- 000release-packages:SUSE-MicroOS-release
-
n/a
- cockpit
-
- CVE-2024-6126.patch: Fix insecure killing of session ssh-agent
(CVE-2024-6126, bsc#1226040)
- UseValidHostnameInTest.patch: use valid hostname in unit tests
- containerd
-
- Revert noarch for devel subpackage
Switching to noarch causes issues on SLES maintenance updates, reverting it
fixes our image builds
- Update to containerd v1.7.17. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
and storage than a locally-compressed tar.xz, it seems there's some weird
issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.16>
CVE-2023-45288 bsc#1221400
- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
(merged upstream at
<https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.11>
GHSA-jq35-85cj-fj4p bsc#1224323
- Use %patch -P N instead of deprecated %patchN.
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
- docker
-
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2506>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
* 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
<https://github.com/moby/buildkit/pull/5060>. bsc#1221916
+ 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. Backport of
<https://github.com/moby/moby/pull/48034>. bsc#1214855
+ 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- Update --add-runtime to point to correct binary path.
- glib2
-
- Add patches to fix CVE-2024-34397 (boo#1224044):
glib2-allocate-SignalSubscriber-structs-individually.patch
glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- kernel-default
-
- Update
patches.suse/0020-dm-btree-remove-fix-use-after-free-in-rebalance_chil.patch
(git-fixes CVE-2021-47600 bsc#1226575).
- Update
patches.suse/0022-block-Fix-wrong-offset-in-bio_truncate.patch
(git-fixes CVE-2022-48747 bsc#1226643).
- Update
patches.suse/ARM-9170-1-fix-panic-when-kasan-and-kprobe-are-enabled.patch
(git-fixes CVE-2021-47618 bsc#1226644).
- Update
patches.suse/ASoC-max9759-fix-underflow-in-speaker_gain_control_p.patch
(git-fixes CVE-2022-48717 bsc#1226679).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4cf28e9ae6e2.patch
(git-fixes CVE-2022-48736 bsc#1226721).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4f1e50d6a9cf.patch
(git-fixes CVE-2022-48737 bsc#1226762).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_.patch
(git-fixes CVE-2022-48738 bsc#1226674).
- Update
patches.suse/Bluetooth-refactor-malicious-adv-data-check.patch
(git-fixes CVE-2021-47620 bsc#1226669).
- Update patches.suse/IB-hfi1-Fix-AIP-early-init-panic.patch
(jsc#SLE-13208 CVE-2022-48728 bsc#1226691).
- Update
patches.suse/PCI-pciehp-Fix-infinite-loop-in-IRQ-handler-upon-pow.patch
(git-fixes CVE-2021-47617 bsc#1226614).
- Update
patches.suse/RDMA-ucma-Protect-mc-during-concurrent-multicast-lea.patch
(bsc#1181147 CVE-2022-48726 bsc#1226686).
- Update
patches.suse/ceph-properly-put-ceph_string-reference-after-async-create-attempt.patch
(bsc#1195798 CVE-2022-48767 bsc#1226715).
- Update
patches.suse/dma-buf-heaps-Fix-potential-spectre-v1-gadget.patch
(git-fixes CVE-2022-48730 bsc#1226713).
- Update
patches.suse/drm-msm-dpu-invalid-parameter-check-in-dpu_setup_dsp.patch
(git-fixes CVE-2022-48749 bsc#1226650).
- Update
patches.suse/drm-msm-dsi-invalid-parameter-check-in-msm_dsi_phy_e.patch
(git-fixes CVE-2022-48756 bsc#1226698).
- Update
patches.suse/drm-nouveau-fix-off-by-one-in-BIOS-boundary-checking.patch
(git-fixes CVE-2022-48732 bsc#1226716).
- Update
patches.suse/firmware-arm_scpi-Fix-string-overflow-in-SCPI-genpd-.patch
(git-fixes CVE-2021-47609 bsc#1226562).
- Update patches.suse/i40e-Fix-queues-reservation-for-XDP.patch
(git-fixes CVE-2021-47619 bsc#1226645).
- Update patches.suse/igbvf-fix-double-free-in-igbvf_probe.patch
(git-fixes CVE-2021-47589 bsc#1226557).
- Update
patches.suse/iommu-vt-d-fix-potential-memory-leak-in-intel_setup_irq_remapping
(git-fixes CVE-2022-48724 bsc#1226624).
- Update
patches.suse/mac80211-track-only-QoS-data-frames-for-admission-co.patch
(git-fixes CVE-2021-47602 bsc#1226554).
- Update
patches.suse/mac80211-validate-extended-element-ID-is-present.patch
(git-fixes CVE-2021-47611 bsc#1226583).
- Update
patches.suse/net-bridge-vlan-fix-memory-leak-in-__allowed_ingress.patch
(bsc#1176447 CVE-2022-48748 bsc#1226647).
- Update
patches.suse/net-hns3-fix-use-after-free-bug-in-hclgevf_send_mbx_.patch
(jsc#SLE-14777 CVE-2021-47596 bsc#1226558).
- Update
patches.suse/net-ieee802154-ca8210-Stop-leaking-skb-s.patch
(git-fixes CVE-2022-48722 bsc#1226619).
- Update
patches.suse/net-mlx5e-Fix-handling-of-wrong-devices-during-bond-.patch
(jsc#SLE-15172 CVE-2022-48746 bsc#1226703).
- Update
patches.suse/net-sched-sch_ets-don-t-remove-idle-classes-from-the.patch
(bsc#1176774 CVE-2021-47595 bsc#1226552).
- Update
patches.suse/nfc-fix-segfault-in-nfc_genl_dump_devices_done.patch
(git-fixes CVE-2021-47612 bsc#1226585).
- Update patches.suse/phylib-fix-potential-use-after-free.patch
(git-fixes CVE-2022-48754 bsc#1226692).
- Update
patches.suse/powerpc-perf-Fix-power_pmu_disable-to-call-clear_pmi.patch
(bsc#1156395 CVE-2022-48752 bsc#1226709).
- Update
patches.suse/rpmsg-char-Fix-race-between-the-release-of-rpmsg_ctr.patch
(git-fixes CVE-2022-48759 bsc#1226711).
- Update
patches.suse/scsi-bnx2fc-Flush-destroy_work-queue-before-calling-bnx2fc_interface_put
(git-fixes CVE-2022-48758 bsc#1226708).
- Update patches.suse/scsi-bnx2fc-Make-bnx2fc_recv_frame-mp-safe
(git-fixes CVE-2022-48715 bsc#1226621).
- Update
patches.suse/scsi-scsi_debug-Sanity-check-block-descriptor-length-in-resp_mode_select.patch
(git-fixes CVE-2021-47576 bsc#1226537).
- Update
patches.suse/smb-client-set-correct-id-uid-and-cruid-for-multiuser-automounts.patch
(git-fixes CVE-2024-26822 bsc#1223011).
- Update
patches.suse/tracing-histogram-Fix-a-potential-memory-leak-for-kstrdup.patch
(git-fixes CVE-2022-48768 bsc#1226720).
- commit 3239c2b
- Update
patches.suse/drm-vmwgfx-Fix-stale-file-descriptors-on-failed-user.patch
(CVE-2022-22942 bsc#1195065 CVE-2022-48771 bsc#1226732).
- Update
patches.suse/isdn-cpai-check-ctr-cnr-to-avoid-array-index-out-of-.patch
(CVE-2021-43389 CVE-2021-3896 bsc#1191958 git-fixes
CVE-2021-4439 bsc#1226670).
- Update
patches.suse/media-mxl111sf-change-mutex_init-location.patch
(git-fixes CVE-2021-47583 bsc#1226563).
- Update
patches.suse/of-module-prevent-NULL-pointer-dereference-in-vsnprintf.patch
(bsc#1226587 CVE-2024-38541 CVE-2024-35878 bsc#1224671).
- Update
patches.suse/tipc-improve-size-validations-for-received-domain-re.patch
(bsc#1195254 CVE-2022-0435 CVE-2022-48711 bsc#1226672).
- commit 4e385ef
- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()
(CVE-2024-36904 bsc#1225732).
- commit 80f0f47
- tcp: do not accept ACK of bytes we never sent (CVE-2023-52881
bsc#1225611).
- commit 874a2d3
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
(bsc#1222015 bsc#1226962).
- commit c8cabcf
- USB: core: Fix hang in usb_kill_urb by adding memory barriers
(CVE-2022-48760 bsc#1226712).
- commit da8ec3e
- scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758
CVE-2024-38559).
- scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786
CVE-2024-38560).
- commit 0e33f69
- Update References tag
patches.suse/Bluetooth-Disconnect-if-E0-is-used-for-Level-4.patch
(bsc#1171988 CVE-2020-10135 bsc#1218148 CVE-2023-24023).
- commit 906dfa6
- RDMA/hns: Fix UAF for cq async event (bsc#1226595 CVE-2024-38545)
- commit d57d06d
- of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1226587 CVE-2024-38541)
- commit c381bb4
- of: module: add buffer overflow check in of_modalias() (bsc#1226587 CVE-2024-38541)
- commit 212b607
- net/mlx5e: Fix use-after-free of encap entry in neigh update
handler (bsc#1224865 CVE-2021-47247).
- commit 91cae43
- net: qcom/emac: fix UAF in emac_remove (bsc#1225010
CVE-2021-47311).
- commit 5533443
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633
bsc#1226226).
- commit 1b48f4e
- net: macb: fix use after free on rmmod (CVE-2021-47372
bsc#1225184).
- commit c9f62c2
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high
(bsc#1219224).
- commit 124c57b
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1224764, CVE-2024-35862).
- commit 8a40236
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1224765, CVE-2024-35864).
- commit 8030dd8
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1224766, CVE-2024-35861).
- commit d1384a0
- smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225487, CVE-2023-52752).
- commit c058f4e
- blacklist.conf: bsc#1225047 CVE-2021-47328
breaks kABI and does not apply
- commit 8d10b79
- blk-cgroup: fix UAF by grabbing blkcg lock before destroying
blkg pd (CVE-2021-47379 bsc#1225203).
- commit af72a45
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
changes (CVE-2024-35789 bsc#1224749).
- commit 7707dc6
- fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1225866 CVE-2024-36964).
- commit c4d4f4c
- pinctrl: core: delete incorrect free in pinctrl_enable()
(CVE-2024-36940 bsc#1225840).
- commit 6932105
- staging: rtl8192e: Fix use after free in
_rtl92e_pci_disconnect() (CVE-2021-47571 bsc#1225518).
- commit b52b9d0
- enetc: Fix illegal access when reading affinity_hint
(CVE-2021-47368 bsc#1225161).
- commit cde762c
- Bluetooth: Add more enc key size check (bsc#1218148
CVE-2023-24023).
- commit 529bf5d
- Bluetooth: Normalize HCI_OP_READ_ENC_KEY_SIZE cmdcmplt
(bsc#1218148 CVE-2023-24023).
- commit 4ac624b
- blacklist.conf: Add 1971d13ffa84a "af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc()."
- commit 1f2871b
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO
request complete (CVE-2024-36894 bsc#1225749).
- commit 99fc30d
- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 62989dd
- inet: inet_defrag: prevent sk release while still in use
(CVE-2024-26921 bsc#1223138).
- commit 599b2eb
- drm/client: Fully protect modes with dev->mode_config.mutex (CVE-2024-35950 bsc#1224703).
- commit f5de9d8
- smb: client: set correct id, uid and cruid for multiuser
automounts (git-fixes).
- commit 548a1f6
- smb: client: fix dfs link mount against w2k8 (git-fixes).
- commit ffabd7c
- cifs: use tcon allocation functions even for dummy tcon
(bsc#1213476).
- commit 8a18c8c
- cifs: avoid race conditions with parallel reconnects
(bsc#1213476).
- commit 0156937
- cifs: check only tcon status on tcon related functions
(bsc#1213476).
- commit 3ee757c
- cifs: return DFS root session id in DebugData (bsc#1213476).
- commit 40d8689
- cifs: fix use-after-free bug in refresh_cache_worker()
(bsc#1213476).
- Refresh
patches.suse/cifs-avoid-dup-prefix-path-in-dfs_get_automount_devname-.patch.
- commit efddc92
- cifs: set DFS root session in cifs_get_smb_ses() (bsc#1213476).
- commit 249b33f
- cifs: reuse cifs_match_ipaddr for comparison of dstaddr too
(bsc#1213476).
- commit c221add
- cifs: match even the scope id for ipv6 addresses (bsc#1213476).
- commit 376b929
- cifs: get rid of dns resolve worker (bsc#1213476).
- commit 36fdff3
- nvme-rdma: destroy cm id before destroy qp to avoid use after
free (CVE-2021-47378 bsc#1225201).
- commit 132f56c
- net/tls: Fix flipped sign in tls_err_abort() calls
(CVE-2021-47496 bsc#1225354)
- commit c2b236a
- net: sched: flower: protect fl_walk() with rcu
(CVE-2021-47402 bsc#1225301)
- commit 5275989
- Update
patches.suse/0001-x86-ioremap-Map-efi_mem_reserve-memory-as-encrypted-.patch
(bsc#1186885 bsc#1224826 CVE-2021-47228).
- Update
patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
(bsc#1187357 bsc#1185570 bsc#1184631 bsc#1224965
CVE-2021-47275).
- Update
patches.suse/0002-ocfs2-fix-race-between-searching-chunks-and-release-.patch
(bsc#1199304 bsc#1225439 CVE-2021-47493).
- Update
patches.suse/0003-drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
(bsc#1152472 bsc#1222838 CVE-2021-47200).
- Update
patches.suse/0015-dm-btree-remove-assign-new_root-only-when-removal-su.patch
(git-fixes bsc#1225155 CVE-2021-47343).
- Update
patches.suse/0019-dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(git-fixes bsc#1225247 CVE-2021-47435).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
(git-fixes bsc#1224984 CVE-2021-47289).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes bsc#1225409 CVE-2021-47509).
- Update
patches.suse/ALSA-seq-Fix-race-of-snd_seq_timer_open.patch
(git-fixes bsc#1224983 CVE-2021-47281).
- Update
patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
(git-fixes bsc#1225091 CVE-2021-47332).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes bsc#1225206 CVE-2021-47381).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes bsc#1225369 CVE-2021-47502).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(git-fixes bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(git-fixes bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(git-fixes bsc#1225438 CVE-2021-47523).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
CVE-2021-47465).
- Update
patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
(git-fixes bsc#1224923 CVE-2021-47341).
- Update
patches.suse/KVM-x86-Immediately-reset-the-MMU-context-when-the-S.patch
(git-fixes bsc#1224853 CVE-2021-47230).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(git-fixes bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(git-fixes bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
(git-fixes bsc#1224953 CVE-2021-47259).
- Update
patches.suse/RDMA-Verify-port-when-creating-flow-rule.patch
(git-fixes bsc#1224957 CVE-2021-47265).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(git-fixes bsc#1210629 CVE-2023-2176 bsc#1225318
CVE-2021-47391).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(bsc#1181147 bsc#1225320 CVE-2021-47392).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(git-fixes bsc#1225393 CVE-2021-47464).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(git-fixes bsc#1225370 CVE-2021-47426).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(git-fixes bsc#1225256 CVE-2021-47456).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes bsc#1225435 CVE-2021-47521).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes bsc#1225450 CVE-2021-47494).
- Update
patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
(bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(git-fixes bsc#1225316 CVE-2021-47387).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(bsc#1221113 bsc#1225357 CVE-2021-47498).
- Update
patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
(git-fixes bsc#1224968 CVE-2021-47305).
- Update
patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
(git-fixes bsc#1224982 CVE-2021-47280).
- Update
patches.suse/drm-amd-display-Avoid-HDCP-over-read-and-corruption.patch
(git-fixes bsc#1225178 CVE-2021-47348).
- Update
patches.suse/drm-amd-display-Fix-potential-memory-leak-in-DMUB-hw.patch
(git-fixes bsc#1224886 CVE-2021-47253).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(git-fixes bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes bsc#1225243 CVE-2021-47444).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes bsc#1225261 CVE-2021-47445).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes bsc#1225446 CVE-2021-47535).
- Update
patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
(bsc#1152472 bsc#1224816 CVE-2020-36788).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes bsc#1225366 CVE-2021-47423).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes bsc#1225233 CVE-2021-47422).
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225230 CVE-2022-48710).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
(git-fixes bsc#1225140 CVE-2021-47354).
- Update
patches.suse/ethtool-strset-fix-message-length-calculation.patch
(bsc#1176447 bsc#1224842 CVE-2021-47241).
- Update
patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
(git-fixes bsc#1224924 CVE-2021-47338).
- Update
patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
(git-fixes bsc#1224966 CVE-2021-47276).
- Update
patches.suse/gpio-wcd934x-Fix-shift-out-of-bounds-error.patch
(git-fixes bsc#1224955 CVE-2021-47263).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes bsc#1225321 CVE-2021-47393).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(git-fixes bsc#1225361 CVE-2021-47501).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/igb-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224916 CVE-2021-47301).
- Update
patches.suse/igc-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224917 CVE-2021-47302).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes bsc#1225358 CVE-2021-47499).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(git-fixes bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
(git-fixes bsc#1224987 CVE-2021-47284).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(bsc#1194591 bsc#1225198 CVE-2021-47478).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(git-fixes bsc#1225328 CVE-2021-47399).
- Update patches.suse/jfs-fix-GPF-in-diFree.patch (bsc#1203389
bsc#1225148 CVE-2021-47340).
- Update
patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
(git-fixes bsc#1225143 CVE-2021-47356).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes bsc#1225326 CVE-2021-47395).
- Update
patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
(git-fixes bsc#1224922 CVE-2021-47344).
- Update
patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
(git-fixes bsc#1225113 CVE-2021-47333).
- Update
patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
(git-fixes bsc#1225112 CVE-2021-47334).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(git-fixes bsc#1225224 CVE-2021-47441).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes bsc#1225386 CVE-2021-47540).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-ethernet-fix-potential-use-after-free-in-ec_bhf_.patch
(git-fixes bsc#1224844 CVE-2021-47235).
- Update
patches.suse/net-hamradio-fix-memory-leak-in-mkiss_close.patch
(CVE-2022-1195 bsc#1198029 bsc#1224830 CVE-2021-47237).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(git-fixes bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
(git-fixes bsc#1224981 CVE-2021-47285).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(jsc#SLE-15172 bsc#1225424 CVE-2021-47512).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1176774 bsc#1225468 CVE-2021-47557).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes bsc#1225447 CVE-2021-47536).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(bsc#1176447 bsc#1225237 CVE-2021-47451).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes bsc#1225372 CVE-2021-47518).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update
patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
(git-fixes bsc#1225058 CVE-2021-47320).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes bsc#1225405 CVE-2021-47507).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes bsc#1225404 CVE-2021-47506).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(bsc#1197760 bsc#1225252 CVE-2021-47458).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
bsc#1225336 CVE-2021-47416).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(bsc#1156395 bsc#1225387 CVE-2021-47428).
- Update
patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
(bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes bsc#1224907 CVE-2021-47483).
- Update
patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
(bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
(git-fixes bsc#1223512 CVE-2022-48636).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
(git-fixes bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
(git-fixes bsc#1225207 CVE-2021-47382).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes bsc#1225508 CVE-2021-47549).
- Update
patches.suse/scsi-core-Fix-bad-pointer-dereference-when-ehandler-kthread-is-invalid.patch
(git-fixes bsc#1224926 CVE-2021-47337).
- Update
patches.suse/scsi-core-Fix-error-handling-of-scsi_host_alloc.patch
(git-fixes bsc#1224899 CVE-2021-47258).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is-released.patch
(git-fixes bsc#1225322 CVE-2021-47480).
- Update
patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs.patch
(git-fixes bsc#1222867 CVE-2021-47192).
- Update
patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
(bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
patches.suse/scsi-megaraid_sas-Fix-resource-leak-in-case-of-probe-failure.patch
(git-fixes bsc#1225083 CVE-2021-47329).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes bsc#1225374 CVE-2021-47503).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
(git-fixes bsc#1225192 CVE-2021-47473).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
(git-fixes bsc#1224990 CVE-2021-47274).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
(git-fixes bsc#1225084 CVE-2021-47330).
- Update
patches.suse/udf-Fix-NULL-pointer-dereference-in-udf_symlink-func.patch
(bsc#1206646 bsc#1225128 CVE-2021-47353).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes bsc#1225333 CVE-2021-47413).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(git-fixes bsc#1225330 CVE-2021-47409).
- Update
patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
(git-fixes bsc#1224996 CVE-2021-47269).
- Update
patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
(git-fixes bsc#1224993 CVE-2021-47267).
- Update
patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
(git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(git-fixes bsc#1225351 CVE-2021-47495).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
(git-fixes bsc#1225060 CVE-2021-47321).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
(git-fixes bsc#1225030 CVE-2021-47324).
- Update
patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
(git-fixes bsc#1225026 CVE-2021-47323).
- Update
patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
(git-fixes bsc#1225177 CVE-2021-47347).
- Update
patches.suse/x86-fpu-prevent-state-corruption-in-_fpu__restore_sig.patch
(bsc#1178134 bsc#1224852 CVE-2021-47227).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(git-fixes bsc#1225232 CVE-2021-47434).
- commit 0b290f8
- Update
patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
(bsc#1184631 bsc#1224965 CVE-2021-47275).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
(git-fixes bsc#1224984 CVE-2021-47289).
- Update
patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
(git-fixes bsc#1225091 CVE-2021-47332).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes bsc#1225206 CVE-2021-47381).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(git-fixes bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(git-fixes bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
CVE-2021-47465).
- Update
patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
(git-fixes bsc#1224923 CVE-2021-47341).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(git-fixes bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(git-fixes bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
(git-fixes bsc#1224953 CVE-2021-47259).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(bsc#1210629 CVE-2023-2176 bsc#1225318 CVE-2021-47391).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(git-fixes bsc#1225393 CVE-2021-47464).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(git-fixes bsc#1225256 CVE-2021-47456).
- Update
patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
(bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
(git-fixes bsc#1224968 CVE-2021-47305).
- Update
patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
(git-fixes bsc#1224982 CVE-2021-47280).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(git-fixes bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes bsc#1225261 CVE-2021-47445).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes bsc#1225366 CVE-2021-47423).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
(git-fixes bsc#1225140 CVE-2021-47354).
- Update
patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
(git-fixes bsc#1224924 CVE-2021-47338).
- Update
patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
(git-fixes bsc#1224966 CVE-2021-47276).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes bsc#1225321 CVE-2021-47393).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/igb-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224916 CVE-2021-47301).
- Update
patches.suse/igc-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224917 CVE-2021-47302).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(git-fixes bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
(git-fixes bsc#1224987 CVE-2021-47284).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(git-fixes bsc#1225328 CVE-2021-47399).
- Update
patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
(git-fixes bsc#1225143 CVE-2021-47356).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes bsc#1225326 CVE-2021-47395).
- Update
patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
(git-fixes bsc#1224922 CVE-2021-47344).
- Update
patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
(git-fixes bsc#1225113 CVE-2021-47333).
- Update
patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
(git-fixes bsc#1225112 CVE-2021-47334).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(git-fixes bsc#1225224 CVE-2021-47441).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(git-fixes bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
(git-fixes bsc#1224981 CVE-2021-47285).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update
patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
(git-fixes bsc#1225058 CVE-2021-47320).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
bsc#1225336 CVE-2021-47416).
- Update
patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
(bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes bsc#1224907 CVE-2021-47483).
- Update
patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
(bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
(git-fixes bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
(git-fixes bsc#1225207 CVE-2021-47382).
- Update
patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
(bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
(git-fixes bsc#1225192 CVE-2021-47473).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
(git-fixes bsc#1224990 CVE-2021-47274).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
(git-fixes bsc#1225084 CVE-2021-47330).
- Update
patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
(git-fixes bsc#1224996 CVE-2021-47269).
- Update
patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
(git-fixes bsc#1224993 CVE-2021-47267).
- Update
patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
(git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(git-fixes bsc#1225351 CVE-2021-47495).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
(git-fixes bsc#1225060 CVE-2021-47321).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
(git-fixes bsc#1225030 CVE-2021-47324).
- Update
patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
(git-fixes bsc#1225026 CVE-2021-47323).
- Update
patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
(git-fixes bsc#1225177 CVE-2021-47347).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(git-fixes bsc#1225232 CVE-2021-47434).
- commit 37dba5a
- net/smc: kABI workarounds for struct smc_link (CVE-2022-48673
bsc#1223934).
- net/smc: Fix possible access to freed memory in link clear
(CVE-2022-48673 bsc#1223934).
- commit 0f509bf
- soc: qcom: llcc: Handle a second device without data corruption (bsc#1225534 CVE-2023-52871)
- commit f6adad8
- x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes).
- Refresh
patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transition.patch.
- Refresh
patches.suse/x86-xen-add-xenpv_restore_regs_and_return_to_usermode.patch.
- commit fa16bf8
- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
CVE-2024-26828).
- commit 8a48c12
- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
(bsc#1225355 CVE-2021-47497).
- commit 33cab00
- Refresh
patches.suse/firmware-raspberrypi-introduce-vl805-init-routine.patch.
- Refresh
patches.suse/pci-brcmstb-wait-for-raspberry-pi-s-firmware-when-present.patch.
- Refresh
patches.suse/usb-pci-quirks-add-raspberry-pi-4-quirk.patch.
- Rename to
patches.suse/soc-bcm2835-add-notify-xhci-reset-property.patch.
Add upstream references, sync with upstream and move to the sorted
section.
3 of these patches were later reverted, but only because they were
replaced by a different implementation, not because they were wrong.
Add the reverts to blacklist.conf.
- commit ebed050
- iio: mma8452: Fix trigger reference couting (bsc#1225360
CVE-2021-47500).
- commit 8ee9c73
- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
CVE-2024-27413).
- commit 66f7463
- tty: Fix out-of-bound vmalloc access in imageblit
(CVE-2021-47383 bsc#1225208).
- commit aa2473d
- ALSA: pcm: oss: Fix negative period/buffer sizes (CVE-2021-47511
bsc#1225411).
- commit 094796a
- Update tags in
patches.suse/ext4-Fix-check-for-block-being-out-of-directory-size.patch.
And move to the sorted section of series.conf.
- commit dc0df73
- Refresh patches.suse/x86-cpu-amd-add-a-zenbleed-fix.patch.
- Refresh
patches.suse/x86-cpu-amd-move-the-errata-checking-functionality-up.patch.
Move 2 upstream arch-specific patches to the sorted section.
- commit d5f36cd
- Input: synaptics-rmi4 - fix use after free in
rmi_unregister_function() (CVE-2023-52840 bsc#1224928).
- commit 3a1b2ed
- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() (CVE-2021-47485 bsc#1224904)
- commit 7e99b42
- af_unix: annote lockless accesses to unix_tot_inflight &
gc_in_progress (bsc#1223384).
- Refresh
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 03fbb54
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (CVE-2021-47485 bsc#1224904)
- commit c9482fe
- IB/mlx5: Fix initializing CQ fragments buffer (bsc#1224954 CVE-2021-47261)
- commit 77cbada
- Move powerpc patches to their specific section
They are apparently not going upstream.
- commit eea93a0
- Move upstream patches to the sorted section
- commit 757eb5a
- Update
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
(bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
(bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
(CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit e0bcd81
- Update
patches.suse/KVM-PPC-Fix-kvm_arch_vcpu_ioctl-vcpu_load-leak.patch
(bsc#1156395 CVE-2021-47296 bsc#1224891).
- Update
patches.suse/NFS-Fix-a-potential-NULL-dereference-in-nfs_get_clie.patch
(git-fixes CVE-2021-47260 bsc#1224834).
- Update
patches.suse/PCI-aardvark-Fix-kernel-panic-during-PIO-transfer.patch
(git-fixes CVE-2021-47229 bsc#1224854).
- Update
patches.suse/batman-adv-Avoid-WARN_ON-timing-related-checks.patch
(git-fixes CVE-2021-47252 bsc#1224882).
- Update
patches.suse/can-mcba_usb-fix-memory-leak-in-mcba_usb.patch
(git-fixes CVE-2021-47231 bsc#1224849).
- Update
patches.suse/kvm-lapic-restore-guard-to-prevent-illegal-apic-regi.patch
(bsc#1188772 CVE-2021-47255 bsc#1224832).
- Update
patches.suse/media-ngene-Fix-out-of-bounds-bug-in-ngene_command_c.patch
(git-fixes CVE-2021-47288 bsc#1224889).
- Update
patches.suse/memory-fsl_ifc-fix-leak-of-IO-mapping-on-probe-failu.patch
(git-fixes CVE-2021-47315 bsc#1224892).
- Update
patches.suse/memory-fsl_ifc-fix-leak-of-private-memory-on-probe-f.patch
(git-fixes CVE-2021-47314 bsc#1224893).
- Update patches.suse/net-cdc_eem-fix-tx-fixup-skb-leak.patch
(git-fixes CVE-2021-47236 bsc#1224841).
- Update
patches.suse/net-mlx5e-Fix-page-reclaim-for-dead-peer-hairpin.patch
(git-fixes CVE-2021-47246 bsc#1224831).
- Update
patches.suse/net-qrtr-fix-OOB-Read-in-qrtr_endpoint_post.patch
(CVE-2021-3743 bsc#1189883 CVE-2021-47240 bsc#1224843).
- Update
patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
(git-fixes CVE-2021-47239 bsc#1224846).
- Update
patches.suse/usb-dwc3-core-fix-kernel-panic-when-do-reboot.patch
(git-fixes CVE-2021-47220 bsc#1224859).
- commit 5376688
- gfs2: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888
CVE-2021-47254).
- commit bf82ce3
- btrfs: do not start relocation until in progress drops are done
(bsc#1222251).
- commit a41ddb4
- btrfs: do not start relocation until in progress drops are done
(bsc#1222251).
- commit 0f3d5ec
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(bsc#1224174 CVE-2024-27398).
- commit 2d99726
- af_unix: Fix garbage collector racing against connect()
(CVE-2024-26923 bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 9a2eeaf
- blacklist.conf: Fix for code not present (CVE-2024-26929)
- commit 3d9e5d9
- Refresh
patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
- Refresh
patches.suse/rpadlpar_io-Add-MODULE_DESCRIPTION-entries-to-kernel.patch.
Adjust headers to minimize merge conflicts.
- commit 0300a69
- Refresh
patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
Swap headers to avoid a conflict when merging into consumer branches.
- commit 1510229
- Refresh
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch.
Update Patch-mainline tag and move to sorted section.
- commit 81abd64
- Refresh patches.suse/Bluetooth-L2CAP-Fix-u8-overflow.patch.
Add upstream commit ID and move to sorted section.
- commit 5c72346
- Refresh
patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch.
Update Patch-mainline tag and move to sorted section.
- commit 684103a
- Refresh
patches.suse/misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch.
Update Patch-mainline tag and move to sorted section.
- commit a75fb60
- Refresh
patches.suse/char-pcmcia-synclink_cs-Fix-use-after-free-in-mgslpc.patch.
Driver was deleted upstream so this fix will stay out-of-tree
forever. Move to the appropriate section.
- commit bce6652
- Refresh
patches.suse/media-dvb-core-Fix-UAF-due-to-refcount-races-at-rele.patch.
Add upstream commit ID and move to sorted section.
- commit 39ecedd
- Refresh
patches.suse/netfilter-nf_conntrack_irc-Tighten-matching-on-DCC-m.patch.
Add upstream commit ID and move to sorted section.
- commit 6754ecb
- Refresh
patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
Add upstream commit ID and move to sorted section.
- commit 92fa4c5
- Refresh
patches.suse/SUNRPC-auth-async-tasks-mustn-t-block-waiting-for-me.patch.
- Refresh
patches.suse/SUNRPC-call_alloc-async-tasks-mustn-t-block-waiting-.patch.
- Refresh
patches.suse/SUNRPC-improve-swap-handling-scheduling-and-PF_MEMAL.patch.
- Refresh
patches.suse/SUNRPC-remove-scheduling-boost-for-SWAPPER-tasks.patch.
- Refresh
patches.suse/SUNRPC-xprt-async-tasks-mustn-t-block-waiting-for-me.patch.
Add upstream commit IDs and move to sorted section.
- commit 245a308
- Refresh
patches.suse/NFS-change-nfs_access_get_cached-to-only-report-the-.patch.
- Refresh
patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
patches.suse/NFS-pass-cred-explicitly-for-access-tests.patch.
Add upstream commit IDs and move to sorted section.
- commit 8f85449
- Refresh
patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
Add upstream commit ID and move to sorted section.
- commit 0e0054f
- NFC: nxp: add NXP1002 (bsc#1185589).
Add upstream commit ID and subject, and move to sorted section.
- commit 01c3222
- series.conf: Move block-genhd-use-atomic_t-for-disk_event-block.patch
Patch was never accepted upstream and was dropped from later products
as it had problematic side effects. Move it to the appropriate
out-of-tree section.
- commit 9199401
- PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
Add upstream commit ID and subject, and move to sorted section.
- commit 4630de9
- Refresh
patches.suse/drivers-base-memory.c-cache-blocks-in-radix-tree-to-.patch.
Document why this commit will never go upstream and move it to its
specific section.
- commit f30bed3
- Refresh
patches.suse/x86-boot-Ignore-relocations-in-.notes-sections-in-walk_rel.patch.
Move to sorted section.
- commit 9bdf9d5
- blacklist.conf: add fix for code not present (CVE-2024-26930)
- commit 19f6175
- Update
patches.suse/netfilter-nf_tables-mark-set-as-dead-when-unbinding-.patch
(git-fixes CVE-2024-26643 bsc#1221829).
- Update
patches.suse/netfilter-nf_tables-release-mutex-after-nft_gc_seq_e.patch
(git-fixes CVE-2024-26925 bsc#1223390).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-end-interval-element-f.patch
(git-fixes CVE-2024-26581 bsc#1220144).
- commit 5b5ef95
- Update
patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1220754 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- Update
patches.suse/netfilter-nf_tables-fix-memleak-when-more-than-255-e.patch
(git-fixes CVE-2023-52581 bsc#1220877).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch
(git-fixes CVE-2023-52433 bsc#1220137).
- commit ab7595e
- blacklist.conf: Add 9474c62ab65f net/sched: Add module alias for sch_fq_pie
- commit 0f0d88e
- usb: aqc111: check packet for fixup for true limit (bsc#1217169
CVE-2023-52655).
- commit 1678228
- Update
patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
(git-fixes CVE-2022-48704 bsc#1223932).
- commit d602686
- netfilter: nf_tables: release mutex after nft_gc_seq_end from
abort path (git-fixes).
- commit 453d60a
- netfilter: nf_tables: mark set as dead when unbinding anonymous
set with timeout (git-fixes).
- commit a3b6f2c
- netfilter: nft_set_rbtree: skip end interval element from gc
(git-fixes).
- commit f941d80
- netfilter: nf_tables: skip dead set elements in netlink dump
(git-fixes).
- commit 11672cf
- netfilter: nf_tables: mark newset as dead on transaction abort
(git-fixes).
- commit deeefa0
- blacklist.conf: update blacklist
- commit d111502
- blacklist.conf: update blacklist
- commit c053707
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion
failure (git-fixes).
- commit 787a388
- Refresh patches.kabi/netfilter-preserve-nf_tables-kabi.patch.
- commit f69dce7
- netfilter: nf_tables: fix memleak when more than 255 elements
expired (git-fixes).
- commit 55db444
- blacklist.conf: update blacklist
- commit 3075338
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (git-fixes).
- commit bc13e9b
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath
contention (git-fixes).
- commit 9ed8e71
- netfilter: nft_set_rbtree: skip sync GC for new elements in
this transaction (git-fixes).
- commit 0d564a0
- netfilter: nf_tables: defer gc run if previous batch is still
pending (git-fixes).
- commit 1cb21d0
- netfilter: nf_tables: use correct lock to protect gc_list
(git-fixes).
- commit f315c4c
- netfilter: nf_tables: GC transaction race with abort path
(git-fixes).
- commit ce0642f
- netfilter: nf_tables: GC transaction race with netns dismantle
(git-fixes).
- commit d9e442c
- blacklist.conf: update blacklist
- commit 51055c8
- netfilter: nf_tables: fix GC transaction races with netns and
netlink event exit path (git-fixes).
- commit eacca32
- netfilter: nf_tables: fix kdoc warnings after gc rework
(git-fixes).
- commit f86c22d
- krb5
-
- Fix vulnerabilities in GSS message token handling, add patch
0013-Fix-vulnerabilities-in-GSS-message-token-handling.patch
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
- util-linux
-
- fix Xen virtualization type misidentification bsc#1215918
lscpu-fix-parameter-order-for-ul_prefix_fopen.patch
- gcc13
-
- Update to GCC 13.3 release
- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream
- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
the GCN offload compiler as that is requiring Code Object version 3
which is no longer supported by llvm18.
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- openssl-1_1
-
- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
security vulnerability. Calling the function SSL_free_buffers()
potentially caused memory to be accessed that was previously
freed in some situations and a malicious attacker could attempt
to engineer a stituation where this occurs to facilitate a
denial-of-service attack. [CVE-2024-4741, bsc#1225551]
- libsolv
-
- add a conflict to older libsolv-tools to libsolv-tools-base
- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
cases
- added experimental lua bindings
- bump version to 0.7.29
- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- libssh
-
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1227396)
- added libssh-fix-ipv6-hostname-regression.patch
- libxml2
-
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
- libzypp
-
- zypp-tui: Make sure translated texts use the correct textdomain
(fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)
- don't require libproxy1 on tumbleweed, it is optional now
- version 17.34.0 (34)
- Fix versioning scheme
- version 17.33.4 (35)
- add one more missing export for libyui-qt-pkg
- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)
- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2
- version 17.33.1 (33)
- switch to reduced size libsolv-tools-base (jsc#PED-8153)
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- Add ZYPP_API for exported functions and switch to
visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)
- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)
- shadow
-
- bsc#1228770: Fix not copying of skel files
Update shadow-CVE-2013-4235.patch
- bsc#916845 (CVE-2013-4235): Fix TOCTOU race condition
Add shadow-CVE-2013-4235.patch
- python-requests
-
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
as a directory, bsc#1225912
- salt
-
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Mark python3-CherryPy as recommended package for the testsuite
- Added:
* add-missing-contextvars-dependency-in-salt.version.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
* remove-redundant-_file_find-call-to-the-master.patch
* make-logging-calls-lighter.patch
* improve-broken-events-catching-and-reporting.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* make-salt-master-self-recoverable-on-killing-eventpu.patch
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
- python-urllib3
-
- Add CVE-2024-37891.patch (bsc#1226469, CVE-2024-37891)
- runc
-
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.13. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>.
- Rebase patches:
* 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
* 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
* 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Backport <https://github.com/opencontainers/runc/pull/3931> to fix a
performance issue when running lots of containers, caused by system getting
too many mount notifications. bsc#1214960
+ 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch
- suse-build-key
-
- added missing ; in shell script (bsc#1227681)
- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
them. (bsc#1227429)
gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.
- wget
-
- Fix mishandled semicolons in the userinfo subcomponent could lead to an
insecure behavior in which data that was supposed to be in the userinfo
subcomponent is misinterpreted to be part of the host subcomponent.
[bsc#1226419, CVE-2024-38428, properly-re-implement-userinfo-parsing.patch]
- wicked
-
- Update to version 0.6.76
- compat-suse: warn user and create missing parent config of
infiniband children (gh#openSUSE/wicked#1027)
- client: fix origin in loaded xml-config with obsolete port
references but missing port interface config, causing a
no-carrier of master (bsc#1226125)
- ipv6: fix setup on ipv6.disable=1 kernel cmdline (bsc#1225976)
- wireless: add frequency-list in station mode (jsc#PED-8715)
- client: fix crash while hierarchy traversing due to loop in
e.g. systemd-nspawn containers (bsc#1226664)
- man: add supported bonding options to ifcfg-bonding(5) man page
(gh#openSUSE/wicked#1021)
- arputil: Document minimal interval for getopts (gh#openSUSE/wicked#1019)
- man: (re)generate man pages from md sources (gh#openSUSE/wicked#1018)
- client: warn on interface wait time reached (gh#openSUSE/wicked#1017)
- compat-suse: fix dummy type detection from ifname to not cause
conflicts with e.g. correct vlan config on dummy0.42 interfaces
(gh#openSUSE/wicked#1016)
- compat-suse: fix infiniband and infiniband child type detection
from ifname (gh#openSUSE/wicked#1015)
- Removed patches included in the source archive:
[- 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
[- 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- arp: increase arp-send retry value to avoid address configuration
failure due to ENOBUF reported by kernel while duplicate address
detection with underlying bonding in 802.3ad mode reporting link
"up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
gh#openSUSE/wicked#1020).
[+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- xen
-
- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
guest IRQ handling (XSA-458)
xsa458.patch
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
Corrections to the following patches
xsa456-5.patch
xsa456-6.patch
- zypper
-
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- BuildRequires: libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73
- Unify message format(fixes #485)
- version 1.14.72
- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
* PIC is not needed as no shared lib is built
* fstack-protector-strong is default on modern dists and would
be downgraded by fstack-protector
* default visibility hidden allows better optimisation
* O2 is reducing inlining bloat
- > 18% reduced binary size
- remove procps requires (was only for ZMD which is dropped)
(jsc#PED-8153)