (git-fixes).
- commit c145fe9
- Input: sun4i-ps2 - fix handling of platform_get_irq() error
  (git-fixes).
- Input: twl4030_keypad - fix handling of platform_get_irq()
  error (git-fixes).
- Input: omap4-keypad - fix handling of platform_get_irq() error
  (git-fixes).
- Input: ep93xx_keypad - fix handling of platform_get_irq()
  error (git-fixes).
- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
  (git-fixes).
- Fix use after free in get_capset_info callback (git-fixes).
- eeprom: at25: set minimum read/write access stride to 1
  (git-fixes).
- crypto: ccp - fix error handling (git-fixes).
- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
- crypto: omap-sham - fix digcnt register handling with
  export/import (git-fixes).
- commit e755a5e
- Bluetooth: Only mark socket zapped after unlocking (git-fixes).
- ath9k: hif_usb: fix race condition between usb_get_urb()
  and usb_kill_anchored_urbs() (git-fixes).
- can: flexcan: flexcan_chip_stop(): add error handling and
  propagate error value (git-fixes).
- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
  (git-fixes).
- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
  (git-fixes).
- crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()'
  call (git-fixes).
- crypto: mediatek - Fix wrong return value in
  mtk_desc_ring_alloc() (git-fixes).
- crypto: algif_skcipher - EBUSY on aio should be an error
  (git-fixes).
- commit cc97baa
- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
- commit 46337b5
- btrfs: don't force read-only after error in drop snapshot (bsc#1176354).
- commit 005c136
- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
- commit 552ec97
- ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234).
- commit 02aef82
- ceph: map snapid to anonymous bdev ID (bsc#1178234).
- Refresh
  patches.suse/ceph-fix-potential-mdsc-use-after-free-crash.patch.
- Refresh
  patches.suse/ceph-fix-use-after-free-on-symlink-traversal.patch.
- Refresh
  patches.suse/ceph-handle-change_attr-in-cap-messages.patch.
- commit 77211f9
- btrfs: take overcommit into account in inc_block_group_ro
  (bsc#1176560).
- commit fd02126
- xfs: limit entries returned when counting fsmap records
  (git-fixes).
- commit c2bc8db
- xen/gntdev.c: Mark pages as dirty (bsc#1065600).
- commit 2dbfdfd
- vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202).
- commit ee8ab1f
- ibmveth: Identify ingress large send packets (bsc#1178185
  ltc#188897).
- commit 3b0b184
- libceph: clear con->out_msg on Policy::stateful_server faults
  (bsc#1178188).
- ceph: promote to unsigned long long before shifting
  (bsc#1178187).
- commit 968b22e
- scsi: ibmvscsi: Fix potential race after loss of transport
  (bsc#1178166 ltc#188226).
- commit e99d559
- patches.suse/target-use-scsi_set_sense_information-helper-on-misc.patch:
  (bsc#1177719).
- patches.suse/target-rbd-fix-unmap-discard-block-size-conversion.patch:
  (bsc#1177271).
- commit e115ed6
- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
- nvme-rdma: fix crash when connect rejected (bsc#1174748).
- commit 08720ea
- mlx5: remove support for ib_get_vector_affinity (bsc#1174748).
  Refresh patches.suse/mlx5-add-parameter-to-disable-enhanced-IPoIB.patch
- commit f404b3f
- ring-buffer: Return 0 on success from ring_buffer_resize()
  (git-fixes).
- commit 35bd7ea
- clk: imx8mq: Fix usdhc parents order (git-fixes).
- commit 0a4e423
- powerpc/powernv/dump: Fix race while processing OPAL dump
  (bsc#1065729).
- commit eb915fa
- cxl: Rework error message for incompatible slots (bsc#1055014
  git-fixes).
- commit 6c9a6d9
- mm/hugetlb: fix a race between hugetlb sysctl handlers
  (bsc#1176485, CVE-2020-25285).
- commit e28fbdd
- Update patch reference tag for a libsas security fix
- commit fad2b78
- Refresh patches.suse/powerpc-Fix-undetected-data-corruption-with-P9N-DD2..patch.
  refresh patch metadata
- commit 2f49b00
- ibmvnic: save changed mac address to adapter->mac_addr
  (bsc#1134760 ltc#177449 git-fixes).
- commit 886641a
- kernel-binary.spec.in: pack scripts/module.lds into kernel-$flavor-devel
  Since mainline commit 596b0474d3d9 ("/kbuild: preprocess module linker
  script"/) in 5.10-rc1, scripts/module.lds linker script is needed to build
  out of tree modules. Add it into kernel-$flavor-devel subpackage.
- commit fe37c16
- blacklist.conf: a90118c445cc x86/boot: Save fields explicitly, zero out everything else
- commit a402502
- x86/apic: Unify duplicated local apic timer clockevent
  initialization (bsc#1112178).
- commit d9b0997
- btrfs: remove root usage from can_overcommit (bsc#1131277).
- Refresh
  patches.suse/0003-btrfs-factor-out-the-ticket-flush-handling.patch.
- Refresh
  patches.suse/0004-btrfs-export-space_info_add_-bytes.patch.
- Refresh
  patches.suse/0005-btrfs-move-the-space_info-handling-code-to-space-info-c.patch.
- Refresh
  patches.suse/0006-btrfs-move-and-export-can_overcommit.patch.
- Refresh
  patches.suse/0007-btrfs-add-new-flushing-states-for-the-delayed-refs-rsv.patch.
- Refresh
  patches.suse/0007-btrfs-move-the-space-info-update-macro-to-space-info-h.patch.
- Refresh
  patches.suse/0008-btrfs-do-not-allow-reservations-if-we-have-pending-tickets.patch.
- Refresh
  patches.suse/0008-btrfs-don-t-enospc-all-tickets-on-flush-failure.patch.
- Refresh
  patches.suse/0008-btrfs-move-btrfs_space_info_add_-bytes-to-space-info-c.patch.
- Refresh
  patches.suse/0009-btrfs-export-block_rsv_use_bytes.patch.
- Refresh
  patches.suse/0009-btrfs-roll-tracepoint-into-btrfs_space_info_update-helper.patch.
- Refresh
  patches.suse/0010-btrfs-be-more-explicit-about-allowed-flush-states.patch.
- Refresh
  patches.suse/0010-btrfs-move-dump_space_info-to-space-info-c.patch.
- Refresh
  patches.suse/0011-btrfs-move-reserve_metadata_bytes-and-supporting-code-to-space-info-c.patch.
- Refresh
  patches.suse/0011-btrfs-stop-partially-refilling-tickets-when-releasing-space.patch.
- Refresh patches.suse/0012-btrfs-unexport-can_overcommit.patch.
- Refresh
  patches.suse/0019-btrfs-make-the-delalloc-block-rsv-per-inode.patch.
- Refresh
  patches.suse/0020-btrfs-do-not-account-global-reserve-in-can_overcommit.patch.
- Refresh
  patches.suse/btrfs-extent-tree-add-trace-events-for-space-info-numbers-update.patch.
- Refresh
  patches.suse/btrfs-extent-tree-detect-bytes_may_use-underflow-earlier.patch.
- Refresh
  patches.suse/btrfs-remove-redundant-argument-of-flush_space.patch.
- commit 09d9f20
- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC
  (networking-stable-20_09_24).
- net: phy: Avoid NPD upon phy_detach() when driver is unbound
  (networking-stable-20_09_24).
- ipv4: Update exception handling for multipath routes via same
  device (networking-stable-20_09_24).
- tipc: use skb_unshare() instead in tipc_buf_append()
  (networking-stable-20_09_24).
- tipc: fix shutdown() of connection oriented socket
  (networking-stable-20_09_24).
- ip: fix tos reflection in ack and reset packets
  (networking-stable-20_09_24).
- tg3: Fix soft lockup when tg3_reset_task() fails
  (networking-stable-20_09_11).
- tipc: fix shutdown() of connectionless socket
  (networking-stable-20_09_11).
- net: usb: dm9601: Add USB ID of Keenetic Plus DSL
  (networking-stable-20_09_11).
- bnxt: don't enable NAPI until rings are ready
  (networking-stable-20_09_11).
- net: disable netpoll on fresh napis
  (networking-stable-20_09_11).
- bnxt_en: Check for zero dir entries in NVRAM
  (networking-stable-20_09_11).
- gtp: add GTPA_LINK info to msg sent to userspace
  (networking-stable-20_09_11).
- netlabel: fix problems with mapping removal
  (networking-stable-20_09_11).
- sctp: not disable bh in the whole sctp_get_port_local()
  (networking-stable-20_09_11).
- net: systemport: Fix memleak in bcm_sysport_probe
  (networking-stable-20_09_11).
- net: hns: Fix memleak in hns_nic_dev_probe
  (networking-stable-20_09_11).
- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
  (networking-stable-20_08_24).
- net: qrtr: fix usage of idr in port assignment to socket
  (networking-stable-20_08_24).
- tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
  (networking-stable-20_08_24).
- net: Fix potential wrong skb->protocol in skb_vlan_untag()
  (networking-stable-20_08_24).
- commit e161faf
- clk: bcm2835: add missing release if devm_clk_hw_register fails
  (git-fixes).
- clk: at91: clk-main: update key before writing AT91_CKGR_MOR
  (git-fixes).
- clk: at91: remove the checking of parent_name (git-fixes).
- i2c: imx: Fix external abort on interrupt in exit paths
  (git-fixes).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled
  (git-fixes).
- commit 92b01c8
- bpf: reject passing modified ctx to helper functions
  (CVE-2020-0430 bsc#1176723).
- commit 6b08077
- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
  (git-fixes).
- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
- commit 3f067fb
- x86/fpu: Allow multiple bits in clearcpuid= parameter
  (bsc#1112178).
- commit 3f71184
- blacklist.conf: 5da8e4a65810 x86/copy_mc: Introduce copy_mc_enhanced_fast_string()
- commit 4505b1d
- xfs: avoid infinite loop when cancelling CoW blocks after
  writeback failure (bsc#1178027).
- commit 343a7f4
- blacklist.conf: add a cleanup
- commit 8a77f56
- EDAC/i5100: Fix error handling order in i5100_init_one()
  (bsc#1112178).
- commit 580cb5f
- blacklist.conf: add unnecessary fix
  5b905d77987d powerpc/watchpoint: Fix exception handling for
  CONFIG_HAVE_HW_BREAKPOINT=N
- commit cc6f443
- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
- powerpc/powernv/elog: Fix race while processing OPAL error
  log event (bsc#1065729).
- powerpc/irq: Drop forward declaration of struct irqaction
  (bsc#1065729).
- powerpc/hwirq: Remove stale forward irq_chip declaration
  (bsc#1065729).
- powerpc/icp-hv: Fix missing of_node_put() in success path
  (bsc#1065729).
- powerpc/pseries: Fix missing of_node_put() in rng_init()
  (bsc#1065729).
- commit 46c58b1
- blacklist.conf: Requires powerpc-utils fix.
  a02f6d42357a powerpc: Warn about use of smt_snooze_delay
- commit aab7b9e
- blacklist.conf: add fixes for unused sensor driver
  66943005cc41 powerpc/tau: Use appropriate temperature sample interval
  5e3119e15fed powerpc/tau: Check processor type before enabling TAU interrupt
  e63d6fb5637e powerpc/tau: Disable TAU between measurements
- commit 9e931d4
- blacklist.conf: Add unneeded fix
  a665eec0a22e powerpc/64s/radix: Fix mm_cpumask trimming race vs
  kthread_use_mm
  fixes an issue introduced in Linux 5.1
- commit b46baba
- watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101).
- watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101).
- commit a152d97
- powerpc/pseries: explicitly reschedule during drmem_lmb list
  traversal (bsc#1077428 ltc#163882 FATE#324825 git-fixes).
- commit ce3df44
- Refresh
  patches.suse/linux-dim-Rename-externally-used-net_dim-members.patch.
- commit 959a651
- blacklist.conf: already added
- commit d76a91e
- media: usbtv: Fix refcounting mixup (git-fixes).
- commit 85d629b
- net/mlx5e: Take common TIR context settings into a function
  (bsc#1177740).
- net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740).
- Refresh
  patches.suse/linux-dim-Rename-externally-used-net_dim-members.patch.
  test for bsc#1177740
- commit 8dd008b
- xen/events: block rogue events for some time (XSA-332
  bsc#1177411).
- commit c472bdc
- xen/events: defer eoi in case of excessive number of events
  (XSA-332 bsc#1177411).
- commit a199a64
- xen/events: use a common cpu hotplug hook for event channels
  (XSA-332 bsc#1177411).
- commit 9b5ac01
- xen/events: switch user event channels to lateeoi model
  (XSA-332 bsc#1177411).
- commit 5d87745
- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
- commit 286e5c1
- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
- commit d34a4a5
- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
- commit e64a874
- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
- commit e507788
- xen/events: add a new "/late EOI"/ evtchn framework (XSA-332
  bsc#1177411).
- commit be58cd0
- xen/events: fix race in evtchn_fifo_unmask() (XSA-332
  bsc#1177411).
- commit fb97cc7
- xen/events: add a proper barrier to 2-level uevent unmasking
  (XSA-332 bsc#1177411).
- commit abe3eaa
- xen/events: avoid removing an event channel while handling it
  (XSA-331 bsc#1177410).
- commit 8e374e0
- xen/events: don't use chip_data for legacy IRQs (XSA-332 bsc#1065600).
- commit 492eb13
- XEN uses irqdesc::irq_data_common::handler_data to store a
  per interrupt XEN data pointer which contains XEN specific
  information (XSA-332 bsc#1065600).
- commit 884f207
- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI
  load emulation (bsc#1065729).
- commit 7e15c63
- Refresh patches.suse/powerpc-vnic-Extend-failover-pending-window.patch.
  Update to v2
- commit 92bedf0
- perf/core: Fix race in the perf_mmap_close() function
  (bsc#1177086, CVE-2020-14351).
- commit 4543ba5
- Revert commit b936888
- Refresh
  patches.suse/linux-dim-Rename-externally-used-net_dim-members.patch.
- Delete
  patches.suse/net-mlx5e-Turn-on-HW-tunnel-offload-in-all-TIRs.patch.
- commit 30a5c15
- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
- commit 3e856f6
- ovl: verify permissions in ovl_path_open()  (bsc#1177470,
  CVE-2020-16120).
- ovl: switch to mounter creds in readdir  (bsc#1177470,
  CVE-2020-16120).
- ovl: pass correct flags for opening real directory
  (bsc#1177470, CVE-2020-16120).
- commit e32875c
- Move upstreamed patches into sorted section
- commit 5908bd2
- blacklist.conf: add a couple of entries
- commit a7b34d7
- blacklist.conf: Add b9cd795b0e48 ibmvnic: set up 200GBPS speed
  Not supported on 4.12
- commit dedcd59
- net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
  (git-fixes).
- net: fec: Fix PHY init after phy_reset_after_clk_enable()
  (git-fixes).
- commit 732819e
- btrfs: tree-checker: fix false alert caused by legacy btrfs
  root item (bsc#1177861).
- btrfs: qgroup: fix qgroup meta rsv leak for subvolume
  operations (bsc#1177856).
- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed
  inode (bsc#1177855).
- commit 5a5fa64
- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843
  git-fixes).
- commit f65b819
- blacklist.conf: block commit 1465af12e254 btrfs: tree-checker: fix false alert caused by legacy btrfs root item
  We don't have extent_io_tree::owner in SLE15-SP1 at all, thus no need
  for it.
- commit bde601c
- powercap: Restrict energy meter to root access (bsc#1170415
  CVE-2020-8694).
- commit addf703
- mwifiex: fix double free (git-fixes).
- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused
  (git-fixes).
- can: softing: softing_card_shutdown(): add  braces around
  empty body in an 'if' statement (git-fixes).
- iwlwifi: mvm: split a print to avoid a WARNING in ROC
  (git-fixes).
- nl80211: fix non-split wiphy information (git-fixes).
- ath6kl: wmi: prevent a shift wrapping bug in
  ath6kl_wmi_delete_pstream_cmd() (git-fixes).
- mwifiex: remove function pointer check (git-fixes).
- mwifiex: Remove unnecessary braces from
  HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).
- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
  (git-fixes).
- ath10k: Fix the size used in a 'dma_free_coherent()' call in
  an error handling path (git-fixes).
- ath9k: Fix potential out of bounds in
  ath9k_htc_txcompletion_cb() (git-fixes).
- ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
  (git-fixes).
- ath10k: provide survey info as accumulated data (git-fixes).
- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
- brcmfmac: check ndev pointer (git-fixes).
- ima: Remove semicolon at the end of
  ima_get_binary_runtime_size() (git-fixes).
- HID: wacom: Avoid entering wacom_wac_pen_report for pad /
  battery (git-fixes).
- HID: roccat: add bounds checking in kone_sysfs_write_settings()
  (git-fixes).
- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
  (git-fixes).
- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
- ALSA: mixart: Correct comment wrt obsoleted tasklet usage
  (git-fixes).
- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
- drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds()
  (git-fixes).
- video: fbdev: sis: fix null ptr dereference (git-fixes).
- pwm: lpss: Add range limit check for the base_unit register
  value (git-fixes).
- pwm: lpss: Fix off by one error in base_unit math in
  pwm_lpss_prepare() (git-fixes).
- drm/gma500: fix error check (git-fixes).
- w1: mxc_w1: Fix timeout resolution problem leading to bus error
  (git-fixes).
- misc: mic: scif: Fix error handling path (git-fixes).
- VMCI: check return value of get_user_pages_fast() for errors
  (git-fixes).
- USB: serial: qcserial: fix altsetting probing (git-fixes).
- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
- usb: dwc3: core: add phy cleanup for probe error handling
  (git-fixes).
- usb: dwc3: core: don't trigger runtime pm when remove driver
  (git-fixes).
- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
  (git-fixes).
- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above
  (git-fixes).
- usb: dwc2: Fix parameter type in function pointer prototype
  (git-fixes).
- iio:adc:ti-adc12138 Fix alignment issue with timestamp
  (git-fixes).
- iio:adc:ti-adc0832 Fix alignment issue with timestamp
  (git-fixes).
- iio:light:si1145: Fix timestamp alignment and prevent data leak
  (git-fixes).
- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak
  (git-fixes).
- iio:accel:bma180: Fix use of true when should be iio_shared_by
  enum (git-fixes).
- iio:magn:hmc5843: Fix passing true where iio_shared_by enum
  required (git-fixes).
- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE
  (git-fixes).
- iio:adc:max1118 Fix alignment of timestamp and data leak issues
  (git-fixes).
- commit 8b29fc2
- Add cherry-picked ids for already backported DRM radeon patches
- commit e03ad77
- ALSA: hda: use semicolons rather than commas to separate
  statements (git-fixes).
- ALSA: usb-audio: endpoint.c: fix repeated word 'there'
  (git-fixes).
- ALSA: usb-audio: fix spelling mistake "/Frequence"/ -> "/Frequency"/
  (git-fixes).
- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
  (git-fixes).
- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2
  (git-fixes).
- ALSA: ctl: Workaround for lockdep warning wrt
  card->ctl_files_rwlock (git-fixes).
- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
- ALSA: hda: auto_parser: remove shadowed variable declaration
  (git-fixes).
- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro
  (git-fixes).
- ALSA: compress_offload: remove redundant initialization
  (git-fixes).
- ALSA: core: timer: clarify operator precedence (git-fixes).
- ALSA: core: timer: remove redundant assignment (git-fixes).
- ALSA: core: pcm: simplify locking for timers (git-fixes).
- ALSA: hda/realtek - The front Mic on a HP machine doesn't work
  (git-fixes).
- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
  (git-fixes).
- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
  (git-fixes).
- ALSA: hda - Don't register a cb func if it is registered already
  (git-fixes).
- commit 6fb58aa
- x86/xen: disable Firmware First mode for correctable memory
  errors (bsc#1176713).
- commit c3ff5ba
- mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes
  (mm/zsmalloc)).
- commit bb35a69
- pty: do tty_flip_buffer_push without port->lock in pty_write
  (git-fixes).
- tty: serial: earlycon dependency (git-fixes).
- backlight: sky81452-backlight: Fix refcount imbalance on error
  (git-fixes).
- mfd: sm501: Fix leaks in probe() (git-fixes).
- leds: mt6323: move period calculation (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM configuration
  (git-fixes).
- net: wireless: nl80211: fix out-of-bounds access in
  nl80211_del_key() (git-fixes).
- drm/nouveau/mem: guard against NULL pointer access in mem_del
  (git-fixes).
- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
  (git-fixes).
- drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
- spi: fsl-espi: Only process interrupts for expected events
  (git-fixes).
- commit 5992bad
- mm, numa: fix bad pmd by atomically check for pmd_trans_huge
  when marking page tables prot_numa (git-fixes (mm/numa)).
- commit 3f72d65
- mm/huge_memory.c: use head to check huge zero page (git-fixes
  (mm/thp)).
- commit ab7091f
- mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
  (git-fixes (mm/mempolicy)).
- commit b32ea1f
- mm/mempolicy.c: use match_string() helper to simplify the code
  (git-fixes (mm/mempolicy)).
- commit 519cc15
- mm/page-writeback.c: improve arithmetic divisions (git-fixes
  (mm/writeback)).
- commit 29996ff
- mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long
  divide (git-fixes (mm/writeback)).
- commit 46d6e3f
- mm/page-writeback.c: avoid potential division by zero in
  wb_min_max_ratio() (git-fixes (mm/writeback)).
- commit 0bff121
- mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes
  (mm/zsmalloc)).
- commit 41b6c84
- mm/ksm.c: don't WARN if page is still mapped in
  remove_stable_node() (git-fixes (mm/hugetlb)).
- commit 75544fb
- mm: hugetlb: switch to css_tryget() in
  hugetlb_cgroup_charge_cgroup() (git-fixes (mm/hugetlb)).
- commit d8cebb3
- mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes
  (mm/zsmalloc)).
- commit b177476
- mm/zsmalloc.c: migration can leave pages in ZS_EMPTY
  indefinitely (git-fixes (mm/zsmalloc)).
- commit 0f36bc3
- mm/page_owner.c: remove drain_all_pages from
  init_early_allocated_pages (git-fixes (mm/debug)).
- commit 8bb68b8
- writeback: Fix sync livelock due to b_dirty_time processing
  (bsc#1177755).
- commit a8c43be
- writeback: Avoid skipping inode writeback (bsc#1177755).
- commit 4c62cf7
- writeback: Protect inode->i_io_list with inode->i_lock
  (bsc#1177755).
- commit e0fd512
- iomap: Make sure iomap_end is called after iomap_begin
  (bsc#1177754).
- commit 99c875d
- coredump: fix crash when umh is disabled (bsc#1177753).
- commit f98fb06
- blk-mq: order adding requests to hctx->dispatch and checking
  SCHED_RESTART (bsc#1177750).
- commit 1df3228
- block: ensure bdi->io_pages is always initialized (bsc#1177749).
- commit be9bcdd
- btrfs: check the right error variable in
  btrfs_del_dir_entries_in_log (bsc#1177687).
- commit 9650241
- x86, fakenuma: Fix invalid starting node ID (git-fixes
  (mm/x86/fakenuma)).
- commit f346513
- mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes
  (mm/rmap)).
- commit ecb6cd2
- include/linux/swapops.h: correct guards for non_swap_entry()
  (git-fixes (mm/swap)).
- commit 21f09d8
- btrfs: do not set the full sync flag on the inode during page
  release (bsc#1177687).
- commit ac4c32e
- btrfs: release old extent maps during page release
  (bsc#1177687).
- commit 26e6c51
- btrfs: fix race between page release and a fast fsync
  (bsc#1177687).
- commit c174bed
- btrfs: reduce contention on log trees when logging checksums
  (bsc#1177687).
- commit 4bcd9f2
- mlx5 PPC ringsize workaround (bsc#1173432).
- commit b5cfcf4
- btrfs: remove no longer needed use of log_writers for the log
  root tree (bsc#1177687).
- commit e45f682
- btrfs: fix incorrect updating of log root tree (bsc#1177687).
- commit fdf7740
- btrfs: stop incremening log_batch for the log root tree when
  syncing log (bsc#1177687).
- commit 0fc14c6
- btrfs: only commit delayed items at fsync if we are logging
  a directory (bsc#1177687).
- commit 0403f1e
- btrfs: only commit the delayed inode when doing a full fsync
  (bsc#1177687).
- commit 5a71a04
- kernel-binary.spec.in: Exclude .config.old from kernel-devel
  - use tar excludes for .kernel-binary.spec.buildenv
- commit 939a79b
- powerpc/vnic: Extend "/failover pending"/ window (bsc#1176855
  ltc#187293).
- commit edcce21
- commit 9bda320
- nvme: do not update disk info for multipathed device
  (bsc#1171558).
  Update meta data information in
  - patches.suse/nvme-check-for-nvme_ctrl_live-in-nvme_report_ns_ids.patch
  - patches.suse/nvme-do-not-update-multipath-disk-information-if-the.patch
  While at it group all NVMe related patches into its own subsection.
- commit 306e106
- KVM: arm64: Filter out invalid core register IDs in
  KVM_GET_REG_LIST (bsc#1174726).
- arm64: KVM: Fix system register enumeration (bsc#1174726).
- KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus
  (bsc#1174726).
- KVM: arm64: Factor out core register ID enumeration
  (bsc#1174726).
- commit 0d4299a
- Drop sysctl files for dropped archs, add ppc64le and arm64
  (bsc#1178838).
  Also fix the ppc64 page size.
- commit 05a79a0
keyutils
- adjust the library license to be LPGL-2.1+ only (the tools are GPL2+,
  the library is just LGPL-2.1+) (bsc#1180603)
krb5
- Add recursion limit for ASN.1 indefinite lengths; (CVE-2020-28196);
  (bsc#1178512);
- Added patches:
  * 0010-Add-recursion-limit-for-ASN.1-indefinite-lengths.patch
libidn2
- The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later,
  match factory licenses (bsc#1180138)
libpwquality
- update to 1.4.4
  * e11f2bd Fix regression with enabling cracklib check
  * 02e6728 Use make macros in rpm spec file
  * xxxxxxx Translated using Weblate (Polish, Turkish, Ukrainian)
- update to 1.4.3
  * 1213d33 Update translation files
  * a951fbe Add --disable-cracklib-check configure parameter
  * 6a8845b fixup static compilation
  * 92c6066 python: Add missing getters/setters for newly added settings
  * bfef79d Add usersubstr check
  * 09a2e65 pam_pwquality: Add debug message for the local_users_only option
  * a6f7705 Fix some gcc warnings
  * 8c8a260 pwmake: Properly validate the bits parameter.
  * 7be4797 we use Fedora Weblate now
  * xxxxxxx Translated using Weblate (Azerbaijani, Bulgarian,
    Chinese (Simplified), Czech, French, Friulian, Hungarian, Italian,
    Japanese, Norwegian Bokmål, Persian, Russian, Spanish, Turkish)
- update to 1.4.2:
  * Fix regression in handling retry, enforce_for_root, and
    local_users_only options introduced with the previous
    release.
- Register with pam-config in %post(un)
- Add baselibs.conf
- Update to version 1.4.1:
  + Minor bugfix update of the library.
- Drop libpwquality-pythons.patch: Fixed upstream. Following this,
  drop autoconf, automake and libtool BuildRequires and autoreconf
  call.
- Use modern macros.
- Do not recommend lang package. The lang package already has a
  supplements.
- Modernize spec-file by calling spec-cleaner
libselinux
- Correct license to public domain (bsc#1180603)
libselinux-bindings
- Correct license to public domain (bsc#1180603)
libsolv
- do not ask the namespace callback for splitprovides when writing
  a testcase
- fix add_complex_recommends() selecting conflicted packages in
  rare cases leading to crashes
- improve choicerule generation so that package updates are
  prefered in more cases
- bump version to 0.7.16
- make testcase_mangle_repo_names deal correctly with freed repos
  [bnc#1177238]
- fix deduceq2addedmap clearing bits outside of the map
- conda: feature depriorization first
- conda: fix startswith implementation
- move find_update_seeds() call in cleandeps calculation
- set SOLVABLE_BUILDHOST in rpm and rpmmd parsers
- new testcase_mangle_repo_names() function
- new solv_fmemopen() function
- bump version to 0.7.15
libunwind

      
libusb-1_0
- Add libusb-bsc1178376-ppc-linux-flag.patch to fix the inclusion
  of "/sys/time.h"/ on PowerPC (bsc#1178376)
libxml2
- Avoid quadratic checking of identity-constraints: [bsc#1178823]
  * key/unique/keyref schema attributes currently use qudratic loops
    to check their various constraints (that keys are unique and that
    keyrefs refer to existing keys).
  * This fix uses a hash table to avoid the quadratic behaviour.
- Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
libzypp
- Fix bsc#1176902: When kernel-rt has been installed, the
  purge-kernels service fails during boot.
- Use package name provides as group key in purge-kernel
  (bsc#1176740 bsc#1176192)
  kernel-default-base has new packaging, where the kernel uname -r
  does not reflect the full package version anymore. This patch
  adds additional logic to use the most generic/shortest edition
  each package provides with %{packagename}=<version> to group the
  kernel packages instead of the rpm versions.
  This also changes how the keep-spec for specific versions is
  applied, instead of matching the package versions, each of the
  package name provides will be matched.
- version 17.25.1 (22)
- RepoInfo: Return the type of the local metadata cache as
  fallback (bsc#1176435)
- VendorAttr: Fix broken "/suse,opensuse"/ equivalence handling.
  Enhance API and testcases. (bsc#1174918)
- Update docs regarding 'opensuse' namepace matching.
- New solver testcase format.
- Link against libzsd to close libsolvs open references
  (as we link statically)
- BuildRequires:  libsolv-devel >= 0.7.15.
- version 17.25.0 (22)
lvm2
- revert commit which caused a regression:
  lvm2 should use 'external_device_info_source="/udev"/' by default (bsc#1179691)
  - change lvm.conf item external_device_info_source from none to udev
- lvm2 should use 'external_device_info_source="/udev"/' by default (bsc#1179691)
  - change lvm.conf item external_device_info_source from none to udev
- comment out lvm.conf item preferred_names by default (bsc#1179738)
  - comment out preferred_names
- pvmove destination LV always has KRahead=0 (bsc#1179326)
  + bug-1179326_pvmove-correcting-read_ahead-setting.patch
- Update lvm2.spec file (bsc#1177533)
  - in %postun, disable restart blk-availability.service & lvm2-monitor.service
- update patch according to systemd version/behaviour changed (bsc#1123327)
  - bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
  + bug-1123327-pvscan-service-use-StartLimitIntervalSec.patch
- lvm scan: Too many open files (bsc#1173503)
  + bug-1173503_lvmetad-fix-pvs-for-many-devices.patch
- LVM failing to activate hot spare on surprise removal (bsc#1175110)
  + bug-1175110_dmeventd-avoid-bail-out-preventing-repair-in-raid-pl.patch
- change lvm2.spec source URL
  - lvm2.spec
- add missing patches
  systemd lvm2-pvscan@.service StartLimitInterval misplaced (bsc#1123327)
  + bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
- modify patch according to changing patch:
  bug-1123327_pvscan.service.in-Move-StartLimitInterval-to-Service.patch
  + bug-998893_make_pvscan_service_after_multipathd.patch (bsc#998893)
- use COMMON-PATCH to manage clvm patch
  + lvm2-clvm.spec
  - Patch3001: bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch
    + Patch1006: bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch
openldap2
- bsc#1178909 CVE-2020-25709 CVE-2020-25710 - Resolves two issues
    where openldap would crash due to malformed inputs.
  * patch: 0209-ITS-9383-remove-assert-in-certificateListValidate.patch
  * patch: 0210-ITS-9384-remove-assert-in-obsolete-csnNormalize23.patch
- bsc#1179503 - fix proxy retry binds to a remote server
  * patch: 0208-ITS-9400-back-ldap-fix-retry-binds.patch
- bsc#1178387 (CVE-2020-25692) - unauthenticated remote denial of
  service due to incorrect validation of modrdn equality rules.
  * patch: 0207-ITS-9370-check-for-equality-rule-on-old_rdn.patch
openssh
- Add openssh-bsc1148566-scp-handle-quotes-while-checking-filenames-from-serv.patch,
  openssh-bsc1148566-scp-show-filename-match-patterns-in-verbose-mode.patch
  (bsc#1148566). Fixes a class of false alarms due to filename
  validation. Patches by Josef Cejka <jcejka@suse.com>.
- Add openssh-7.6p1-audit_race_condition.patch, fixing sshd
  termination of multichannel sessions with non-root users
  (error on 'mm_request_receive_expect') (bsc#1115550,
  bsc#1174162).
- Add openssh-bsc1139398-rowhammer-hardening.patch (bsc#1139398),
  which encrypts private keys at rest in RAM.
- Add openssh-CVE-2020-14145-information-leak.patch
  (CVE-2020-14145, bsc#1173513). This partially mitigates a
  potential information leak during host key exchange that could
  be exploited by a man-in-the-middle attacker.
- Add openssh-fips-ensure-approved-moduli.patch (bsc#1177939).
  This ensures only approved DH parameters are used in FIPS mode.
openssl-1_1
- Fix EDIPARTYNAME NULL pointer dereference
  (CVE-2020-1971, bsc#1179491)
  * add openssl-CVE-2020-1971.patch
- Restore private key check in EC_KEY_check_key [bsc#1177479]
  * Update openssl-DH.patch
- Add shared secret KAT to FIPS DH selftest [bsc#1175847]
  * add openssl-fips-DH_selftest_shared_secret_KAT.patch
- Include ECDH/DH Requirements from SP800-56Arev3 [bsc#1175847]
- Add patches:
  * openssl-DH.patch
  * openssl-kdf-selftest.patch
  * openssl-kdf-tls-selftest.patch
  * openssl-kdf-ssh-selftest.patch
- Fix locking issue uncovered by python testsuite (bsc#1166848)
  * update openssl-fipslocking.patch and merge it with
    openssl-fips_fix_deadlock.patch
- Fix the sequence of locking operations in FIPS mode [bsc#1165534]
  * Add openssl-fipslocking.patch
- Fix deadlock in FIPS rand code (bsc#1165281)
  * add openssl-fips_fix_deadlock.patch
- Fix wrong return values of FIPS DSA and ECDH selftests (bsc#1163569)
  * add openssl-fips_fix_selftests_return_value.patch
- Fix FIPS DRBG without derivation function (bsc#1161198)
  - add openssl-fips-drbg_derfunc.patch
- Allow md5_sha1 in FIPS mode to enable TLS 1.0 (bsc#1161203)
  * add openssl-fips_allow_md5_sha1_for_tls1.0.patch
- Obsolete libopenssl-1_0_0-hmac for a clean upgrade from SLE-12
  (bsc#1158499)
- Restore the EVP_PBE_scrypt() behavior from before the KDF patch
  by treating salt=NULL as salt="/"/ (bsc#1160158)
  * modify openssl-jsc-SLE-8789-backport_KDF.patch
pam
- Create macros.pam with definition of %_pamdir so packages which
  are commonly shared between Factory and SLE can use this macro
  [pam.spec]
- pam_cracklib: added code to check whether the password contains
  a substring of of the user's name of at least <N> characters length
  in some form.
  This is enabled by the new parameter "/usersubstr=<N>"/
  See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4
  [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch]
- pam_xauth.c: do not free() a string which has been (successfully)
  passed to putenv().
  [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch]
- Initialize pam_unix pam_sm_acct_mgmt() local variable "/daysleft"/
  to avoid spurious (and misleading)
    Warning: your password will expire in ... days.
  fixed upstream with commit db6b293046a
  [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch]
- /usr/bin/xauth chokes on the old user's $HOME being on an NFS
  file system. Run /usr/bin/xauth using the old user's uid/gid
  Patch courtesy of Dr. Werner Fink.
  [bsc#1174593, pam-xauth_ownership.patch]
perl-DBI
- Security fix [bsc#1176492, CVE-2014-10401, CVE-2014-10402]
  * DBD::File drivers can open files from folders other than those
    specifically passed via the f_dir attribute in the data source
    name (DSN).
- Add perl-DBI-CVE-2014-10402.patch
postfix
- bsc#1176650 L3: What is regularly triggering the "/fillup"/
  command and changing modify-time of /etc/sysconfig/postfix?
  o Remove miss placed fillup_only call from %verifyscript
postgresql-jdbc
- Address CVE-2020-13692 (bsc#1172079)
- Add patch:
  * 0002-CVE-2020-13692-postgresql-jdbc-XML-External-Entity-v.patch
- Major changes since 9.4-1200:
  * License changed to BSD-2-Clause and BSD-3-Clause and Apache-2.0
  * Support PostgreSQL 9.5, 9.6, 10 11 and 12 added
  * Support for PostgreSQL versions below 8.2 was dropped
  * Support for JDK8, JDK9, JDK10, JDK11 and JDK12
  * Support for JDK 1.4 and 1.5 was dropped
  * Support for JDBC 4.2 added
  * Add maxResultBuffer property
  * Add caller push of binary data
  * Read only transactions
  * pkcs12 key functionality
  * New "/escapeSyntaxCallMode"/ connection property
  * Connection property to limit server error detail in exception
    exceptions
  * CancelQuery() to PGConnection public interface
  * Support for large update counts (JDBC 4.2)
  * Add Binary Support for Oid.NUMERIC and Oid.NUMERIC_ARRAY
  * Expose parameter status messages (GUC_REPORT) to the user
  * Log ignoring rollback when no transaction in progress
  * Map inet type to InetAddress
  * Change ISGENERATED to ISGENERATEDCOLUMN as per spec
  * Support temporary replication slots in ReplicationCreateSlotBuilder
  * Return function (PostgreSQL 11) columns in PgDatabaseMetaData#getFunctionColumns
  * Return information on create replication slot, now the snapshot_name
    is exported to allow a consistent snapshot in some uses cases
  * `ssl=true` implies `sslmode=verify-full`, that is it requires valid
    server certificate
  * Support for `sslmode=allow/prefer/require`
  * Added server hostname verification for non-default SSL factories in
    `sslmode=verify-full` (CVE-2018-10936)
  * PreparedStatement.setNull(int parameterIndex, int t, String typeName)
    no longer ignores the typeName argument if it is not setNull
  * Reduce the severity of the error log messages when an exception is
    re-thrown. The error will be thrown to caller to be dealt with so no need
    to log at this verbosity by pgjdbc
  * Deprecate Fastpath API PR 903
  * Support parenthesis in {oj ...} JDBC escape syntax
  * socksProxyHost is ignored in case it contains empty string
  * Support SCRAM-SHA-256 for PostgreSQL 10 in the JDBC 4.2 version (Java 8+)
    using the Ongres SCRAM library
  * Make SELECT INTO and CREATE TABLE AS return row counts to the client in
    their command tags
  * Support Subject Alternative Names for SSL connections
  * Support isAutoIncrement metadata for PostgreSQL 10 IDENTITY column
  * Support for primitive arrays PR 887 3e0491a
  * Implement support for get/setNetworkTimeout() in connections
  * Make GSS JAAS login optional, add an option "/jaasLogin"/
  * Improve behaviour of ResultSet.getObject(int, Class)
  * Parse CommandComplete message using a regular expression, allows complete
    catch of server returned commands for INSERT, UPDATE, DELETE, SELECT,
    FETCH, MOVE,COPY and future commands.
  * Use 'time with timezone' and 'timestamp with timezone' as is and ignore the
    user provided Calendars, 'time' and 'timestamp' work as earlier except
    "/00:00:00"/ now maps to 1970-01-01 and "/24:00:00"/ uses the system provided
    Calendar ignoring the user-provided one
  * Change behaviour of multihost connection. The new behaviour is to try all
    secondaries first before trying the master
  * Drop support for the (insecure) crypt authentication method
  * slave and preferSlave values for the targetServerType connection property
    have been deprecated in favour of secondary and preferSecondary
    respectively
  * Statements with non-zero fetchSize no longer require server-side
    named handle. This might cause issues when using old PostgreSQL versions
    (pre-8.4)+fetchSize+interleaved ResultSet processing combo
  * Better logic for returning keyword detection. Previously, pgjdbc could be
    defeated by column names that contain returning, so pgjdbc failed to
    "/return generated keys"/ as it considered statement as already having
    returning keyword
  * Use server-prepared statements for batch inserts when prepareThreshold>0.
    This enables batch to use server-prepared from the first executeBatch()
    execution (previously it waited for prepareThreshold executeBatch() calls)
  * Replication protocol API was added: replication API documentation
  * java.util.logging is now used for logging: logging documentation
  * Add support for PreparedStatement.setCharacterStream(int, Reader)
  * Ensure executeBatch() can be used with pgbouncer. Previously pgjdbc could
    use server-prepared statements for batch execution even with
    prepareThreshold=0
  * Error position is displayed when SQL has unterminated literals,
    comments, etc
  * Strict handling of accepted values in getBoolean and setObject(BOOLEAN),
    now it follows PostgreSQL accepted values, only 1 and 0 for numeric types
    are acepted (previusly !=0 was true)
  * Deprecated PGPoolingDataSource, instead of this class you should use a
    fully featured connection pool like HikariCP, vibur-dbcp, commons-dbcp,
    c3p0, etc
  * 'current transaction is aborted' exception includes the original exception
    via caused-by chain
  * Better support for RETURNGENERATEDKEYS, statements with RETURNING clause
  * Avoid user-visible prepared-statement errors if client uses
    DEALLOCATE/DISCARD statements (invalidate cache when those statements
    detected)
  * Avoid user-visible prepared-statement errors if client changes searchpath
    (invalidate cache when set searchpath detected)
  * Support comments when replacing {fn ...} JDBC syntax
  * Support for Types.REF_CURSOR
  * Performance optimization for timestamps (~TimeZone.getDefault optimization)
  * Ability to customize socket factory (e.g. for unix domain sockets)
  * Ignore empty sub-queries in composite queries
  * Add equality support to PSQLState
  * Improved composite/array type support and type naming changes.
- Update to version 42.2.10
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.10
- Update to version 42.2.9
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.9
- Update to version 42.2.8
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.8
- Update to version 42.2.7
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.7
- Update to version 42.2.6
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.6
- Update to version 42.2.5
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.5
- Update to version 42.2.4
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.4
- Update to version 42.2.3
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.3
- Update to version 42.2.2
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.2
- Update to version 42.2.1
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.1
- Update to version 42.2.0
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.0
- Update to version 42.1.4
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.4
- Update to version 42.1.3
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.3
- Update to version 42.1.2
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.2
- Update to version 42.1.1
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.1
- Update to version 42.1.0
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.1
- Update to version 42.2.0
  * https://jdbc.postgresql.org/documentation/changelog.html#version_42.1.0
- Update to version 9.4.1211
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1211
- Update to version 9.4.1210
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1210
- Update to version 9.4.1209
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1209
- Update to version 9.4.1208
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1208
- Update to version 9.4.1207
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1207
- Update to version 9.4.1206
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1206
- Update to version 9.4.1205
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1204
- Update to version 9.4.1204
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1204
- Update to version 9.4.1203
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1203
- Update to version 9.4.1202
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1202
- Update to version 9.4.1201
  * https://jdbc.postgresql.org/documentation/changelog.html#version_9.4-1201
- Add:
  * 0001-Disable-shaded-JAR-generation.patch
- Remove:
  * jdbc-postgresql-9.4_p1201-remove-sspi.patch
postgresql10
- bsc#1178961: %ghost the symlinks to pg_config and ecpg.
- Upgrade to version 10.15:
  * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
    and firing of deferred triggers within index expressions and
    materialized view queries.
  * CVE-2020-25694, bsc#1178667:
    a) Fix usage of complex connection-string parameters in pg_dump,
    pg_restore, clusterdb, reindexdb, and vacuumdb.
    b) When psql's connect command re-uses connection parameters,
    ensure that all non-overridden parameters from a previous
    connection string are re-used.
  * CVE-2020-25696, bsc#1178668: Prevent psql's gset command from
    modifying specially-treated variables.
  * Fix recently-added timetz test case so it works when the USA
    is not observing daylight savings time.
    (obsoletes postgresql-timetz.patch)
  * https://www.postgresql.org/about/news/2111/
  * https://www.postgresql.org/docs/10/release-10-15.html
- Fix a DST problem in the test suite: postgresql-timetz.patch
  https://postgr.es/m/16689-57701daa23b377bf@postgresql.org
postgresql12
- bsc#1178961: %ghost the symlinks to pg_config and ecpg.
- Upgrade to version 12.5:
  * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
    and firing of deferred triggers within index expressions and
    materialized view queries.
  * CVE-2020-25694, bsc#1178667:
    a) Fix usage of complex connection-string parameters in pg_dump,
    pg_restore, clusterdb, reindexdb, and vacuumdb.
    b) When psql's connect command re-uses connection parameters,
    ensure that all non-overridden parameters from a previous
    connection string are re-used.
  * CVE-2020-25696, bsc#1178668: Prevent psql's gset command from
    modifying specially-treated variables.
  * Fix recently-added timetz test case so it works when the USA
    is not observing daylight savings time.
    (obsoletes postgresql-timetz.patch)
  * https://www.postgresql.org/about/news/2111/
  * https://www.postgresql.org/docs/12/release-12-5.html
- Fix a DST problem in the test suite: postgresql-timetz.patch
  https://postgr.es/m/16689-57701daa23b377bf@postgresql.org
- Stop building the mini and lib packages as they are now coming
  from postgresql13.
protobuf

      
python
- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
  bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
  _ctypes/callproc.c, which may lead to remote code execution.
- Provide the newest setuptools wheel (bsc#1176262,
  CVE-2019-20916) in their correct form (bsc#1180686).
- Replace bundled wheels for pip and setuptools with the updated ones
  (bsc#1176262 CVE-2019-20916).
python-Pygments
- Use %python_uninstall_alternative in %postun (bsc#1180252)
python-azure-agent
- Add sysvinit-tools as dependency (bsc#1181600, bsc#1181601)
- Add sle_hpc-is-sles.patch (bsc#1180719)
  + Recognise SLE_HPC as SLES and use the proper RDMA handler and
    distro specific initialization code
python-base
- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
  bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
  _ctypes/callproc.c, which may lead to remote code execution.
- Provide the newest setuptools wheel (bsc#1176262,
  CVE-2019-20916) in their correct form (bsc#1180686).
- Replace bundled wheels for pip and setuptools with the updated ones
  (bsc#1176262 CVE-2019-20916).
python-cheroot
- Ignore OpenSSL's 1.1+ Error 0 under any Python
  while wrapping a socket (bsc#1176988)
- Added:
  * 0002-Ignore-OpenSSL-1.1+-Error-0-under-any-Python-while-wrapping-a-socket.patch
python-libxml2-python
- Avoid quadratic checking of identity-constraints: [bsc#1178823]
  * key/unique/keyref schema attributes currently use qudratic loops
    to check their various constraints (that keys are unique and that
    keyrefs refer to existing keys).
  * This fix uses a hash table to avoid the quadratic behaviour.
- Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
python-pip
- Update in SLE-15 (bsc#1175297, jsc#ECO-3035, jsc#PM-2318)
- Skip virtualenv tests that are pinned to old virtualenv 16
- update to 20.0.2
- add setuptools-45.1.0-py3-none-any.whl for testsuite
- drop pytest5.patch
  * Fix a regression in generation of compatibility tags
  * Rename an internal module, to avoid ImportErrors due to improper uninstallation
  * Switch to a dedicated CLI tool for vendoring dependencies.
  * Remove wheel tag calculation from pip and use packaging.tags. This should provide more tags ordered better than in prior releases.
  * Deprecate setup.py-based builds that do not generate an .egg-info directory.
  * The pip>=20 wheel cache is not retro-compatible with previous versions. Until pip 21.0, pip will continue to take advantage of existing legacy cache entries.
  * Deprecate undocumented --skip-requirements-regex option.
  * Deprecate passing install-location-related options via --install-option.
  * Use literal "/abi3"/ for wheel tag on CPython 3.x, to align with PEP 384 which only defines it for this platform.
  * Remove interpreter-specific major version tag e.g. cp3-none-any from consideration. This behavior was not documented strictly, and this tag in particular is not useful. Anyone with a use case can create an issue with pypa/packaging.
  * Wheel processing no longer permits wheels containing more than one top-level .dist-info directory.
  * Support for the git+git@ form of VCS requirement is being deprecated and will be removed in pip 21.0. Switch to git+https:// or git+ssh://. git+git:// also works but its use is discouraged as it is insecure.
  * Default to doing a user install (as if --user was passed) when the main site-packages directory is not writeable and user site-packages are enabled.
  * Warn if a path in PATH starts with tilde during pip install.
  * Cache wheels built from Git requirements that are considered immutable, because they point to a commit hash.
  * Add option --no-python-version-warning to silence warnings related to deprecation of Python versions.
  * Cache wheels that pip wheel built locally, matching what pip install does. This particularly helps performance in workflows where pip wheel is used for building before installing. Users desiring the original behavior can use pip wheel --no-cache-dir
  * Display CA information in pip debug.
  * Show only the filename (instead of full URL), when downloading from PyPI.
  * Suggest a more robust command to upgrade pip itself to avoid confusion when the current pip command is not available as pip.
  * Define all old pip console script entrypoints to prevent import issues in stale wrapper scripts.
  * The build step of pip wheel now builds all wheels to a cache first, then copies them to the wheel directory all at once. Before, it built them to a temporary directory and moved them to the wheel directory one by one.
  * Expand ~ prefix to user directory in path options, configs, and environment variables. Values that may be either URL or path are not currently supported, to avoid ambiguity:
  - -find-links
  - -constraint, -c
  - -requirement, -r
  - -editable, -e
  * Correctly handle system site-packages, in virtual environments created with venv (PEP 405).
  * Fix case sensitive comparison of pip freeze when used with -r option.
  * Enforce PEP 508 requirement format in pyproject.toml build-system.requires.
  * Make ensure_dir() also ignore ENOTEMPTY as seen on Windows.
  * Fix building packages which specify backend-path in pyproject.toml.
  * Do not attempt to run setup.py clean after a pep517 build error, since a setup.py may not exist in that case.
  * Fix passwords being visible in the index-url in "/Downloading <url>"/ message.
  * Change method from shutil.remove to shutil.rmtree in noxfile.py.
  * Skip running tests which require subversion, when svn isn't installed
  * Fix not sending client certificates when using --trusted-host.
  * Make sure pip wheel never outputs pure python wheels with a python implementation tag. Better fix/workaround for #3025 by using a per-implementation wheel cache instead of caching pure python wheels with an implementation tag in their name.
  * Include subdirectory URL fragments in cache keys.
  * Fix typo in warning message when any of --build-option, --global-option and --install-option is used in requirements.txt
  * Fix the logging of cached HTTP response shown as downloading.
  * Effectively disable the wheel cache when it is not writable, as is the case with the http cache.
  * Correctly handle relative cache directory provided via --cache-dir.
  *
- Update to version 19.3.1
  * Document Python 3.8 support.
  * Fix bug that prevented installation of PEP 517 packages without setup.py.
  * Remove undocumented support for un-prefixed URL requirements pointing to SVN repositories.
  * Remove the deprecated --venv option from pip config.
  * Make pip show warn about packages not found.
  * Abort installation if any archive contains a file which would be placed outside the extraction location.
  * pip's CLI completion code no longer prints a Traceback if it is interrupted.
  * Ignore errors copying socket files for local source installs (in Python 3).
  * Skip copying .tox and .nox directories to temporary build directories
  * Ignore "/require_virtualenv"/ in pip config
- Update to version 19.2.2:
  * Merge pull request #6827 from cjerdonek/issue-6804-find-links-expansion
  * Fix handling of tokens (single part credentials) in URLs (#6818)
  * Simplify the handling of "/typing.cast"/
- Update to version 19.2.1:
  * Fix a ``NoneType`` ``AttributeError`` when evaluating hashes and no hashes provided
  * Drop support for EOL Python 3.4.
  * Credentials will now be loaded using keyring when installed
  * Fully support using --trusted-host inside requirements files
  * Update timestamps in pip's --log file to include milliseconds
  * Respect whether a file has been marked as "/yanked"/ from a simple repository (see PEP 592 for details)
  * When choosing candidates to install, prefer candidates with a hash matching one of the user-provided hashes
  * Improve the error message when METADATA or PKG-INFO is None when accessing metadata
  * Add a new command pip debug that can display e.g. the list of compatible tags for the current Python
  * Display hint on installing with --pre when search results include pre-release versions
  * Report to Warehouse that pip is running under CI if the PIP_IS_CI environment variable is set
  * Allow --python-version to be passed as a dotted version string (e.g. 3.7 or 3.7.3)
  * Log the final filename and SHA256 of a .whl file when done building a wheel
  * Include the wheel's tags in the log message explanation when a candidate wheel link is found incompatible
  * Add a --path argument to pip freeze to support --target installations
  * Add a --path argument to pip list to support --target installations
- from version 19.2.0
  * Drop support for EOL Python 3.4. (#6685)
  * Improve deprecation messages to include the version in which
    the functionality will be removed. (#6549)
  * Credentials will now be loaded using keyring when installed. (#5948)
  * Fully support using --trusted-host inside requirements files. (#3799)
  * Update timestamps in pip’s --log file to include milliseconds. (#6587)
  * Respect whether a file has been marked as “yanked” from a simple
    repository (see PEP 592 for details). (#6633)
  * When choosing candidates to install, prefer candidates with a
    hash matching one of the user-provided hashes. (#5874)
  * Improve the error message when METADATA or PKG-INFO is None
    when accessing metadata. (#5082)
  * Add a new command pip debug that can display e.g. the
    list of compatible tags for the current Python. (#6638)
  * Display hint on installing with --pre when search results
    include pre-release versions. (#5169)
  * Report to Warehouse that pip is running under CI
    if the PIP_IS_CI environment variable is set. (#5499)
  * Allow --python-version to be passed as a dotted
    version string (e.g. 3.7 or 3.7.3). (#6585)
  * Log the final filename and SHA256 of a .whl file when done building a wheel. (#5908)
  * Include the wheel’s tags in the log message explanation when
    a candidate wheel link is found incompatible. (#6121)
  * Add a --path argument to pip freeze to support --target installations. (#6404)
  * Add a --path argument to pip list to support --target installations. (#6551)
  * Set sys.argv[0] to the underlying setup.py when invoking setup.py via
    the setuptools shim so setuptools doesn’t think the path is -c. (#1890)
  * Update pip download to respect the given --python-version
    when checking "/Requires-Python"/. (#5369)
  * Respect --global-option and --install-option when installing
    from a version control url (e.g. git). (#5518)
  * Make the “ascii” progress bar really be “ascii” and not Unicode. (#5671)
  * Fail elegantly when trying to set an incorrectly formatted key in config. (#5963)
  * Prevent DistutilsOptionError when prefix is indicated in the
    global environment and --target is used. (#6008)
  * Fix pip install to respect --ignore-requires-python when evaluating links. (#6371)
  * Fix a debug log message when freezing an editable,
    non-version controlled requirement. (#6383)
  * Extend to Subversion 1.8+ the behavior of calling Subversion
    in interactive mode when pip is run interactively. (#6386)
  * Prevent pip install <url> from permitting directory traversal if e.g. a malicious
    server sends a Content-Disposition header with a filename containing ../ or ../.
    (#6413) (bsc#1176262, CVE-2019-20916)
  * Hide passwords in output when using --find-links. (#6489)
  * Include more details in the log message if pip freeze can’t generate
    a requirement string for a particular distribution. (#6513)
  * Add the line number and file location to the error message when reading an
    invalid requirements file in certain situations. (#6527)
  * Prefer os.confstr to ctypes when extracting glibc version info. (#6543, #6675)
  * Improve error message printed when an invalid editable requirement is provided. (#6648)
  * Improve error message formatting when a command errors out in a subprocess. (#6651)
- Add patch to build with pytest5, also sent upstream:
  * pytest5.patch
- Update to version 19.1.1+git.1557777841.63878672:
  * Update news file to match usual style
  * fix-5963: assert error message
  * Simplify CandidateEvaluator.evaluate_link().
  * Fix 6486 mac gitignore (#6487)
  * Store instances in the VcsSupport registry instead of classes.
  * Remove unused cls argument from VcsSupport.unregister().
  * fix-5963: Add news file
  * fix-5963: fail elegantly on missing name or section in config set / unset
  * Remove unnecessary slices.
  * Fix typo.
- Switch to multibuild, so testing is separate from the building
  of the package itself.
- Update to version 19.1.1+git.1557521541.a731e7e3:
  * Docs: capitalize "/URL"/
  * Upgrade Sphinx version for Read the Docs (#6477)
  * Upwrap import
  * Remove utils/packaging.py's dependence on the current environment.
  * Improve import error handling Fix --no-index usage Fix missing type annotation type
  * Rename _link_package_versions() to evaluate_link().
  * Move _link_package_versions() to CandidateEvaluator.
  * Refine return type of _package_versions() and find_all_candidates().
  * Fix mismerged import
  * Issue #5948: Enable keyring support
  * Move run_with_log_command() after run_stderr_with_prefix().
  * Change to never allow logging errors during tests.
  * Add failing test.
  * Respect --global-option and --install-option for VCS installs.
- Start using upstream git checkout instead of the released
  tarballs so we can get tests/ directory (gh#pypa/pip#6258).
- Enable tests.
- Update to 19.1.1:
  - Restore pyproject.toml handling to how it was with pip 19.0.3
    to prevent the need to add --no-use-pep517 when installing in
    editable mode. (#6434)
  - Fix a regression that caused @ to be quoted in pypiserver
    links. This interfered with parsing the revision string from
    VCS urls. (#6440)
  - Configuration files may now also be stored under sys.prefix
    (#5060)
  - Avoid creating an unnecessary local clone of a Bazaar branch
    when exporting. (#5443)
  - Include in pip's User-Agent string whether it looks like pip
    is running under CI. (#5499)
  - A custom (JSON-encoded) string can now be added to pip's
    User-Agent using the PIP_USER_AGENT_USER_DATA environment
    variable. (#5549)
  - For consistency, passing --no-cache-dir no longer affects
    whether wheels will be built. In this case, a temporary
    directory is used. (#5749)
  - Command arguments in subprocess log messages are now quoted
    using shlex.quote(). (#6290)
  - Prefix warning and error messages in log output with WARNING
    and ERROR. (#6298)
  - Using --build-options in a PEP 517 build now fails with an
    error, rather than silently ignoring the option. (#6305)
  - Error out with an informative message if one tries to install
    a pyproject.toml-style (PEP 517) source tree using --editable
    mode. (#6314)
  - When downloading a package, the ETA and average speed now
    only update once per second for better legibility. (#6319)
  - The stdout and stderr from VCS commands run by pip as
    subprocesses (e.g. git, hg, etc.) no longer pollute pip's
    stdout. (#1219)
  - Fix handling of requests exceptions when dependencies are
    debundled. (#4195)
  - Make pip's self version check avoid recommending upgrades to
    prereleases if the currently-installed version is stable.
    (#5175)
  - Fixed crash when installing a requirement from a URL that
    comes from a dependency without a URL. (#5889)
  - Improve handling of file URIs: correctly handle
    file://localhost/... and don't try to use UNC paths on Unix.
    (#5892)
  - Fix utils.encoding.auto_decode() LookupError with invalid
    encodings. utils.encoding.auto_decode() was broken when
    decoding Big Endian BOM byte-strings on Little Endian or vice
    versa. (#6054)
  - Fix incorrect URL quoting of IPv6 addresses. (#6285)
  - Redact the password from the extra index URL when using pip
  - v. (#6295)
  - The spinner no longer displays a completion message after
    subprocess calls not needing a spinner. It also no longer
    incorrectly reports an error after certain subprocess calls
    to Git that succeeded. (#6312)
  - Fix the handling of editable mode during installs when
    pyproject.toml is present but PEP 517 doesn't require the
    source tree to be treated as pyproject.toml-style. (#6370)
  - Fix NameError when handling an invalid requirement. (#6419)
  - Make dashes render correctly when displaying long options
    like --find-links in the text. (#6422)
- update to version 19.0.3:
  * Fix an IndexError crash when a legacy build of a wheel
    fails. (#6252)
  * Fix a regression introduced in 19.0.2 where the filename in a
    RECORD file of an installed file would not be updated when
    installing a wheel. (#6266)
- Avoid name repetition in summary. Summary should not be a
  sentence (let alone three).
- Update to 19.0.2 (2019-02-09):
  + Bug Fixes
  * Fix a crash where PEP 517-based builds using --no-cache-dir
    would fail in some circumstances with an AssertionError due
    to not finalizing a build directory internally. (#6197)
  * Provide a better error message if attempting an editable
    install of a directory with a pyproject.toml but no setup.py.
    (#6170)
  * The implicit default backend used for projects that provide a
    pyproject.toml file without explicitly specifying build-
    backend now behaves more like direct execution of setup.py,
    and hence should restore compatibility with projects that
    were unable to be installed with pip 19.0. This raised the
    minimum required version of setuptools for such builds to
    40.8.0. (#6163)
  * Allow RECORD lines with more than three elements, and display
    a warning. (#6165)
  * AdjacentTempDirectory fails on unwritable directory instead
    of locking up the uninstall command. (#6169)
  * Make failed uninstalls roll back more reliably and better at
    avoiding naming conflicts. (#6194)
  * Ensure the correct wheel file is copied when building PEP 517
    distribution is built. (#6196)
  * The Python 2 end of life warning now only shows on CPython,
    which is the implementation that has announced end of life
    plans. (#6207)
  + Improved Documentation
  * Re-write README and documentation index (#5815)
- Update to 19.0.1 (2019-01-23):
  + Bug Fixes
  * Fix a crash when using –no-cache-dir with PEP 517
    distributions (#6158, #6171)
- Update to 19.0 (2019-01-22):
  + Deprecations and Removals
  * Deprecate support for Python 3.4 (#6106)
  * Start printing a warning for Python 2.7 to warn of impending
    Python 2.7 End-of-life and prompt users to start migrating to
    Python 3. (#6148)
  * Remove the deprecated --process-dependency-links option.
    (#6060)
  * Remove the deprecated SVN editable detection based on
    dependency links during freeze. (#5866)
  + Features
  * Implement PEP 517 (allow projects to specify a build backend
    via pyproject.toml). (#5743)
  * Implement manylinux2010 platform tag support. manylinux2010
    is the successor to manylinux1. It allows carefully compiled
    binary wheels to be installed on compatible Linux platforms.
    (#5008)
  * Improve build isolation: handle .pth files, so namespace
    packages are correctly supported under Python 3.2 and
    earlier. (#5656)
  * Include the package name in a freeze warning if the package
    is not installed. (#5943)
  * Warn when dropping an --[extra-]index-url value that points
    to an existing local directory. (#5827)
  * Prefix pip’s --log file lines with their timestamp. (#6141)
  + Bug Fixes
  * Avoid creating excessively long temporary paths when
    uninstalling packages. (#3055)
  * Redact the password from the URL in various log messages.
    (#4746, #6124)
  * Avoid creating excessively long temporary paths when
    uninstalling packages. (#3055)
  * Avoid printing a stack trace when given an invalid
    requirement. (#5147)
  * Present 401 warning if username/password do not work for URL
    (#4833)
  * Handle requests.exceptions.RetryError raised in PackageFinder
    that was causing pip to fail silently when some indexes were
    unreachable. (#5270, #5483)
  * Handle a broken stdout pipe more gracefully (e.g. when
    running pip list | head). (#4170)
  * Fix crash from setting PIP_NO_CACHE_DIR=yes. (#5385)
  * Fix crash from unparseable requirements when checking
    installed packages. (#5839)
  * Fix content type detection if a directory named like an
    archive is used as a package source. (#5838)
  * Fix listing of outdated packages that are not dependencies of
    installed packages in pip list --outdated --not-required
    (#5737)
  * Fix sorting TypeError in move_wheel_files() when installing
    some packages. (#5868)
  * Fix support for invoking pip using python src/pip ....
    (#5841)
  * Greatly reduce memory usage when installing wheels containing
    large files. (#5848)
  * Editable non-VCS installs now freeze as editable. (#5031)
  * Editable Git installs without a remote now freeze as
    editable. (#4759)
  * Canonicalize sdist file names so they can be matched to a
    canonicalized package name passed to pip install. (#5870)
  * Properly decode special characters in SVN URL credentials.
    (#5968)
  * Make PIP_NO_CACHE_DIR disable the cache also for truthy
    values like "/true"/, "/yes"/, "/1"/, etc. (#5735)
  + Vendored Libraries
  * Include license text of vendored 3rd party libraries. (#5213)
  * Update certifi to 2018.11.29
  * Update colorama to 0.4.1
  * Update distlib to 0.2.8
  * Update idna to 2.8
  * Update packaging to 19.0
  * Update pep517 to 0.5.0
  * Update pkg_resources to 40.6.3 (via setuptools)
  * Update pyparsing to 2.3.1
  * Update pytoml to 0.1.20
  * Update requests to 2.21.0
  * Update six to 1.12.0
  * Update urllib3 to 1.24.1
  + Improved Documentation
  * Include the Vendoring Policy in the documentation. (#5958)
  * Add instructions for running pip from source to Development
    documentation. (#5949)
  * Remove references to removed #egg=<name>-<version>
    functionality (#5888)
  * Fix omission of command name in HTML usage documentation
    (#5984)
- Fix patch pip-8.1.2-shipped-requests-cabundle.patch
  this version is long gone
- Rename patch to pip-shipped-requests-cabundle.patch
- Fix and show shebang removal
- Fix fdupes call
- specfile:
  * remove devel from noarch
- update to version 18.1:
  * Features
    + Allow PEP 508 URL requirements to be used as dependencies.
    + As a security measure, pip will raise an exception when
    installing packages from PyPI if those packages depend on
    packages not also hosted on PyPI. In the future, PyPI will block
    uploading packages with such external URL dependencies
    directly. (#4187)
    + Upgrade pyparsing to 2.2.1. (#5013)
    + Allows dist options (–abi, –python-version, –platform,
    –implementation) when installing with –target (#5355)
    + Support passing svn+ssh URLs with a username to pip install
  - e. (#5375)
    + pip now ensures that the RECORD file is sorted when installing
    from a wheel file. (#5525)
    + Add support for Python 3.7. (#5561)
    + Malformed configuration files now show helpful error messages,
    instead of tracebacks. (#5798)
  * Bug Fixes
    + Checkout the correct branch when doing an editable Git
    install. (#2037)
    + Run self-version-check only on commands that may access the
    index, instead of trying on every run and failing to do so due
    to missing options. (#5433)
    + Allow a Git ref to be installed over an existing
    installation. (#5624)
    + Show a better error message when a configuration option has an
    invalid value. (#5644)
    + Always revalidate cached simple API pages instead of blindly
    caching them for up to 10 minutes. (#5670)
    + Avoid caching self-version-check information when cache is
    disabled. (#5679)
    + Avoid traceback printing on autocomplete after flags in the
    CLI. (#5751)
    + Fix incorrect parsing of egg names if pip needs to guess the
    package name. (#5819)
  * Vendored Libraries
    + Upgrade certifi to 2018.8.24
    + Upgrade packaging to 18.0
    + Add pep517 version 0.2
    + Upgrade pytoml to 0.1.19
    + Upgrade pkg_resources to 40.4.3 (via setuptools)
  * Improved Documentation
    + Fix “Requirements Files” reference in User Guide
    (#user_guide_fix_requirements_file_ref)
- update to 18.0
- refresh pip-8.1.2-shipped-requests-cabundle.patch
  * drop python 3.3 support
  * Remove the legacy format from pip list.
  * Remove support for cleaning up #egg fragment postfixes
  * Remove the shim for the old get-pip.py location
  * Introduce a new --prefer-binary flag, to prefer older wheels
    over newer source packages.
  * Improve autocompletion function on file name completion
  * Add support for installing PEP 518 build dependencies from source
  * Improve status message when upgrade is skipped due to only-if-needed strategy
python-setuptools
- Add wheel subpackage with the generated wheel for this package
  (bsc#1176262, CVE-2019-20916).
python-urllib3
- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
  method. (bsc#1177120, CVE-2020-26137)
python-websockify
- Require python-numpy at runtime (boo#1163513)
python3
- readd --with-fpectl (bsc#1180377)
- Adjust sphinx-update-removed-function.patch
- (bsc#1179630) Update sphinx-update-removed-function.patch to
  work with all versions of Sphinx (not binding the Python
  documentation build to the latest verison of Sphinx). Updated
  version mentioned on gh#python/cpython#13236.
- Add CVE-2020-27619-no-eval-http-content.patch fixing
  CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support
  calls eval() on content retrieved via HTTP.
- Add patch sphinx-update-removed-function.patch to no longer call
  a now removed function (gh#python/cpython#13236). As
  a consequence, no longer pin Sphinx version.
- Pin Sphinx version to fix doc subpackage
- Change setuptools and pip version numbers according to new wheels
- Add ignore_pip_deprec_warn.patch to switch of persistently
  failing test.
- Replace bundled wheels for pip and setuptools with the updated ones
  (bsc#1176262 CVE-2019-20916).
- Handful of changes to make python36 compatible with SLE15 and SLE12
  (jsc#ECO-2799, jsc#SLE-13738)
- Rebase bpo23395-PyErr_SetInterrupt-signal.patch
- Fix build with RPM 4.16: error: bare words are no longer
  supported, please use "/..."/:  x86 == ppc.
- Fix installing .desktop file
- Buildrequire timezone only for general flavor. It's used in this
  flavor for the test suite.
- Add faulthandler_stack_overflow_on_GCC10.patch to make build
  working even with GCC10 (bpo#38965).
- Just cleanup and reordering items to synchronize with python38
- Format with spec-cleaner
- riscv64-support.patch: bpo-33377: add triplets for mips-r6 and riscv
  (#6655)
- riscv64-ctypes.patch: bpo-35847: RISC-V needs CTYPES_PASS_BY_REF_HACK
  (GH-11694)
- Update list of tests to exclude under qemu linux-user
- Update the python keyring
- Correct libpython name
- Drop patches which are not mentioned in spec:
  * CVE-2019-5010-null-defer-x509-cert-DOS.patch
  * F00102-lib64.patch
  * F00251-change-user-install-location.patch
  * OBS_dev-shm.patch
  * SUSE-FEDORA-multilib.patch
  * bpo-31046_ensurepip_honours_prefix.patch
  * bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch
  * bpo36302-sort-module-sources.patch
  * bpo40784-Fix-sqlite3-deterministic-test.patch
  * bsc1167501-invalid-alignment.patch
  * python3-imp-returntype.patch
- Working around missing python-packaging dependency in
  python-Sphinx (bsc#1174571) is not necessary anymore.
- Update to 3.6.12 (bsc#1179193)
  * Ensure python3.dll is loaded from correct locations when Python is embedded
  * The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface
    incorrectly generated constant hash values of 32 and 128 respectively. This
    resulted in always causing hash collisions. The fix uses hash() to generate
    hash values for the tuple of (address, mask length, network address).
  * Prevent http header injection by rejecting control characters in
    http.client.putrequest(…).
  * Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now
    UnpicklingError instead of crashing.
  * Avoid infinite loop when reading specially crafted TAR files using the tarfile
    module
- Drop merged fixtures:
  * CVE-2020-14422-ipaddress-hash-collision.patch
  * CVE-2019-20907_tarfile-inf-loop.patch
  * recursion.tar
- This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091).
- Make library names internally consistent
- Disable profile optimalizations as they deadlock in test_faulthandler
- Disable lto as it causes mess and works with 3.7 onwards only
- Sync the test disablements from the python3 in sle15
- Update to 3.6.11:
  - bpo-39073: Disallow CR or LF in email.headerregistry. Address
    arguments to guard against header injection attacks.
  - bpo-38576 (bsc#1155094): Disallow control characters in
    hostnames in http.client, addressing CVE-2019-18348. Such
    potentially malicious header injection URLs now cause
    a InvalidURL to be raised.
  - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class
    of the urllib.request module uses an inefficient regular
    expression which can be exploited by an attacker to cause
    a denial of service. Fix the regex to prevent the
    catastrophic backtracking. Vulnerability reported by Ben
    Caller and Matt Schwager.
  - bpo-39401: Avoid unsafe load of
    api-ms-win-core-path-l1-1-0.dll at startup on Windows 7.
- Remove merged patch CVE-2020-8492-urllib-ReDoS.patch
- Fix minor issues found in the staging.
- Do not set ourselves as a primary interpreter
  - CVE-2019-16935-xmlrpc-doc-server_title.patch (and also
    bpo37614-race_test_docxmlrpc_srv_setup.patch, which was
    resolving bsc#1174701).
release-notes-sles
- 15.1.20201217 (tracked in bsc#1180186)
- Added note about Git 2.26 update (jsc#SLE-12396)
- Added note about QEMU Guest Agent (jsc#SLE-4591)
- Added note that seccheck runs from systemd timers (bsc#1174679)
- Added note about LibreOffice 6.4 (jsc#SLE-11590)
- Added note about Vagrant (jsc#SLE-10633)
- Move NVDIMM note to Storage section
rsyslog
- imfile: suppress segfault in ratelimiter (bsc#1176355)
  * add 0001-bugfix-imfile-segfault-in-ratelimiter.patch
salt
- Revert wrong zypper patch to support vendorchanges flags on pkg.install
- Adjusted python2-cherrypy naming in salt-api. (#40)
- Force zyppnotify to prefer Packages.db than Packages if it exists
- Allow vendor change option with zypper
- Add pkg.services_need_restart
- Bigvm backports
  virt consoles, CPU tuning and topology, and memory tuning.
- Fix for file.check_perms to work with numeric uid/gid
- change 'Requires(pre)' to 'Requires' for salt-minion package (bsc#1083110)
- Added:
  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
  * revert-add-patch-support-for-allow-vendor-change-opt.patch
  * force-zyppnotify-to-prefer-packages.db-than-packages.patch
  * add-patch-support-for-allow-vendor-change-option-wit.patch
  * add-pkg.services_need_restart-302.patch
  * opensuse-3000-bigvm-backports-300.patch
- Fix syntax error on pkgrepo state with Python 2.7
- transactional_update: unify with chroot.call
- Add "/migrated"/ state and GPG key management functions
- Master can read grains
- Fix for broken psutil (bsc#1102248)
- Fix novendorchange handling in zypperpkg module
- Added:
  * grains-master-can-read-grains.patch
  * fix-novendorchange-option-284.patch
  * transactional_update-unify-with-chroot.call.patch
  * pkgrepo-support-python-2.7-function-call-294.patch
  * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch
  * add-migrated-state-and-gpg-key-management-functions-.patch
salt-netapi-client
- Version 0.18.0
  See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.18.0
- Remove:
  * 0001-bring-auth-modules-up-to-date-with-current-salt-docs.patch
  * 0002-cleanup-http-client-after-each-test.patch
schily-libs
- fix_junk_in_partition.patch: Initialize memory that created the
  partition table instead of writing random bytes to it (bsc#1178692)
spacewalk-admin
- version 4.0.12-1
- use the license macro to mark the LICENSE in the package so that
  when installing without docs, it does install the LICENSE file
- prevent javax.net.ssl.SSLHandshakeException after upgrading from
  SUSE Manager 3.2 (bsc#1177435)
spacewalk-backend
- version 4.0.35-1
- ISS: Differentiate packages with same nevra but different checksum in the same channel (bsc#1178195)
- fix unique machine_id detection (bsc#1176074)
spacewalk-java
- version 4.0.40-1
- Revert: Sync state modules when starting action chain execution (bsc#1177336)
- Sync state modules when starting action chain execution (bsc#1177336)
- Fix repo url of AppStream in generated RHEL/Centos 8 kickstart file (bsc#1175739)
- log token verify errors and check for expired tokens
- Execute Salt SSH actions in parallel (bsc#1173199)
- Take pool and volume from Salt virt.vm_info for files and blocks disks (bsc#1175987)
- Fix action chain resuming when patches updating salt-minion don't cause service to be
  restarted (bsc#1144447)
- renaming autoinstall distro didn't change the name of the Cobbler distro (bsc#1175876)
spacewalk-web
- version 4.0.25-1
- Fix link to documentation in Admin -> Manager Configuration -> Monitoring (bsc#1176172)
- Don't allow selecting spice for Xen PV and PVH guests
sudo
- Fix Heap-based buffer overflow in Sudo [bsc#1181090,CVE-2021-3156]
  * sudo-CVE-2021-3156.patch
- Possible Dir Existence Test due to Race Condition in `sudoedit`
  [bsc#1180684,CVE-2021-23239]
  * sudo-CVE-2021-23239.patch
- Possible Symlink Attack in SELinux Context in `sudoedit` [bsc#1180685,
  CVE-2021-23240]
  * sudo-CVE-2021-23240.patch
- User Could Enable Debug Settings not Intended for it [bsc#1180687]
  * sudo-fix-bsc-1180687.patch
- add sudo-1.8.22-pam_xauth.patch to stay setuid until just before
  executing the command. Fixes a problem with pam_xauth which
  checks effective and real uids to get the real identity of the
  user [bsc#1174593]
susemanager
- version 4.0.32-1
- add --force to mgr-create-bootstrap-repo to enforce generation
  even when some products are not synchronized
susemanager-build-keys
- suse build key extended (bsc#1176759)
  gpg-pubkey-39db7c82-5847eb1f.asc -> gpg-pubkey-39db7c82-5f68629b.asc
- Add the SUSE Container GPG key as "/"/. (PM-1845 bsc#1170347)
  build-container-d4ade9c3-5a2e9669.asc
susemanager-schema
- version 4.0.23-1
- Execute Salt SSH actions in parallel (bsc#1173199)
susemanager-sls
- version 4.0.31-1
- Revert: Sync state modules when starting action chain execution (bsc#1177336)
- Sync state modules when starting action chain execution (bsc#1177336)
- Fix grub2 autoinstall kernel path (bsc#1178060)
- Move channel token information from sources.list to auth.conf on Debian 10 and Ubuntu 18 and newer
- Fix action chain resuming when patches updating salt-minion don't cause service to be
  restarted (bsc#1144447)
- Make grub2 autoinstall kernel path relative to the boot partition root (bsc#1175876)
susemanager-sync-data
- version 4.0.19-1
- add SLE15 SP1 LTSS
systemd
- Add 0001-cgroup-actually-reset-the-cgroup-invalidation-mask-a.patch (bsc#1178775)
  It's been added in quarantine for now on.
- Import commit c720c4d784b85feab124eae39919bec59e061ff5
  bd6bedd353 udev: create /dev/disk/by-label symlink for LUKS2 (#8998) (bsc#1180885)
- Import commit 080062ed5f90b8a4085a89f2ad30ee320fab27c9
  80e37dcacc busctl: add a timestamp to the output of the busctl monitor command (bsc#1180225)
  2ee6877bb3 core: make sure to restore the control command id, too
  d1b9949337 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope
  af5945c2f4 fileio: tweak write_string_stream_ts() to write out trailing n in one go even if buffering is off
  a28c165efa fileio: write_string_stream_ts: check for file errors immediately
  dc122eb771 fileio: write_string_stream_ts: return errors from fputs and fputc
  14c89b1424 fileio: make write_string_stream() accept flags parameter
  2959e7dfe6 journal: do not trigger assertion when journal_file_close() get NULL (bsc#1179824)
  08db1ac361 cgroup: drastically simplify caching of cgroups members mask (bsc#1175458)
  bb59042ab4 cgroup: extend comment on what unit_release_cgroup() is for
  ead2955f65 cgroup: document what the various masks variables are used for
  805fe8ecdf cgroup: extend cg_mask_supported() comment a bit
  305806da38 cgroup: tweak log message, so that it doesn't claim we always enable controllers when we actually disable them
  d02ce63463 cgroup-util: disable buffering for cg_enable_everywhere() when writing to cgroup attributes
  b4e9893f5d cgroup-util: fix enabling of controllers (#8816)
  e7dd277c1b cgroup: propagate errors when we cannot open cgroup.subtree_control
  7c8f19714f cgroup-util: optimization — open subtree_control file only once for all controllers
  7999763781 cgroup: add explanatory comment
  2829342e7a cgroup: units that aren't loaded properly should not result in cgroup controllers being pulled in
  48a0d85047 cgroup: make unit_get_needs_bpf_firewall() static too
  888dc39134 cgroup: make some functions static
  6c0efa2f01 cgroup: suffix settings with "/="/ in log messages where appropriate
  e69d9927c6 cgroup: use structured initialization
  5174fb9622 core: fix message about detected memory hierarchy
  3b6443e1ee core: use safe_fclose() where we can
  906dcf1f6b udev: Fix sound.target dependency (bsc#1179363)
  2c9866d55a rules: enable hardware-related targets also for user instances
  127e546608 sd-event: fix delays assert brain-o (#17790)
  b98b6d230c core: serialize u->pids until the processes have been moved to the scope cgroup (bsc#1174436)
  2f50b9ecf1 time-util: treat /etc/localtime missing as UTC (bsc#1141597)
- Import commit cff0063e30f8cd06995810a4725bfb042191c472
  33f68e8062 build-sys: optionnally disable support of journal over the network (bsc#1177458)
  34d79e6216 ask-password: prevent buffer overrow when reading from keyring (bsc#1177510)
  36e567dc68 ask-password: add extra paranoid overflow check
  5dd29e9219 More polite passphrase prompt
  f922299b3c mount: don't propagate errors from mount_setup_unit() further up
- Rework the enablement of 'journal_remote' support to rely on the new
  build option --disable-remote. This allows to drop the workaround
  that consisted in cleaning journal-upload files and
  {sysusers.d,tmpfiles.d}/systemd-remote.conf manually when
  'journal_remote' support was disabled.
- Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)
- Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package
- Make sure {sysusers.d,tmpfiles.d}/systemd-remote.conf are not
  shipped with --without=journal_remote (bsc#1177458)
  These files were incorrectly packaged in the main package when
  systemd-journal_remote was disabled (autools build only affected).
- Make use of %{_unitdir} and %{_sysusersdir}
systemd-rpm-macros
- Bump to version 5 (bsc#1179020)
  This milestone makes systemd rpm macros mostly identical between
  SLE12-SP2 and SLE15.
- Rename the tag file used to detect when presets need to be applied
  Rather than placing these tags directly under /run, let's place them
  under /run/systemd/rpm. This also has the benefit to make the
  workaround for bsc#1059627 no more needed.
- Bump version to 4.2
- Deprecate '-f'/'-n' options
  When used with %service_del_preun, support for these options will be
  dropped as DISABLE_STOP_ON_REMOVAL support will be removed on the
  next version of SLE (jsc#SLE-8968)
  When used with %service_del_postun, they should be replaced with
  their counterpart
  %service_del_postun_with_restart/%service_del_postun_without_restart
- Introduce %service_del_postun_with_restart()
  It's the counterpart of %service_del_postun_without_restart() and
  replaces the '-f' option of %service_del_postun().
- Dont apply presets when migrating from a disabled initscript (bsc#1178481)
- Test for the presence of systemctl only once in %service_add_{post,pre}
  No functional changes.
- Make rpmbuild load our own macros.systemd to import %{%_unitdir} properly
  Ideally we should also own other %{_*dir} paths...
- Stop owning /usr/lib/systemd directory as no package other than
  systemd is supposed to put files there.
tcl
- bsc#1179615: TCL_LIBS in tclConfig.sh possibly breaks build on
  newer service packs and is not needed for linking to a dynamic
  libtcl anyway, so make it empty.
tcpdump
- Security fix: [bsc#1178466, CVE-2020-8037]
  * PPP decapsulator: Allocate the right buffer size
- Add tcpdump-CVE-2020-8037.patch
timezone
- timezone update 2021a (bsc#1177460)
  * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.
- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.
- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.
tomcat
- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602)
- Added patch:
  * tomcat-9.0-CVE-2020-17527.patch
- Fix typo in tomcat-webapps %postun that caused /examples
  context to remain in server.xml when package was removed
- Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from
  package. They're not used anymore becuse of systemd (bsc#1178396)
util-linux
- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
  util-linux-libblkid-cdrom-autoclose-1.patch,
  util-linux-libblkid-cdrom-autoclose-2.patch,
  util-linux-libblkid-cdrom-autoclose-3.patch).
- Modernize patch util-linux-sulogin4bsc1175514.patch
  * Try to autoconfigure broken serial lines
- Add patch util-linux-sulogin4bsc1175514.patch
  Avoid sulogin failing on not existing or not functional console
  devices (bsc#1175514)
- Build with libudev support to support non-root users
  (boo#1169006).
- lscpu: avoid segfault on PowerPC systems with valid hardware
  configurations
  (bsc#1175623, bsc#1178554, bsc#1178825,
  lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
- Fix for SG#57988, bsc#1174942:
  libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
  to CIFS with mount –a.
util-linux-systemd
- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
  util-linux-libblkid-cdrom-autoclose-1.patch,
  util-linux-libblkid-cdrom-autoclose-2.patch,
  util-linux-libblkid-cdrom-autoclose-3.patch).
- Modernize patch util-linux-sulogin4bsc1175514.patch
  * Try to autoconfigure broken serial lines
- Add patch util-linux-sulogin4bsc1175514.patch
  Avoid sulogin failing on not existing or not functional console
  devices (bsc#1175514)
- Build with libudev support to support non-root users
  (boo#1169006).
- lscpu: avoid segfault on PowerPC systems with valid hardware
  configurations
  (bsc#1175623, bsc#1178554, bsc#1178825,
  lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
- Fix for SG#57988, bsc#1174942:
  libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
  to CIFS with mount –a.
vim
- stop owning /etc/vimrc so the old, distro provided config actually
  gets removed. Leaving it around leads to a duplicated autocmd for
  * .spec, leading to spec file template inserted twice.
- own some dirs in vim-data-common so installation of vim-small
  doesn't leave not owned directories (boo#1173256)
- Add vi as slave to update-alternatives so that every package
  has a matching "/vi"/ symlink (bsc#1174564, boo#1176549).
- introduce vim-small package with reduced requirements for small
  installations (boo#1166602).
- BuildRequire pkg-config(krb5) instead of krb5-mini to be able to
  build against Tumbleweed repo
wicked
- version 0.6.64
- avoid incomplete ifdown/timeout on route deletion error (bsc#1174099)
- dhcp4: add DHCLIENT_CREATE_CID to ifcfg (jsc#SLE-15770)
- wicked: fixes to ifreload on port changes (bsc#1168155,bsc#1172082)
- team: fix schema to use correct hwaddr_policy property (boo#1171234)
- team: enable ipv6 on ports when nsna_ping linkwatch is used (bsc#959556)
- version 0.6.63
- ipv6: support to apply stable secret ifsysctl (jsc#SLE-6960)
- version 0.6.62
- utils: don't reject NULL var array names/keys breaking wicked duid dump
- routes: schema fix to avoid not applying rto_min incl. new time format (bsc#1160939)
- systemd: order start wicked after network-pre.target and openvswitch.service start
- packaging: use pkgconfig(libsystemd) instead of systemd-devel
- version 0.6.61
- dracut: add initial cmdline parsing as a config source
- address: don't check hwaddr length if parsing as ARPHRD_VOID
- utils: added find and insert var array utils, cleanup
- client: add show-policy command calling policy generation
- client: initial support to generate a basic policy directly
- client: cleanup convert and show-config commands
- removed obsolete patches included in the source archive:
  [- 0006-spec-fix-old-libwicked-package-provides-obsoletes-bsc1165180.patch]
  [- 0004-dhcp6-don-t-add-free-d-IA-to-ia_pd_list-on-T1-T2-CVE.patch]
  [- 0005-dhcp4-discard-lease-on-client-id-mismatch-CVE-2020-7.patch]
  [- 0003-dhcp4-free-lease-on-response-without-message-type-CV.patch]
  [- 0002-dhcp6-fix-use-after-free-on-option-parsing-failure-C.patch]
  [- 0001-Squashed-misc-bug-fixes-from-pull-821.patch]
yast2-mail
- bsc#1176645 - Running Yast2 Mail multiple times creates excess
  brackets in postfix configuration
- 4.1.2
- bsc#105491 setup of postfix with amavis DKIM signing does not
  work at all. The dkim setup script was rewritten.
- 4.1.1
yast2-packager
- Backport of PR#521.
- prevent race condition between log rotation and migration
  log backup (bsc#1166174)
- 4.1.52
yast2-storage-ng
- Added $LIBSTORAGE_IGNORE_PROBE_ERRORS environment variable
  to ignore storage probing errors (bsc#1177332)
- 4.1.97
zeromq
- bsc1176256.patch: fix heap overflow when receiving malformed
  ZMTP v1 packets (bsc#1176256)
- bsc1176257.patch: fixes a memory leak in client induced by
  malicious server(s) without CURVE/ZAP (bsc#1176257)
- bsc1176259.patch: fix memory leak when processing PUB messages
  with metadata (bsc#1176259)
- bsc1176258.patch: fix stack overflow in PUB/XPUB subscription
  store (bsc#1176258)
- CVE-2020-15166.patch: fix the possibility of unauthenticated
  clients causing a denial-of-service (bsc#1176116, CVE-2020-15166)
zypper
- info: Assume descriptions starting with '<p>' are richtext
  (bsc#935885)
- version 1.14.40
- Use new testcase API in libzypp.
- BuildRequires:  libzypp-devel >= 17.25.0.
- help: prevent 'whatis' from writing to stderr (bsc#1176712)
- wp: point out that command is aliased to a search command and
  searches case-insensitive (jsc#SLE-16271)
- version 1.14.39