- aaa_base
-
- Update to version 84.87+git20250903.33e5ba4:
* Correct fix for boo#1247495 (boo#1248158)
- Update to version 84.87+git20250805.3069494:
* Remove initviocons for tcsh as well and
* Update csh.login
* Add missing quoting and remove unneeded uses of eval
- Update to version 84.87+git20250801.f305627:
* Remove sysconfig.language [bsc#1247286]
- Update to version 84.87+git20250801.b2fa3fe:
* Allow /etc/locale.conf to have no newline
- Update to version 84.87+git20250429.1cad3bc:
* Remove alias "you" (boo#1242011)
- Update to version 84.87+git20250425.1664836:
* Fix bug boo#1241205 by adding missed endif
* alias.bash: future-proof egrep/fgrep color aliases
- Update to version 84.87+git20250410.71df276:
* Modern s390x uses TERM=linux for ttysclp<X>
- Update to version 84.87+git20250313.4dd1cfd:
* DIR_COLORS: add backup and temporary file extensions
* DIR_COLORS: sort audio formats
* DIR_COLORS: use cyan for audio formats instead of green
* DIR_COLORS: add 'avif' to image formats
* DIR_COLORS: add updated and sorted list of archive formats
* DIR_COLORS: don't colour DOS/Windows executables
* DIR_COLORS: update existing colours and add missing ones
* DIR_COLORS: add COLORTERM and 'st' terminal
* DIR_COLORS: update file description
* DIR_COLORS: sort TERM entries
* DIR_COLORS: remove COLOR, OPTIONS and EIGHTBIT
- Update to version 84.87+git20250313.e71c2f4:
* Respect PROFILEREAD/CSHRCREAD at shell switch
* Modernize specfile
* Add safety quotes and proper escaping
* Avoid bashisms in build recipe
* Add setup-systemd-proxy-env
* profile.{sh,csh}: Drop useless proxy variables cleanup
- Update to version 84.87+git20250102.c08e614:
* Load distrobox_profile.sh
- chrony
-
- Update to version 4.8:
* Add maxunreach option to limit selection of unreachable sources
* Add -u option to chronyc to drop root privileges (default
chronyc user is set by configure script)
* Fix refclock extpps option to work on Linux >= 6.15
* Validate refclock samples for reachability updates
* Obsoletes chrony-unix-socket.patch
* Obsoletes chrony-remove-chmod.patch
- bsc#1246544: Fix racy socket creation
* Add chrony-unix-socket.patch
* Add chrony-remove-chmod.patch
- Update clknetsim to snapshot a2eb0b25.
- Update to version 4.7:
* Add opencommands directive to select remote monitoring
commands
* Add interval option to driftfile directive
* Add waitsynced and waitunsynced options to local directive
* Add sanity checks for integer values in configuration
* Add support for systemd Type=notify service
* Add RTC refclock driver
* Allow PHC refclock to be specified with network interface name
* Don’t require multiple refclock samples per poll to simplify
filter configuration
* Keep refclock reachable when dropping samples with large delay
* Improve quantile-based filtering to adapt faster to larger
delay
* Improve logging of selection failures
* Detect clock interference from other processes
* Try to reopen message log (-l option) on cyclelogs command
* Fix sourcedir reloading to not multiply sources
* Fix tracking offset after failed clock step
* Drop support for NTS with Nettle < 3.6 and GnuTLS < 3.6.14
* Drop support for building without POSIX threads
- Update clknetsim to snapshot 530d1a5.
- Update to version 4.6.1:
* Add ntsaeads directive to enable only selected AEAD algorithms
for NTS.
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD
algorithm.
* Switch to compliant NTS keys if first response from server is
NTS NAK.
- Drop rcFOO symlinks for CODE16 (PED-266).
- Update to version 4.6:
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
* Obsoletes chrony-124-tai.patch
- The project's new home is https://chrony-project.org/ .
- Update clknetsim to snapshot 633a0be: fix missing stat/fstat with
latest glibc.
- containerd
-
- Update to containerd v1.7.29. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.29>
* CVE-2024-25621 bsc#1253126
* CVE-2025-64329 bsc#1253132
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.28. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.28>
- docker
-
- Enable SELinux in default daemon.json config (--selinux-enabled). This has no
practical impact on non-SELinux systems. bsc#1252290
- Update to Docker 28.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2851>
- Rebased patches:
* 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
* 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-openSUSE-point-users-to-docker-buildx-package.patch
* cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch
- Remove upstreamed patch:
- 0007-Add-back-vendor.sum.patch
- Update to Docker 28.5.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2850>
- Backport <https://github.com/moby/moby/pull/51091> to re-add vendor.sum,
fixing our builds.
+ 0007-Add-back-vendor.sum.patch
- Rebased patches:
* 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
* 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-openSUSE-point-users-to-docker-buildx-package.patch
* cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch
- Update to docker-buildx v0.29.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.29.0>
- Remove git-core recommends also on openSUSE: the below argument
is valid for those users too.
- Remove git-core recommends on SLE. Most SLE systems have
installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ("docker build git://") so
most users already have the dependency installed, and the error when git is
missing is fairly straightforward (so they can easily figure out what they
need to install).
- dracut
-
- Update to version 059+suse.641.g906a3d31:
* fix(kernel-modules-extra): remove stray \ before / (bsc#1253029)
- glib2
-
- Add glib2-CVE-2025-7039.patch: fix computation of temporary file
name (bsc#1249055 CVE-2025-7039 glgo#GNOME/glib#3716).
- grub2
-
- Fix CVE-2025-54771 (bsc#1252931)
* 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch
- Fix CVE-2025-54770 (bsc#1252930)
* 0002-net-net-Unregister-net_set_vlan-command-on-unload.patch
- Fix CVE-2025-61662 (bsc#1252933)
* 0003-gettext-gettext-Unregister-gettext-command-on-module.patch
- Fix CVE-2025-61663 (bsc#1252934)
- Fix CVE-2025-61664 (bsc#1252935)
* 0004-normal-main-Unregister-commands-on-module-unload.patch
* 0005-tests-lib-functional_test-Unregister-commands-on-mod.patch
- Fix CVE-2025-61661 (bsc#1252932)
* 0006-commands-usbtest-Use-correct-string-length-field.patch
* 0007-commands-usbtest-Ensure-string-length-is-sufficient-.patch
- Bump upstream SBAT generation to 6
- Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591)
- Fix OOM error in loading loopback file (bsc#1230840) (bsc#1249140)
* 0001-tpm-Skip-loopback-image-measurement.patch
- Fix CVE-2024-56738: side-channel attack due to not constant-time
algorithm in grub_crypto_memcmp (bsc#1234959)
* grub2-constant-time-grub_crypto_memcmp.patch
- Update the patch to fix "SRK not matched" errors when unsealing
the key (bsc#1232411) (bsc#1247242)
* 0001-tpm2-Add-extra-RSA-SRK-types.patch
- Fix CVE-2025-4382: TPM auto-decryption data exposure (bsc#1242971)
* 0001-kern-rescue_reader-Block-the-rescue-mode-until-the-C.patch
* 0002-commands-search-Introduce-the-cryptodisk-only-argume.patch
* 0003-disk-diskfilter-Introduce-the-cryptocheck-command.patch
* 0004-commands-search-Add-the-diskfilter-support.patch
* 0005-docs-Document-available-crypto-disks-checks.patch
* 0006-disk-cryptodisk-Add-the-erase-secrets-function.patch
* 0007-disk-cryptodisk-Wipe-the-passphrase-from-memory.patch
* 0008-cryptocheck-Add-quiet-option.patch
- patch rebased
* 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
* 0004-Key-revocation-on-out-of-bound-file-access.patch
- patch refrehed
* 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch
* 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch
- Security fixes for 2024
* 0001-misc-Implement-grub_strlcpy.patch
- Fix CVE-2024-45781 (bsc#1233617)
* 0002-fs-ufs-Fix-a-heap-OOB-write.patch
- Fix CVE-2024-56737 (bsc#1234958)
- Fix CVE-2024-45782 (bsc#1233615)
* 0003-fs-hfs-Fix-stack-OOB-write-with-grub_strcpy.patch
- Fix CVE-2024-45780 (bsc#1233614)
* 0004-fs-tar-Integer-overflow-leads-to-heap-OOB-write.patch
- Fix CVE-2024-45783 (bsc#1233616)
* 0005-fs-hfsplus-Set-a-grub_errno-if-mount-fails.patch
* 0006-kern-file-Ensure-file-data-is-set.patch
* 0007-kern-file-Implement-filesystem-reference-counting.patch
- Fix CVE-2025-0624 (bsc#1236316)
* 0008-net-Fix-OOB-write-in-grub_net_search_config_file.patch
- Fix CVE-2024-45774 (bsc#1233609)
* 0009-video-readers-jpeg-Do-not-permit-duplicate-SOF0-mark.patch
- Fix CVE-2024-45775 (bsc#1233610)
* 0010-commands-extcmd-Missing-check-for-failed-allocation.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0011-commands-pgp-Unregister-the-check_signatures-hooks-o.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0012-normal-Remove-variables-hooks-on-module-unload.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0013-gettext-Remove-variables-hooks-on-module-unload.patch
- Fix CVE-2024-45776 (bsc#1233612)
* 0014-gettext-Integer-overflow-leads-to-heap-OOB-write-or-.patch
- Fix CVE-2024-45777 (bsc#1233613)
* 0015-gettext-Integer-overflow-leads-to-heap-OOB-write.patch
- Fix CVE-2025-0690 (bsc#1237012)
* 0016-commands-read-Fix-an-integer-overflow-when-supplying.patch
- Fix CVE-2025-1118 (bsc#1237013)
* 0017-commands-minicmd-Block-the-dump-command-in-lockdown-.patch
- Fix CVE-2024-45778 (bsc#1233606)
- Fix CVE-2024-45779 (bsc#1233608)
* 0018-fs-bfs-Disable-under-lockdown.patch
- Fix CVE-2025-0677 (bsc#1237002)
- Fix CVE-2025-0684 (bsc#1237008)
- Fix CVE-2025-0685 (bsc#1237009)
- Fix CVE-2025-0686 (bsc#1237010)
- Fix CVE-2025-0689 (bsc#1237011)
* 0019-fs-Disable-many-filesystems-under-lockdown.patch
- Fix CVE-2025-1125 (bsc#1237014)
- Fix CVE-2025-0678 (bsc#1237006)
* 0020-fs-Prevent-overflows-when-allocating-memory-for-arra.patch
- Updated to upstream version
* 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch
- Bump upstream SBAT generation to 5
- Fix CVE-2024-49504 (bsc#1229163) (bsc#1229164)
- Restrict CLI access if the encrypted root device is automatically unlocked by
the TPM. LUKS password authentication is required for access to be granted
* 0001-cli_lock-Add-build-option-to-block-command-line-inte.patch
* 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch
- Obsolete, as CLI access is now locked and granted access no longer requires
the previous restrictions
* 0002-Restrict-file-access-on-cryptodisk-print.patch
* 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch
- Rediff
* 0004-Key-revocation-on-out-of-bound-file-access.patch
- kernel-source:kernel-default
-
- nbd: restrict sockets to TCP and UDP (bsc#1252774
CVE-2025-40080).
- commit a7c3e39
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- commit 0f034b6
- Delete
patches.kabi/KVM-x86-pmu-Allow-programming-events-that-match-unsu.patch.
This avoids a kbuild error in check-patchrv. This patch is not needed
anyway since 4f5efb71e1f4.
- commit 624b1b2
- vhost: vringh: Modify the return value check (CVE-2025-40051
bsc#1252858).
- commit 80d9f20
- btrfs: fix the incorrect max_bytes value for
find_lock_delalloc_range() (git-fixes).
- commit 91a9728
- KVM: x86: Introduce kvm_x86_call() to simplify static calls
of kvm_x86_ops (git-fixes).
- Refresh
patches.suse/KVM-x86-Don-t-inject-PV-async-PF-if-SEND_ALWAYS-0-an.patch.
- Refresh
patches.suse/KVM-x86-Exit-to-userspace-if-fastpath-triggers-one-o.patch.
- Refresh patches.suse/KVM-x86-Introduce-kvm_set_mp_state.patch.
- Refresh
patches.suse/KVM-x86-Route-non-canonical-checks-in-emulator-throu.patch.
- Refresh
patches.suse/KVM-x86-model-canonical-checks-more-precisely.patch.
- commit 3454959
- KVM: x86: Replace static_call_cond() with static_call()
(git-fixes).
- commit 6bb685c
- Update
patches.suse/ACPI-x86-s2idle-Catch-multiple-ACPI_TYPE_PACKAGE-obj.patch
(git-fixes CVE-2023-53708 bsc#1252537).
- Update
patches.suse/ALSA-usb-audio-Fix-NULL-pointer-deference-in-try_to_.patch
(git-fixes CVE-2025-40085 bsc#1252873).
- Update
patches.suse/ALSA-usb-audio-fix-race-condition-to-UAF-in-snd_usbm.patch
(git-fixes CVE-2025-39997 bsc#1252056).
- Update
patches.suse/ASoC-qcom-audioreach-fix-potential-null-pointer-dere.patch
(git-fixes CVE-2025-40013 bsc#1252348).
- Update patches.suse/Bluetooth-MGMT-Fix-possible-UAFs.patch
(git-fixes CVE-2025-39981 bsc#1252060).
- Update
patches.suse/Bluetooth-hci_event-Fix-UAF-in-hci_acl_create_conn_s.patch
(git-fixes CVE-2025-39982 bsc#1252083).
- Update
patches.suse/HID-amd_sfh-Fix-for-shift-out-of-bounds.patch
(bsc#1012628 CVE-2023-53703 bsc#1252553).
- Update
patches.suse/Input-uinput-zero-initialize-uinput_ff_upload_compat.patch
(git-fixes CVE-2025-40035 bsc#1252866).
- Update patches.suse/NFS-Fix-a-potential-data-corruption.patch
(git-fixes CVE-2023-53711 bsc#1252536).
- Update
patches.suse/NFSD-Define-a-proc_layoutcommit-for-the-FlexFiles-layout-type.patch
(git-fixes CVE-2025-40087 bsc#1252909).
- Update
patches.suse/PCI-endpoint-pci-epf-test-Add-NULL-check-for-DMA-cha.patch
(git-fixes CVE-2025-40032 bsc#1252841).
- Update
patches.suse/RDMA-rxe-Fix-race-in-do_task-when-draining.patch
(git-fixes CVE-2025-40061 bsc#1252849).
- Update
patches.suse/Squashfs-fix-uninit-value-in-squashfs_get_parent.patch
(git-fixes CVE-2025-40049 bsc#1252822).
- Update
patches.suse/USB-gadget-Fix-the-memory-leak-in-raw_gadget-dr.patch
(bsc#1012628 CVE-2023-53693 bsc#1252489).
- Update
patches.suse/afs-Fix-potential-null-pointer-dereference-in-afs_put_server.patch
(git-fixes CVE-2025-40010 bsc#1252332).
- Update
patches.suse/arm64-csum-Fix-OoB-access-in-IP-checksum-code-for-ne.patch
(git-fixes CVE-2023-53726 bsc#1252565).
- Update
patches.suse/arm64-sme-Use-STR-P-to-clear-FFR-context-field-.patch
(bsc#1012628 CVE-2023-53713 bsc#1252559).
- Update
patches.suse/blk-iocost-use-spin_lock_irqsave-in-adjust_inus.patch
(bsc#1012628 CVE-2023-53730 bsc#1252495).
- Update
patches.suse/bus-fsl-mc-Check-return-value-of-platform_get_resour.patch
(git-fixes CVE-2025-40029 bsc#1252772).
- Update
patches.suse/can-etas_es58x-populate-ndo_change_mtu-to-prevent-bu.patch
(git-fixes CVE-2025-39988 bsc#1252074).
- Update
patches.suse/can-hi311x-populate-ndo_change_mtu-to-prevent-buffer.patch
(git-fixes CVE-2025-39987 bsc#1252079).
- Update
patches.suse/can-mcba_usb-populate-ndo_change_mtu-to-prevent-buff.patch
(git-fixes CVE-2025-39985 bsc#1252082).
- Update
patches.suse/can-peak_usb-fix-shift-out-of-bounds-issue.patch
(git-fixes CVE-2025-40020 bsc#1252679).
- Update
patches.suse/can-sun4i_can-populate-ndo_change_mtu-to-prevent-buf.patch
(git-fixes CVE-2025-39986 bsc#1252078).
- Update
patches.suse/clk-imx-clk-imx8mp-improve-error-handling-in-im.patch
(bsc#1012628 CVE-2023-53704 bsc#1252490).
- Update
patches.suse/clocksource-drivers-cadence-ttc-Fix-memory-leak.patch
(bsc#1012628 CVE-2023-53725 bsc#1252492).
- Update
patches.suse/crypto-essiv-Check-ssize-for-decryption-and-in-place.patch
(git-fixes CVE-2025-40019 bsc#1252678).
- Update
patches.suse/crypto-hisilicon-qm-set-NULL-to-qm-debug.qm_diff_reg.patch
(git-fixes CVE-2025-40062 bsc#1252850).
- Update
patches.suse/drm-amdgpu-Fix-integer-overflow-in-amdgpu_cs_p.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53707
bsc#1252632).
- Update
patches.suse/drm-gma500-Fix-null-dereference-in-hdmi-teardown.patch
(git-fixes CVE-2025-40011 bsc#1252336).
- Update
patches.suse/drm-sched-Fix-potential-double-free-in-drm_sched_job.patch
(git-fixes CVE-2025-40096 bsc#1252902).
- Update
patches.suse/fbcon-fix-integer-overflow-in-fbcon_do_set_font.patch
(git-fixes CVE-2025-39967 bsc#1252033).
- Update
patches.suse/fs-udf-fix-OOB-read-in-lengthAllocDescs-handling.patch
(git-fixes CVE-2025-40044 bsc#1252785).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_strcasecmp.patch
(git-fixes CVE-2025-40088 bsc#1252904).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_uni2asc_followup.patch
(git-fixes CVE-2025-40082 bsc#1252775).
- Update
patches.suse/iommu-vt-d-Disallow-dirty-tracking-if-incoherent-pag.patch
(git-fixes CVE-2025-40058 bsc#1252854).
- Update
patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk-8b04.patch
(jsc#PED-7542 CVE-2023-53722 bsc#1252499).
- Update
patches.suse/media-b2c2-Fix-use-after-free-causing-by-irq_check_w.patch
(git-fixes CVE-2025-39996 bsc#1252065).
- Update
patches.suse/media-i2c-tc358743-Fix-use-after-free-bugs-caused-by.patch
(git-fixes CVE-2025-39995 bsc#1252064).
- Update
patches.suse/media-rc-fix-races-with-imon_disconnect.patch
(git-fixes CVE-2025-39993 bsc#1252070).
- Update
patches.suse/media-tuner-xc5000-Fix-use-after-free-in-xc5000_rele.patch
(git-fixes CVE-2025-39994 bsc#1252072).
- Update
patches.suse/media-uvcvideo-Mark-invalid-entities-with-id-UVC_INV.patch
(git-fixes CVE-2025-40016 bsc#1252346).
- Update
patches.suse/misc-fastrpc-fix-possible-map-leak-in-fastrpc_put_ar.patch
(git-fixes CVE-2025-40036 bsc#1252865).
- Update
patches.suse/net-nfc-nci-Add-parameter-validation-for-packet-data.patch
(git-fixes CVE-2025-40043 bsc#1252787).
- Update
patches.suse/net-sched-cls_u32-Undo-tcf_bind_filter-if-u32_r.patch
(bsc#1012628 CVE-2023-53733 bsc#1252685).
- Update
patches.suse/net-sched-fq_pie-avoid-stalls-in-fq_pie_timer.patch
(bsc#1220419 CVE-2023-53727 bsc#1252566).
- Update
patches.suse/netlink-fix-potential-deadlock-in-netlink_set_e.patch
(bsc#1012628 CVE-2023-53731 bsc#1252481).
- Update
patches.suse/nvdimm-Fix-memleak-of-pmu-attr_groups-in-unregister_-85ae.patch
(jsc#PED-5853 CVE-2023-53697 bsc#1252534).
- Update
patches.suse/posix-timers-Ensure-timer-ID-search-loop-limit-.patch
(bsc#1012628 CVE-2023-53728 bsc#1252668).
- Update
patches.suse/ring-buffer-Do-not-swap-cpu_buffer-during-resi.patch
(bsc#1012628 CVE-2023-53718 bsc#1252564).
- Update
patches.suse/riscv-move-memblock_allow_resize-after-linear-m.patch
(bsc#1012628 CVE-2023-53699 bsc#1252550).
- Update
patches.suse/smb-client-fix-crypto-buffers-in-non-linear-memory.patch
(bsc#1250491 boo#1239206 CVE-2025-40052 bsc#1252851).
- Update
patches.suse/soc-qcom-qmi_encdec-Restrict-string-length-in-decode.patch
(git-fixes CVE-2023-53729 bsc#1252496).
- Update
patches.suse/tty-n_gsm-Don-t-block-input-queue-by-waiting-MSC.patch
(git-fixes CVE-2025-40071 bsc#1252797).
- Update
patches.suse/wifi-ath11k-fix-NULL-dereference-in-ath11k_qmi_m3_lo.patch
(git-fixes CVE-2025-39991 bsc#1252075).
- Update
patches.suse/wifi-ath12k-Fix-a-NULL-pointer-dereference-in-ath12k.patch
(git-fixes CVE-2023-53721 bsc#1252561).
- Update
patches.suse/xfrm-xfrm_alloc_spi-shouldn-t-use-0-as-SPI.patch
(CVE-2025-39797 bsc#1249608 CVE-2025-39965 bsc#1251967).
- Update
patches.suse/xsk-fix-refcount-underflow-in-error-path.patch
(bsc#1012628 CVE-2023-53698 bsc#1252479).
- commit 9042362
- coresight: trbe: Return NULL pointer for allocation failures
(CVE-2025-40060 bsc#1252848).
- commit 4543e34
- regulator: bd718x7: Fix voltages scaled by resistor divider
(git-fixes).
- regmap: slimbus: fix bus_context pointer in regmap init calls
(git-fixes).
- commit 20abe4b
- drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes).
- drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89
(git-fixes).
- drm/etnaviv: fix flush sequence logic (git-fixes).
- drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes).
- drm/msm/a6xx: Fix GMU firmware parser (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on
Iceland (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji
(git-fixes).
- drm/amd/pm: fix smu table id bound check issue in
smu_cmn_update_table() (git-fixes).
- drm/mediatek: Fix device use-after-free on unbind (git-fixes).
- ASoC: fsl_sai: fix bit order for DSD format (git-fixes).
- ASoC: Intel: avs: Unprepare a stream when XRUN occurs
(git-fixes).
- ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes).
- ALSA: usb-audio: fix control pipe direction (git-fixes).
- commit acb4ea2
- smb: client: fix potential cfid UAF in smb2_query_info_compound
(bsc#1248886).
- commit 5e5239d
- vhost: vringh: Fix copy_to_iter return value check (CVE-2025-40056 bsc#1252826)
- commit 4efa16a
- btrfs: do not assert we found block group item when creating
free space tree (bsc#1252918 CVE-2025-40100).
- commit 327502f
- btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation
already running (git-fixes).
- commit f5ef369
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh()
(git-fixes).
- commit 8cb68fe
- KVM: x86/mmu: Prevent installing hugepages when mem attributes
are changing (git-fixes).
- commit 37d594a
- selftests/bpf: Fix a fd leak in error paths in open_netns
(git-fixes).
- commit 51d3745
- selftests/bpf: Fix umount cgroup2 error in test_sockmap
(git-fixes).
- commit 24ba5aa
- selftests/bpf: Use bpf_link__destroy in fill_link_info tests
(git-fixes).
- commit 9809b14
- ACPI: video: Fix use-after-free in
acpi_video_switch_brightness() (git-fixes).
- ACPI: button: Call input_free_device() on failing input device
registration (git-fixes).
- fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes).
- fbdev: valkyriefb: Fix reference count leak in valkyriefb_init
(git-fixes).
- net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes).
- net: usb: asix_devices: Check return value of
usbnet_get_endpoints (git-fixes).
- Bluetooth: btmtksdio: Add pmctrl handling for BT closed state
during reset (git-fixes).
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once
(git-fixes).
- usbnet: Prevents free active kevent (git-fixes).
- wifi: brcmfmac: fix crash while sending Action Frames in
standalone AP Mode (git-fixes).
- wifi: ath12k: free skb during idr cleanup callback (git-fixes).
- wifi: ath11k: Add missing platform IDs for quirk table
(git-fixes).
- wifi: ath10k: Fix memory leak on unsupported WMI command
(git-fixes).
- wifi: mac80211: reset FILS discovery and unsol probe resp
intervals (git-fixes).
- commit cc1ca5e
- bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078
bsc#1252789).
- commit 6edd4b3
- KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass
producer (git-fixes).
- commit fdfcdff
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
(git-fixes).
- commit cb2e3ab
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf()
(bsc#1252939).
- commit 7cb788c
- Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata
handling out of setup_vmcs_config()" (git-fixes).
- commit 769724a
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat()
(git-fixes).
- commit 40898e0
- hfsplus: fix KMSAN uninit-value issue in
__hfsplus_ext_cache_extent() (git-fixes).
- commit a2e4db9
- hfs: validate record offset in hfsplus_bmap_alloc (git-fixes).
- commit 693ef92
- hfsplus: return EIO when type of hidden directory mismatch in
hfsplus_fill_super() (git-fixes).
- commit 6aec9cc
- ARM: tegra: Use I/O memcpy to write to IRAM (CVE-2025-39794 bsc#1249595)
- commit ad8d355
- ipvs: Defer ip_vs_ftp unregister during netns cleanup
(CVE-2025-40018 bsc#1252688).
- commit d48a123
- NFSD: Fix crash in nfsd4_read_release() (git-fixes).
- commit 1a326b8
- Fix Git-commit for patches.suse/cxl-downgrade-a-warning-message-to-debug-level-in-cxl.patch.
- commit 31a5035
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog
types (bsc#1252364).
- commit 82fd58d
- tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request()
(git-fixes).
- commit fceae30
- octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
(CVE-2025-39978 bsc#1252069).
- tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
(CVE-2025-39955 bsc#1251804).
- commit 0468786
- Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898"
This reverts commit df2ae2c1bd0dd998b7e23e3d49e90e95ada467f0.
- commit 79fa523
- i40e: add max boundary check for VF filters (CVE-2025-39968
bsc#1252047).
- i40e: fix validation of VF state in get resources
(CVE-2025-39969 bsc#1252044).
- i40e: fix idx validation in i40e_validate_queue_map
(CVE-2025-39972 bsc#1252039).
- i40e: add validation for ring_len param (CVE-2025-39973
bsc#1252035).
- ice: fix Rx page leak on multi-buffer frames (CVE-2025-39948
bsc#1251233).
- qed: Don't collect too many protection override GRC elements
(CVE-2025-39949 bsc#1251177).
- commit 2c4293d
- Delete
patches.suse/cpuidle-menu-Avoid-discarding-useful-information.patch.
- commit c2e3ac6
- Delete
patches.suse/cpuidle-governors-menu-Avoid-using-invalid-recent-intervals-data.patch.
- commit b1a47b7
- nvme/tcp: handle tls partially sent records in write_space()
(git-fixes).
- nvme-multipath: Skip nr_active increments in RETRY disposition
(git-fixes).
- nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk
(git-fixes).
- commit 4b35633
- ACPI: battery: Add synchronization between interface updates
(git-fixes).
- locking/mutex: Mark devm_mutex_init() as __must_check
(stable-fixes).
- ACPI: battery: Check for error code from devm_mutex_init()
call (git-fixes).
- ACPI: battery: initialize mutexes through devm_ APIs
(stable-fixes).
- accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes).
- locking/mutex: Introduce devm_mutex_init() (stable-fixes).
- commit 7bacc8f
- wifi: rtw89: fix use-after-free in
rtw89_core_tx_kick_off_and_wait() (CVE-2025-40000 bsc#1252062).
- commit b7a479d
- sched/fair: set_load_weight() must also call reweight_task() (git-fixes)
- commit b185921
- misc: fastrpc: Save actual DMA size in fastrpc_map structure
(git-fixes).
- Refresh
patches.suse/misc-fastrpc-Skip-reference-for-DMA-handles.patch.
- commit b472422
- most: usb: hdm_probe: Fix calling put_device() before device
initialization (git-fixes).
- most: usb: Fix use-after-free in hdm_disconnect (git-fixes).
- misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup
(git-fixes).
- serial: 8250_dw: handle reset control deassert error
(git-fixes).
- xhci: dbc: enable back DbC in resume if it was enabled before
suspend (git-fixes).
- spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes).
- net: usb: rtl8150: Fix frame padding (git-fixes).
- HID: multitouch: fix name of Stylus input devices (git-fixes).
- HID: hid-input: only ignore 0 battery events for digitizers
(git-fixes).
- r8169: fix packet truncation after S4 resume on
RTL8168H/RTL8111H (git-fixes).
- rtc: interface: Ensure alarm irq is enabled when UIE is enabled
(stable-fixes).
- rtc: interface: Fix long-standing race when setting alarm
(stable-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings
(git-fixes).
- PCI: endpoint: pci-epf-test: Add NULL check for DMA channels
before release (git-fixes).
- PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for
startup state machine (git-fixes).
- phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling
(git-fixes).
- phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes).
- mtd: rawnand: fsmc: Default to autodetect buswidth
(stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for Netgear A7500
(stable-fixes).
- media: nxp: imx8-isi: Drop unused argument to
mxc_isi_channel_chain() (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config
flag (git-fixes).
- mmc: core: SPI mode remove cmd7 (stable-fixes).
- lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and
older (stable-fixes).
- PM: runtime: Add new devm functions (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for
cache_type (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config
max_register value (stable-fixes).
- PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes).
- PCI: endpoint: Remove surplus return statement from
pci_epf_test_clean_dma_chan() (stable-fixes).
- PCI: j721e: Enable ACSPCIE Refclk if
"ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes).
- misc: fastrpc: Add missing dev_err newlines (stable-fixes).
- commit 9f99f4e
- firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing
in raw mode (git-fixes).
- drm/sched: Fix potential double free in
drm_sched_job_add_resv_dependencies (git-fixes).
- drm/rockchip: vop2: use correct destination rectangle height
check (git-fixes).
- drm/bridge: lt9211: Drop check for last nibble of version
register (git-fixes).
- drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes).
- drm/amdgpu: use atomic functions with memory barriers for vm
fault info (git-fixes).
- drm/i915/guc: Skip communication warning on reset in progress
(git-fixes).
- drm/amd: Check whether secure display TA loaded successfully
(stable-fixes).
- drm/exynos: exynos7_drm_decon: properly clear channels during
bind (stable-fixes).
- drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference
in functions (stable-fixes).
- commit 110d102
- can: netlink: can_changelink(): allow disabling of automatic
restart (git-fixes).
- can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb()
instead of can_dropped_invalid_skb() (git-fixes).
- ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit
(git-fixes).
- ASoC: nau8821: Generalize helper to clear IRQ status
(git-fixes).
- ASoC: nau8821: Cancel jdet_work before handling jack ejection
(git-fixes).
- ASoC: codecs: Fix gain setting ranges for Renesas IDT821034
codec (git-fixes).
- ALSA: usb-audio: Fix NULL pointer deference in
try_to_register_card (git-fixes).
- ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings
(git-fixes).
- accel/qaic: Treat remaining == 0 as error in
find_and_map_user_pages() (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1
(stable-fixes).
- ACPI: property: Add code comments explaining what is going on
(stable-fixes).
- ACPI: property: Disregard references in data-only subnode lists
(stable-fixes).
- ACPICA: Allow to skip Global Lock initialization (stable-fixes).
- ACPI: battery: allocate driver data through devm_ APIs
(stable-fixes).
- drm/msm/adreno: De-spaghettify the use of memory barriers
(stable-fixes).
- commit e53e617
- spi: cadence-quadspi: Implement refcount to handle unbind
during busy (CVE-2025-40005 bsc#1252349).
- commit 7406f70
- i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052)
- commit 70699a8
- i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051)
- commit 57401e3
- arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes)
- commit 59db3fb
- arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes)
- commit da235eb
- arm64: cputype: Add Neoverse-V3AE definitions (git-fixes)
- commit 5587842
- NFSD: Minor cleanup in layoutcommit processing (git-fixes).
- commit baef4e7
- NFSD: Rework encoding and decoding of nfsd4_deviceid
(git-fixes).
- commit 72f1d28
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()
(git-fixes).
- commit a6f88ab
- xfs: rename the old_crc variable in xlog_recover_process
(git-fixes).
- commit 677fb8c
- net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400)
- commit 137f367
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- commit c6a1bb4
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- commit 539da61
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CVE-2025-38653 bsc#1248630)
- commit bcff9b5
- ovl: fix file reference leak when submitting aio (stable-fixes).
- commit 57db5b5
- KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not
for Xen PV clock (git-fixes).
- commit 85e57cf
- KVM: x86: Don't bleed PVCLOCK_GUEST_STOPPED across PV clocks
(git-fixes).
- commit cd63f69
- KVM: x86: Process "guest stopped request" once per guest time
update (git-fixes).
- commit 29a55cf
- add bug reference to existing hv_netvsc change (bsc#1252265)
- commit 95261dd
- KVM: SVM: Inject #GP if memory operand for INVPCID is
non-canonical (git-fixes).
- commit ed9dfb1
- KVM: x86: Clear pv_unhalted on all transitions to
KVM_MP_STATE_RUNNABLE (git-fixes).
- commit f4d45de
- KVM: x86: Introduce kvm_set_mp_state() (git-fixes).
- commit 4b1f2ec
- NFS: Fix a race when updating an existing write (bsc#1249319
bsc#1252236 CVE-2025-39697).
- commit 40cab0c
- nfs: Add missing release on error in
nfs_lock_and_join_requests() (bsc#1249319 bsc#1252236
CVE-2025-39697).
- commit b903556
- nfs: fold nfs_page_group_lock_subrequests into
nfs_lock_and_join_requests (bsc#1249319 bsc#1252236
CVE-2025-39697).
- commit 13ceff1
- nfs: fold nfs_folio_find_and_lock_request into
nfs_lock_and_join_requests (bsc#1249319 bsc#1252236
CVE-2025-39697).
- commit 14874ac
- nfs: simplify nfs_folio_find_and_lock_request (bsc#1249319
bsc#1252236 CVE-2025-39697).
- commit 1b25c26
- nfs: remove nfs_folio_private_request (bsc#1249319 bsc#1252236
CVE-2025-39697).
- commit c28ea5d
- nfs: remove dead code for the old swap over NFS implementation
(bsc#1249319 bsc#1252236 CVE-2025-39697).
- Refresh
patches.suse/NFS-fix-nfs_release_folio-to-not-deadlock-via-kcompa.patch.
- commit e7a5c52
- kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common
x86 (git-fixes).
- commit 0bb2570
- overlayfs: set ctime when setting mtime and atime
(stable-fixes).
- ovl: fix incorrect fdput() on aio completion (stable-fixes).
- ovl: Always reevaluate the file signature for IMA
(stable-fixes).
- commit 4cfc4ed
- i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704)
- commit 627f938
- sched: Fix sched_numa_find_nth_cpu() if mask offline (CVE-2025-39895 bsc#1250721)
- commit 581de7a
- sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202)
- commit 56a7db3
- ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317)
- commit 3d85c5c
- sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161)
- commit 0083867
- scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302)
- commit a3b8686
- net: usb: lan78xx: Add error handling to
lan78xx_init_mac_address (git-fixes).
- commit f1ec116
- net/mlx5e: Harden uplink netdev access against device unbind
(CVE-2025-39947 bsc#1251232).
- commit d4278a0
- KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
(git-fixes).
- commit 09e399f
- KVM: x86: Bypass register cache when querying CPL from
kvm_sched_out() (git-fixes).
- commit 27a06fc
- net: usb: lan78xx: fix use of improperly initialized dev->chipid
in lan78xx_reset (git-fixes).
- commit ad26239
- r8152: add error handling in rtl8152_driver_init (git-fixes).
- commit db73d98
- usbnet: Fix using smp_processor_id() in preemptible code
warnings (git-fixes).
- commit b2c518b
- config.sh: Update IBS project
- commit f8ef735
- cpufreq: scmi: Account for malformed DT in
scmi_dev_used_by_cpus() (git-fixes).
- commit 149500a
- cpuidle: governors: menu: Avoid using invalid recent intervals
data (git-fixes).
- commit a4ef664
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(git-fixes).
- commit baddd40
- selftests/bpf: Fix backtrace printing for selftests crashes
(git-fixes).
- commit 63e24c4
- tools/resolve_btfids: Fix build when cross compiling kernel
with clang (git-fixes).
- commit f4f0a36
- samples/bpf: Fix compilation failure for samples/bpf on
LoongArch Fedora (git-fixes).
- commit fa036e9
- selftests/bpf: Fix cross-compiling urandom_read (git-fixes).
- commit d19eec5
- selftests/bpf: Fix compile if backtrace support missing in libc
(git-fixes).
- commit 3353a4b
- selftests/bpf: Fix redefinition errors compiling lwt_reroute.c
(git-fixes).
- commit b5270ce
- selftests/bpf: Fix C++ compile error from missing _Bool type
(git-fixes).
- commit 736692a
- selftests/bpf: Fix error compiling test_lru_map.c (git-fixes).
- commit 8aa3099
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c
(git-fixes).
- commit 35f5a49
- perf/core: Fix the WARN_ON_ONCE is out of lock protected region
(git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event()
(git-fixes).
- perf/x86: Fix non-sampling (counting) events on certain x86
platforms (git-fixes).
- commit 814983a
- doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT
The character was previously 'N', but upstream used it for TAINT_TEST,
which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in
commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d
("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards).
Update the documentation to reflect this change.
- commit f42ecf5
- ACPI: property: Do not pass NULL handles to acpi_attach_data()
(stable-fixes git-fixes).
- commit 19fb175
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
(stable-fixes).
- commit d0f4111
- cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception
(git-fixes).
- commit 59c2171
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of
CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- commit 793bb70
- cpuidle: qcom-spm: fix device and OF node leaks at probe
(git-fixes).
- commit 39be628
- cpuidle: menu: Avoid discarding useful information
(stable-fixes).
- commit b136410
- cpufreq: tegra186: Set target frequency for all cpus in policy
(git-fixes).
- commit e1cfca8
- cpufreq: intel_pstate: Fix object lifecycle issue in
update_qos_request() (stable-fixes git-fixes).
- commit 8b10f36
- cpufreq: armada-8k: Fix off by one in
armada_8k_cpufreq_free_table() (stable-fixes git-fixes).
- commit 3e7dc0b
- cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
(stable-fixes).
- commit 2dde40f
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter
(bsc#1250650).
- commit 5925a0e
- sched/idle: Conditionally handle tick broadcast in
default_idle_call() (bsc#1248517).
- Update config files.
- commit 1a58311
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
- Refresh
patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch.
- commit be42a2d
- perf/aux: Fix pending disable flow when the AUX ring buffer
overruns (git-fixes).
- perf/core: Fix WARN in perf_cgroup_switch() (git-fixes).
- perf: Fix cgroup state vs ERROR (git-fixes).
- perf/core: Fix broken throttling when max_samples_per_tick=1
(git-fixes).
- perf: Ensure bpf_perf_link path is properly serialized
(git-fixes).
- perf/x86/intel: Only check the group flag for X86 leader
(git-fixes).
- perf/x86/intel: Allow to update user space GPRs from PEBS
records (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running
counters on SPR (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running
counters on ICX (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running
counters on SNR (git-fixes).
- perf/core: Fix child_total_time_enabled accounting bug at task
exit (git-fixes).
- perf/ring_buffer: Allow the EPOLLRDNORM flag for poll
(git-fixes).
- perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes).
- perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint
type (git-fixes).
- perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample
read (git-fixes).
- perf/x86/intel: Apply static call for drain_pebs (git-fixes).
- perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes).
- perf/amd/ibs: Fix ->config to sample period calculation for
OP PMU (git-fixes).
- perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes).
- perf/x86/intel: Use better start period for frequency mode
(git-fixes).
- perf/core: Fix low freq setting via IOC_PERIOD (git-fixes).
- perf/x86: Fix low freqency setting issue (git-fixes).
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing
PEBS_DATA_CFG (git-fixes).
- perf/x86/amd: Warn only on new bits set (git-fixes).
- s390: Initialize psw mask in perf_arch_fetch_caller_regs()
(git-fixes).
- perf/core: Fix small negative period being ignored (git-fixes).
- perf: Extract a few helpers (git-fixes).
- perf/x86/intel/pt: Fix sampling synchronization (git-fixes).
- perf/x86/intel: Allow to setup LBR for counting event for BPF
(git-fixes).
- drivers/perf: arm_spe: Use perf_allow_kernel() for permissions
(git-fixes).
- perf/amd: Prevent grouping of IBS events (git-fixes).
- commit 76eb280
- tls: make sure to abort the stream if headers are bogus
(CVE-2025-39946 bsc#1251114).
- commit d62deaa
- selftests/bpf: Fix error compiling tc_redirect.c with musl libc
(git-fixes).
- commit b2a359c
- selftests/bpf: Fix errors compiling cg_storage_multi.h with
musl libc (git-fixes).
- commit 799529b
- selftests/bpf: Fix errors compiling decap_sanity.c with musl
libc (git-fixes).
- commit f14b275
- selftests/bpf: Fix errors compiling lwt_redirect.c with musl
libc (git-fixes).
- commit 498999e
- selftests/bpf: Fix compiling core_reloc.c with musl-libc
(git-fixes).
- commit eb3a7bd
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc
(git-fixes).
- commit 109e7cc
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc
(git-fixes).
- commit 9b43d04
- selftests/bpf: Fix compiling kfree_skb.c with musl-libc
(git-fixes).
- commit 442e8bf
- selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc
(git-fixes).
- commit 1f65169
- selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with
musl libc (git-fixes).
- commit 7613608
- selftests/bpf: Add test for unpinning htab with internal timer
struct (git-fixes).
- commit 8a1df26
- bpf: Avoid RCU context warning when unpinning htab with internal
structs (git-fixes).
- commit 73d4d2d
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6}
(git-fixes).
- commit 1a82fe5
- kabi: hide new member allow_subflows in struct mptcp_sock
(CVE-2025-38552 bsc#1248230).
- commit f51a25e
- mptcp: plug races between subflow fail and subflow creation
(CVE-2025-38552 bsc#1248230).
- Refresh
patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch.
(also delete outdated part of a comment)
- commit fdbbed8
- Update
patches.suse/ALSA-ac97-Fix-possible-NULL-dereference-in-snd_.patch
(bsc#1012628 CVE-2023-53648 bsc#1251750).
- Update
patches.suse/ASoC-codecs-wcd938x-fix-missing-mbhc-init-error.patch
(bsc#1012628 CVE-2023-53666 bsc#1251760).
- Update
patches.suse/ASoC-qcom-q6apm-lpass-dais-Fix-NULL-pointer-derefere.patch
(git-fixes CVE-2025-39938 bsc#1251134).
- Update
patches.suse/Bluetooth-hci_event-call-disconnect-callback-be.patch
(bsc#1012628 CVE-2023-53673 bsc#1251763).
- Update
patches.suse/HID-hyperv-avoid-struct-memcpy-overrun-warning.patch
(bsc#1012628 CVE-2023-53553 bsc#1251068).
- Update
patches.suse/KVM-nSVM-Check-instead-of-asserting-on-nested-TSC-sc.patch
(git-fixes CVE-2023-53663 bsc#1251290).
- Update
patches.suse/RDMA-rxe-Fix-incomplete-state-save-in-rxe_requester.patch
(git-fixes CVE-2023-53539 bsc#1251060).
- Update
patches.suse/USB-Gadget-core-Help-prevent-panic-during-UVC-.patch
(bsc#1012628 CVE-2023-53580 bsc#1251105).
- Update
patches.suse/accel-qaic-Fix-a-leak-in-map_user_pages.patch
(bsc#1012628 CVE-2023-53633 bsc#1251746).
- Update
patches.suse/bcache-Fix-__bch_btree_node_alloc-to-make-the-f.patch
(bsc#1012628 CVE-2023-53681 bsc#1251769).
- Update
patches.suse/bonding-do-not-assume-skb-mac_header-is-set.patch
(bsc#1012628 CVE-2023-53601 bsc#1251153).
- Update
patches.suse/bpf-Make-bpf_refcount_acquire-fallible-for-non-.patch
(bsc#1012628 CVE-2023-53645 bsc#1251321).
- Update
patches.suse/bpf-cpumap-Handle-skb-as-well-when-clean-up-pt.patch
(bsc#1012628 CVE-2023-53660 bsc#1251721).
- Update
patches.suse/bpf-cpumap-Make-sure-kthread-is-running-before.patch
(bsc#1012628 CVE-2023-53577 bsc#1251028).
- Update
patches.suse/bpf-reject-unhashed-sockets-in-bpf_sk_assign.patch
(jsc#PED-6811 CVE-2023-53585 bsc#1251126).
- Update
patches.suse/btrfs-insert-tree-mod-log-move-in-push_node_lef.patch
(bsc#1012628 CVE-2023-53538 bsc#1251024).
- Update
patches.suse/btrfs-output-extra-debug-info-if-we-failed-to-find-a.patch
(git-fixes CVE-2023-53672 bsc#1251780).
- Update
patches.suse/btrfs-reject-invalid-reloc-tree-root-keys-with.patch
(bsc#1012628 CVE-2023-53618 bsc#1251748).
- Update
patches.suse/cifs-Release-folio-lock-on-fscache-read-hit.patch
(bsc#1012628 CVE-2023-53593 bsc#1251132).
- Update
patches.suse/cifs-fix-mid-leak-during-reconnection-after-tim.patch
(bsc#1012628 CVE-2023-53597 bsc#1251159).
- Update
patches.suse/clk-Fix-memory-leak-in-devm_clk_notifier_regist.patch
(bsc#1012628 CVE-2023-53674 bsc#1251764).
- Update
patches.suse/clk-imx-scu-use-_safe-list-iterator-to-avoid-a-.patch
(bsc#1012628 CVE-2023-53572 bsc#1251027).
- Update
patches.suse/cpufreq-amd-pstate-fix-global-sysfs-attribute-.patch
(bsc#1012628 CVE-2023-53550 bsc#1251071).
- Update
patches.suse/cpufreq-amd-pstate-ut-Fix-kernel-panic-when-loading-.patch
(git-fixes CVE-2023-53563 bsc#1251038).
- Update
patches.suse/crypto-af_alg-Fix-missing-initialisation-affecting-g.patch
(bsc#1216396 CVE-2023-53599 bsc#1251150).
- Update
patches.suse/crypto-af_alg-Set-merge-to-zero-early-in-af_alg_send.patch
(git-fixes CVE-2025-39931 bsc#1251100).
- Update
patches.suse/dax-Fix-dax_mapping_release-use-after-free.patch
(bsc#1012628 CVE-2023-53613 bsc#1251119).
- Update
patches.suse/drivers-base-Free-devm-resources-when-unregistering-.patch
(jsc#PED-6054 CVE-2023-53596 bsc#1251161).
- Update
patches.suse/drivers-perf-hisi-Don-t-migrate-perf-to-the-CPU.patch
(bsc#1012628 CVE-2023-53656 bsc#1251758).
- Update
patches.suse/drm-amdgpu-unmap-and-remove-csa_va-properly.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53545
bsc#1251084).
- Update
patches.suse/drm-bridge-anx7625-Fix-NULL-pointer-dereference-with.patch
(git-fixes CVE-2025-39934 bsc#1251146).
- Update
patches.suse/drm-i915-mark-requests-for-GuC-virtual-engines-to-av.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53552
bsc#1251065).
- Update
patches.suse/drm-i915-perf-add-sentinel-to-xehp_oa_b_counter.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53646
bsc#1251742).
- Update
patches.suse/ext4-fix-memory-leaks-in-ext4_fname_-setup_filename-.patch
(bsc#1214954 CVE-2023-53662 bsc#1251282).
- Update
patches.suse/fbdev-omapfb-lcd_mipid-Fix-an-error-handling-pa.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53650
bsc#1251283).
- Update
patches.suse/fprobe-Release-rethook-after-the-ftrace_ops-is-.patch
(bsc#1012628 CVE-2023-53557 bsc#1251054).
- Update
patches.suse/gfs2-Fix-possible-data-races-in-gfs2_show_opti.patch
(bsc#1012628 CVE-2023-53622 bsc#1251777).
- Update patches.suse/gpio-mvebu-fix-irq-domain-leak.patch
(bsc#1012628 CVE-2023-53579 bsc#1251170).
- Update
patches.suse/iavf-Fix-out-of-bounds-when-setting-channels-on.patch
(bsc#1012628 CVE-2023-53659 bsc#1251247).
- Update patches.suse/iavf-Fix-use-after-free-in-free_netdev.patch
(bsc#1012628 CVE-2023-53556 bsc#1251059).
- Update
patches.suse/ice-Don-t-tx-before-switchdev-is-fully-configured.patch
(jsc#PED-4876 CVE-2023-53657 bsc#1251319).
- Update
patches.suse/ip_vti-fix-potential-slab-use-after-free-in-de.patch
(bsc#1012628 CVE-2023-53559 bsc#1251052).
- Update patches.suse/ipmi_si-fix-a-memleak-in-try_smi_init.patch
(git-fixes CVE-2023-53611 bsc#1251123).
- Update
patches.suse/jfs-fix-invalid-free-of-JFS_IP-ipimap-i_imap-in-diUnmount.patch
(git-fixes CVE-2023-53616 bsc#1251215).
- Update
patches.suse/md-don-t-dereference-mddev-after-export_rdev-7dea.patch
(jsc#PED-7542 CVE-2023-53665 bsc#1251270).
- Update
patches.suse/media-amphion-fix-REVERSE_INULL-issues-reported-by-c.patch
(git-fixes CVE-2023-53653 bsc#1251755).
- Update
patches.suse/memcontrol-ensure-memcg-acquired-by-id-is-properly-s.patch
(git-fixes CVE-2023-53621 bsc#1251323).
- Update
patches.suse/mm-damon-core-initialize-damo_filter-list-from.patch
(bsc#1012628 CVE-2023-53555 bsc#1251056).
- Update
patches.suse/msft-hv-2870-Drivers-hv-vmbus-Don-t-dereference-ACPI-root-object-.patch
(git-fixes CVE-2023-53647 bsc#1251732).
- Update
patches.suse/mtd-rawnand-brcmnand-Fix-potential-out-of-bounds-acc.patch
(git-fixes CVE-2023-53541 bsc#1251043).
- Update
patches.suse/net-handshake-fix-null-ptr-deref-in-handshake_nl_don.patch
(bsc#1220419 CVE-2023-53686 bsc#1251771).
- Update
patches.suse/net-mlx5-DR-fix-memory-leak-in-mlx5dr_cmd_crea.patch
(bsc#1012628 CVE-2023-53546 bsc#1251079).
- Update
patches.suse/net-mlx5e-Check-for-NOT_READY-flag-state-after-.patch
(bsc#1012628 CVE-2023-53581 bsc#1251106).
- Update
patches.suse/net-mlx5e-Take-RTNL-lock-when-needed-before-ca.patch
(bsc#1012628 CVE-2023-53632 bsc#1251269).
- Update
patches.suse/net-rfkill-gpio-Fix-crash-due-to-dereferencering-uni.patch
(git-fixes CVE-2025-39937 bsc#1251143).
- Update
patches.suse/net-usbnet-Fix-WARNING-in-usbnet_start_xmit-us.patch
(bsc#1012628 CVE-2023-53548 bsc#1251066).
- Update
patches.suse/netfilter-conntrack-Avoid-nf_ct_helper_hash-use.patch
(bsc#1012628 CVE-2023-53619 bsc#1251743).
- Update patches.suse/nvme-core-fix-dev_pm_qos-memleak.patch
(bsc#1012628 CVE-2023-53670 bsc#1251762).
- Update
patches.suse/octeon_ep-cancel-queued-works-in-probe-error-p.patch
(bsc#1012628 CVE-2023-53638 bsc#1251328).
- Update
patches.suse/octeontx2-af-Add-validation-before-accessing-cg.patch
(bsc#1012628 CVE-2023-53654 bsc#1251756).
- Update
patches.suse/perf-RISC-V-Remove-PERF_HES_STOPPED-flag-checki.patch
(bsc#1012628 CVE-2023-53583 bsc#1251108).
- Update
patches.suse/perf-trace-Really-free-the-evsel-priv-area.patch
(perf-v6.7 (jsc#PED-6012 jsc#PED-6121) CVE-2023-53649
bsc#1251749).
- Update
patches.suse/platform-x86-dell-sysman-Fix-reference-leak.patch
(git-fixes CVE-2023-53631 bsc#1251529).
- Update
patches.suse/rcu-tasks-Avoid-pr_info-with-spin-lock-in-cblis.patch
(bsc#1012628 CVE-2023-53558 bsc#1251081).
- Update
patches.suse/ring-buffer-Fix-deadloop-issue-on-reading-trace.patch
(bsc#1012628 CVE-2023-53668 bsc#1251286).
- Update
patches.suse/s390-zcrypt-don-t-leak-memory-if-dev_set_name-fails.patch
(git-fixes bsc#1215143 CVE-2023-53568 bsc#1251035).
- Update
patches.suse/scsi-qla2xxx-Avoid-fcport-pointer-dereference.patch
(bsc#1012628 CVE-2023-53603 bsc#1251180).
- Update
patches.suse/scsi-qla2xxx-Fix-deletion-race-condition.patch
(git-fixes CVE-2023-53615 bsc#1251113).
- Update
patches.suse/soc-aspeed-socinfo-Add-kfree-for-kstrdup.patch
(bsc#1012628 CVE-2023-53617 bsc#1251268).
- Update
patches.suse/spi-bcm-qspi-return-error-if-neither-hif_mspi-n.patch
(bsc#1012628 CVE-2023-53658 bsc#1251759).
- Update
patches.suse/staging-ks7010-potential-buffer-overflow-in-ks_.patch
(bsc#1012628 CVE-2023-53554 bsc#1251057).
- Update
patches.suse/tracing-histograms-Add-histograms-to-hist_vars-.patch
(bsc#1012628 CVE-2023-53560 bsc#1251045).
- Update
patches.suse/tty-serial-samsung_tty-Fix-a-memory-leak-in-s3c-832e231.patch
(bsc#1012628 CVE-2023-53687 bsc#1251772).
- Update
patches.suse/tunnels-fix-kasan-splat-when-generating-ipv4-p.patch
(bsc#1012628 CVE-2023-53600 bsc#1251152).
- Update
patches.suse/vdpa-Add-features-attr-to-vdpa_nl_policy-for-n.patch
(bsc#1012628 CVE-2023-53652 bsc#1251754).
- Update
patches.suse/vdpa-Add-max-vqp-attr-to-vdpa_nl_policy-for-nl.patch
(bsc#1012628 CVE-2023-53543 bsc#1251083).
- Update
patches.suse/wifi-ath11k-fix-memory-leak-in-WMI-firmware-sta.patch
(bsc#1012628 CVE-2023-53602 bsc#1251076).
- Update
patches.suse/wifi-cfg80211-reject-auth-assoc-to-AP-with-our-addre.patch
(git-fixes CVE-2023-53540 bsc#1251053).
- Update
patches.suse/wifi-iwlwifi-mvm-fix-potential-array-out-of-bou.patch
(bsc#1012628 CVE-2023-53575 bsc#1251067).
- Update
patches.suse/wifi-mac80211-check-for-station-first-in-client-prob.patch
(git-fixes CVE-2023-53588 bsc#1251206).
- Update
patches.suse/wifi-mac80211-increase-scan_ies_len-for-S1G.patch
(stable-fixes CVE-2025-39957 bsc#1251810).
- Update
patches.suse/wifi-nl80211-fix-integer-overflow-in-nl80211_p.patch
(bsc#1012628 CVE-2023-53570 bsc#1251031).
- Update
patches.suse/wifi-rtw88-delete-timer-and-free-skb-queue-when-unlo.patch
(git-fixes CVE-2023-53574 bsc#1251222).
- Update
patches.suse/wifi-wilc1000-avoid-buffer-overflow-in-WID-string-co.patch
(stable-fixes CVE-2025-39952 bsc#1251216).
- commit 56ea93d
- iommu/vt-d: Disallow dirty tracking if incoherent page walk
(git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- commit 9da1184
- mm/page_alloc: fix race condition in unaccepted memory handling
(CVE-2025-38008 bsc#1244939).
- commit b445cb1
- mm/slub: avoid accessing metadata when pointer is invalid in
object_err() (CVE-2025-39902 bsc#1250702).
- commit 46c39b3
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type
(git-fixes).
- commit b115f79
- tracing: Fix filter string testing (git-fixes).
- commit 864d37b
- selftests/tracing: Fix event filter test to retry up to 10 times
(git-fixes).
- commit a9de969
- tracing/selftests: Fix kprobe event name test for
.isra. functions (git-fixes).
- commit 6a094d4
- bpf: Check link_create.flags parameter for multi_kprobe
(git-fixes).
- commit 0e75825
- bpf: Check link_create.flags parameter for multi_uprobe
(git-fixes).
- commit 10550c7
- ftrace: fix incorrect hash size in register_ftrace_direct()
(git-fixes).
- commit 9288055
- bpf: Use preempt_count() directly in bpf_send_signal_common()
(git-fixes).
- commit 9258f2a
- tracing: Correct the refcount if the hist/hist_debug file
fails to open (git-fixes).
- commit 6e8ac35
- module: Prevent silent truncation of module name in
delete_module(2) (git-fixes).
- commit 44dc7b7
- tracing: Add down_write(trace_event_sem) when adding trace event
(bsc#1248211 CVE-2025-38539).
- commit b1816b0
- tracing: Limit access to parser->buffer when trace_get_user
failed (bsc#1249286 CVE-2025-39683).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- commit 8eaad3a
- ftrace: Also allocate and copy hash for reading of filter files
(bsc#1250032 CVE-2025-39813).
- commit 69f706b
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan
timer in probe (git-fixes).
- commit 4cb2ef2
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c)
(git-fixes).
- commit eb03975
- ftrace: Fix potential warning in trace_printk_seq during
ftrace_dump (bsc#1250032 CVE-2025-39813).
- commit 287d6f8
- net: sysfs: Fix /sys/class/net/<iface> path (git-fixes).
- commit 753f6d8
- trace/fgraph: Fix the warning caused by missing unregister
notifier (bsc#1248211 CVE-2025-38539).
- commit 739d6c6
- i2c: ocores: use devm_ managed clks (git-fixes).
- commit bc09888
- USB: serial: option: add SIMCom 8230C compositions (git-fixes).
- commit fbae6a0
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- commit 2464609
- net: mana: Use page pool fragments for RX buffers instead of
full pages to improve memory efficiency (bsc#1248754).
- cnic: Fix use-after-free bugs in cnic_delete_task
(CVE-2025-39945 bsc#1251230).
- commit 8a42c4d
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (git-fixes).
- commit 8628058
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue
(bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- KVM: PPC: Fix misleading interrupts comment in
kvmppc_prepare_to_enter() (bsc#1215199).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- commit c79aae4
- crypto: rng - Ensure set_ent is always present (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions
(stable-fixes).
- wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188
(stable-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release
(git-fixes).
- driver core/PM: Set power.no_callbacks along with power.no_pm
(stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious
8042 quirks list (stable-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- can: hi311x: fix null pointer dereference when resuming from
sleep before interface was enabled (stable-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue
(stable-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042
list (stable-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221
(stable-fixes).
- media: tunner: xc5000: Refactor firmware load (stable-fixes).
- commit 6771085
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- commit 3f4b7b9
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6
(git-fixes).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs
(git-fixes).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep
(git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper
(git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer
size (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines
tear down (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place
encryption (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single
(git-fixes).
- commit a90f502
- scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory
is allocated (CVE-2025-38700 bsc#1249182).
- scsi: bfa: Double-free fix (CVE-2025-38699 bsc#1249224).
- commit d981d82
- Update
patches.suse/scsi-lpfc-Fix-buffer-free-clear-order-in-deferred-re.patch
(bsc#1250519 CVE-2025-39841 bsc#1250274).
added CVE number and associated bsc
- commit 11a7724
- KVM: x86: Snapshot the host's DEBUGCTL in common x86
(git-fixes).
- commit 090e1cd
- KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the
STI shadow (git-fixes).
- Refresh
patches.suse/x86-bugs-Add-a-Transient-Scheduler-Attacks-mitigation.patch.
- commit ab98159
- KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes).
- commit 3926356
- KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES
guest (git-fixes).
- commit 1163dde
- KVM: SEV: Read save fields from GHCB exactly once (git-fixes).
- commit 0fe255d
- KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to
kvm_get_cached_sw_exit_code() (git-fixes).
- commit 16f8d6e
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL
deadlock (git-fixes).
- commit 4ae0d43
- fs: writeback: fix use-after-free in __mark_inode_dirty()
(bsc#1250455 CVE-2025-39866).
- commit 5efc627
- kernfs: Fix UAF in polling when open file is released
(bsc#1250379 CVE-2025-39881).
- commit 278aed0
- fs: Prevent file descriptor table allocations exceeding INT_MAX
(bsc#1249512 CVE-2025-39756).
- commit eec00db
- ext4: avoid potential buffer over-read in
parse_apply_sb_mount_options() (git-fixes).
- commit b98ec86
- ext4: fix checks for orphan inodes (bsc#1250119).
- commit 63ca2b0
- ext4: fix hole length calculation overflow in non-extent inodes
(git-fixes).
- commit 61cf4bb
- ext4: don't try to clear the orphan_present feature block
device is r/o (git-fixes).
- commit f4163bf
- ext4: fix reserved gdt blocks handling in fsmap (git-fixes).
- commit 97b5bdf
- ext4: fix fsmap end of range reporting with bigalloc
(git-fixes).
- commit 91e12c8
- ext4: check fast symlink for ea_inode correctly (git-fixes).
- commit 42b6930
- ext4: preserve SB_I_VERSION on remount (git-fixes).
- commit 4260078
- ext4: fix largest free orders lists corruption on
mb_optimize_scan switch (git-fixes).
- commit 17d92cc
- ext4: fix zombie groups in average fragment size lists
(git-fixes).
- commit 321e541
- ext4: ensure i_size is smaller than maxbytes (git-fixes).
- commit 83487b1
- ext4: factor out ext4_get_maxbytes() (git-fixes).
- commit e58bd69
- netfilter: nft_objref: validate objref and objrefmap expressions
(bsc#1250237).
No CVE available yet, please see the bugzilla ticket referenced.
- commit 71d77ae
- ext4: fix calculation of credits for extent tree modification
(git-fixes).
- commit 9ee5795
- ext4: reorder capability check last (git-fixes).
- commit ed8a5ff
- jbd2: do not try to recover wiped journal (git-fixes).
- commit 71d37b6
- ext4: do not convert the unwritten extents if data writeback
fails (git-fixes).
- commit 9294482
- iomap: handle a post-direct I/O invalidate race in
iomap_write_delalloc_release (git-fixes).
- commit 1023af1
- iomap: Fix iomap_adjust_read_range for plen calculation
(git-fixes).
- commit dab9a8e
- fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes).
- commit ab7fa65
- udf: Verify partition map count (git-fixes).
- commit acb53b7
- udf: Make sure i_lenExtents is uptodate on inode eviction
(git-fixes).
- commit 1f76b28
- isofs: Verify inode mode when loading from disk (git-fixes).
- commit 96bc3c7
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox
cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in
zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant
mbox_controller_unregister() call (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to
avoid info leak (git-fixes).
- commit c2e0f2f
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- commit cf556af
- KVM: x86: Don't inject PV async #PF if SEND_ALWAYS=0 and guest
state is protected (git-fixes).
- commit fa670d1
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args
(git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure
(git-fixes).
- staging: axis-fifo: fix maximum TX packet length check
(git-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to
clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m
(git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks
(git-fixes).
- commit ecaf254
- smb: client: fix crypto buffers in non-linear memory
(bsc#1250491, boo#1239206).
- commit b5fc334
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
kABI fixup for 474538b8dd1cd9c666e56cfe8ef60fbb0fb513f4
- commit 6d76064
- kABI workaround for struct atmdev_ops extension (CVE-2025-39828
bsc#1250205).
- commit ece3f96
- Refresh
patches.suse/Bluetooth-L2CAP-Fix-not-checking-l2cap_chan-security.patch.
- commit 85c9004
- Refresh
patches.suse/Bluetooth-hci_core-Fix-calling-mgmt_device_connected.patch.
- commit 9720dbb
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry
(git-fixes).
- commit c2be588
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul()
(git-fixes).
- commit 7b5a68a
- sunrpc: fix null pointer dereference on zero-length checksum
(git-fixes).
- commit c4c654a
- atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control()
(CVE-2025-39828 bsc#1250205).
- commit a2ac627
- e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898
bsc#1250742).
- vxlan: Fix NPD when refreshing an FDB entry with a nexthop
object (CVE-2025-39851 bsc#1250296).
- commit df2ae2c
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err
message (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling
the watchdog (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock
(git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in
pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys
allocation (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: keystone: Use devm_request_irq() to free
"ks-pcie-error-irq" on exit (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq()
(git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling
SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads
(git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is
requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation
(git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568
(git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- commit 1710395
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- commit 122f705
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- commit 886bc20
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- commit 2283cd3
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- commit fbc86d9
- scsi: qla2xxx: Fix incorrect sign of error code in
qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in
START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code
(git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of
msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs
(git-fixes).
- commit db6525b
- scsi: lpfc: Copyright updates for 14.4.0.11 patches
(bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point
to Point topology (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context
during TGT_RESET (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted
(bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl
in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox
commands fail (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod
is in progress (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba
and lpfc_vport (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes
(bsc#1250519).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings
(bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path
(bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak
(bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment
(bsc#1250519).
- commit 9af1a7a
- nvme-fc: use lock accessing port_state and rport state
(bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone
(bsc#1245193 bsc#1247500).
- nvmet-fc: avoid scheduling association deletion twice
(bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193
bsc#1247500).
- commit 9a1d529
- NFSv4.1: fix backchannel max_resp_sz verification check
(git-fixes).
- commit 8db6e65
- orangefs: Remove unused type in macro fill_default_sys_attrs
(git-fixes).
- commit 98fbe5c
- ppp: fix memory leak in pad_compress_skb (CVE-2025-39847
bsc#1250292).
- ice: fix NULL access of tx->in_use in ice_ll_ts_intr
(CVE-2025-39854 bsc#1250297).
- vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop
objects (CVE-2025-39850 bsc#1250276).
- net/mlx5: Fix lockdep assertion on sync reset unload event
(CVE-2025-39832 bsc#1249901).
- net/mlx5: Reload auxiliary drivers on fw_activate
(CVE-2025-39832 bsc#1249901).
- bnxt_en: Fix memory corruption when FW resources change during
ifdown (CVE-2025-39810 bsc#1249975).
- gve: prevent ethtool ops after shutdown (CVE-2025-38735
bsc#1249288).
- net/mlx5: Add sync reset drop mode support (CVE-2025-39832
bsc#1249901).
- commit 703f4a7
- Update
patches.suse/0780-drm-mediatek-dp-Change-logging-to-dev-for-mtk_dp_aux.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53325
bsc#1250035).
- Update
patches.suse/ACPI-APEI-send-SIGBUS-to-current-task-if-synchronous.patch
(stable-fixes CVE-2025-39763 bsc#1249615).
- Update
patches.suse/ACPI-pfr_update-Fix-the-driver-update-version-check.patch
(git-fixes CVE-2025-39701 bsc#1249308).
- Update
patches.suse/ACPICA-Add-AML_NO_OPERAND_RESOLVE-flag-to-Timer.patch
(git-fixes CVE-2023-53395 bsc#1250358).
- Update
patches.suse/ALSA-hda-ca0132-Fix-buffer-overflow-in-add_tuning_co.patch
(stable-fixes CVE-2025-39751 bsc#1249538).
- Update
patches.suse/ALSA-hda-fix-a-possible-null-pointer-dereferen.patch
(bsc#1012628 CVE-2023-53275 bsc#1250459).
- Update
patches.suse/ALSA-usb-audio-Validate-UAC3-cluster-segment-descrip.patch
(git-fixes CVE-2025-39757 bsc#1249515).
- Update
patches.suse/ALSA-usb-audio-Validate-UAC3-power-domain-descriptor.patch
(git-fixes CVE-2025-38729 bsc#1249164).
- Update
patches.suse/ASoC-core-Check-for-rtd-NULL-in-snd_soc_remove_pcm_r.patch
(stable-fixes CVE-2025-38706 bsc#1249195).
- Update patches.suse/Bluetooth-Fix-hci_suspend_sync-crash.patch
(git-fixes CVE-2023-53520 bsc#1250957).
- Update
patches.suse/Bluetooth-Fix-potential-use-after-free-when-clear-ke.patch
(git-fixes CVE-2023-53386 bsc#1250106).
- Update
patches.suse/Bluetooth-Fix-use-after-free-in-l2cap_sock_cleanup_l.patch
(git-fixes CVE-2025-39860 bsc#1250247).
- Update patches.suse/Bluetooth-L2CAP-Fix-use-after-free.patch
(bsc#1012628 CVE-2023-53305 bsc#1250049).
- Update
patches.suse/Bluetooth-hci_conn-fail-SCO-ISO-via-hci_conn_failed-.patch
(git-fixes CVE-2023-53374 bsc#1250196).
- Update
patches.suse/Bluetooth-l2cap-Check-encryption-key-size-on-incomin.patch
(git-fixes CVE-2025-39889 bsc#1249833).
- Update
patches.suse/Bluetooth-use-RCU-for-hci_conn_params-and-itera.patch
(bsc#1012628 CVE-2023-53252 bsc#1249756).
- Update
patches.suse/Bluetooth-vhci-Prevent-use-after-free-by-removing-de.patch
(git-fixes CVE-2025-39861 bsc#1250249).
- Update
patches.suse/FS-JFS-Fix-null-ptr-deref-Read-in-txBegin.patch
(bsc#1012628 CVE-2023-53457 bsc#1250763).
- Update
patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch
(git-fixes CVE-2025-39824 bsc#1250007).
- Update
patches.suse/HID-hid-ntrig-fix-unable-to-handle-page-fault-in-ntr.patch
(stable-fixes CVE-2025-39808 bsc#1250088).
- Update
patches.suse/HID-multitouch-Correct-devm-device-reference-for-hid.patch
(git-fixes CVE-2023-53454 bsc#1250759).
- Update
patches.suse/HID-multitouch-fix-slab-out-of-bounds-access-in-mt_r.patch
(git-fixes CVE-2025-39806 bsc#1249888).
- Update
patches.suse/IB-hfi1-Fix-possible-panic-during-hotplug-remo.patch
(bsc#1012628 CVE-2023-53488 bsc#1250825).
- Update
patches.suse/KVM-arm64-Handle-kvm_arm_init-failure-correctly.patch
(bsc#1012628 CVE-2023-53319 bsc#1250067).
- Update
patches.suse/KVM-nSVM-Load-L1-s-TSC-multiplier-based-on-L1-state-.patch
(git-fixes CVE-2023-53208 bsc#1249698).
- Update
patches.suse/KVM-s390-diag-fix-racy-access-of-physical-cpu-n.patch
(bsc#1012628 CVE-2023-53205 bsc#1249677).
- Update
patches.suse/NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch
(git-fixes CVE-2025-39730 bsc#1249296).
- Update
patches.suse/NFS-Fix-the-setting-of-capabilities-when-automounting-a-new-filesystem.patch
(git-fixes CVE-2025-39798 bsc#1249774).
- Update
patches.suse/NFSv4.2-Rework-scratch-handling-for-READ_PLUS-again.patch
(git-fixes CVE-2023-53360 bsc#1249990).
- Update
patches.suse/PCI-ASPM-Disable-ASPM-on-MFD-function-removal-t.patch
(bsc#1012628 CVE-2023-53446 bsc#1250145).
- Update
patches.suse/PCI-endpoint-Fix-configfs-group-list-head-handling.patch
(git-fixes CVE-2025-39783 bsc#1249486).
- Update
patches.suse/PCI-hv-Fix-a-crash-in-hv_pci_restore_msi_msg-during-.patch
(git-fixes CVE-2023-53175 bsc#1249845).
- Update
patches.suse/PM-devfreq-Fix-leak-in-devfreq_dev_release.patch
(git-fixes CVE-2023-53518 bsc#1250923).
- Update
patches.suse/RDMA-bnxt_re-Properly-order-ib_device_unalloc-.patch
(bsc#1012628 CVE-2023-53504 bsc#1250813).
- Update
patches.suse/RDMA-bnxt_re-wraparound-mbox-producer-index.patch
(bsc#1012628 CVE-2023-53201 bsc#1249687).
- Update
patches.suse/RDMA-hfi1-fix-possible-divide-by-zero-in-find_hw_thr.patch
(git-fixes CVE-2025-39742 bsc#1249479).
- Update
patches.suse/RDMA-mlx5-Return-the-firmware-result-upon-dest.patch
(bsc#1012628 CVE-2023-53286 bsc#1250325).
- Update
patches.suse/RDMA-rxe-Fix-unsafe-drain-work-queue-code.patch
(git-fixes CVE-2023-53528 bsc#1250930).
- Update
patches.suse/RDMA-siw-Fix-the-sendmsg-byte-count-in-siw_tcp_sendp.patch
(git-fixes CVE-2025-39758 bsc#1249490).
- Update
patches.suse/accel-habanalabs-fix-mem-leak-in-capture-user-.patch
(bsc#1012628 CVE-2023-53367 bsc#1250243).
- Update patches.suse/accel-qaic-Fix-slicing-memory-leak.patch
(bsc#1012628 CVE-2023-53350 bsc#1250012).
- Update
patches.suse/accel-qaic-tighten-bounds-checking-in-decode_me.patch
(bsc#1012628 CVE-2023-53493 bsc#1250820).
- Update
patches.suse/af_unix-Fix-data-races-around-user-unix_inflight.patch
(git-fixes CVE-2023-53204 bsc#1249682).
- Update
patches.suse/arm64-sme-Set-new-vector-length-before-realloca.patch
(bsc#1012628 CVE-2023-53184 bsc#1249823).
- Update
patches.suse/ax25-properly-unshare-skbs-in-ax25_kiss_rcv.patch
(git-fixes CVE-2025-39848 bsc#1250298).
- Update
patches.suse/batman-adv-fix-OOB-read-write-in-network-coding-deco.patch
(git-fixes CVE-2025-39839 bsc#1250291).
- Update
patches.suse/blk-cgroup-Reinit-blkg_iostat_set-after-clearin.patch
(bsc#1012628 CVE-2023-53421 bsc#1250171).
- Update
patches.suse/blk-mq-fix-NULL-dereference-on-q-elevator-in-bl.patch
(bsc#1012628 CVE-2023-53292 bsc#1250163).
- Update
patches.suse/bpf-Fix-memleak-due-to-fentry-attach-failure.patch
(bsc#1012628 CVE-2023-53221 bsc#1249662).
- Update
patches.suse/bpf-cpumap-Fix-memory-leak-in-cpu_map_update_el.patch
(bsc#1012628 CVE-2023-53441 bsc#1250150).
- Update
patches.suse/btrfs-abort-transaction-on-unexpected-eb-generation-.patch
(git-fixes CVE-2025-39800 bsc#1250177).
- Update
patches.suse/btrfs-add-handling-for-RAID1C23-DUP-to-btrfs_re.patch
(bsc#1012628 CVE-2023-53243 bsc#1249640).
- Update
patches.suse/btrfs-don-t-check-PageError-in-__extent_writepa.patch
(bsc#1012628 CVE-2023-53429 bsc#1250384).
- Update
patches.suse/btrfs-exit-gracefully-if-reloc-roots-don-t-mat.patch
(bsc#1012628 CVE-2023-53183 bsc#1249863).
- Update
patches.suse/btrfs-fix-BUG_ON-condition-in-btrfs_cancel_bal.patch
(bsc#1012628 CVE-2023-53339 bsc#1250329).
- Update
patches.suse/btrfs-fix-use-after-free-of-new-block-group-th.patch
(bsc#1012628 CVE-2023-53187 bsc#1249815).
- Update
patches.suse/btrfs-qgroup-fix-race-between-quota-disable-and-quot.patch
(git-fixes CVE-2025-39759 bsc#1249522).
- Update
patches.suse/btrfs-set_page_extent_mapped-after-read_folio-i.patch
(bsc#1012628 CVE-2023-53247 bsc#1249870).
- Update
patches.suse/bus-fsl-mc-don-t-assume-child-devices-are-all-f.patch
(bsc#1012628 CVE-2023-53362 bsc#1249993).
- Update
patches.suse/bus-mhi-host-Detect-events-pointing-to-unexpected-TR.patch
(git-fixes CVE-2025-39790 bsc#1249548).
- Update
patches.suse/can-gs_usb-fix-time-stamp-counter-initializatio.patch
(bsc#1012628 CVE-2023-53523 bsc#1250926).
- Update
patches.suse/can-j1939-implement-NETDEV_UNREGISTER-notification-h.patch
(git-fixes CVE-2025-39925 bsc#1250736).
- Update
patches.suse/can-xilinx_can-xcan_write_frame-fix-use-after-free-o.patch
(git-fixes CVE-2025-39873 bsc#1250371).
- Update
patches.suse/cifs-prevent-use-after-free-by-freeing-the-cfil.patch
(bsc#1012628 CVE-2023-53377 bsc#1250161).
- Update
patches.suse/clk-imx-clk-imx8mn-fix-memory-leak-in-imx8mn_cl.patch
(bsc#1012628 CVE-2023-53249 bsc#1249642).
- Update
patches.suse/clk-imx-clk-imxrt1050-fix-memory-leak-in-imxrt1.patch
(bsc#1012628 CVE-2023-53264 bsc#1249795).
- Update patches.suse/clk-mediatek-fix-of_iomap-memory-leak.patch
(bsc#1012628 CVE-2023-53424 bsc#1250169).
- Update
patches.suse/clk-mediatek-mt8183-Add-back-SSPM-related-cloc.patch
(bsc#1012628 CVE-2023-53274 bsc#1249919).
- Update
patches.suse/clk-tegra-tegra124-emc-Fix-potential-memory-lea.patch
(bsc#1012628 CVE-2023-53505 bsc#1250807).
- Update
patches.suse/comedi-Fix-use-of-uninitialized-memory-in-do_insn_io.patch
(git-fixes CVE-2025-39684 bsc#1249281).
- Update
patches.suse/comedi-Make-insn_rw_emulate_bits-do-insn-n-samples.patch
(git-fixes CVE-2025-39686 bsc#1249312).
- Update
patches.suse/comedi-fix-race-between-polling-and-detaching.patch
(git-fixes CVE-2025-38687 bsc#1249177).
- Update
patches.suse/comedi-pcl726-Prevent-invalid-irq-number.patch
(git-fixes CVE-2025-39685 bsc#1249282).
- Update
patches.suse/crypto-qat-flush-misc-workqueue-during-device-shutdo.patch
(git-fixes CVE-2025-39721 bsc#1249323).
- Update
patches.suse/cxl-acpi-Fix-a-use-after-free-in-cxl_parse_cfmw.patch
(bsc#1012628 CVE-2023-53479 bsc#1250837).
- Update
patches.suse/cxl-downgrade-a-warning-message-to-debug-level-in-cxl.patch
(bsc#1229165 CVE-2023-53479 bsc#1250837).
- Update
patches.suse/dma-buf-dma-resv-Stop-leaking-on-krealloc-failu.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53181
bsc#1249824).
- Update
patches.suse/dmaengine-idxd-Fix-double-free-in-idxd_setup_wqs.patch
(git-fixes CVE-2025-39870 bsc#1250402).
- Update
patches.suse/dmaengine-idxd-Remove-improper-idxd_free.patch
(git-fixes CVE-2025-39871 bsc#1250377).
- Update
patches.suse/dmaengine-qcom-bam_dma-Fix-DT-error-handling-for-num.patch
(git-fixes CVE-2025-39923 bsc#1250741).
- Update
patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch
(git-fixes CVE-2025-39869 bsc#1250406).
- Update
patches.suse/drm-amd-display-Add-null-pointer-check-in-mod_hdcp_h.patch
(git-fixes CVE-2025-39675 bsc#1249263).
- Update
patches.suse/drm-amd-display-Avoid-a-NULL-pointer-dereference.patch
(stable-fixes CVE-2025-39693 bsc#1249279).
- Update
patches.suse/drm-amd-display-Fix-possible-underflow-for-disp.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53258
bsc#1249780).
- Update
patches.suse/drm-amdgpu-fix-calltrace-warning-in-amddrm_bud.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53152
bsc#1249883).
- Update
patches.suse/drm-amdgpu-fix-memory-leak-in-mes-self-test.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53370
bsc#1250208).
- Update
patches.suse/drm-amdgpu-install-stub-fence-into-potential-u.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53248
bsc#1249779).
- Update
patches.suse/drm-amdkfd-Destroy-KFD-debugfs-after-destroy-KFD-wq.patch
(stable-fixes CVE-2025-39706 bsc#1249413).
- Update
patches.suse/drm-client-Fix-memory-leak-in-drm_client_modese.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53288
bsc#1250058).
- Update
patches.suse/drm-hisilicon-hibmc-fix-the-hibmc-loaded-failed-bug.patch
(git-fixes CVE-2025-39772 bsc#1249506).
- Update
patches.suse/drm-mediatek-fix-potential-OF-node-use-after-free.patch
(git-fixes CVE-2025-39882 bsc#1250389).
- Update
patches.suse/drm-msm-dp-Free-resources-after-unregistering-t.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53316
bsc#1250066).
- Update
patches.suse/drm-msm-mdp5-Don-t-leak-some-plane-state.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53324
bsc#1250070).
- Update
patches.suse/drm-nouveau-disp-fix-use-after-free-in-error-h.patch
(bsc#1012628 bsc#1214073 CVE-2023-53263 bsc#1249861).
- Update
patches.suse/drm-nouveau-nvif-Fix-potential-memory-leak-in-nvif_v.patch
(git-fixes CVE-2025-39679 bsc#1249338).
- Update
patches.suse/drm-radeon-Fix-integer-overflow-in-radeon_cs_pa.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53309
bsc#1250055).
- Update patches.suse/drm-tests-helpers-Avoid-a-driver-uaf.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53235
bsc#1249785).
- Update
patches.suse/drm-ttm-check-null-pointer-before-accessing-wh.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53352
bsc#1250006).
- Update
patches.suse/drm-ttm-fix-bulk_move-corruption-when-adding-a-.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53444
bsc#1250157).
- Update patches.suse/erofs-Fix-detection-of-atomic-context.patch
(bsc#1012628 CVE-2023-53231 bsc#1249787).
- Update
patches.suse/exfat-add-cluster-chain-loop-check-for-dir.patch
(git-fixes CVE-2025-38692 bsc#1249221).
- Update
patches.suse/ext2-dax-Fix-ext2_setsize-when-len-is-page-alig.patch
(bsc#1012628 CVE-2023-53323 bsc#1250069).
- Update
patches.suse/f2fs-don-t-reset-unchangable-mount-option-in-f2.patch
(bsc#1012628 CVE-2023-53447 bsc#1250241).
- Update
patches.suse/fbdev-Fix-vmalloc-out-of-bounds-write-in-fast_imageb.patch
(stable-fixes CVE-2025-38685 bsc#1249220).
- Update
patches.suse/fbdev-ep93xx-fb-Do-not-assign-to-struct-fb_info.dev.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53314
bsc#1250065).
- Update
patches.suse/fbdev-fix-potential-buffer-overflow-in-do_register_f.patch
(stable-fixes CVE-2025-38702 bsc#1249254).
- Update
patches.suse/fbdev-imxfb-Removed-unneeded-release_mem_region.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53448
bsc#1250873).
- Update
patches.suse/firewire-net-fix-use-after-free-in-fwnet_finis.patch
(bsc#1012628 CVE-2023-53432 bsc#1250426).
- Update
patches.suse/firmware-stratix10-svc-Fix-a-potential-resource.patch
(bsc#1012628 CVE-2023-53255 bsc#1249762).
- Update
patches.suse/fs-jfs-Fix-UBSAN-array-index-out-of-bounds-in-d.patch
(bsc#1012628 CVE-2023-53485 bsc#1250872).
- Update
patches.suse/fs-ntfs3-Enhance-sanity-check-while-generating.patch
(bsc#1012628 CVE-2023-53328 bsc#1249952).
- Update
patches.suse/hfs-fix-slab-out-of-bounds-in-hfs_bnode_read.patch
(git-fixes CVE-2025-38715 bsc#1249196).
- Update
patches.suse/hfsplus-don-t-use-BUG_ON-in-hfsplus_create_attributes_file.patch
(git-fixes CVE-2025-38712 bsc#1249194).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-in-hfsplus_bnode_read.patch
(git-fixes CVE-2025-38714 bsc#1249260).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_uni2asc.patch
(git-fixes CVE-2025-38713 bsc#1249200).
- Update
patches.suse/hsr-Fix-uninit-value-access-in-fill_frame_info.patch
(bsc#1220419 CVE-2023-53462 bsc#1250878).
- Update
patches.suse/hwmon-pmbus_core-Fix-NULL-pointer-dereference.patch
(bsc#1012628 CVE-2023-53206 bsc#1249679).
- Update
patches.suse/ibmvnic-Do-not-reset-dql-stats-on-NON_FATAL-err.patch
(bsc#1012628 CVE-2023-53463 bsc#1250867).
- Update
patches.suse/ice-Block-switchdev-mode-when-ADQ-is-active-an.patch
(bsc#1012628 CVE-2023-53442 bsc#1250201).
- Update
patches.suse/icmp6-Fix-null-ptr-deref-of-ip6_null_entry-rt6i.patch
(bsc#1012628 CVE-2023-53343 bsc#1250022).
- Update
patches.suse/igb-Fix-igb_down-hung-on-surprise-removal.patch
(bsc#1012628 CVE-2023-53148 bsc#1249842).
- Update
patches.suse/iio-imu-bno055-fix-OOB-access-of-hw_xlate-array.patch
(git-fixes CVE-2025-39719 bsc#1249271).
- Update
patches.suse/io_uring-wait-interruptibly-for-request-complet.patch
(bsc#1012628 CVE-2023-53461 bsc#1250941).
- Update
patches.suse/iommu-amd-iommu_v2-Fix-pasid_state-refcount-dec-hit-.patch
(git-fixes CVE-2023-53501 bsc#1250815).
- Update
patches.suse/iommu-arm-smmu-qcom-Add-SM6115-MDSS-compatible.patch
(git-fixes CVE-2025-39739 bsc#1249542).
- Update
patches.suse/ip6mr-Fix-skb_under_panic-in-ip6mr_cache_repor.patch
(bsc#1012628 CVE-2023-53365 bsc#1249988).
- Update
patches.suse/ipv6-addrconf-fix-a-potential-refcount-underflo.patch
(bsc#1012628 CVE-2023-53189 bsc#1249894).
- Update
patches.suse/jbd2-check-jh-b_transaction-before-removing-it-from-.patch
(bsc#1214953 CVE-2023-53526 bsc#1250928).
- Update patches.suse/jfs-Regular-file-corruption-check.patch
(git-fixes CVE-2025-38698 bsc#1249255).
- Update
patches.suse/jfs-jfs_dmap-Validate-db_l2nbperpage-while-moun.patch
(bsc#1012628 CVE-2023-53222 bsc#1249864).
- Update
patches.suse/jfs-truncate-good-inode-pages-when-hard-link-is-0.patch
(git-fixes CVE-2025-39743 bsc#1249489).
- Update
patches.suse/jfs-upper-bound-check-of-tree-index-in-dbAllocAG.patch
(git-fixes CVE-2025-38697 bsc#1249257).
- Update
patches.suse/kobject-Add-sanity-check-for-kset-kobj.ktype-in-kset.patch
(git-fixes CVE-2023-53480 bsc#1250861).
- Update patches.suse/lwt-Fix-return-values-of-BPF-xmit-ops.patch
(jsc#PED-6811 CVE-2023-53338 bsc#1250074).
- Update
patches.suse/mISDN-hfcpci-Fix-warning-when-deleting-uninitialized.patch
(git-fixes CVE-2025-39833 bsc#1250028).
- Update
patches.suse/macvlan-add-forgotten-nla_policy-for-IFLA_MACVL.patch
(bsc#1012628 CVE-2023-53516 bsc#1250918).
- Update
patches.suse/md-raid10-check-slab-out-of-bounds-in-md_bitmap.patch
(bsc#1012628 CVE-2023-53357 bsc#1249994).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-of-mreplace-in-rai.patch
(bsc#1012628 CVE-2023-53380 bsc#1250198).
- Update
patches.suse/md-raid10-fix-wrong-setting-of-max_corr_read_er.patch
(bsc#1012628 CVE-2023-53313 bsc#1249911).
- Update
patches.suse/md-raid10-prevent-soft-lockup-while-flush-write.patch
(bsc#1012628 CVE-2023-53151 bsc#1249865).
- Update
patches.suse/md-raid5-cache-fix-null-ptr-deref-for-r5l_flush_stri-0d0b.patch
(jsc#PED-7542 CVE-2023-53210 bsc#1249673).
- Update
patches.suse/media-az6007-Fix-null-ptr-deref-in-az6007_i2c_xfer.patch
(git-fixes CVE-2023-53220 bsc#1250337).
- Update
patches.suse/media-dvb-frontends-dib7090p-fix-null-ptr-deref-in-d.patch
(stable-fixes CVE-2025-38694 bsc#1249272).
- Update
patches.suse/media-dvb-frontends-w7090p-fix-null-ptr-deref-in-w70.patch
(stable-fixes CVE-2025-38693 bsc#1249190).
- Update
patches.suse/media-hi846-fix-usage-of-pm_runtime_get_if_in_u.patch
(bsc#1012628 CVE-2023-53177 bsc#1249849).
- Update
patches.suse/media-ipu-bridge-Fix-null-pointer-deref-on-SSDB-PLD-.patch
(git-fixes CVE-2023-53336 bsc#1250073).
- Update
patches.suse/media-mdp3-Fix-resource-leaks-in-of_find_device_by_n.patch
(git-fixes CVE-2023-53385 bsc#1250319).
- Update
patches.suse/media-platform-mediatek-vpu-fix-NULL-ptr-deref.patch
(bsc#1012628 CVE-2023-53425 bsc#1250290).
- Update
patches.suse/media-rainshadow-cec-fix-TOCTOU-race-condition-in-ra.patch
(git-fixes CVE-2025-39713 bsc#1249321).
- Update
patches.suse/media-usbtv-Lock-resolution-while-streaming.patch
(git-fixes CVE-2025-39714 bsc#1249273).
- Update
patches.suse/media-uvcvideo-Fix-1-byte-out-of-bounds-read-in-uvc_.patch
(git-fixes CVE-2025-38680 bsc#1249203).
- Update
patches.suse/media-v4l2-mem2mem-add-lock-to-protect-paramet.patch
(bsc#1012628 CVE-2023-53519 bsc#1250964).
- Update
patches.suse/media-venus-Add-a-check-for-packet-size-after-readin.patch
(git-fixes CVE-2025-39710 bsc#1249304).
- Update
patches.suse/media-venus-protect-against-spurious-interrupts-duri.patch
(git-fixes CVE-2025-39709 bsc#1249278).
- Update
patches.suse/mlxsw-minimal-fix-potential-memory-leak-in-mlxs.patch
(bsc#1012628 CVE-2023-53195 bsc#1249761).
- Update
patches.suse/mm-kmem-fix-a-NULL-pointer-dereference-in-obj_.patch
(bsc#1012628 CVE-2023-53401 bsc#1250120).
- Update
patches.suse/mm-move-page-table-sync-declarations-to-linux-pgtabl.patch
(git-fixes CVE-2025-39844 bsc#1250268).
- Update
patches.suse/mm-ptdump-take-the-memory-hotplug-lock-inside-ptdump_walk_.patch
(git-fixes CVE-2025-38681 bsc#1249204).
- Update
patches.suse/modpost-fix-off-by-one-in-is_executable_section.patch
(bsc#1012628 CVE-2023-53397 bsc#1250125).
- Update patches.suse/mptcp-fix-disconnect-vs-accept-race.patch
(bsc#1012628 CVE-2023-53490 bsc#1250827).
- Update
patches.suse/msft-hv-3329-hv_netvsc-Fix-panic-during-namespace-deletion-with-V.patch
(bsc#1248111 CVE-2025-38683 bsc#1249159).
- Update
patches.suse/mtd-rawnand-stm32_fmc2-avoid-overlapping-mappings-on.patch
(git-fixes CVE-2025-39907 bsc#1250713).
- Update
patches.suse/net-dcb-choose-correct-policy-to-parse-DCB_ATT.patch
(bsc#1012628 CVE-2023-53369 bsc#1250206).
- Update
patches.suse/net-dsa-Removed-unneeded-of_node_put-in-felix_p.patch
(bsc#1012628 CVE-2023-53170 bsc#1249850).
- Update
patches.suse/net-ena-fix-shift-out-of-bounds-in-exponential-.patch
(bsc#1012628 CVE-2023-53272 bsc#1249917).
- Update
patches.suse/net-ethernet-mvpp2_main-fix-possible-OOB-write-in-mv.patch
(git-fixes CVE-2023-53495 bsc#1250907).
- Update
patches.suse/net-fix-net_dev_start_xmit-trace-event-vs-skb_t.patch
(bsc#1012628 CVE-2023-53312 bsc#1250063).
- Update
patches.suse/net-marvell-prestera-fix-handling-IPv4-routes-.patch
(bsc#1012628 CVE-2023-53342 bsc#1250029).
- Update
patches.suse/net-microchip-vcap-api-Fix-possible-memory-leak-for-.patch
(git-fixes CVE-2023-53303 bsc#1249896).
- Update
patches.suse/net-mlx5-Unregister-devlink-params-in-case-int.patch
(bsc#1012628 CVE-2023-53507 bsc#1250808).
- Update
patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_fs_tt_redire.patch
(bsc#1012628 CVE-2023-53371 bsc#1250112).
- Update
patches.suse/net-mlx5e-xsk-Fix-crash-on-regular-rq-reactiva.patch
(bsc#1012628 CVE-2023-53394 bsc#1250199).
- Update
patches.suse/net-rose-convert-use-field-to-refcount_t.patch
(git-fixes CVE-2025-39826 bsc#1250203).
- Update
patches.suse/net-rose-include-node-references-in-rose_neigh-refco.patch
(git-fixes CVE-2025-39827 bsc#1250204).
- Update
patches.suse/net-usb-asix_devices-Fix-PHY-address-mask-in-MDIO-bu.patch
(git-fixes CVE-2025-38736 bsc#1249318).
- Update
patches.suse/net-usb-asix_devices-add-phy_mask-for-ax88772-mdio-b.patch
(git-fixes CVE-2025-38725 bsc#1249170).
- Update
patches.suse/netfilter-conntrack-dccp-copy-entire-header-to-.patch
(CVE-2023-39197 bsc#1012628 bsc#1216976 CVE-2023-53333
bsc#1249949).
- Update
patches.suse/netfilter-ipset-add-the-missing-IP_SET_HASH_WITH_NET.patch
(CVE-2023-42753 bsc#1215150 CVE-2023-53179 bsc#1249825).
- Update
patches.suse/netfilter-nf_tables-do-not-ignore-genmask-when-.patch
(bsc#1012628 CVE-2023-31248 bsc#1213061 CVE-2023-53492
bsc#1250823).
- Update
patches.suse/netfilter-nft_set_rbtree-fix-overlap-expiration.patch
(bsc#1012628 CVE-2023-53304 bsc#1249923).
- Update
patches.suse/netlink-avoid-infinite-retry-looping-in-netlink_unic.patch
(CVE-2025-38465 bsc#1247118 CVE-2025-38727 bsc#1249166).
- Update
patches.suse/nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch
(git-fixes CVE-2025-38724 bsc#1249169).
- Update
patches.suse/nilfs2-fix-use-after-free-of-nilfs_root-in-dir.patch
(bsc#1012628 CVE-2023-53311 bsc#1250062).
- Update
patches.suse/ntfs-Fix-panic-about-slab-out-of-bounds-caused-.patch
(bsc#1012628 CVE-2023-53420 bsc#1250186).
- Update
patches.suse/nubus-Partially-revert-proc_create_single_data-.patch
(bsc#1012628 CVE-2023-53217 bsc#1249672).
- Update
patches.suse/null_blk-fix-poll-request-timeout-handling.patch
(bsc#1216436 CVE-2023-53531 bsc#1250931).
- Update
patches.suse/ovl-fix-null-pointer-dereference-in-ovl_permiss.patch
(bsc#1012628 CVE-2023-53260 bsc#1249768).
- Update
patches.suse/pNFS-Fix-uninited-ptr-deref-in-block-scsi-layout.patch
(git-fixes CVE-2025-38691 bsc#1249215).
- Update
patches.suse/pcmcia-Add-error-handling-for-add_interval-in-do_val.patch
(git-fixes CVE-2025-39920 bsc#1250732).
- Update
patches.suse/pcmcia-Fix-a-NULL-pointer-dereference-in-__iodyn_fin.patch
(git-fixes CVE-2025-39846 bsc#1250263).
- Update
patches.suse/phy-hisilicon-Fix-an-out-of-bounds-check-in-his.patch
(bsc#1012628 CVE-2023-53238 bsc#1249707).
- Update
patches.suse/powercap-arm_scmi-Remove-recursion-while-parsing-zon.patch
(git-fixes CVE-2023-53428 bsc#1250167).
- Update
patches.suse/powerpc-rtas_flash-allow-user-copy-to-flash-bl.patch
(bsc#1012628 bsc#1194869 CVE-2023-53487 bsc#1250830).
- Update
patches.suse/pstore-ram-Check-start-of-empty-przs-during-init.patch
(git-fixes CVE-2023-53331 bsc#1249950).
- Update
patches.suse/pwm-lpc32xx-Remove-handling-of-PWM-channels.patch
(git-fixes CVE-2023-53472 bsc#1250841).
- Update
patches.suse/rcu-rcuscale-Stop-kfree_scale_thread-thread-s-a.patch
(bsc#1012628 CVE-2023-53291 bsc#1249926).
- Update
patches.suse/regulator-da9063-better-fix-null-deref-with-pa.patch
(bsc#1012628 CVE-2023-53364 bsc#1249984).
- Update
patches.suse/s390-ism-fix-concurrency-management-in-ism_cmd.patch
(git-fixes bsc#1248735 CVE-2025-39726 bsc#1249266).
- Update patches.suse/s390-sclp-Fix-SCCB-present-check.patch
(git-fixes bsc#1249123 CVE-2025-39694 bsc#1249299).
- Update
patches.suse/sched-fair-Don-t-balance-task-to-its-current-ru.patch
(bsc#1012628 CVE-2023-53215 bsc#1250397).
- Update
patches.suse/scsi-core-Fix-possible-memory-leak-if-device_a.patch
(bsc#1012628 CVE-2023-53174 bsc#1250024).
- Update
patches.suse/scsi-lpfc-Check-for-hdwq-null-ptr-when-cleaning-up-l.patch
(bsc#1245260 bsc#1243100 bsc#1246125 CVE-2025-38695
bsc#1249285).
- Update
patches.suse/scsi-qla2xxx-Fix-potential-NULL-pointer-derefer.patch
(bsc#1012628 CVE-2023-53451 bsc#1250831).
- Update
patches.suse/scsi-qla2xxx-Pointer-may-be-dereferenced.patch
(bsc#1012628 CVE-2023-53150 bsc#1249853).
- Update
patches.suse/scsi-qla2xxx-Remove-unused-nvme_ls_waitq-wait-q.patch
(bsc#1012628 CVE-2023-53280 bsc#1249938).
- Update
patches.suse/scsi-qla2xxx-Use-raw_smp_processor_id-instead-of-smp.patch
(bsc#1214928 jsc#PED-5063 CVE-2023-53530 bsc#1250949).
- Update
patches.suse/scsi-qla2xxx-Wait-for-io-return-on-terminate-rp.patch
(bsc#1012628 CVE-2023-53322 bsc#1250323).
- Update
patches.suse/scsi-qla4xxx-Add-length-check-when-parsing-nlattrs.patch
(git-fixes CVE-2023-53456 bsc#1250765).
- Update
patches.suse/scsi-snic-Fix-possible-memory-leak-if-device_a.patch
(bsc#1012628 CVE-2023-53436 bsc#1250156).
- Update
patches.suse/scsi-storvsc-Fix-handling-of-virtual-Fibre-Cha.patch
(bsc#1012628 CVE-2023-53245 bsc#1249641).
- Update patches.suse/scsi-ufs-core-Fix-handling-of-lrbp-cmd.patch
(bsc#1012628 CVE-2023-53510 bsc#1250812).
- Update patches.suse/serial-8250-fix-panic-due-to-PSLVERR.patch
(git-fixes CVE-2025-39724 bsc#1249265).
- Update
patches.suse/shmem-use-ramfs_kill_sb-for-kill_sb-method-of-r.patch
(bsc#1012628 CVE-2023-53391 bsc#1250117).
- Update
patches.suse/skbuff-skb_segment-Call-zero-copy-functions-before-u.patch
(bsc#1220419 CVE-2023-53354 bsc#1250004).
- Update
patches.suse/smb-client-fix-warning-in-cifs_smb3_do_mount.patch
(bsc#1012628 CVE-2023-53230 bsc#1249866).
- Update
patches.suse/soundwire-qcom-fix-storing-port-config-out-of-b.patch
(bsc#1012628 CVE-2023-53465 bsc#1250863).
- Update
patches.suse/start_kernel-Add-__no_stack_protector-function-.patch
(bsc#1012628 CVE-2023-53491 bsc#1250942).
- Update
patches.suse/thunderbolt-Fix-memory-leak-in-tb_handle_dp_ba.patch
(bsc#1012628 CVE-2023-53527 bsc#1250929).
- Update
patches.suse/tls-separate-no-async-decryption-request-handling-fr.patch
(CVE-2024-26584 bsc#1220186 CVE-2024-58240 bsc#1248847).
- Update
patches.suse/tracing-Fix-null-pointer-dereference-in-tracing.patch
(bsc#1012628 CVE-2023-53167 bsc#1249712).
- Update
patches.suse/tracing-Fix-race-issue-between-cpu-buffer-write-and-swap.patch
(git-fixes CVE-2023-53368 bsc#1249979).
- Update
patches.suse/ublk-fail-to-recover-device-if-queue-setup-is-i.patch
(bsc#1012628 CVE-2023-53207 bsc#1249678).
- Update
patches.suse/ublk-fail-to-start-device-if-queue-setup-is-int.patch
(bsc#1012628 CVE-2023-53508 bsc#1250809).
- Update
patches.suse/udf-Fix-uninitialized-array-access-for-some-pat.patch
(bsc#1012628 CVE-2023-53165 bsc#1250395).
- Update
patches.suse/usb-cdns3-Put-the-cdns-set-active-part-outside-the-s.patch
(git-fixes CVE-2023-53287 bsc#1250089).
- Update
patches.suse/usb-core-config-Prevent-OOB-read-in-SS-endpoint-comp.patch
(stable-fixes CVE-2025-39760 bsc#1249598).
- Update
patches.suse/usb-dwc3-Remove-WARN_ON-for-device-endpoint-command-.patch
(stable-fixes CVE-2025-39801 bsc#1250450).
- Update
patches.suse/usb-dwc3-qcom-Fix-potential-memory-leak.patch
(bsc#1012628 CVE-2023-53196 bsc#1249758).
- Update
patches.suse/usb-gadget-u_serial-Add-null-pointer-check-in-g.patch
(bsc#1012628 CVE-2023-53356 bsc#1249997).
- Update
patches.suse/usb-phy-phy-tahvo-fix-memory-leak-in-tahvo_usb_.patch
(bsc#1012628 CVE-2023-53379 bsc#1250128).
- Update
patches.suse/virtio-mmio-don-t-break-lifecycle-of-vm_dev.patch
(bsc#1012628 CVE-2023-53515 bsc#1250917).
- Update patches.suse/vxlan-Fix-nexthop-hash-size.patch
(bsc#1012628 CVE-2023-53192 bsc#1249897).
- Update
patches.suse/wifi-ath11k-fix-sleeping-in-atomic-in-ath11k_mac_op_.patch
(git-fixes CVE-2025-39732 bsc#1249292).
- Update
patches.suse/wifi-ath12k-Avoid-NULL-pointer-access-during-ma.patch
(bsc#1012628 CVE-2023-53180 bsc#1249826).
- Update
patches.suse/wifi-ath12k-Correct-tid-cleanup-when-tid-setup-fails.patch
(stable-fixes CVE-2025-39750 bsc#1249523).
- Update
patches.suse/wifi-ath12k-Decrement-TID-on-RX-peer-frag-setup-erro.patch
(stable-fixes CVE-2025-39761 bsc#1249554).
- Update
patches.suse/wifi-ath9k-don-t-allow-to-overwrite-ENDPOINT0-a.patch
(bsc#1012628 CVE-2023-53185 bsc#1249820).
- Update
patches.suse/wifi-brcmfmac-fix-use-after-free-when-rescheduling-b.patch
(git-fixes CVE-2025-39863 bsc#1250281).
- Update
patches.suse/wifi-cfg80211-fix-use-after-free-in-cmp_bss.patch
(git-fixes CVE-2025-39864 bsc#1250242).
- Update
patches.suse/wifi-cfg80211-sme-cap-SSID-length-in-__cfg80211_conn.patch
(git-fixes CVE-2025-39849 bsc#1250266).
- Update
patches.suse/wifi-iwlwifi-pcie-fix-NULL-pointer-dereference-.patch
(bsc#1012628 CVE-2023-53251 bsc#1249730).
- Update
patches.suse/wifi-mac80211-check-S1G-action-frame-size.patch
(git-fixes CVE-2023-53257 bsc#1249869).
- Update
patches.suse/wifi-mac80211_hwsim-Fix-possible-NULL-dereferen.patch
(bsc#1012628 CVE-2023-53209 bsc#1249856).
- Update patches.suse/wifi-mac80211_hwsim-drop-short-frames.patch
(git-fixes CVE-2023-53321 bsc#1250313).
- Update
patches.suse/wifi-mwifiex-Fix-OOB-and-integer-underflow-when-rx-p.patch
(git-fixes CVE-2023-53226 bsc#1249658).
- Update
patches.suse/wifi-mwifiex-Initialize-the-chan_stats-array-to-zero.patch
(git-fixes CVE-2025-39891 bsc#1250712).
- Update
patches.suse/wifi-mwifiex-avoid-possible-NULL-skb-pointer-derefer.patch
(git-fixes CVE-2023-53384 bsc#1250127).
- Update
patches.suse/x86-MCE-Always-save-CS-register-on-AMD-Zen-IF-Poison-error.patch
(git-fixes CVE-2023-53438 bsc#1250180).
- Update
patches.suse/x86-mm-64-define-ARCH_PAGE_TABLE_SYNC_MASK-and-arch_.patch
(git-fixes CVE-2025-39845 bsc#1250262).
- Update
patches.suse/x86-platform-uv-Use-alternate-source-for-socket-to-n.patch
(bsc#1215696 CVE-2023-53496 bsc#1250905).
- Update
patches.suse/xfrm-add-NULL-check-in-xfrm_update_ae_params.patch
(bsc#1012628 bsc#1213666 CVE-2023-3772 CVE-2023-53147
bsc#1249880).
- Update
patches.suse/xfrm-fix-slab-use-after-free-in-decode_session.patch
(bsc#1012628 CVE-2023-53500 bsc#1250816).
- Update
patches.suse/xsk-Fix-xsk_diag-use-after-free-error-during-socket-.patch
(bsc#1220419 CVE-2023-53426 bsc#1250166).
- commit ee10a6d
- i40e: Fix potential invalid access when MAC list is empty (CVE-2025-39853 bsc#1250275)
- commit 4246fc5
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- commit c1b6a15
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- commit 650fcb3
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- commit ced2c38
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- commit 9a8b6d9
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- commit 99220cf
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- commit aced925
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- commit 665905d
- bus: mhi: host: Do not use uninitialized 'dev' pointer in
mhi_init_irq_setup() (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime
reinitialization in resume (git-fixes).
- iio: consumers: Fix offset handling in
iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes
(git-fixes).
- iio: dac: ad5360: use int type to store negative error codes
(git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE
(git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms
(git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error
(git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure
calls (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe
cleanup (git-fixes).
- tty: n_gsm: Don't block input queue by waiting MSC (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure
(git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout
function (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init
(git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
(git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and
PF are on the same device (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len()
(git-fixes).
- commit 6795b42
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946)
CONFIG_SCHED_PROXY_EXEC is set only when the debug is off, exclusive
to CONFIG_SCHED_CLASS_EXT.
- commit ac06fa9
- drivers/base/node: fix double free in register_one_node()
(git-fixes).
- commit 205d070
- net: nfc: nci: Add parameter validation for packet data
(git-fixes).
- net: usb: Remove disruptive netif_wake_queue in
rtl8150_set_multicast (git-fixes).
- wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize
again (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message
(git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()
(git-fixes).
- wifi: rtw89: avoid circular locking dependency in
ser_state_run() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information
is not available (git-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe()
(git-fixes).
- wifi: mwifiex: send world regulatory domain to driver
(git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in
flexcop_pci_remove (git-fixes).
- media: uvcvideo: Mark invalid entities with id
UVC_INVALID_ENTITY_ID (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in
v4l2_subdev_call_state_try() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- commit dbb8904
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs
(git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
(git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel
clocks (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
(git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
(git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
(git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version
(git-fixes).
- commit 2161328
- docs: admin-guide: update to current minimum pipe size default
(git-fixes).
- drivers/base/node: handle error properly in register_one_node()
(git-fixes).
- Bluetooth: ISO: don't leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on
MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs
(git-fixes).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value
(git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI
(stable-fixes).
- drm/i915/backlight: Return immediately when scale() finds
invalid parameters (stable-fixes).
- commit 07504f9
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data()
(git-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free
(git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
(git-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
(git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference
(git-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ALSA: lx_core: use int type to store negative error codes
(git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more
devices (stable-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk
(stable-fixes).
- commit 86dd099
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device
(stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5
(stable-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks
(stable-fixes).
- commit 929e260
- Squashfs: reject negative file sizes in squashfs_read_inode()
(git-fixes).
- commit 2f68e78
- Squashfs: add additional inode sanity checking (git-fixes).
- commit fe46811
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- commit 126861e
- kbuild/modpost: Continue processing all unresolved symbols
when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- commit ec0a51c
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes)
Since SUSE commit 7cae2487c586, BPF selftests fails to compile.
.../tools/testing/selftests/bpf/prog_tests/bpf_iter.c: In function 'test_task_common_nocheck':
.../tools/testing/selftests/bpf/prog_tests/bpf_iter.c:231:26: error: implicit declaration of function 'gettid'; did you mean 'getgid'? [-Werror=implicit-function-declaration]
231 | skel->bss->tid = gettid();
| ^~~~~~
| getgid
Fix the BPF selftests compilation failure by:
- bpf: handle implicit declaration of function gettid in
bpf_iter.c
- Refresh
patches.suse/selftests-bpf-Clean-up-open-coded-gettid-syscall-inv.patch.
- commit 43aa317
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782 CVE-2025-38351).
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- KVM: x86: model canonical checks more precisely (bsc#1246782 CVE-2025-38351).
- KVM: x86: Add X86EMUL_F_MSR and X86EMUL_F_DT_LOAD to aid canonical (bsc#1246782 CVE-2025-38351).
- KVM: x86: Route non-canonical checks in emulator through emulate_ops (bsc#1246782 CVE-2025-38351).
- KVM: x86: drop x86.h include from cpuid.h (bsc#1246782 CVE-2025-38351).
- KVM: x86: Bury guest_cpuid_is_amd_or_hygon() in cpuid.c (bsc#1246782 CVE-2025-38351).
- KVM: SVM: Emulate SYSENTER RIP/RSP behavior for all Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86: Inhibit code #DBs in MOV-SS shadow for all Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86: Apply Intel's TSC_AUX reserved-bit behavior to Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86/pmu: Squash period for checkpointed events based on host (bsc#1246782 CVE-2025-38351).
- commit 6e28165
- Update
patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch
(CVE-2025-39824 bsc#1250007).
Added CVE reference
- commit 579a063
- smb: client: fix race with concurrent opens in rename(2)
(bsc#1250179, CVE-2025-39825).
- commit 4df7381
- bus: fsl-mc: Check return value of platform_get_resource()
(git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in
exynos_srom_probe (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
(git-fixes).
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT
(git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes
(git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle
device failed (git-fixes).
- ACPICA: Fix largest possible resource descriptor index
(git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers
(git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend
error path (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference
in probe() (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i2c: designware: Add disabling clocks when probe fails
(git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
(git-fixes).
- pinctrl: renesas: Use int type to store negative error codes
(git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- power: supply: max77976_charger: fix constant current reporting
(git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue
(git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC
access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before
INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- regulator: scmi: Use int type to store negative error codes
(git-fixes).
- regmap: Remove superfluous check for !config in __regmap_init()
(git-fixes).
- mfd: vexpress-sysreg: Check the return value of
devm_gpiochip_add_data() (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation
(git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful
(git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming
from different subsystems (git-fixes).
- commit e80711d
- Drop patches.suse/drm-amd-display-Disable-PSR-SU-on-eDP-panels.patch (bsc#1243112)
The patch caused a regression wrt s2idle on AMD laptops
- commit 5a5bec2
- net/smc: fix UAF on smcsk after smc_listen_out() (CVE-2025-38734
bsc#1249324).
- commit b4812d3
- Update
patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch
(CVE-2025-39869 bsc#1250406).
Added CVE reference
- commit 056198e
- writeback: Avoid contention on wb->list_lock when switching
inodes (kABI fixup) (bsc#1237776).
- commit 883c841
- netfilter: ctnetlink: remove refcounting in expectation dumpers
(CVE-2025-39764 bsc#1249513).
- commit 09ba55b
- net/sched: Make cake_enqueue return NET_XMIT_CN when past
buffer_limit (CVE-2025-39766 bsc#1249510).
- commit c0189b7
- net/sched: Fix backlog accounting in qdisc_dequeue_internal
(CVE-2025-39677 bsc#1249300).
- commit 3cfca22
- tls: handle data disappearing from under the TLS ULP
(CVE-2025-38616 bsc#1248512).
- tls: fix lockless read of strp->msg_ready in ->poll
(CVE-2025-38616 bsc#1248512).
- commit 8c223c9
- cifs: prevent NULL pointer dereference in UTF16 conversion
(bsc#1250365, CVE-2025-39838).
- commit 9718aa1
- scsi: core: ufs: Fix a hang in the error handler (CVE-2025-38119
bsc#1245700).
- commit 43675ce
- writeback: Avoid excessively long inode switching times
(bsc#1237776).
- commit 77817f2
- writeback: Avoid softlockup when switching many inodes
(bsc#1237776).
- commit 9ecba0d
- writeback: Avoid contention on wb->list_lock when switching
inodes (bsc#1237776).
- commit a591614
- usb: hub: Fix flushing of delayed work used for post resume
purposes (git-fixes).
- commit 4e89947
- usb: xhci: Avoid queuing redundant Stop Endpoint commands
(git-fixes).
- commit 4f545a3
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- commit e78c1d4
- usb: hub: Fix flushing and scheduling of delayed work that
tunes runtime pm (git-fixes).
- commit ae10133
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
- Refresh
patches.suse/usb-xhci-Don-t-change-the-status-of-stalled-TDs-on-f.patch.
- commit beea3a0
- usb: hub: fix detection of high tier USB3 devices behind
suspended hubs (git-fixes).
- commit 06b2dc7
- bpftool: Fix JSON writer resource leak in version command
(git-fixes).
- commit d19e155
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory
controller (git-fixes).
- commit 45a7726
- sched/rt: Fix race in push_rt_task (CVE-2025-38234 bsc#1246057)
- commit 36ede09
- sched/core: Prevent rescheduling when interrupts are disabled (CVE-2024-58090 bsc#1240324)
- commit 5da028c
- xfs: do not propagate ENODATA disk errors into xattr code
(bsc#1250025 CVE-2025-39835).
- commit 78d977d
- ocfs2: fix recursive semaphore deadlock in fiemap call
(bsc#1250407 CVE-2025-39885).
- ocfs2: prevent release journal inode after journal shutdown
(bsc#1250267 CVE-2025-39842).
- commit 3a5de55
- mm/smaps: fix race between smaps_hugetlb_range and migration
(CVE-2025-39754 bsc#1249524).
- commit 313ab7a
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer
replies too fast (git-fixes).
- commit fb88d9d
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally
(bsc#1230062).
- commit 3702f36
- afs: Fix potential null pointer dereference in afs_put_server
(git-fixes).
- commit 3a230bf
- net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (CVE-2025-39857 bsc#1250251)
- commit 7481e31
- selftests/cpufreq: Fix cpufreq basic read and update testcases
(bsc#1250344).
- commit 83a7790
- drm/ast: Use msleep instead of mdelay for edid read
(bsc#1250530).
- commit 2fd5794
- net/sched: ets: use old 'nbands' while purging unused classes
(CVE-2025-38684 bsc#1249156).
- commit e0501b7
- KVM: x86: use array_index_nospec with indices that come from
guest (CVE-2025-39823 bsc#1250002).
- commit ecf3611
- tee: fix NULL pointer dereference in tee_shm_put (CVE-2025-39865
bsc#1250294).
- commit 3708eb2
- cpufreq: Initialize cpufreq-based invariance before subsys
(git-fixes).
- commit 9618c74
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- commit dac2616
- x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init
helper (CVE-2025-39681 bsc#1249303).
- commit 5bc51ab
- coresight: Fix memory leak in acpi_buffer->pointer
(CVE-2023-53261 bsc#1249770).
- commit 7cf7512
- soc: qcom: mdt_loader: Deal with zero e_shentsize
(CVE-2025-39787 bsc#1249545).
- soc: qcom: mdt_loader: Fix error return values in
mdt_header_valid() (CVE-2025-39787 bsc#1249545).
- commit 3946900
- i2c: riic: Allow setting frequencies lower than 50KHz
(git-fixes).
- soc: qcom: mdt_loader: Ensure we don't read past the ELF header
(CVE-2025-39787 bsc#1249545).
- commit bb8f700
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- commit f52d7e3
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- commit d547451
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- commit 6507dc9
- sched/fair: Take the scheduling domain into account in (git-fixes)
- commit 3d3501e
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- commit 73df41d
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Refresh patches.kabi/hci_dev-centralize-extra-lock.patch.
- commit 358e9ae
- fbcon: Fix OOB access in font allocation (git-fixes).
- commit e730b01
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
(git-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync
(git-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx
(stable-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering
uninitialized pointer (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string
configuration (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as
write is not supported (stable-fixes).
- dmaengine: mediatek: Fix a flag reuse error in
mtk_cqdma_tx_status() (git-fixes).
- commit f69acd3
- iommu/vt-d: Fix __domain_mapping()'s usage of
switch_to_super_page() (git-fixes).
- commit 9b4fa49
- net: gso: Forbid IPv6 TSO with extensions on devices with only
IPV6_CSUM (CVE-2025-39770 bsc#1249508).
- commit 8d2822a
- kabi: Restore layout of parallel_data (bsc1248343).
- commit c7e8448
- padata: Fix pd UAF once and for all (CVE-2025-38584 bsc1248343).
- commit 00470a2
- xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (CVE-2025-39797
bsc#1249608).
- commit a50d626
- xfrm: Duplicate SPI Handling (CVE-2025-39797 bsc#1249608).
- commit 313a1d3
- kernel-source.spec: Depend on python3-base for build
Both kernel-binary and kernel-docs already have this dependency.
Adding it to kernel-source makes it possible to use python in shared
build scripts.
- commit 72fdedd
- kernel-source: Do not list mkspec and its inputs as sources
(bsc#1250522).
This excludes the files from the src.rpm. The next step is to remove
these files in tar-up so that they do not get uploaded to OBS either.
As there is only one version of tar-up these files need to be removed
from all kernels.
- commit e72b8a2
- selftests: bpf: test batch lookup on array of maps with holes
(git-fixes).
- commit 6ee12a9
- bpf: skip non exist keys in generic_map_lookup_batch
(git-fixes).
- commit dcb10ca
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- commit 113b4db
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- commit 8f9b835
- rpm: Link arch-symbols script from scripts directory.
- commit 90b2abb
- Refresh
patches.kabi/kABI-fix-for-net-vlan-fix-VLAN-0-refcount-imbalance-.patch.
- commit e192478
- struct ci_hdrc: new member has_short_pkt_limit to end
(git-fixes).
- commit 5b5fa69
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- commit 854319b
- kabi: add struct cgroup_extra (bsc#1247963).
- commit 5114e86
- cgroup/rstat: Reduce cpu_lock hold time in
cgroup_rstat_flush_locked() (bsc#1247963).
- commit 2f30983
- cgroup/rstat: Optimize cgroup_rstat_updated_list()
(bsc#1247963).
- Refresh patches.kabi/kabi-add-struct-cgroup_extra.patch.
- commit 966ee8b
- btrfs: do not allow relocation of partially dropped subvolumes
(bsc#1249540 CVE-2025-39738).
- commit 60a9a58
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- commit 562553d
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- commit 95c669b
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- commit bc7d88d
- rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494 CVE-2025-39744)
- commit ef20792
- rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533 CVE-2025-39749)
- commit 2b090f5
- use uniform permission checks for all mount propagation changes
(git-fixes).
- commit 4b14435
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- commit 7737606
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- commit 19ee671
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- commit 7ca55c2
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12]
(git-fixes).
- commit 61574e5
- rpm: Link guards script from scripts directory.
- commit e19a893
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is
open and port is clean (git-fixes).
- commit d3067ea
- usb: typec: maxim_contaminant: disable low power mode when
reading comparator values (git-fixes).
- commit f661b59
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling
(git-fixes).
- commit 38cd076
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for
TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- commit 2b55585
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- commit 5a35982
- usb: xhci: Fix invalid pointer dereference in Etron workaround
(git-fixes).
- commit a8cfeaf
- config.sh: Use Step repository for building Leap kernel
bs-upload-kernel does not understand the Leap repository layout
- commit cae4664
- usb: typec: fusb302: cache PD RX state (git-fixes).
- commit 3e6c8b0
- usb: dwc3: qcom: Don't leave BCR asserted (git-fixes).
- commit fdef7a6
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- commit f7d6da1
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- commit ff0fd10
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- commit 8cf21ec
- Delete patches.kabi/KVM-x86-Re-split-x2APIC-ICR-into-ICR-ICR2-for-AMD-x2.patch
- commit 0a00b28
- kabi: drop kvm_x86_ops from kabi relevant symbols
Since upstream commit dfc4e6ca04113 ("KVM: x86: Unexport kvm_x86_ops")
v5.18-rc1~139^2~153 kvm_x86_ops is no longer exported, so it can be
dropped from kabi checks.
- commit 4f5efb7
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for
stream sockets (git-fixes).
- commit dd1042c
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline
mismatches (git-fixes).
- commit 7941d4d
- platform/mellanox: mlxbf-pmc: Validate event/enable input
(git-fixes).
- commit 7bd7d6e
- platform/mellanox: mlxbf-pmc: Remove newline char from event
name input (git-fixes).
- commit e4c52ac
- platform/x86: dell-wmi-sysman: Fix class device unregistration
(git-fixes).
- commit c3cf8fd
- platform/x86: think-lmi: Fix class device unregistration
(git-fixes).
- commit dab00ca
- netfilter: nf_reject: don't leak dst refcount for loopback
packets (CVE-2025-38732 bsc#1249262).
- commit e613385
- vhost/net: Protect ubufs with rcu read lock in
vhost_net_ubuf_put() (git-fixes).
- commit b347e0b
- vsock/virtio: Resize receive buffers so that each SKB fits in
a 4K page (git-fixes).
- commit 64aa75c
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs
(git-fixes).
- commit 62a440b
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- commit 9d77130
- vhost-scsi: Fix log flooding with target does not exist errors
(git-fixes).
- commit 2d6a672
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also
`transport_local` (git-fixes).
- commit 7139f2e
- vsock/virtio: fix `rx_bytes` accounting for stream sockets
(git-fixes).
- commit c34e345
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- commit c2e717d
- vsock: avoid timeout during connect() if the socket is closing
(git-fixes).
- commit 34796d2
- vhost-scsi: Return queue full for page alloc failures during
copy (git-fixes).
- commit 3dcf5c3
- vsock: Allow retrying on connect() failure (git-fixes).
- commit 1f9e448
- 9p/xen: fix init sequence (git-fixes).
- commit 22e0fa2
- btrfs: tree-checker: fix the incorrect inode ref size check
(git-fixes).
- commit 1a69e6a
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC
is active (git-fixes).
- commit 97c436d
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting
MP_STATE (git-fixes).
- commit 1086ea1
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists
for the guest (git-fixes).
- commit 16aecdb
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper
(git-fixes).
- commit a89d774
- KVM: x86: avoid underflow when scaling TSC frequency
(git-fixes).
- commit 1dc5b36
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ
routing table (git-fixes).
- commit fc7a1db
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- commit 75149a0
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible*
CPUs (git-fixes).
- commit 221d435
- KVM: x86: Fully defer to vendor code to decide how to force
immediate exit (git-fixes).
- commit 9d7cfec
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath
for L2 (git-fixes).
- commit 4708423
- KVM: x86: Move handling of is_guest_mode() into fastpath exit
handlers (git-fixes).
- commit 80f5d63
- btrfs: fix invalid extref key setup when replaying dentry
(git-fixes).
- commit d51ea66
- KVM: VMX: Handle forced exit due to preemption timer in fastpath
(git-fixes).
- commit 1eccc09
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption
timer exits (git-fixes).
- commit e920f78
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry()
tracepoint (git-fixes).
- commit d90d7aa
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- commit 972706e
- ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
(bsc#1249258 CVE-2025-38701).
- commit f3682c5
- fs/buffer: fix use-after-free when call bh_read() helper
(bsc#1249374 CVE-2025-39691).
- jbd2: prevent softlockup in jbd2_log_do_checkpoint()
(bsc#1249526 CVE-2025-39782).
- loop: Avoid updating block size under exclusive owner
(bsc#1249199 CVE-2025-38709).
- eventpoll: Fix semi-unbounded recursion (bsc#1248392
CVE-2025-38614).
- commit fc4be97
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- commit d35f4c9
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- commit bf93f6c
- x86/cpu: Add model number for Intel Clearwater Forest processor
(git-fixes).
- commit 7c8efd9
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data()
(git-fixes).
- commit a72bcdf
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- commit 5e0ce6f
- KVM: s390: Fix incorrect usage of mmu_notifier_register()
(git-fixes bsc#1250336).
- commit 64b94c2
- xen/gntdev: remove struct gntdev_copy_batch from stack
(git-fixes).
- commit 13539ce
- wireless: purelifi: plfxlc: fix memory leak in
plfxlc_usb_wreq_asyn() (git-fixes).
- commit 5a9e007
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- commit 81be2ce
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- commit a4daef0
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- commit 05abe8b
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- commit 58bbbbb
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated
(bsc#1247963).
- commit 2adc7c0
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- commit fcad211
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- commit 1f5dab1
- Revert "SUNRPC: Don't allow waiting for exiting tasks"
(git-fixes).
- commit f25412a
- flexfiles/pNFS: fix NULL checks on result of
ff_layout_choose_ds_for_read (git-fixes).
- commit 43ddf37
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the
server (git-fixes).
- commit da99754
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set
(git-fixes).
- commit 0b05e92
- NFSv4: Don't clear capabilities that won't be reset (git-fixes).
- commit f31092e
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/*
(git-fixes).
- commit 4438737
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg
(git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for
I2S (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the
I2S interface (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if
source graph failed (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in
error message (git-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE()
is NULL (git-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup
(git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error
path (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early
IRQ (git-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new
compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio
compositions (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042
quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts
(stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at
any time (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info
packages (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing
(git-fixes).
- compiler-clang.h: define __SANITIZE_*__ macros only when
undefined (stable-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation
(stable-fixes).
- commit 60c59ef
- Drop arm64 patches that may lead to module load failure (bsc#1250057)
Deleted:
patches.suse/arm64-ftrace-fix-unreachable-PLT-for-ftrace_caller-in-init.patch
patches.kabi/kABI-arm64-ftrace-Restore-struct-mod_arch_specific-l.patch
- commit 2621bab
- xfs: rework datasync tracking and execution (bsc#1237449).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- commit 730f72c
- habanalabs: fix UAF in export_dmabuf() (CVE-2025-38722
bsc#1249163).
- commit 5507c4a
- net: bridge: fix soft lockup in br_multicast_query_expired()
(CVE-2025-39773 bsc#1249504).
- commit 8e6b9c2
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- commit 45cbf76
- io_uring/net: commit partial buffers on retry (CVE-2025-38730
bsc#1249172).
- commit 7b5fe24
- selftests/bpf: adapt one more case in test_lru_map to the new
target_free (git-fixes).
- commit 951807c
- Correct typos of References tags in some patches
- commit 183c46e
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- commit 443e26f
- bpf: Fix link info netfilter flags to populate defrag flag
(git-fixes).
- commit d659929
- bpf: Adjust free target to avoid global starvation of LRU map
(git-fixes).
- commit a87821b
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
(git-fixes).
- commit fc9c396
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- commit df4a4b8
- Bluetooth: compute LE flow credits based on recvbuf space
(git-fixes).
- Refresh patches.suse/Bluetooth-L2CAP-Fix-deadlock.patch.
- Refresh
patches.suse/bluetooth-l2cap-sync-sock-recv-cb-and-release.patch.
- commit 89343db
- ppp: fix race conditions in ppp_fill_forward_path
(CVE-2025-39673 bsc#1249320).
- commit ab5f3b1
- drm/amd/pm: fix null pointer access (CVE-2025-38705
bsc#1249334).
- commit b78844e
- vsock/virtio: Validate length in packet header before skb_put()
(CVE-2025-39718 bsc#1249305).
- commit 8072632
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- commit 420c073
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- commit 9189126
- Bluetooth: qca: fix invalid device address check (git-fixes).
- commit 0795907
- wifi: ath10k: shutdown driver when hardware is unreliable
(CVE-2025-39746 bsc#1249516).
- commit b5556c6
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
(stable-fixes).
- commit 9a8a959
- cpufreq: Exit governor when failed to start old governor
(stable-fixes).
- commit 39287fb
- cpufreq: Init policy->rwsem before it may be possibly used
(git-fixes).
- commit 04861e7
- cpufreq: Initialize cpufreq-based frequency-invariance later
(git-fixes).
- commit ed31199
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive
mode (git-fixes).
- commit 723f0f4
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode
(git-fixes).
- commit 662764f
- cpufreq: cppc: Fix invalid return value in .get() callback
(git-fixes).
- commit 6fc7d2a
- drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295 CVE-2025-39705)
- commit fd61b4f
- pptp: fix pptp_xmit() error path (git-fixes).
- commit 91ca931
- net, hsr: reject HSR frame if skb can't hold tag (CVE-2025-39703
bsc#1249315).
- netfilter: ctnetlink: fix refcount leak on table dump
(CVE-2025-38721 bsc#1249176).
- pptp: ensure minimal skb length in pptp_xmit() (CVE-2025-38574
bsc#1248365).
- commit a50f469
- media: venus: Fix OOB read due to missing payload bound check
(CVE-2025-38679 bsc#1249202).
- commit 8b1060a
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL
(CVE-2025-39678 bsc#1249290).
- commit d0b499a
- drivers/base/node: rename __register_one_node() to
register_one_node() (bsc#1241866).
- commit 806b51c
- drivers/base/node: rename register_memory_blocks_under_node()
and remove context argument (bsc#1241866).
- commit 9ef69ed
- drivers/base/node: remove register_memory_blocks_under_node()
function call from register_one_node (bsc#1241866).
- commit 2f00393
- drivers/base/node: remove register_mem_block_under_node_early()
(bsc#1241866).
- commit 02a1a4a
- drivers/base/node: optimize memory block registration to reduce
boot time (bsc#1241866).
- commit 3a0dd5e
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- commit bd20bfa
- cpufreq: governor: Fix negative 'idle_time' handling in
dbs_update() (git-fixes).
- commit 7fc2c58
- cpufreq: Use the fixed and coherent frequency for scaling
capacity (stable-fixes).
- commit 573ea38
- power: supply: bq27xxx: restrict no-battery detection to bq27000
(git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000
hdq battery (git-fixes).
- commit 7d4436e
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- commit 7f84dae
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- commit 06d6c63
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- commit d3f6628
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- commit faa58e2
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- commit 775e3f7
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- commit 833fcf1
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- commit 187b48f
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- commit 8c45279
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- commit 5a86595
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- commit 655bf48
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- commit d929ee1
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- commit 7b11853
- tls: fix handling of zero-length records on the rx_list
(CVE-2025-39682 bsc#1249284).
- commit 409e98c
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD
register access probe" (bsc#1248121).
- commit 6cdcefb
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- commit 617e84a
- drm/dp: Add an EDID quirk for the DPCD register access probe
(bsc#1248121).
- Refresh
patches.suse/drm-Add-kabi-placeholders-to-commonly-used-structs.patch.
- commit db9d8ac
- drm/edid: Add support for quirks visible to DRM core and drivers
(bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- commit bc5a858
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to
TRAINING_PATTERN_SET (bsc#1248121).
- commit 36a72f9
- Update patches.suse/drm-dp-Change-AUX-DPCD-probe-address-from-DPCD_REV-t.patch (bsc#1248121)
Move to the cherry-picked 6.16-rc patch, to be applied earlier
- commit 49f20a1
- netfilter: nf_tables: reject duplicate device on updates
(CVE-2025-38678 bsc#1249126).
- commit 8b40732
- Limit patch filenames to 100 characters (bsc#1249604).
- commit 8a17cff
- iommu/amd: Avoid stack buffer overflow from kernel cmdline
(CVE-2025-38676 bsc#1248775).
- commit eddb6c4
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe
(git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in
rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for
queue_priority_map (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs()
(git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload
(git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for
num-channels/ees (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init
(git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels
(git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices
depth first (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects
(git-fixes).
- commit 517a9a9
- regulator: sy7636a: fix lifecycle of power good gpio
(git-fixes).
- commit 519b81c
- struct cdc_ncm_ctx: hide new member filtering_supported
(git-fixes).
- commit 1152814
- drm/amdgpu: fix a memory leak in fence cleanup when unloading
(git-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox
iteration (git-fixes).
- commit 48c87c2
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- commit 9e6eea4
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new
compositions (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- commit ce04178
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on
cpusets_insane_config_key (bsc#1241166).
- commit 414381b
- s390/vfio-ap: Fix no AP queue sharing allowed message written
to kernel log (git-fixes bsc#1249488).
- commit e007691
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes
bsc#1249481).
- s390/pai: Deny all events not handled by this PMU (git-fixes
bsc#1249482).
- commit 85f3e91
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC
buffer (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of
transmitted SKB (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when
j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately
when j1939_local_ecu_get() failed (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler
(git-fixes).
- commit ab68e9b
- net/mlx5e: Remove skb secpath if xfrm state is not found (CVE-2025-38590 bsc#1248360)
- commit ed11350
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- commit 1fbb6ff
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- commit 61288e7
- smb: client: fix use-after-free in cifs_oplock_break
(bsc#1248199, CVE-2025-38527).
- commit 4692a87
- supported.conf: mark hyperv_drm as external
- net: hv_netvsc: fix loss of early receive events from host
during channel open (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF
(bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open
to prevent IPv6 addrconf (git-fixes).
- commit 2985c60
- Drop PCI patches that broke kdump capture boot (bsc#1246509)
Deleted:
patches.suse/PCI-Explicitly-put-devices-into-D0-when-initializing.patch
patches.suse/PCI-PM-Set-up-runtime-PM-even-for-devices-without-PC.patch
Refreshed:
patches.suse/PCI-Support-Immediate-Readiness-on-devices-without-PM.patch
- commit 70a44f4
- netfilter: nf_tables: split async and sync catchall in two
functions (git-fixes).
- Refresh
patches.kabi/kABI-make-nft_trans_gc_catchall-public-again.patch.
- commit b907ff6
- netfilter: nf_tables: Fix entries val in rule reset audit log
(git-fixes).
- commit a8ae150
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious
8042 quirks list (stable-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amd/display: Don't warn when missing DCE encoder caps
(stable-fixes).
- commit 2aad2ce
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4
model (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY
(stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some
devices (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand
was not working (stable-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN
(stable-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup
(stable-fixes).
- commit 3580eab
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led
fixup (stable-fixes).
- commit 0d08638
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA
(stable-fixes).
- commit 33271d8
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- commit 4188abf
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- commit 6283bbf
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- commit ae9652c
- bpftool: fix potential NULL pointer dereferencing in prog_dump()
(git-fixes).
- commit 171c943
- bpftool: Mount bpffs when pinmaps path not under the bpffs
(git-fixes).
- commit fb91e0e
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- commit f7e4409
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- commit a5e740f
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- commit 6c7016a
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- commit 8f2342d
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- commit 40606b5
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- commit 90e8606
- btrfs: always update fstrim_range on failure in FITRIM ioctl
(git-fixes).
- commit 8b0d717
- netfilter: nf_tables: remove catchall element in GC sync path
(git-fixes).
- Refresh
patches.kabi/kABI-make-nft_trans_gc_catchall-public-again.patch.
- commit 6c470e7
- netfilter: nf_tables: revert do not remove elements if set
backend implements .abort (git-fixes).
- commit 54e2e34
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- commit 1d98f3d
- net/mlx5: Check device memory pointer before usage
(CVE-2025-38645 bsc#1248626).
- commit 1353943
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- commit 74f5e8a
- ceph: validate snapdirname option length when mounting (git-fixes).
- commit 3370873
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- commit 096933b
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- commit 1d1b06c
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA
(git-fixes).
- commit 6bf77bf
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
(git-fixes).
- commit 6e9d9d9
- mm/hwpoison: do not send SIGBUS to processes with recovered
clean pages (git-fixes).
- commit 34ad618
- xen: fix UAF in dmabuf_exp_from_pages() (CVE-2025-38595
bsc#1248380).
- commit 00fd621
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks
(git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- commit d187572
- PCI: pnv_php: Fix surprise plug detection and recovery
(CVE-2025-38623 bsc#1248610).
- commit e872ea6
- file: add take_fd() cleanup helper (CVE-2025-38595 bsc#1248380).
- commit 7ffa1d7
- drm/rockchip: vop2: fail cleanly if missing a primary plane
for a video-port (CVE-2025-38597 bsc#1248378).
- commit 7f132df
- bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622
CVE-2025-38640).
- commit b485f08
- btrfs: avoid load/store tearing races when checking if an
inode was logged (git-fixes).
- commit 60df77c
- btrfs: fix race between setting last_dir_index_offset and
inode logging (git-fixes).
- commit 9120538
- btrfs: fix race between logging inode and checking if it was
logged before (git-fixes).
- commit 84758cf
- btrfs: always abort transaction on failure to add block group
to free space tree (git-fixes).
- commit 55788e0
- btrfs: move transaction aborts to the error site in
add_block_group_free_space() (git-fixes).
- commit 1bba414
- btrfs: abort transaction on unexpected eb generation at
btrfs_copy_root() (git-fixes).
- commit 47cbfed
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
Update
patches.suse/blk-mq-use-hk-cpus-only-when-isolcpus-managed_irq-is.patch
(bsc#1236897 bsc#1249206).
- commit d06c033
- btrfs: qgroup: fix race between quota disable and quota rescan
ioctl (git-fixes).
- commit 6ecd72c
- btrfs: abort transaction during log replay if walk_log_tree()
failed (git-fixes).
- commit 9ed0531
- netfilter: nf_tables: bogus ENOENT when destroying element
which does not exist (git-fixes).
- commit 1720cdf
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- commit 37ed3f8
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped
addresses (git-fixes).
- commit dc55ccf
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length
(git-fixes).
- commit 9b71437
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx
(git-fixes).
- commit 1837d60
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx
(git-fixes).
- commit 7ebf747
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx
(git-fixes).
- commit 94eb28c
- netfilter: nf_tables: A better name for nft_obj_filter
(git-fixes).
- commit 4e97e28
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter
(git-fixes).
- commit 71527ef
- netfilter: nf_tables: Drop pointless memset in
nf_tables_dump_obj (git-fixes).
- commit 457aebd
- netfilter: nf_tables: Introduce nf_tables_getrule_single()
(git-fixes).
- commit 1f75537
- netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639 bsc#1248674)
- commit e51b72e
- netfilter: nf_tables: Open-code audit log call in
nf_tables_getrule() (git-fixes).
- commit 05444c9
- netfilter: nft_set_rbtree: prefer sync gc to async worker
(git-fixes).
- commit 3892bab
- netfilter: nft_set_rbtree: rename gc deactivate+erase function
(git-fixes).
- commit ee5de41
- netfilter: nf_tables: Drop pointless memset when dumping rules
(git-fixes).
- commit 9da7ab8
- kABI: netfilter flowtable move gc operation to bottom
(git-fixes).
- commit 81690ca
- netfilter: flowtable: GC pushes back packets to classic path
(git-fixes).
- commit 6e4c347
- Update config files. (bsc#1249186)
Plain run_oldconfig after Kconfig update.
- commit 9d7abe4
- Refresh
patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch. (bsc#1249186)
- commit 99400d5
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and
arch_sync_kernel_mappings() (git-fixes).
- commit 79df6a3
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- commit b0342dd
- netfilter: nf_tables: audit log object reset once per table
(git-fixes).
- commit fd6322c
- netfilter: nft_payload: fix wrong mac header matching
(git-fixes).
- commit d699ba5
- netfilter: nfnetlink_log: silence bogus compiler warning
(git-fixes).
- commit f57923e
- mm: move page table sync declarations to linux/pgtable.h
(git-fixes).
- commit 1222abb
- netfilter: nf_tables: do not remove elements if set backend
implements .abort (git-fixes).
- commit 19ebcee
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs
(git-fixes).
- commit 649bcef
- kABI workaround for bluetooth discovery_state change
(CVE-2025-38593 bsc#1248357).
- commit a2afff6
- Bluetooth: hci_sync: fix double free in
'hci_discovery_filter_clear()' (CVE-2025-38593 bsc#1248357).
- Refresh patches.kabi/bluetooth-hci_dev-kabi-workaround.patch.
- commit c998281
- nouveau: fix disabling the nonstall irq due to storm code
(git-fixes).
- commit 476894d
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer
abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit
(git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT
(git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM
(git-fixes).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure
(git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- pcmcia: Add error handling for add_interval() in
do_validate_mem() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource
(git-fixes).
- pcmcia: Fix a NULL pointer dereference in
__iodyn_find_io_region() (git-fixes).
- commit 2aa7ff8
- Update config files: CONFIG_SUSE_HAVE_STABLE_KABI=n for arm64/debug flavor
- commit 7319322
- erofs: fix atomic context detection when
!CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- commit 8bbba66
- net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622
bsc#1248619).
- commit b74a30a
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- commit b932c6f
- netfilter: handle the connecting collision properly in
nf_conntrack_proto_sctp (git-fixes).
- commit 935c934
- smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247239, CVE-2025-38488).
- commit 4fd2db6
- HID: input: report battery status changes immediately
(git-fixes).
- HID: input: rename hidinput_set_battery_charge_status()
(stable-fixes).
- commit c8518b5
- wifi: ath12k: Pass ab pointer directly to
ath12k_dp_tx_get_encap_type() (CVE-2025-38605 bsc#1248334).
- regulator: core: fix NULL dereference on unbind due to stale
coupling data (CVE-2025-38668 bsc#1248647).
- commit 684e871
- wifi: ath11k: fix group data packet drops during rekey
(git-fixes).
- commit 8f7f429
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in
__cfg80211_connect_result() (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode
(git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
(git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs
files early (git-fixes).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex
(git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to
skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero
(git-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling
brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- HID: quirks: add support for Legion Go dual dinput modes
(stable-fixes).
- HID: hid-ntrig: fix unable to handle page fault in
ntrig_report_version() (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo"
(stable-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount
(git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: split remove and free operations in
rose_remove_neigh() (stable-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
(stable-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name
(stable-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list
(stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: mcp2221: Don't set bus speed on every transfer
(stable-fixes).
- commit c45df83
- perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442
CVE-2025-38466).
- commit 6200f52
- bpf: Properly test iter/task tid filtering (git-fixes).
- commit 7cae248
- bpf: Fix iter/task tid filtering (git-fixes).
- commit 51eef98
- wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (CVE-2025-38643 bsc#1248681)
- commit 913bce0
- netfilter: conntrack: fix extension size table (git-fixes).
- commit 3a3ec96
- netfilter: nf_tables: disallow element removal on anonymous sets
(git-fixes).
- commit ed5fdf4
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (git-fixes).
- commit 1044906
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction
allocation fails (git-fixes).
- commit 102d93f
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- commit a176bb1
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync()
in catchall GC (git-fixes).
- commit d64bf79
- kABI fix for "netfilter: nf_tables: Audit log rule reset"
(git-fixes).
- commit 5173417
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- commit f27562f
- [ceph] parse_longname(): strrchr() expects NUL-terminated string
(bsc#1248634 CVE-2025-38660).
- commit cc1fe76
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/time: Use monotonic clock in get_cycles() (git-fixes
bsc#1249125).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes
bsc#1249124).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir()
failure (git-fixes bsc#1249122).
- commit a699d99
- Refresh
patches.kabi/kabi-s390-ism-fix-concurrency-management-in-ism_cmd.patch.
- commit e8175f3
- ext4: remove writable userspace mappings before truncating
page cache (bsc#1247223).
- commit afc4afd
- rpm: Configure KABI checkingness macro (bsc#1249186)
The value of the config should match presence of KABI reference data. If
it mismatches:
- !CONFIG & reference -> this is bug, immediate fail
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- commit 23c1536
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
The motivation: there are patches.kabi/ patches that restore KABI and
they check validity of the approach with static_assert()s to prevent
accidental KABI breakage.
These asserts are invoked on each arch-flavor and they may signal false
negatives -- that is KABI restoration patch could break KABI but the
given arch-flavor defines no KABI.
The intended use is to disable the compile time checks in patches.kabi/
(but not to be confused with __GENKSYMS__ that affects how reference is
calculated).
The name is chosen so that it mimics HAVE_* macros that are not
configured manually (but is selected by an arch). In our case it's
(un)selected by build script depending on whether KABI reference is
defined for given arch-flavor and whether check is really requested by
the user. Default value is 'n' so that people building merely via
Makefile (not RPM with KABI checking) obtain consistent config.
- commit 5e4e9c5
- s390/pci: Allow automatic recovery with minimal driver support
(git-fixes bsc#1248734 LTC#214880).
- commit 3fdd470
- btrfs: fix data overwriting bug during buffered write when
block size < page size (git-fixes).
- commit d006c37
- btrfs: make found_logical_ret parameter mandatory for function
queue_scrub_stripe() (git-fixes).
- commit da7f7f5
- btrfs: scrub: fix grouping of read IO (git-fixes).
- commit bd555d2
- btrfs: scrub: avoid unnecessary csum tree search preparing
stripes (git-fixes).
- commit d485678
- btrfs: scrub: avoid unnecessary extent tree search preparing
stripes (git-fixes).
- commit a00c933
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- commit fa7dbad
- gfs2: No more self recovery (bsc#1248639 CVE-2025-38659).
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw
(bsc#1248639 CVE-2025-38659).
- commit bdb1b5c
- s390/ism: fix concurrency management in ism_cmd() (git-fixes
bsc#1248735).
- commit 1005186
- usb: xhci: Apply the link chain quirk on NEC isoc endpoints
(CVE-2025-22022 bsc#1241292).
- commit 8a5182c
- usb: xhci: move link chain bit quirk checks into one helper
function (CVE-2025-22022 bsc#1241292).
- commit 4cca94b
- nvme-pci: try function level reset on init failure (git-fixes).
- commit 1ee35d9
- ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
(CVE-2025-38664 bsc#1248628).
- commit 7e27b08
- s390/hypfs: Enable limited access during lockdown (git-fixes
bsc#1248733 LTC#214881).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs
(git-fixes bsc#1248733 LTC#214881).
- commit 97ff25b
- HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556 bsc#1248296)
- commit 1097818
- rxrpc: Fix bug due to prealloc collision (CVE-2025-38544 bsc#1248225)
- commit bc50a3d
- net: libwx: fix the using of Rx buffer DMA (CVE-2025-38533 bsc#1248200)
- commit 8863383
- ice: add NULL check in eswitch lag check (CVE-2025-38526 bsc#1248192)
- commit 7ad8c40
- rxrpc: Fix oops due to non-existence of prealloc backlog struct (CVE-2025-38514 bsc#1248202)
- commit 4ea1963
- idpf: return 0 size for RSS key if not supported (CVE-2025-38402 bsc#1247262)
- commit 1ca20ce
- remoteproc: core: Release rproc->clean_table after rproc_attach() fails (CVE-2025-38418 bsc#1247137)
- commit 14c64f1
- remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (CVE-2025-38419 bsc#1247136)
- commit 7e69a49
- genirq/irq_sim: Initialize work context pointers properly (CVE-2025-38408 bsc#1247126)
- commit a8d685c
- ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (CVE-2025-38456 bsc#1247099)
- commit 8a59cf2
- bcache: fix NULL pointer in cache_set_flush() (CVE-2025-38263 bsc#1246248)
- commit d6d8f29
- Update reference in patches.suse/lib-group_cpus-fix-NULL-pointer-dereference-from-gro.patch (CVE-2025-38255 bsc#1246190 bsc#1236897)
- commit 0bab045
- kmod
-
- man: modprobe.d: document the config file order handling (bsc#1253741)
* man-modprobe.d-document-the-config-file-order-handling.patch
- expat
-
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
* CVE-2025-59375.patch
- libxslt
-
- security update
- added patches
CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service
* libxslt-CVE-2025-11731.patch
- security update
- added patches
CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT
* libxslt-CVE-2025-10911.patch
- mozilla-nss
-
- Add bmo1990242.patch to move NSS DB password hash away from SHA-1
- update to NSS 3.112.2
* bmo#1970079 - Prevent leaks during pkcs12 decoding.
* bmo#1988046 - SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates
- Adding patch bmo1980465.patch to fix bug on s390x (bmo#1980465)
- Adding patch bmo1956754.patch to fix possible undefined behaviour (bmo#1956754)
- update to NSS 3.112.1
* bmo#1982742 - restore support for finding certificates by decoded serial number.
- update to NSS 3.112
* bmo#1963792 - Fix alias for mac workers on try
* bmo#1966786 - ensure all options can be configured with SSL_OptionSet and SSL_OptionSetDefault
* bmo#1931930 - ABI/API break in ssl certificate processing
* bmo#1955971 - remove unnecessary assertion in sec_asn1d_init_state_based_on_template
* bmo#1965754 - update taskgraph to v14.2.1
* bmo#1964358 - Workflow for automation of the release on GitHub when pushing a tag
* bmo#1952860 - fix faulty assertions in SEC_ASN1DecoderUpdate
* bmo#1934877 - Renegotiations should use a fresh ECH GREASE buffer
* bmo#1951396 - update taskgraph to v14.1.1
* bmo#1962503 - Partial fix for ACVP build CI job
* bmo#1961827 - Initialize find in sftk_searchDatabase
* bmo#1963121 - Add clang-18 to extra builds
* bmo#1963044 - Fault tolerant git fetch for fuzzing
* bmo#1962556 - Tolerate intermittent failures in ssl_policy_pkix_ocsp
* bmo#1962770 - fix compiler warnings when DEBUG_ASN1D_STATES or CMSDEBUG are set
* bmo#1961835 - fix content type tag check in NSS_CMSMessage_ContainsCertsOrCrls
* bmo#1963102 - Remove Cryptofuzz CI version check
- update to NSS 3.111
* bmo#1930806 - FIPS changes need to be upstreamed: force ems policy
* bmo#1957685 - Turn off Websites Trust Bit from CAs
* bmo#1937338 - Update nssckbi version following April 2025 Batch of Changes
* bmo#1943135 - Disable SMIME ‘trust bit’ for GoDaddy CAs
* bmo#1874383 - Replaced deprecated sprintf function with snprintf in dbtool.c
* bmo#1954612 - Need up update NSS for PKCS 3.1
* bmo#1773374 - avoid leaking localCert if it is already set in ssl3_FillInCachedSID
* bmo#1953097 - Decrease ASAN quarantine size for Cryptofuzz in CI
* bmo#1943962 - selfserv: Add support for zlib certificate compression
- update to NSS 3.110
* bmo#1930806 - FIPS changes need to be upstreamed: force ems policy
* bmo#1954724 - Prevent excess allocations in sslBuffer_Grow
* bmo#1953429 - Remove Crl templates from ASN1 fuzz target
* bmo#1953429 - Remove CERT_CrlTemplate from ASN1 fuzz target
* bmo#1952855 - Fix memory leak in NSS_CMSMessage_IsSigned
* bmo#1930807 - NSS policy updates
* bmo#1951161 - Improve locking in nssPKIObject_GetInstances
* bmo#1951394 - Fix race in sdb_GetMetaData
* bmo#1951800 - Fix member access within null pointer
* bmo#1950077 - Increase smime fuzzer memory limit
* bmo#1949677 - Enable resumption when using custom extensions
* bmo#1952568 - change CN of server12 test certificate
* bmo#1949118 - Part 2: Add missing check in
NSS_CMSDigestContext_FinishSingle
* bmo#1949118 - Part 1: Fix smime UBSan errors
* bmo#1930806 - FIPS changes need to be upstreamed: updated key checks
* bmo#1951491 - Don't build libpkix in static builds
* bmo#1951395 - handle `-p all` in try syntax
* bmo#1951346 - fix opt-make builds to actually be opt
* bmo#1951346 - fix opt-static builds to actually be opt
* bmo#1916439 - Remove extraneous assert
- Removed upstreamed nss-fips-stricter-dh.patch
- Removed upstreamed nss-reproducible-chksums.patch
- Added bmo1962556.patch to fix test failures
- Rebased nss-fips-approved-crypto-non-ec.patch nss-fips-combined-hash-sign-dsa-ecdsa.patch
- update to NSS 3.109
* bmo#1939512 - Call BL_Init before RNG_RNGInit() so that special
SHA instructions can be used if available
* bmo#1930807 - NSS policy updates - fix inaccurate key policy issues
* bmo#1945883 - SMIME fuzz target
* bmo#1914256 - ASN1 decoder fuzz target
* bmo#1936001 - Part 2: Revert “Extract testcases from ssl gtests
for fuzzing”
* bmo#1915155 - Add fuzz/README.md
* bmo#1936001 - Part 4: Fix tstclnt arguments script
* bmo#1944545 - Extend pkcs7 fuzz target
* bmo#1912320 - Extend certDN fuzz target
* bmo#1944300 - revert changes to HACL* files from bug 1866841
* bmo#1936001 - Part 3: Package frida corpus script
- update to NSS 3.108
* bmo#1923285 - libclang-16 -> libclang-19
* bmo#1939086 - Turn off Secure Email Trust Bit for Security
Communication ECC RootCA1
* bmo#1937332 - Turn off Secure Email Trust Bit for BJCA Global Root
CA1 and BJCA Global Root CA2
* bmo#1915902 - Remove SwissSign Silver CA – G2
* bmo#1938245 - Add D-Trust 2023 TLS Roots to NSS
* bmo#1942301 - fix fips test failure on windows
* bmo#1935925 - change default sensitivity of KEM keys
* bmo#1936001 - Part 1: Introduce frida hooks and script
* bmo#1942350 - add missing arm_neon.h include to gcm.c
* bmo#1831552 - ci: update windows workers to win2022
* bmo#1831552 - strip trailing carriage returns in tools tests
* bmo#1880256 - work around unix/windows path translation issues
in cert test script
* bmo#1831552 - ci: let the windows setup script work without $m
* bmo#1880255 - detect msys
* bmo#1936680 - add a specialized CTR_Update variant for AES-GCM
* bmo#1930807 - NSS policy updates
* bmo#1930806 - FIPS changes need to be upstreamed: FIPS 140-3 RNG
* bmo#1930806 - FIPS changes need to be upstreamed: Add SafeZero
* bmo#1930806 - FIPS changes need to be upstreamed - updated POST
* bmo#1933031 - Segmentation fault in SECITEM_Hash during pkcs12 processing
* bmo#1929922 - Extending NSS with LoadModuleFromFunction functionality
* bmo#1935984 - Ensure zero-initialization of collectArgs.cert
* bmo#1934526 - pkcs7 fuzz target use CERT_DestroyCertificate
* bmo#1915898 - Fix actual underlying ODR violations issue
* bmo#1184059 - mozilla::pkix: allow reference ID labels to begin
and/or end with hyphens
* bmo#1927953 - don't look for secmod.db in nssutil_ReadSecmodDB if
NSS_DISABLE_DBM is set
* bmo#1934526 - Fix memory leak in pkcs7 fuzz target
* bmo#1934529 - Set -O2 for ASan builds in CI
* bmo#1934543 - Change branch of tlsfuzzer dependency
* bmo#1915898 - Run tests in CI for ASan builds with detect_odr_violation=1
* bmo#1934241 - Fix coverage failure in CI
* bmo#1934213 - Add fuzzing for delegated credentials, DTLS short
header and Tls13BackendEch
* bmo#1927142 - Add fuzzing for SSL_EnableTls13GreaseEch and
SSL_SetDtls13VersionWorkaround
* bmo#1913677 - Part 3: Restructure fuzz/
* bmo#1931925 - Extract testcases from ssl gtests for fuzzing
* bmo#1923037 - Force Cryptofuzz to use NSS in CI
* bmo#1923037 - Fix Cryptofuzz on 32 bit in CI
* bmo#1933154 - Update Cryptofuzz repository link
* bmo#1926256 - fix build error from 9505f79d
* bmo#1926256 - simplify error handling in get_token_objects_for_cache
* bmo#1931973 - nss doc: fix a warning
* bmo#1930797 - pkcs12 fixes from RHEL need to be picked up
- remove obsolete patches
* nss-fips-safe-memset.patch
* nss-bmo1930797.patch
- update to NSS 3.107
* bmo#1923038 - Remove MPI fuzz targets.
* bmo#1925512 - Remove globals `lockStatus` and `locksEverDisabled`.
* bmo#1919015 - Enable PKCS8 fuzz target.
* bmo#1923037 - Integrate Cryptofuzz in CI.
* bmo#1913677 - Part 2: Set tls server target socket options in config class
* bmo#1913677 - Part 1: Set tls client target socket options in config class
* bmo#1913680 - Support building with thread sanitizer.
* bmo#1922392 - set nssckbi version number to 2.72.
* bmo#1919913 - remove Websites Trust Bit from Entrust Root
Certification Authority - G4.
* bmo#1920641 - remove Security Communication RootCA3 root cert.
* bmo#1918559 - remove SecureSign RootCA11 root cert.
* bmo#1922387 - Add distrust-after for TLS to Entrust Roots.
* bmo#1927096 - update expected error code in pk12util pbmac1 tests.
* bmo#1929041 - Use random tstclnt args with handshake collection script
* bmo#1920466 - Remove extraneous assert in ssl3gthr.c.
* bmo#1928402 - Adding missing release notes for NSS_3_105.
* bmo#1874451 - Enable the disabled mlkem tests for dtls.
* bmo#1874451 - NSS gtests filter cleans up the constucted buffer
before the use.
* bmo#1925505 - Make ssl_SetDefaultsFromEnvironment thread-safe.
* bmo#1925503 - Remove short circuit test from ssl_Init.
- fix build on loongarch64 (setting it as 64bit arch)
- Remove upstreamed bmo-1400603.patch
- Added nss-bmo1930797.patch to fix failing tests in testsuite
- update to NSS 3.106
* bmo#1925975 - NSS 3.106 should be distributed with NSPR 4.36.
* bmo#1923767 - pk12util: improve error handling in p12U_ReadPKCS12File.
* bmo#1899402 - Correctly destroy bulkkey in error scenario.
* bmo#1919997 - PKCS7 fuzz target, r=djackson,nss-reviewers.
* bmo#1923002 - Extract certificates with handshake collection script.
* bmo#1923006 - Specify len_control for fuzz targets.
* bmo#1923280 - Fix memory leak in dumpCertificatePEM.
* bmo#1102981 - Fix UBSan errors for SECU_PrintCertificate and
SECU_PrintCertificateBasicInfo.
* bmo#1921528 - add new error codes to mozilla::pkix for Firefox to use.
* bmo#1921768 - allow null phKey in NSC_DeriveKey.
* bmo#1921801 - Only create seed corpus zip from existing corpus.
* bmo#1826035 - Use explicit allowlist for for KDF PRFS.
* bmo#1920138 - Increase optimization level for fuzz builds.
* bmo#1920470 - Remove incorrect assert.
* bmo#1914870 - Use libFuzzer options from fuzz/options/\*.options in CI.
* bmo#1920945 - Polish corpus collection for automation.
* bmo#1917572 - Detect new and unfuzzed SSL options.
* bmo#1804646 - PKCS12 fuzzing target.
- requires NSPR 4.36
- update to NSS 3.105
* bmo#1915792 - Allow importing PKCS#8 private EC keys missing public key
* bmo#1909768 - UBSAN fix: applying zero offset to null pointer in sslsnce.c
* bmo#1919577 - set KRML_MUSTINLINE=inline in makefile builds
* bmo#1918965 - Don't set CKA_SIGN for CKK_EC_MONTGOMERY private keys
* bmo#1918767 - override default definition of KRML_MUSTINLINE
* bmo#1916525 - libssl support for mlkem768x25519
* bmo#1916524 - support for ML-KEM-768 in softoken and pk11wrap
* bmo#1866841 - Add Libcrux implementation of ML-KEM 768 to FreeBL
* bmo#1911912 - Avoid misuse of ctype(3) functions
* bmo#1917311 - part 2: run clang-format
* bmo#1917311 - part 1: upgrade to clang-format 13
* bmo#1916953 - clang-format fuzz
* bmo#1910370 - DTLS client message buffer may not empty be on retransmit
* bmo#1916413 - Optionally print config for TLS client and server
fuzz target
* bmo#1916059 - Fix some simple documentation issues in NSS.
* bmo#1915439 - improve performance of NSC_FindObjectsInit when
template has CKA_TOKEN attr
* bmo#1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN
- Fix build error under Leap by rebasing nss-fips-safe-memset.patch.
- update to NSS 3.104
* bmo#1910071 - Copy original corpus to heap-allocated buffer
* bmo#1910079 - Fix min ssl version for DTLS client fuzzer
* bmo#1908990 - Remove OS2 support just like we did on NSPR
* bmo#1910605 - clang-format NSS improvements
* bmo#1902078 - Adding basicutil.h to use HexString2SECItem function
* bmo#1908990 - removing dirent.c from build
* bmo#1902078 - Allow handing in keymaterial to shlibsign to make
the output reproducible
* bmo#1908990 - remove nec4.3, sunos4, riscos and SNI references
* bmo#1908990 - remove other old OS (BSDI, old HP UX, NCR,
openunix, sco, unixware or reliantUnix
* bmo#1908990 - remove mentions of WIN95
* bmo#1908990 - remove mentions of WIN16
* bmo#1913750 - More explicit directory naming
* bmo#1913755 - Add more options to TLS server fuzz target
* bmo#1913675 - Add more options to TLS client fuzz target
* bmo#1835240 - Use OSS-Fuzz corpus in NSS CI
* bmo#1908012 - set nssckbi version number to 2.70.
* bmo#1914499 - Remove Email Trust bit from ACCVRAIZ1 root cert.
* bmo#1908009 - Remove Email Trust bit from certSIGN ROOT CA.
* bmo#1908006 - Add Cybertrust Japan Roots to NSS.
* bmo#1908004 - Add Taiwan CA Roots to NSS.
* bmo#1911354 - remove search by decoded serial in
nssToken_FindCertificateByIssuerAndSerialNumber
* bmo#1913132 - Fix tstclnt CI build failure
* bmo#1913047 - vfyserv: ensure peer cert chain is in db for
CERT_VerifyCertificateNow
* bmo#1912427 - Enable all supported protocol versions for UDP
* bmo#1910361 - Actually use random PSK hash type
* bmo#1911576 - Initialize NSS DB once
* bmo#1910361 - Additional ECH cipher suites and PSK hash types
* bmo#1903604 - Automate corpus file generation for TLS client Fuzzer
* bmo#1910364 - Fix crash with UNSAFE_FUZZER_MODE
* bmo#1910605 - clang-format shlibsign.c
- remove obsolete nss-reproducible-builds.patch
- update to NSS 3.103
* bmo#1908623 - move list size check after lock acquisition in sftk_PutObjectToList.
* bmo#1899542 - Add fuzzing support for SSL_ENABLE_POST_HANDSHAKE_AUTH,
* bmo#1909638 - Follow-up to fix test for presence of file nspr.patch.
* bmo#1903783 - Adjust libFuzzer size limits
* bmo#1899542 - Add fuzzing support for SSL_SetCertificateCompressionAlgorithm,
SSL_SetClientEchConfigs, SSL_VersionRangeSet and SSL_AddExternalPsk
* bmo#1899542 - Add fuzzing support for SSL_ENABLE_GREASE and
SSL_ENABLE_CH_EXTENSION_PERMUTATION
- Add nss-reproducible-builds.patch to make the rpms reproducible,
by using a hardcoded, static key to generate the checksums (*.chk-files)
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).
- update to NSS 3.102.1
* bmo#1905691 - ChaChaXor to return after the function
- update to NSS 3.102
* bmo#1880351 - Add Valgrind annotations to freebl Chacha20-Poly1305.
* bmo#1901932 - missing sqlite header.
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
* bmo#1615298 - improve certutil keyUsage, extKeyUsage, and nsCertType keyword handling.
* bmo#1660676 - correct length of raw SPKI data before printing in pp utility.
- Add nss-reproducible-chksums.patch to make NSS-build reproducible
Use key from openssl (bsc#1081723)
- Updated nss-fips-approved-crypto-non-ec.patch to exclude the
SHA-1 hash from SLI approval.
- Updated nss-fips-approved-crypto-non-ec.patch to not pass in
bad targetKeyLength parameters when checking for FIPS approval
after keygen. This was causing false rejections.
- Updated nss-fips-approved-crypto-non-ec.patch to approve
RSA signature verification mechanisms with PKCS padding and
legacy moduli (bsc#1222834).
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).
- libgcrypt
-
- Fix running the test suite in FIPS mode [bsc#1246934]
* Add libgcrypt-fix-pkcs12-test-in-FIPS-mode.patch
* Rebase libgcrypt-FIPS-SLI-kdf-leylength.patch
- gpgme
-
- Treat empty DISPLAY variable as unset. [bsc#1252425, bsc#1231055]
* To avoid gpgme constructing an invalid gpg command line when
the DISPLAY variable is empty it can be treated as unset.
* Add gpgme-Treat-empty-DISPLAY-variable-as-unset.patch
* Reported upstream: dev.gnupg.org/T7919
- openssl-3
-
- Security fix: [bsc#1250232 CVE-2025-9230]
* Fix out-of-bounds read & write in RFC 3211 KEK unwrap
* Add patch openssl3-CVE-2025-9230.patch
- Disable LTO for userspace livepatching [jsc#PED-13245]
- sqlite3
-
- bsc#1252217: Add a %license file.
- bsc#1248586: Fix icu-enabled build.
- Update to version 3.50.4:
* Fix two long-standings cases of the use of uninitialized
variables in obscure circumstances.
- Update to version 3.50.3:
* Fix a possible memory error that can occur if a query is made
against against FTS5 index that has been deliberately corrupted
in a very specific way.
* Fix the parser so that it ignored SQL comments in all places of
a CREATE TRIGGER statement. This resolves a problem that was
introduced by the introduction of the
SQLITE_DBCONFIG_ENABLE_COMMENTS feature in version 3.49.0.
* Fix an incorrect answer due to over-optimization of an AND
operator.
- libssh
-
- Security fix: [CVE-2025-8277, bsc#1249375]
* Memory Exhaustion via Repeated Key Exchange
* Add patches:
- libssh-CVE-2025-8277-packet-Adjust-packet-filter-to-work-wh.patch
- libssh-CVE-2025-8277-Fix-memory-leak-of-unused-ephemeral-ke.patch
- libssh-CVE-2025-8277-ecdh-Free-previously-allocated-pubkeys.patch
- Security fix: [CVE-2025-8114, bsc#1246974]
* NULL pointer dereference when calculating session ID during KEX
* Add libssh-CVE-2025-8114.patch
- mozilla-nspr
-
- update to version 4.36
* remove support for OS/2
* remove support for Unixware, Bsdi, old AIX, old HPUX9 & scoos
* remove support for Windows 16 bit
* renamed the prwin16.h header to prwin.h
* configure was updated from 2.69 to 2.71
* various build, test and automation script fixes
* major parts of the source code were reformatted
- podman
-
- Add patch for CVE-2025-9566 (bsc#1249154):
* 0004-CVE-2025-9566-kube-play-don-t-follow-volume-symlinks.patch
- Rebase patches:
* 0001-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch
* 0002-Fix-Remove-appending-rw-as-the-default-mount-option.patch
* 0003-CVE-2025-6032-machine-init-fix-tls-check.patch
- python-azure-agent
-
- Update to version 2.14.0.1 (bsc#1253001)
+ Drop - included upstream
~ agent-btrfs-use-f.patch included upstream
~ remove-mock.patch
+ FIPS 140-3 support
+ Block extensions disallowed by policy
+ Report ext policy errors in heartbeat
+ Implement signature validation helper functions
+ Prevent ssh public key override
+ Use proper filesystem creation flag for btrfs
+ Enable resource monitoring in cgroup v2 machines
+ Update agent cgroup cleanup
+ Add cgroupv2 distros to supported list
+ Clean old agent cgroup setup
+ Redact sas tokens in telemetry events and agent log
+ Add conf option to use hardcoded wireserver ip instead of dhcp request
to discover wireserver ip
+ Support for python 3.12
+ Update telemetry message for agent updates and send new telemetry for
ext resource governance
+ Disable rsm downgrade
+ Add community support for Chainguard OS
+ Swap out legacycrypt for crypt-r for Python 3.13+
+ Pin setuptools version
+ Set the agent config file path for FreeBSD
+ Handle errors importing crypt module
- From 2.13.1.1
+ Setup: Fix install_requires list syntax
+ Pickup latest goal state on tenant certificate rotation + Avoid
infinite loop when the tenant certificate is missing
+ Fix unsupported syntax in py2.6
+ Cgroup rewrite: uses systemctl for expressing desired configuration
instead drop-in files
+ Remove usages of tempfile.mktemp
+ Use random time for attempting new Agent update
+ Enable logcollector in v2 machines
+ Clean history files
+ Missing firewall rules reason
+ Add support for nftables (+ refactoring of firewall code)
+ Create walinuxagent nftable atomically
- python-urllib3
-
- Add patch CVE-2025-50181-poolmanager-redirects.patch:
* Pool managers now properly control redirects when retries is passed
(CVE-2025-50181, GHSA-pq67-6m6q-mj2v, bsc#1244925)
- runc
-
- Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
- Remove upstreamed patches for bsc#1252232:
- 2025-11-05-CVEs.patch
[ This update was only released for SLE 12 and 15. ]
- Backport patches for three CVEs. All three vulnerabilities ultimately allow
(through different methods) for full container breakouts by bypassing runc's
restrictions for writing to arbitrary /proc files. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
+ 2025-11-05-CVEs.patch
[ This update was only released for SLE 12 and 15. ]
- Update to runc v1.2.7. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.2.7>.
- Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
- selinux-policy
-
- Update to version 20241031+git12.52417acff:
* Mark configfs_t as mountpoint (bsc#1246080, bsc#1250628)
- Update to version 20241031+git10.f4f74e9f2:
* Label /var/livepatches as lib_t for ULP on micro (bsc#1228879, bsc#1249832)
- supportutils-plugin-suse-public-cloud
-
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
+ Remove duplicate data collection for the plugin itself
+ Collect archive metering data when available
+ Query billing flavor status
- vim
-
- Add patches:
* vim-9.1.1134-revert-putty-terminal-colors.patch
* reorder-exit-raw-mode.patch
- Remove obsoleted patches:
* vim-7.3-help_tags.patch
* vim-7.4-highlight_fstab.patch
* vim-7.3-mktemp_tutor.patch
- Refresh patches:
* vim-7.3-sh_is_bash.patch
- Fix the following CVEs and bugs:
* bsc#1246602 (CVE-2025-53906)
* bsc#1246604 (CVE-2025-53905)
* bsc#1247939 (CVE-2025-55158)
* bsc#1247938 (CVE-2025-55157)
- Update to 9.1.1629:
9.1.1629: Vim9: Not able to use more than 10 type arguments in a generic function
9.1.1628: fuzzy.c has a few issues
9.1.1627: fuzzy matching can be improved
9.1.1626: cindent: does not handle compound literals
9.1.1625: Autocompletion slow with include- and tag-completion
9.1.1624: Cscope not enabled on MacOS
9.1.1623: Buffer menu does not handle unicode names correctly
9.1.1622: Patch v9.1.1432 causes performance regressions
9.1.1621: flicker in popup menu during cmdline autocompletion
9.1.1620: filetype: composer.lock and symfony.lock files not recognized
9.1.1619: Incorrect E535 error message
9.1.1618: completion: incorrect selected index returned from complete_info()
9.1.1617: Vim9: some error messages can be improved
9.1.1616: xxd: possible buffer overflow with bitwise output
9.1.1615: diff format erroneously detected
9.1.1614: Vim9: possible variable type change
9.1.1613: tests: test_search leaves a few swapfiles behind
9.1.1612: Ctrl-G/Ctrl-T do not ignore the end search delimiter
9.1.1611: possible undefined behaviour in mb_decompose()
9.1.1610: completion: hang or E684 when 'tagfunc' calls complete()
9.1.1609: complete: Heap-buffer overflow with complete function
9.1.1608: No command-line completion for :unsilent {command}
9.1.1607: :apple command detected as :append
9.1.1606: filetype: a few more files are not recognized
9.1.1605: cannot specify scope for chdir()
9.1.1604: completion: incsearch highlight might be lost
9.1.1603: completion: cannot use autoloaded funcs in 'complete' F{func}
9.1.1602: filetype: requirements-*.txt files are not recognized
9.1.1601: Patch v8.1.0425 was wrong
9.1.1600: using diff anchors with hidden buffers fails silently
9.1.1599: :bnext doesn't go to unlisted help buffers
9.1.1598: filetype: waybar config file is not recognized
9.1.1597: CI reports leaks in libgtk3 library
9.1.1596: tests: Test_search_wildmenu_iminsert() depends on help file
9.1.1595: Wayland: non-portable use of select()
9.1.1594: completion: search completion throws errors
9.1.1593: Confusing error when compiling incomplete try block
9.1.1592: Vim9: crash with classes and garbage collection
9.1.1591: VMS support can be improved
9.1.1590: cannot perform autocompletion
9.1.1589: Cannot disable cscope interface using configure
9.1.1588: Vim9: cannot split dict inside command block
9.1.1587: Wayland: timeout not updated before select()
9.1.1586: Vim9: can define an enum/interface in a function
9.1.1585: Wayland: gvim still needs GVIM_ENABLE_WAYLAND
9.1.1584: using ints as boolean type
9.1.1583: gvim window lost its icons
9.1.1582: style issue in vim9type.c and vim9generics.c
9.1.1581: possible memory leak in vim9generics.c
9.1.1580: possible memory leak in vim9type.c
9.1.1579: Coverity complains about unchecked return value
9.1.1578: configure: comment still mentions autoconf 2.71
9.1.1577: Vim9: no generic support yet
9.1.1576: cannot easily trigger wildcard expansion
9.1.1575: tabpanel not drawn correctly with wrapped lines
9.1.1574: Dead code in mbyte.c
9.1.1573: Memory leak when pressing Ctrl-D in cmdline mode
9.1.1572: expanding $var does not escape whitespace for 'path'
9.1.1571: CmdlineChanged triggered to often
9.1.1570: Copilot suggested some improvements in cmdexpand.c
9.1.1569: tests: Vim9 tests can be improved
9.1.1568: need a few more default highlight groups
9.1.1567: crash when using inline diff mode
9.1.1566: self-referenced enum may not get freed
9.1.1565: configure: does not consider tiny version for wayland
9.1.1564: crash when opening popup to closing buffer
9.1.1563: completion: ruler may disappear
9.1.1562: close button always visible in the 'tabline'
9.1.1561: configure: wayland test can be improved
9.1.1560: configure: uses $PKG_CONFIG before it is defined
9.1.1559: tests: Test_popup_complete_info_01() fails when run alone
9.1.1558: str2blob() treats NULL string and empty string differently
9.1.1557: not possible to anchor specific lines in difff mode
9.1.1556: string handling in cmdexpand.c can be improved
9.1.1555: completion: repeated insertion of leader
9.1.1554: crash when omni-completion opens command-line window
9.1.1553: Vim9: crash when accessing a variable in if condition
9.1.1552: [security]: path traversal issue in tar.vim
9.1.1551: [security]: path traversal issue in zip.vim
9.1.1550: defaults: 'showcmd' is not enabled in non-compatible mode on Unix
9.1.1549: filetype: pkl files are not recognized
9.1.1548: filetype: OpenFGA files are not recognized
9.1.1547: Wayland: missing ifdef
9.1.1546: Vim9: error with has() and short circuit evaluation
9.1.1545: typo in os_unix.c
9.1.1544: :retab cannot be limited to indentation only
9.1.1543: Wayland: clipboard appears to not be working
9.1.1542: Coverity complains about uninitialized variable
9.1.1541: Vim9: error when last enum value ends with a comma
9.1.1540: completion: menu state wrong on interruption
9.1.1539: completion: messages don't respect 'shm' setting
9.1.1537: helptoc: still some issues when markdown code blocks
9.1.1536: tests: test_plugin_comment uses wrong :Check command
9.1.1535: the maximum search count uses hard-coded value 99
9.1.1534: unnecessary code in tabpanel.c
9.1.1533: helptoc: does not handle code sections in markdown well
9.1.1532: termdebug: not enough ways to configure breakpoints
9.1.1531: confusing error with nested legacy function
9.1.1530: Missing version change in v9.1.1529
9.1.1529: Win32: the toolbar in the GUI is old and dated
9.1.1528: completion: crash with getcompletion()
9.1.1527: Vim9: Crash with string compound assignment
9.1.1526: completion: search completion match may differ in case
9.1.1525: tests: testdir/ is a bit messy
9.1.1524: tests: too many imports in the test suite
9.1.1523: tests: test_clipmethod fails in non X11 environment
9.1.1522: tests: still some ANSI escape sequences in test output
9.1.1521: completion: pum does not reset scroll pos on reopen with 'noselect'
9.1.1520: completion: search completion doesn't handle 'smartcase' well
9.1.1519: tests: Test_termdebug_decimal_breakpoints() may fail
9.1.1518: getcompletiontype() may crash
9.1.1517: filetype: autopkgtest files are not recognized
9.1.1516: tests: no test that 'incsearch' is updated after search completion
9.1.1515: Coverity complains about potential unterminated strings
9.1.1514: Coverity complains about the use of tmpfile()
9.1.1513: resizing Vim window causes unexpected internal window width
9.1.1512: completion: can only complete from keyword characters
9.1.1511: tests: two edit tests change v:testing from 1 to 0
9.1.1510: Search completion may use invalid memory
9.1.1509: patch 9.1.1505 was not good
9.1.1508: string manipulation can be improved in cmdexpand.c
9.1.1507: symlinks are resolved on :cd commands
9.1.1506: tests: missing cleanup in Test_search_cmdline_incsearch_highlight()
9.1.1505: not possible to return completion type for :ex command
9.1.1504: filetype: numbat files are not recognized
9.1.1503: filetype: haxe files are not recognized
9.1.1502: filetype: quickbms files are not recognized
9.1.1501: filetype: flix files are not recognized
9.1.1500: if_python: typo in python error variable
9.1.1499: MS-Windows: no indication of ARM64 architecture
9.1.1498: completion: 'complete' funcs behave different to 'omnifunc'
9.1.1497: Link error with shm_open()
9.1.1496: terminal: still not highlighting empty cells correctly
9.1.1495: Wayland: uses $XDG_SEAT to determine seat
9.1.1494: runtime(tutor): no French translation for Chapter 2
9.1.1493: manually comparing positions on buffer
9.1.1492: tests: failure when Wayland compositor fails to start
9.1.1491: missing out-of-memory checks in cmdexpand.c
9.1.1490: 'wildchar' does not work in search contexts
9.1.1489: terminal: no visual highlight of empty cols with empty 'listchars'
9.1.1488: configure: using obsolete macro AC_PROG_GCC_TRADITIONAL
9.1.1487: :cl doesn't invoke :clist
9.1.1486: documentation issues with Wayland
9.1.1485: missing Wayland clipboard support
9.1.1484: tests: Turkish locale tests fails on Mac
9.1.1483: not possible to translation position in buffer
9.1.1482: scrolling with 'splitkeep' and line()
9.1.1481: gcc complains about uninitialized variable
9.1.1480: Turkish translation outdated
9.1.1479: regression when displaying localized percentage position
9.1.1478: Unused assignment in ex_uniq()
9.1.1476: no easy way to deduplicate text
9.1.1476: missing out-of-memory checks in cmdexpand.c
9.1.1475: completion: regression when "nearest" in 'completeopt'
9.1.1474: missing out-of-memory check in mark.c
9.1.1473: inconsistent range arg for :diffget/diffput
9.1.1472: if_python: PySequence_Fast_{GET_SIZE,GET_ITEM} removed
9.1.1471: completion: inconsistent ordering with CTRL-P
9.1.1470: use-after-free with popup callback on error
9.1.1469: potential buffer-underflow with invalid hl_id
9.1.1468: filetype: bright(er)script files are not recognized
9.1.1467: too many strlen() calls
9.1.1466: filetype: not all lex files are recognized
9.1.1465: tabpanel: not correctly drawn with 'equalalways'
9.1.1464: gv does not work in operator-pending mode
9.1.1463: Integer overflow in getmarklist() after linewise operation
9.1.1462: missing change from patch v9.1.1461
9.1.1461: tabpanel: tabpanel vanishes with popup menu
9.1.1460: MS-Windows: too many strlen() calls in os_win32.c
9.1.1459: xxd: coloring output is inefficient
9.1.1458: tabpanel: tabs not properly updated with 'stpl'
9.1.1457: compile warning with tabpanelopt
9.1.1456: comment plugin fails toggling if 'cms' contains \
9.1.1455: Haiku: dailog objects created with no reference
9.1.1454: tests: no test for pum at line break position
9.1.1453: tests: Test_geometry() may fail
9.1.1452: completion: redundant check for completion flags
9.1.1451: tabpanel rendering artifacts when scrolling
9.1.1450: Session has wrong arglist with :tcd and :arglocal
9.1.1449: typo in pum_display()
9.1.1448: tabpanel is not displayed correctly when msg_scrolled
9.1.1447: completion: crash when backspacing with fuzzy completion
9.1.1446: filetype: cuda-gdb config files are not recognized
9.1.1445: negative matchfuzzy scores although there is a match
9.1.1444: Unused assignment in set_fuzzy_score()
9.1.1443: potential buffer underflow in insertchar()
9.1.1442: tests: Test_diff_fold_redraw() is insufficient
9.1.1441: completion: code can be improved
9.1.1440: too many strlen() calls in os_win32.c
9.1.1439: Last diff folds not merged
9.1.1438: tests: Test_breakindent_list_split() fails
9.1.1437: MS-Windows: internal compile error in uc_list()
9.1.1436: GUI control code is displayed on the console on startup
9.1.1435: completion: various flaws in fuzzy completion
9.1.1434: MS-Windows: missing out-of-memory checks in os_win32.c
9.1.1433: Unnecessary :if when writing session
9.1.1432: GTK GUI: Buffer menu does not handle unicode correctly
9.1.1431: Hit-Enter Prompt when loading session files
9.1.1430: tabpanel may flicker in the GUI
9.1.1429: dragging outside the tabpanel changes tabpagenr
9.1.1428: completion: register completion needs cleanup
9.1.1427: rendering artifacts with the tabpanel
9.1.1426: completion: register contents not completed
9.1.1425: tabpanel: there are still some problems with the tabpanel
9.1.1424: PMenu selection broken with multi-line selection and limits
9.1.1423: :tag command not working correctly using Vim9 Script
9.1.1422: scheduling of complete function can be improved
9.1.1421: tests: need a test for the new-style tutor.tutor
9.1.1420: tests: could need some more tests for shebang lines
9.1.1419: It is difficult to ignore all but some events
9.1.1418: configures GUI auto detection favors GTK2
9.1.1417: missing info about register completion in complete_info()
9.1.1416: completion limits not respected for fuzzy completions
9.1.1415: potential use-after free when there is an error in 'tabpanel'
9.1.1414: MS-Windows: compile warnings in os_win32.c
9.1.1413: spurious CursorHold triggered in GUI on startup
9.1.1412: tests: Test_tabpanel_tabonly() fails on larger screens
9.1.1411: crash when calling non-existing function for tabpanel
9.1.1410: out-of-bounds access with 'completefunc'
9.1.1409: using f-flag in 'complete' conflicts with Neovim
9.1.1408: not easily possible to complete from register content
9.1.1407: Can't use getpos('v') in OptionSet when using setbufvar()
9.1.1406: crash when importing invalid tuple
9.1.1405: tests: no test for mapping with special keys in session file
9.1.1404: wrong link to Chapter 2 in new-tutor
9.1.1403: expansion of 'tabpanelopt' value adds wrong values
9.1.1402: multi-byte mappings not properly stored in session file
9.1.1401: list not materialized in prop_list()
9.1.1400: [security]: use-after-free when evaluating tuple fails
9.1.1399: tests: test_codestyle fails for auto-generated files
9.1.1398: completion: trunc does not follow Pmenu highlighting attributes
9.1.1397: tabpanel not correctly updated on :tabonly
9.1.1396: 'errorformat' is a global option
9.1.1395: search_stat not reset when pattern differs in case
9.1.1394: tabpanel not correctly redrawn on tabonly
9.1.1393: missing test for switching buffers and reusing curbuf
9.1.1392: missing patch number
9.1.1391: Vim does not have a vertical tabpanel
9.1.1390: style: more wrong indentation
9.1.1389: completion: still some issue when 'isexpand' contains a space
9.1.1388: Scrolling one line too far with 'nosmoothscroll' page scrolling
9.1.1387: memory leak when buflist_new() fails to reuse curbuf
9.1.1386: MS-Windows: some minor problems building on AARCH64
9.1.1385: inefficient loop for 'nosmoothscroll' scrolling
9.1.1384: still some problem with the new tutors filetype plugin
9.1.1383: completion: 'isexpand' option does not handle space char correct
9.1.1382: if_ruby: unused compiler warnings from ruby internals
9.1.1381: completion: cannot return to original text
9.1.1380: 'eventignorewin' only checked for current buffer
9.1.1379: MS-Windows: error when running evim when space in path
9.1.1378: sign without text overwrites number option
9.1.1377: patch v9.1.1370 causes some GTK warning messages
9.1.1376: quickfix dummy buffer may remain as dummy buffer
9.1.1375: [security]: possible heap UAF with quickfix dummy buffer
9.1.1374: completion: 'smartcase' not respected when filtering matches
9.1.1373: 'completeopt' checking logic can be simplified
9.1.1372: style: braces issues in various files
9.1.1371: style: indentation and brace issues in insexpand.c
9.1.1370: CI Tests favor GTK2 over GTK3
9.1.1369: configure still using autoconf 2.71
9.1.1368: GTK3 and GTK4 will drop numeric cursor support.
9.1.1367: too many strlen() calls in gui.c
9.1.1366: v9.1.1364 unintentionally changed sign.c and sound.c
9.1.1365: MS-Windows: compile warnings and too many strlen() calls
9.1.1364: style: more indentation issues
9.1.1363: style: inconsistent indentation in various files
9.1.1362: Vim9: type ignored when adding tuple to instance list var
9.1.1361: [security]: possible use-after-free when closing a buffer
9.1.1360: filetype: GNU Radio companion files are not recognized
9.1.1359: filetype: GNU Radio config files are not recognized
9.1.1358: if_lua: compile warnings with gcc15
9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer
9.1.1356: Vim9: crash when unletting variable
9.1.1355: The pum_redraw() function is too complex
9.1.1354: tests: Test_terminalwinscroll_topline() fails on Windows
9.1.1353: missing change from v9.1.1350
9.1.1352: style: inconsistent indent in insexpand.c
9.1.1351: Return value of getcmdline() inconsistent in CmdlineLeavePre
9.1.1350: tests: typo in Test_CmdlineLeavePre_cabbr()
9.1.1349: CmdlineLeavePre may trigger twice
9.1.1348: still E315 with the terminal feature
9.1.1347: small problems with gui_w32.c
9.1.1346: missing out-of-memory check in textformat.c
9.1.1345: tests: Test_xxd_color2() test failure dump diff is misleading
9.1.1344: double free in f_complete_match() (after v9.1.1341)
9.1.1343: filetype: IPython files are not recognized
9.1.1342: Shebang filetype detection can be improved
9.1.1341: cannot define completion triggers
9.1.1340: cannot complete :filetype arguments
9.1.1339: missing out-of-memory checks for enc_to_utf16()/utf16_to_enc()
9.1.1338: Calling expand() interferes with cmdcomplete_info()
9.1.1337: Undo corrupted with 'completeopt' "preinsert" when switching buffer
9.1.1336: comment plugin does not support case-insensitive 'commentstring'
9.1.1335: Coverity complains about Null pointer dereferences
9.1.1334: Coverity complains about unchecked return value
9.1.1333: Coverity: complains about unutilized variable
9.1.1332: Vim9: segfault when using super within a lambda
9.1.1331: Leaking memory with cmdcomplete()
9.1.1330: may receive E315 in terminal
9.1.1329: cannot get information about command line completion
9.1.1328: too many strlen() calls in indent.c
9.1.1327: filetype: nroff detection can be improved
9.1.1326: invalid cursor position after 'tagfunc'
9.1.1325: tests: not checking error numbers properly
9.1.1324: undefined behaviour if X11 connection dies
9.1.1323: b:undo_ftplugin not executed when re-using buffer
9.1.1322: small delete register cannot paste multi-line correctly
9.1.1321: filetype: MS ixx and mpp files are not recognized
9.1.1320: filetype: alsoft config files are not recognized
9.1.1319: Various typos in the code, issue with test_inst_complete.vim
9.1.1318: tests: test_format fails
9.1.1317: noisy error when restoring folds from session fails
9.1.1316: missing memory allocation failure in os_mswin.c
9.1.1315: completion: issue with fuzzy completion and 'completefuzzycollect'
9.1.1314: max allowed string width too small
9.1.1313: compile warning about uninitialized value
9.1.1312: tests: Test_backupskip() fails when HOME is defined
9.1.1311: completion: not possible to limit number of matches
9.1.1310: completion: redundant check for preinsert effect
9.1.1309: tests: no test for 'pummaxwidth' with non-truncated "kind"
9.1.1308: completion: cannot order matches by distance to cursor
9.1.1307: make syntax does not reliably detect different flavors
9.1.1306: completion menu rendering can be improved
9.1.1305: completion menu active after switching windows/tabs
9.1.1304: filetype: some man files are not recognized
9.1.1303: missing out-of-memory check in linematch.c
9.1.1302: Coverity warns about using uninitialized value
9.1.1301: completion: cannot configure completion functions with 'complete'
9.1.1300: wrong detection of -inf
9.1.1299: filetype: mbsyncrc files are not recognized
9.1.1298: define_function() is too long
9.1.1297: Ctrl-D scrolling can get stuck
9.1.1296: completion: incorrect truncation logic
9.1.1295: clientserver: does not handle :stopinsert correctly
9.1.1294: gui tabline menu does not use confirm when closing tabs
9.1.1293: comment plugin does not handle 'exclusive' selection for comment object
9.1.1292: statusline not correctly evaluated
9.1.1291: too many strlen() calls in buffer.c
9.1.1290: tests: missing cleanup in test_filetype.vim
9.1.1289: tests: no test for matchparen plugin with WinScrolled event
9.1.1288: Using wrong window in ll_resize_stack()
9.1.1287: quickfix code can be further improved
9.1.1286: filetype: help files not detected when 'iskeyword' includes ":"
9.1.1285: Vim9: no error message for missing method after "super."
9.1.1284: not possible to configure pum truncation char
9.1.1283: quickfix stack is limited to 10 items
9.1.1282: Build and test failure without job feature
9.1.1281: extra newline output when editing stdin
9.1.1280: trailing additional semicolon in get_matches_in_str()
9.1.1279: Vim9: null_object and null_class are no reserved names
9.1.1278: Vim9: too long functions in vim9type.c
9.1.1277: tests: trailing comment char in test_popupwin
9.1.1276: inline word diff treats multibyte chars as word char
9.1.1275: MS-Windows: Not possible to pass additional flags to Make_mvc
9.1.1274: Vim9: no support for object<type> as variable type
9.1.1273: Coverity warns about using uninitialized value
9.1.1272: completion: in keyword completion Ctrl_P cannot go back after Ctrl_N
9.1.1271: filetype: Power Query files are not recognized
9.1.1270: missing out-of-memory checks in buffer.c
9.1.1269: completion: compl_shown_match is updated when starting keyword completion
9.1.1268: filetype: dax files are not recognized
9.1.1267: Vim9: no support for type list/dict<object<any>>
9.1.1266: MS-Windows: type conversion warnings
9.1.1265: tests: no tests for typing normal char during completion
9.1.1264: Vim9: error when comparing objects
9.1.1263: string length wrong in get_last_inserted_save()
9.1.1262: heap-buffer-overflow with narrow 'pummaxwidth' value
9.1.1261: No test for 'pummaxwidth' non-truncated items
9.1.1260: Hang when filtering buffer with NUL bytes
9.1.1259: some issues with comment package and tailing spaces
9.1.1258: regexp: max \U and \%U value is limited by INT_MAX
9.1.1257: Mixing vim_strsize() with mb_ptr2cells() in pum_redraw()
9.1.1256: if_python: duplicate tuple data entries
9.1.1255: missing test condition for 'pummaxwidth' setting
9.1.1254: need more tests for the comment plugin
9.1.1253: abort when closing window with attached quickfix data
9.1.1252: typos in code and docs related to 'diffopt' "inline:"
9.1.1251: if_python: build error with tuples and dynamic python
9.1.1250: cannot set the maximum popup menu width
9.1.1249: tests: no test that 'listchars' "eol" doesn't affect "gM"
9.1.1248: compile error when building without FEAT_QUICKFIX
9.1.1247: fragile setup to get (preferred) keys from key_name_entry
9.1.1246: coverity complains about some changes in v9.1.1243
9.1.1245: need some more tests for curly braces evaluation
9.1.1244: part of patch v9.1.1242 was wrong
9.1.1243: diff mode is lacking for changes within lines
9.1.1242: Crash when evaluating variable name
9.1.1241: wrong preprocessort indentation in term.c
9.1.1240: Regression with ic/ac text objects and comment plugin
9.1.1239: if_python: no tuple data type support
9.1.1238: wrong cursor column with 'set splitkeep=screen'
9.1.1237: Compile error with C89 compiler in term.c
9.1.1236: tests: test_comments leaves swapfiles around
9.1.1235: cproto files are outdated
9.1.1234: Compile error when SIZE_MAX is not defined
9.1.1233: Coverity warns about NULL pointer when triggering WinResized
9.1.1232: Vim script is missing the tuple data type
9.1.1231: filetype: SPA JSON files are not recognized
9.1.1230: inconsistent CTRL-C behaviour for popup windows
9.1.1229: the comment plugin can be improved
9.1.1228: completion: current position column wrong after got a match
9.1.1227: no tests for the comment package
9.1.1226: "shellcmdline" completion doesn't work with input()
9.1.1225: extra NULL check in VIM_CLEAR()
9.1.1224: cannot :put while keeping indent
9.1.1223: wrong translation used for encoding failures
9.1.1222: using wrong length for last inserted string
9.1.1221: Wrong cursor pos when leaving Insert mode just after 'autoindent'
9.1.1220: filetype: uv.lock file not recognized
9.1.1219: Strange error with wrong type for matchfuzzy() "camelcase"
9.1.1218: missing out-of-memory check in filepath.c
9.1.1217: tests: typos in test_matchfuzzy.vim
9.1.1216: Pasting the '.' register multiple times may not work
9.1.1215: Patch 9.1.1213 has some issues
9.1.1214: matchfuzzy() can be improved for camel case matches
9.1.1213: cannot :put while keeping indent
9.1.1212: too many strlen() calls in edit.c
9.1.1212: filetype: logrotate'd pacmanlogs are not recognized
9.1.1211: TabClosedPre is triggered just before the tab is being freed
9.1.1210: translation(ru): missing Russian translation for the new tutor
9.1.1209: colorcolumn not drawn after virtual text lines
9.1.1208: MS-Windows: not correctly restoring alternate screen on Win 10
9.1.1207: MS-Windows: build warning in filepath.c
9.1.1206: tests: test_filetype fails when a file is a directory
9.1.1205: completion: preinserted text not removed when closing pum
9.1.1204: MS-Windows: crash when passing long string to expand()
9.1.1203: matchparen keeps cursor on case label in sh filetype
9.1.1202: Missing TabClosedPre autocommand
9.1.1201: 'completefuzzycollect' does not handle dictionary correctly
9.1.1200: cmdline pum not cleared for input() completion
9.1.1199: gvim uses hardcoded xpm icon file
9.1.1198: [security]: potential data loss with zip.vim
9.1.1197: process_next_cpt_value() uses wrong condition
9.1.1196: filetype: config files for container tools are not recognized
9.1.1195: inside try-block: fn body executed with default arg undefined
9.1.1194: filetype: false positive help filetype detection
9.1.1193: Unnecessary use of STRCAT() in au_event_disable()
9.1.1192: Vim crashes with term response debug logging enabled
9.1.1191: tests: test for patch 9.1.1186 doesn't fail without the patch
9.1.1190: C indentation does not detect multibyte labels
9.1.1189: if_python: build error due to incompatible pointer types
9.1.1188: runtime(tera): tera support can be improved
9.1.1187: matchparen plugin wrong highlights shell case statement
9.1.1186: filetype: help files in git repos are not detected
9.1.1185: endless loop with completefuzzycollect and no match found
9.1.1184: Unnecessary use of vim_tolower() in vim_strnicmp_asc()
9.1.1083: "above" virtual text breaks cursorlineopt=number
9.1.1182: No cmdline completion for 'completefuzzycollect'
9.1.1181: Unnecessary STRLEN() calls in insexpand.c
9.1.1180: short-description
9.1.1179: too many strlen() calls in misc2.c
9.1.1178: not possible to generate completion candidates using fuzzy matching
9.1.1177: filetype: tera files not detected
9.1.1176: wrong indent when expanding multiple lines
9.1.1175: inconsistent behaviour with exclusive selection and motion commands
9.1.1174: tests: Test_complete_cmdline() may fail
9.1.1173: filetype: ABNF files are not detected
9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file
9.1.1171: tests: wrong arguments passed to assert_equal()
9.1.1170: wildmenu highlighting in popup can be improved
9.1.1169: using global variable for get_insert()/get_lambda_name()
9.1.1168: wrong flags passed down to nextwild()
9.1.1167: mark '] wrong after copying text object
9.1.1166: command-line auto-completion hard with wildmenu
9.1.1165: diff: regression with multi-file diff blocks
9.1.1164: [security]: code execution with tar.vim and special crafted tar files
9.1.1163: $MYVIMDIR is set too late
9.1.1162: completion popup not cleared in cmdline
9.1.1161: preinsert requires bot "menu" and "menuone" to be set
9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items
9.1.1159: $MYVIMDIR may not always be set
9.1.1158: :verbose set has wrong file name with :compiler!
9.1.1157: command completion wrong for input()
9.1.1156: tests: No test for what patch 9.1.1152 fixes
9.1.1155: Mode message not cleared after :silent message
9.1.1154: Vim9: not able to use autoload class accross scripts
9.1.1153: build error on Haiku
9.1.1152: Patch v9.1.1151 causes problems
9.1.1151: too many strlen() calls in getchar.c
9.1.1150: :hi completion may complete to wrong value
9.1.1149: Unix Makefile does not support Brazilian lang for the installer
9.1.1148: Vim9: finding imported scripts can be further improved
9.1.1147: preview-window does not scroll correctly
9.1.1146: Vim9: wrong context being used when evaluating class member
9.1.1145: multi-line completion has wrong indentation for last line
9.1.1144: no way to create raw strings from a blob
9.1.1143: illegal memory access when putting a register
9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined
9.1.1141: Misplaced comment in readfile()
9.1.1140: filetype: m17ndb files are not detected
9.1.1139: [fifo] is not displayed when editing a fifo
9.1.1138: cmdline completion for :hi is too simplistic
9.1.1137: ins_str() is inefficient by calling STRLEN()
9.1.1136: Match highlighting marks a buffer region as changed
9.1.1135: 'suffixesadd' doesn't work with multiple items
9.1.1134: filetype: Guile init file not recognized
9.1.1133: filetype: xkb files not recognized everywhere
9.1.1132: Mark positions wrong after triggering multiline completion
9.1.1131: potential out-of-memory issue in search.c
9.1.1130: 'listchars' "precedes" is not drawn on Tabs.
9.1.1129: missing out-of-memory test in buf_write()
9.1.1128: patch 9.1.1119 caused a regression with imports
9.1.1127: preinsert text is not cleaned up correctly
9.1.1126: patch 9.1.1121 used a wrong way to handle enter
9.1.1125: cannot loop through pum menu with multiline items
9.1.1124: No test for 'listchars' "precedes" with double-width char
9.1.1123: popup hi groups not falling back to defaults
9.1.1122: too many strlen() calls in findfile.c
9.1.1121: Enter does not insert newline with "noselect"
9.1.1120: tests: Test_registers fails
9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script
9.1.1118: tests: test_termcodes fails
9.1.1117: there are a few minor style issues
9.1.1116: Vim9: super not supported in lambda expressions
9.1.1115: [security]: use-after-free in str_to_reg()
9.1.1114: enabling termguicolors automatically confuses users
9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds
9.1.1112: Inconsistencies in get_next_or_prev_match()
9.1.1111: Vim9: variable not found in transitive import
9.1.1110: Vim tests are slow and flaky
9.1.1109: cmdexpand.c hard to read
9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol"
9.1.1107: cannot loop through completion menu with fuzzy
9.1.1106: tests: Test_log_nonexistent() causes asan failure
9.1.1105: Vim9: no support for protected new() method
9.1.1104: CI: using Ubuntu 22.04 Github runners
9.1.1103: if_perl: still some compile errors with Perl 5.38
9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename
9.1.1101: insexpand.c hard to read
9.1.1100: tests: Test_log_nonexistent only works on Linux
9.1.1099: Vim9: import with extends may crash
9.1.1098: leaking memory with completing multi lines
9.1.1097: --log with non-existent path causes a crash
9.1.1096: if_perl: Perl 5.38 adds new symbols causing link failure
9.1.1095: tests: matchparen plugin test wrongly named
9.1.1094: Vim9: problem finding implemented method in type hierarchy
9.1.1093: tests: output of test ...win32_ctrl_z depends on python version
9.1.1092: tests: fix expected return code for python 3.13 on Windows
9.1.1091: tests: timeout might be a bit too small
9.1.1090: tests: test_terminwscroll_topline2 unreliable
9.1.1089: tests: No check when tests are run under Github actions
9.1.1088: tests: plugin tests are named inconsistently
9.1.1087: Vim9: import with extends may crash
9.1.1086: completion doesn't work with multi lines
9.1.1085: filetype: cmmt files are not recognized
9.1.1084: Unable to persistently ignore events in a window and its buffers
9.1.1083: setreg() doesn't correctly handle mbyte chars in blockwise mode
9.1.1082: unexpected DCS responses may cause out of bounds reads
9.1.1081: has('bsd') is true for GNU/Hurd
9.1.1080: filetype: Mill files are not recognized
9.1.1079: GUI late startup leads to uninitialized scrollbars
9.1.1078: Terminal ansi colors off by one after tgc reset
9.1.1077: included syntax items do not understand contains=TOP
9.1.1076: vim_strnchr() is strange and unnecessary
9.1.1075: Vim9: len variable not used in compile_load()
9.1.1074: Strange error when heredoc marker starts with "trim"
9.1.1073: tests: test_compiler fails on Windows without Maven
9.1.1072: 'diffopt' "linematch" cannot be used with {n} less than 10
9.1.1071: args missing after failing to redefine a function
9.1.1070: Cannot control cursor positioning of getchar()
9.1.1069: preinsert text completions not deleted with <C-W>/<C-U>
9.1.1068: getchar() can't distinguish between C-I and Tab
9.1.1067: tests: Test_termwinscroll_topline2 fails on MacOS
9.1.1066: heap-use-after-free and stack-use-after-scope with :14verbose
9.1.1065: no digraph for "Approaches the limit"
9.1.1064: not possible to use plural forms with gettext()
9.1.1063: too many strlen() calls in userfunc.c
9.1.1062: terminal: E315 when dragging the terminal with the mouse
9.1.1061: tests: test_glvs fails when unarchiver not available
9.1.1060: Vim always enables 'termguicolors' in a terminal
9.1.1059: completion: input text deleted with preinsert when adding leader
9.1.1058: translation(sr): Missing Serbian translation for the tutor
9.1.1057: Superfluous cleanup steps in test_ins_complete.vim
9.1.1056: Vim doesn't highlight to be inserted text when completing
9.1.1055: make install fails because of a missing dependency
9.1.1054: Vim doesn't work well with TERM=xterm-direct
9.1.1053: "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
9.1.1052: tests: off-by-one error in CheckCWD in test_debugger.vim
9.1.1051: tests: no support for env variables when running Vim in terminal
9.1.1050: too many strlen() calls in os_unix.c
9.1.1049: insert-completed items are always sorted
9.1.1048: crash after scrolling and pasting in silent Ex mode
9.1.1047: Makefiles uses non-portable syntax
9.1.1046: fuzzymatching doesn't prefer matching camelcase
9.1.1045: filetype: N-Tripels and TriG files are not recognized
9.1.1044: Vim9: Patch 9.1.1014 causes regressions
9.1.1043: [security]: segfault in win_line()
9.1.1042: filetype: just files are not recognized
9.1.1041: Vim9: out-of-bound access when echoing an enum
9.1.1040: Vim9: imported type cannot be used as func return type
9.1.1039: Vim9: comments are outdated
9.1.1038: tests: test_channel.py fails with IPv6
9.1.1037: Vim9: confusing error when using abstract method via super
9.1.1036: make install fails when using shadowdir
9.1.1035: Vim9: memory leak with blob2str()
9.1.1033: Vim9: compiling abstract method fails without return
9.1.1033: tests: shaderslang was removed from test_filetype erroneously
9.1.1032: link error when FEAT_SPELL not defined
9.1.1031: Coverity complains about insecure data handling
9.1.1030: filetype: setting bash filetype is backwards incompatible
9.1.1029: the installer can be improved
9.1.1028: too many strlen() calls in screen.c
9.1.1027: no sanitize check when running linematch
9.1.1026: filetype: swc configuration files are not recognized
9.1.1025: wrong return type of blob2str()
9.1.1024: blob2str/str2blob() do not support list of strings
9.1.1023: Coverity complains about dereferencing NULL pointer
9.1.1022: linematch option value not completed
9.1.1021: string might be used without a trailing NUL
9.1.1020: no way to get current selected item in a async context
9.1.1019: filetype: fd ignore files are not recognized
9.1.1018: v9.1.0743 causes regression with diff mode
9.1.1017: Vim9: Patch 9.1.1013 causes a few problems
9.1.1016: Not possible to convert string2blob and blob2string
9.1.1015: Coverity complains about dereferencing NULL value
9.1.1014: Vim9: variable not found in transitive import
9.1.1013: Vim9: Regression caused by patch v9.1.0646
9.1.1012: Vim9: class interface inheritance not correctly working
9.1.1011: popupmenu internal error with some abbr in completion item
9.1.1010: filetype: VisualCode setting file not recognized
9.1.1009: diff feature can be improved
9.1.1008: tests: test for patch 9.1.1006 doesn't fail without the patch
9.1.1007: filetype: various ignore are not recognized
9.1.1006: PmenuMatch completion highlight can be combined
9.1.1005: completion text is highlighted even with no pattern found
9.1.1004: tests: a few termdebug tests are flaky
9.1.1003: [security]: heap-buffer-overflow with visual mode
9.1.1002: Vim9: unknown func error with interface declaring func var
9.1.1001: ComplMatchIns highlight hard to read on light background
9.1.1000: tests: ruby tests fail with Ruby 3.4
9.1.0999: Vim9: leaking finished exception
9.1.0998: filetype: TI assembly files are not recognized
9.1.0997: too many strlen() calls in drawscreen.c
9.1.0996: ComplMatchIns may highlight wrong text
9.1.0995: filetype: shaderslang files are not detected
9.1.0994: Vim9: not able to use comment after opening curly brace
9.1.0993: New 'cmdheight' behavior may be surprising
9.1.0992: Vim9: double-free after v9.1.0988
9.1.0991: v:stacktrace has wrong type in Vim9 script
9.1.0990: Inconsistent behavior when changing cmdheight
9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
9.1.0988: Vim9: no error when using uninitialized var in new()
9.1.0987: filetype: cake files are not recognized
9.1.0986: filetype: 'jj' filetype is a bit imprecise
9.1.0985: Vim9: some ex commands can be shortened
9.1.0984: exception handling can be improved
9.1.0983: not able to get the displayed items in complete_info()
9.1.0982: TI linker files are not recognized
9.1.0981: tests: typo in test_filetype.vim
9.1.0980: no support for base64 en-/decoding functions in Vim Script
9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
9.1.0978: GUI tests sometimes fail when setting 'scroll' options
9.1.0977: filetype: msbuild filetypes are not recognized
9.1.0976: Vim9: missing return statement with throw
9.1.0975: Vim9: interpolated string expr not working in object methods
9.1.0974: typo in change of commit v9.1.0873
9.1.0973: too many strlen() calls in fileio.c
9.1.0972: filetype: TI linker map files are not recognized
9.1.0971: filetype: SLNX files are not recognized
9.1.0970: VMS: build errors on VMS architecture
9.1.0969: ghostty not using kitty protocol by default
9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
9.1.0967: SpotBugs compiler setup can be further improved
9.1.0966: Vim9: :enum command can be shortened
9.1.0965: filetype: sh filetype set when detecting the use of bash
9.1.0964: MS-Windows: sed error with MinGW
9.1.0963: fuzzy-matching does not prefer full match
9.1.0962: filetype: bun.lock file is not recognized
9.1.0961: filetype: TI gel files are not recognized
9.1.0960: filetype: hy history files are not recognized
9.1.0959: Coverity complains about type conversion
9.1.0958: filetype: supertux2 config files detected as lisp
9.1.0957: MS-Windows: conversion warnings
9.1.0956: completion may crash, completion highlight wrong with preview window
9.1.0955: Vim9: vim9compile.c can be further improved
9.1.0954: popupmenu.c can be improved
9.1.0953: filetype: APKBUILD files not correctly detected
9.1.0952: Vim9: missing type checking for any type assignment
9.1.0951: filetype: jshell files are not recognized
9.1.0950: filetype: fennelrc files are not recognized
9.1.0949: popups inconsistently shifted to the left
9.1.0948: Missing cmdline completion for :pbuffer
9.1.0947: short-description
9.1.0946: cross-compiling fails on osx-arm64
9.1.0945: ComplMatchIns highlight doesn't end after inserted text
9.1.0944: tests: test_registers fails when not run under X11
9.1.0943: Vim9: vim9compile.c can be further improved
9.1.0942: a few typos were found
9.1.0941: ComplMatchIns doesn't work after multibyte chars
9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
9.1.0939: make installtutor fails
9.1.0938: exclusive selection not respected when re-selecting block mode
9.1.0937: test_undolist() is flaky
9.1.0936: cannot highlight completed text
9.1.0935: SpotBugs compiler can be improved
9.1.0934: hard to view an existing buffer in the preview window
9.1.0933: Vim9: vim9compile.c can be further improved
9.1.0932: new Italian tutor not installed
9.1.0931: ml_get error in terminal buffer
9.1.0930: tests: test_terminal2 may hang in GUI mode
9.1.0929: filetype: lalrpop files are not recognized
9.1.0928: tests: test_popupwin fails because the filter command fails
9.1.0927: style issues in insexpand.c
9.1.0926: filetype: Pixi lock files are not recognized
9.1.0925: Vim9: expression compiled when not necessary
9.1.0924: patch 9.1.0923 causes issues
9.1.0923: too many strlen() calls in filepath.c
9.1.0923: wrong MIN macro in popupmenu.c
9.1.0921: popupmenu logic is a bit convoluted
9.1.0920: Vim9: compile_assignment() too long
9.1.0919: filetype: some assembler files are not recognized
9.1.0918: tiny Vim crashes with fuzzy buffer completion
9.1.0917: various vartabstop and shiftround bugs when shifting lines
9.1.0916: messages.c is exceeding 80 columns
9.1.0915: GVim: default font size a bit too small
9.1.0914: Vim9: compile_assignment() is too long
9.1.0913: no error check for neg values for 'messagesopt'
9.1.0912: xxd: integer overflow with sparse files and -autoskip
9.1.0911: Variable name for 'messagesopt' doesn't match short name
9.1.0910: 'messagesopt' does not check max wait time
9.1.0909: Vim9: crash when calling instance method
9.1.0908: not possible to configure :messages
9.1.0907: printoptions:portrait does not change postscript Orientation
9.1.0906: filetype: Nvidia PTX files are not recognized
9.1.0905: Missing information in CompleteDone event
9.1.0904: Vim9: copy-paste error in class_defining_member()
9.1.0903: potential overflow in spell_soundfold_wsal()
9.1.0902: filetype: Conda configuration files are not recognized
9.1.0901: MS-Windows: vimtutor batch script can be improved
9.1.0900: Vim9: digraph_getlist() does not accept bool arg
9.1.0899: default for 'backspace' can be set in C code
9.1.0898: runtime(compiler): pytest compiler not included
9.1.0897: filetype: pyrex files are not detected
9.1.0896: completion list wrong after v9.1.0891
9.1.0895: default history value is too small
9.1.0894: No test for what the spotbug compiler parses
9.1.0893: No test that undofile format does not regress
9.1.0892: the max value of 'tabheight' is limited by other tabpages
9.1.0891: building the completion list array is inefficient
9.1.0890: %! item not allowed for 'rulerformat'
9.1.0889: Possible unnecessary redraw after adding/deleting lines
9.1.0888: leftcol property not available in getwininfo()
9.1.0887: Wrong expression in sign.c
9.1.0886: filetype: debian control file not detected
9.1.0885: style of sign.c can be improved
9.1.0884: gcc warns about uninitialized variable
9.1.0883: message history cleanup is missing some tests
9.1.0882: too many strlen() calls in insexpand.c
9.1.0881: GUI: message dialog may not get focus
9.1.0880: filetype: C3 files are not recognized
9.1.0879: source is not consistently formatted
9.1.0878: termdebug: cannot enable DEBUG mode
9.1.0877: tests: missing test for termdebug + decimal signs
9.1.0876: filetype: openCL files are not recognized
9.1.0875: filetype: hyprlang detection can be improved
9.1.0874: filetype: karel files are not detected
9.1.0873: filetype: Vivado files are not recognized
9.1.0872: No test for W23 message
9.1.0871: getcellpixels() can be further improved
9.1.0870: too many strlen() calls in eval.c
9.1.0869: Problem: curswant not set on gm in folded line
9.1.0868: the warning about missing clipboard can be improved
9.1.0867: ins_compl_add() has too many args
9.1.0866: filetype: LLVM IR files are not recognized
9.1.0865: filetype: org files are not recognized
9.1.0864: message history is fixed to 200
9.1.0863: getcellpixels() can be further improved
9.1.0862: 'wildmenu' not enabled by default in nocp mode
9.1.0861: Vim9: no runtime check for object member access of any var
9.1.0860: tests: mouse_shape tests use hard code sleep value
9.1.0859: several problems with the GLVS plugin
9.1.0858: Coverity complains about dead code
9.1.0857: xxd: --- is incorrectly recognized as end-of-options
9.1.0856: mouseshape might be wrong on r and gr
9.1.0855: setting 'cmdheight' may cause hit-enter-prompt
9.1.0854: cannot get terminal cell size
9.1.0853: filetype: kubernetes config file not recognized
9.1.0852: No warning when X11 registers are not available
9.1.0851: too many strlen() calls in getchar.c
9.1.0850: Vim9: cannot access nested object inside objects
9.1.0849: there are a few typos in the source
9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
9.1.0847: tests: test_popupwin fails because of updated help file
9.1.0846: debug symbols for xxd are not cleaned in Makefile
9.1.0845: vimtutor shell script can be improved
9.1.0844: if_python: no way to pass local vars to python
9.1.0843: too many strlen() calls in undo.c
9.1.0842: not checking for the sync() systemcall
9.1.0841: tests: still preferring python2 over python3
9.1.0840: filetype: idris2 files are not recognized
9.1.0839: filetype: leo files are not recognized
9.1.0838: vimtutor is bash-specific
9.1.0837: cross-compiling has some issues
9.1.0836: The vimtutor can be improved
9.1.0835: :setglobal doesn't work properly for 'ffu' and 'tsrfu'
9.1.0834: tests: 2html test fails
9.1.0833: CI: recent ASAN changes do not work for indent tests
9.1.0832: :set doesn't work for 'cot' and 'bkc' after :setlocal
9.1.0831: 'findexpr' can't be used as lambad or Funcref
9.1.0830: using wrong highlight group for spaces for popupmenu
9.1.0829: Vim source code uses a mix of tabs and spaces
9.1.0828: string_T struct could be used more often
9.1.0827: CI: tests can be improved
9.1.0826: filetype: sway files are not recognized
9.1.0825: compile error for non-diff builds
9.1.0824: too many strlen() calls in register.c
9.1.0823: filetype: Zephyr overlay files not recognized
9.1.0822: topline might be changed in diff mode unexpectedly
9.1.0821: 'findexpr' completion doesn't set v:fname to cmdline argument
9.1.0820: tests: Mac OS tests are too flaky
9.1.0819: tests: using findexpr and imported func not tested
9.1.0818: some global functions are only used in single files
9.1.0817: termdebug: cannot evaluate expr in a popup
9.1.0816: tests: not clear what tests cause asan failures
9.1.0815: "above" virtual text causes wrong 'colorcolumn' position
9.1.0814: mapset() may remove unrelated mapping
9.1.0813: no error handling with setglobal and number types
9.1.0812: Coverity warns about dereferencing NULL ptr
9.1.0811: :find expansion does not consider 'findexpr'
9.1.0810: cannot easily adjust the |:find| command
9.1.0809: filetype: petalinux config files not recognized
9.1.0808: Terminal scrollback doesn't shrink when decreasing 'termwinscroll'
9.1.0807: tests: having 'nolist' in modelines isn't always desired
9.1.0806: tests: no error check when setting global 'briopt'
9.1.0805: tests: minor issues in gen_opt_test.vim
9.1.0804: tests: no error check when setting global 'cc'
9.1.0803: tests: no error check when setting global 'isk'
9.1.0802: tests: no error check when setting global 'fdm' to empty value
9.1.0801: tests: no error check when setting global 'termwinkey'
9.1.0800: tests: no error check when setting global 'termwinsize'
9.1.0799: tests: gettwinvar()/gettabwinvar() tests are not comprehensive
9.1.0798: too many strlen() calls in cmdhist.c
9.1.0797: testing of options can be further improved
9.1.0796: filetype: libtool files are not recognized
9.1.0795: filetype: Vivado memory info file are not recognized
9.1.0794: tests: tests may fail on Windows environment
9.1.0793: xxd: -e does add one extra space
9.1.0792: tests: Test_set_values() is not comprehensive enough
9.1.0791: tests: errors in gen_opt_test.vim are not shown
9.1.0790: Amiga: AmigaOS4 build should use default runtime (newlib)
9.1.0789: tests: ':resize + 5' has invalid space after '+'
9.1.0788: <CSI>27;<mod>u is not decoded to literal Escape in kitty/foot
9.1.0787: cursor position changed when using hidden terminal
9.1.0786: tests: quickfix update test does not test location list
9.1.0785: cannot preserve error position when setting quickfix list
9.1.0784: there are several problems with python 3.13
9.1.0783: 'spell' option setting has problems
9.1.0782: tests: using wrong neomuttlog file name
9.1.0781: tests: test_filetype fails
9.1.0780: MS-Windows: incorrect Win32 error checking
9.1.0779: filetype: neomuttlog files are not recognized
9.1.0778: filetype: lf config files are not recognized
9.1.0777: filetype: Some upstream php files are not recognized
9.1.0776: test_strftime may fail because of missing TZ data
9.1.0775: tests: not enough tests for setting options
9.1.0774: "shellcmdline" doesn't work with getcompletion()
9.1.0773: filetype: some Apache files are not recognized
9.1.0772: some missing changes from v9.1.0771
9.1.0771: completion attribute hl_group is confusing
9.1.0770: current command line completion is a bit limited
9.1.0769: filetype: MLIR files are not recognized
9.1.0768: MS-Windows: incorrect cursor position when restoring screen
9.1.0767: A condition is always true in ex_getln.c
9.1.0766: too many strlen() calls in ex_getln.c
9.1.0765: No test for patches 6.2.418 and 7.3.489
9.1.0764: [security]: use-after-free when closing a buffer
9.1.0763: tests: cannot run single syntax tests
9.1.0762: 'cedit', 'termwinkey' and 'wildchar' may not be parsed correctly
9.1.0761: :cd completion fails on Windows with backslash in path
9.1.0760: tests: no error reported, if gen_opt_test.vim fails
9.1.0759: screenpos() may return invalid position
9.1.0758: it's possible to set an invalid key to 'wildcharm'
9.1.0757: tests: messages files contains ANSI escape sequences
9.1.0756: missing change from patch v9.1.0754
9.1.0755: quickfix list does not handle hardlinks well
9.1.0754: fixed order of items in insert-mode completion menu
9.1.0753: Wrong display when typing in diff mode with 'smoothscroll'
9.1.0752: can set 'cedit' to an invalid value
9.1.0751: Error callback for term_start() not used
9.1.0750: there are some Win9x legacy references
9.1.0749: filetype: http files not recognized
9.1.0748: :keep* commmands are sometimes misidentified as :k
9.1.0747: various typos in repo found
9.1.0746: tests: Test_halfpage_longline() fails on large terminals
9.1.0745: filetype: bun and deno history files not recognized
9.1.0744: filetype: notmuch configs are not recognised
9.1.0743: diff mode does not handle overlapping diffs correctly
9.1.0742: getcmdprompt() implementation can be improved
9.1.0741: No way to get prompt for input()/confirm()
9.1.0740: incorrect internal diff with empty file
9.1.0739: [security]: use-after-free in ex_getln.c
9.1.0738: filetype: rapid files are not recognized
9.1.0737: tests: screendump tests may require a bit more time
9.1.0736: Unicode tables are outdated
9.1.0735: filetype: salt files are not recognized
9.1.0734: filetype: jinja files are not recognized
9.1.0733: keyword completion does not work with fuzzy
9.1.0732: xxd: cannot use -b and -i together
9.1.0731: inconsistent case sensitive extension matching
9.1.0730: Crash with cursor-screenline and narrow window
9.1.0729: Wrong cursor-screenline when resizing window
9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data
9.1.0727: too many strlen() calls in option.c
9.1.0726: not using correct python3 API with dynamic linking
9.1.0725: filetype: swiftinterface files are not recognized
9.1.0724: if_python: link error with python 3.13 and stable ABI
9.1.0723: if_python: dynamic linking fails with python3 >= 3.13
9.1.0722: crash with large id in text_prop interface
9.1.0721: tests: test_mksession does not consider XDG_CONFIG_HOME
9.1.0720: Wrong breakindentopt=list:-1 with multibyte or TABs
9.1.0719: Resetting cell widths can make 'listchars' or 'fillchars' invalid
9.1.0718: hard to know the users personal Vim Runtime Directory
9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()
9.1.0716: resetting setcellwidth() doesn't update the screen
9.1.0715: Not correctly parsing color names (after v9.1.0709)
9.1.0714: tests: GuiEnter_Turkish test may fail
9.1.0713: Newline causes E749 in Ex mode
9.1.0712: tests: missing dependency of Test_gettext_makefile
9.1.0711: tests: test_xxd may file when using different xxd
9.1.0710: popup window may hide part of Command line
9.1.0709: GUIEnter event not found in Turkish locale
9.1.0708: Recursive window update does not account for reset skipcol
9.1.0707: [security]: invalid cursor position may cause a crash
9.1.0706: tests: test_gettext fails when using shadow dir
9.1.0705: Sorting of fuzzy filename completion is not stable
9.1.0704: inserting with a count is inefficient
9.1.0703: crash with 2byte encoding and glob2regpat()
9.1.0702: Patch 9.1.0700 broke CI
9.1.0701: crash with NFA regex engine when searching for composing chars
9.1.0700: crash with 2byte encoding and glob2regpat()
9.1.0699: "dvgo" is not always an inclusive motion
9.1.0698: tests: "Untitled" file not removed when running Test_crash1_3 alone
9.1.0697: [security]: heap-buffer-overflow in ins_typebuf
9.1.0696: installing runtime files fails when using SHADOWDIR
9.1.0695: tests: test_crash leaves Untitled file around
9.1.0694: matchparen is slow on a long line
9.1.0693: Configure doesn't show result when not using python3 stable abi
9.1.0692: Wrong patlen value in ex_substitute()
9.1.0691: python3: stable-abi may cause segfault on Python 3.11
9.1.0690: cannot set special highlight kind in popupmenu
9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft'
9.1.0688: Vim9: dereferences NULL pointer in check_type_is_value()
9.1.0687: Makefile may not install desktop files
9.1.0686: zip-plugin has problems with special characters
9.1.0685: too many strlen() calls in usercmd.c
9.1.0684: completion is inserted on Enter with "noselect"
9.1.0683: mode() returns wrong value with <Cmd> mapping
9.1.0682: Vim9: Segfault with uninitialized funcref
9.1.0681: tests: Analyzing failed screendumps is hard
9.1.0680: VMS does not have defined uintptr_t
9.1.0679: Rename from w_closing to w_locked is incomplete
9.1.0678: [security]: use-after-free in alist_add()
9.1.0677: :keepp does not retain the substitute pattern
9.1.0676: style issues with man pages
9.1.0675: Patch v9.1.0674 causes problems
9.1.0674: Vim9: compiling abstract method fails because of missing return
9.1.0673: Vim9: too recursive func calls when calling super-class method
9.1.0672: marker folds may get corrupted on undo
9.1.0670: po file encoding fails on *BSD during make
9.1.0669: if_python: stable python ABI not used by default
9.1.0668: build-error with python3.12 and stable ABI
9.1.0667: Some other options reset curswant unnecessarily when set
9.1.0666: assert_equal() doesn't show multibyte string correctly
9.1.0665: Locked variable can be changed in a :for loop
9.1.0664: MS-Windows: console vim did not switch back to main screen on exit
9.1.0663: tests: zip test still resets 'shellslash' option
9.1.0662: filecopy() may return wrong value when readlink() fails
9.1.0661: the zip plugin is not tested.
9.1.0660: MS-Windows: Shift-Insert does work on old conhost
9.1.0659: MS-Windows: MSVC Makefile is a bit hard to read
9.1.0658: Coverity warns about dereferencing NULL pointer.
9.1.0657: MS-Windows: MSVC build time can be optimized
9.1.0656: MS-Windows: MSVC Makefile CPU handling can be improved
9.1.0655: filetype: goaccess config file not recognized
9.1.0654: completion does not respect completeslash with fuzzy
9.1.0653: Patch v9.1.0648 not completely right
9.1.0652: too many strlen() calls in syntax.c
9.1.0651: ex: trailing dot is optional for :g and :insert/:append
9.1.0650: Coverity warning in cstrncmp()
9.1.0649: Wrong comment for "len" argument of call_simple_func()
9.1.0648: [security] double-free in dialog_changed()
9.1.0647: [security] use-after-free in tagstack_clear_entry
9.1.0646: Vim9: imported function may not be found
9.1.0645: regex: wrong match when searching multi-byte char case-insensitive
9.1.0644: Unnecessary STRLEN() when applying mapping
9.1.0643: terminal: cursor may end up on invalid position
9.1.0642: Check that mapping rhs starts with lhs fails if not simplified
9.1.0641: MS-Windows: OLE enabled in console version
9.1.0640: Mingw: Makefile can be improved
9.1.0639: channel timeout may wrap around
9.1.0638: E1510 may happen when formatting a message for smsg()
9.1.0637: MS-Windows: Style issues in MSVC Makefile
9.1.0636: filetype: ziggy files are not recognized
9.1.0635: filetype: SuperHTML template files not recognized
9.1.0634: Ctrl-P not working by default
9.1.0633: Compilation warnings with `-Wunused-parameter`
9.1.0632: MS-Windows: Compiler Warnings
9.1.0631: wrong completion list displayed with non-existing dir + fuzzy completion
9.1.0630: MS-Windows: build fails with VIMDLL and mzscheme
9.1.0629: Rename of pum hl_group is incomplete
9.1.0628: MinGW: coverage files are not cleaned up
9.1.0627: MinGW: build-error when COVERAGE is enabled
9.1.0626: Vim9: need more tests with null objects
9.1.0625: tests: test output all translated messages for all translations
9.1.0624: ex command modifiers not found
9.1.0623: Mingw: errors when trying to delete non-existing files
9.1.0622: MS-Windows: mingw-build can be optimized
9.1.0621: MS-Windows: startup code can be improved
9.1.0620: Vim9: segfauls with null objects
9.1.0619: tests: test_popup fails
9.1.0618: cannot mark deprecated attributes in completion menu
9.1.0617: Cursor moves beyond first line of folded end of buffer
9.1.0616: filetype: Make syntax highlighting off for MS Makefiles
9.1.0615: Unnecessary STRLEN() in make_percent_swname()
9.1.0614: tests: screendump tests fail due to recent syntax changes
9.1.0613: tests: termdebug test may fail and leave file around
9.1.0612: filetype: deno.lock file not recognized
9.1.0611: ambiguous mappings not correctly resolved with modifyOtherKeys
9.1.0610: filetype: OpenGL Shading Language files are not detected
9.1.0609: outdated comments in Makefile
9.1.0608: Coverity warns about a few potential issues
9.1.0607: termdebug: uses inconsistent style
9.1.0606: tests: generated files may cause failure in test_codestyle
9.1.0605: internal error with fuzzy completion
9.1.0604: popup_filter during Press Enter prompt seems to hang
9.1.0603: filetype: use correct extension for Dracula
9.1.0602: filetype: Prolog detection can be improved
9.1.0601: Wrong cursor position with 'breakindent' when wide char doesn't fit
9.1.0600: Unused function and unused error constants
9.1.0599: Termdebug: still get E1023 when specifying arguments
9.1.0598: fuzzy completion does not work with default completion
9.1.0597: KeyInputPre cannot get the (unmapped typed) key
9.1.0596: filetype: devscripts config files are not recognized
9.1.0595: make errors out with the po Makefile
9.1.0594: Unnecessary redraw when setting 'winfixbuf'
9.1.0593: filetype: Asymptote files are not recognized
9.1.0592: runtime: filetype: Mediawiki files are not recognized
9.1.0591: filetype: *.wl files are not recognized
9.1.0590: Vim9: crash when accessing getregionpos() return value
9.1.0589: vi: d{motion} and cw work differently than expected
9.1.0588: The maze program no longer compiles on newer clang
9.1.0587: tests: Test_gui_lowlevel_keyevent is still flaky
9.1.0586: ocaml runtime files are outdated
9.1.0585: tests: test_cpoptions leaves swapfiles around
9.1.0584: Warning about redeclaring f_id() non-static
9.1.0583: filetype: *.pdf_tex files are not recognized
9.1.0582: Printed line doesn't overwrite colon when pressing Enter in Ex mode
9.1.0581: Various lines are indented inconsistently
9.1.0580: :lmap mapping for keypad key not applied when typed in Select mode
9.1.0579: Ex command is still executed after giving E1247
9.1.0578: no tests for :Tohtml
9.1.0577: Unnecessary checks for v:sizeoflong in test_put.vim
9.1.0576: tests: still an issue with test_gettext_make
9.1.0575: Wrong comments in alt_tabpage()
9.1.0574: ex: wrong handling of commands after bar
9.1.0573: ex: no implicit print for single addresses
9.1.0572: cannot specify tab page closing behaviour
9.1.0571: tests: Test_gui_lowlevel_keyevent is flaky
9.1.0570: tests: test_gettext_make can be improved
9.1.0569: fnamemodify() treats ".." and "../" differently
9.1.0568: Cannot expand paths from 'cdpath' setting
9.1.0567: Cannot use relative paths as findfile() stop directories
9.1.0566: Stop dir in findfile() doesn't work properly w/o trailing slash
9.1.0565: Stop directory doesn't work properly in 'tags'
9.1.0564: id() can be faster
9.1.0563: Cannot process any Key event
9.1.0562: tests: inconsistency in test_findfile.vim
9.1.0561: netbeans: variable used un-initialized (Coverity)
9.1.0560: bindtextdomain() does not indicate an error
9.1.0559: translation of vim scripts can be improved
9.1.0558: filetype: prolog detection can be improved
9.1.0557: moving in the buffer list doesn't work as documented
9.1.0556: :bwipe doesn't remove file from jumplist of other tabpages
9.1.0555: filetype: angular ft detection is still problematic
9.1.0554: :bw leaves jumplist and tagstack data around
9.1.0553: filetype: *.mcmeta files are not recognized
9.1.0552: No test for antlr4 filetype
9.1.0551: filetype: htmlangular files are not properly detected
9.1.0550: filetype: antlr4 files are not recognized
9.1.0549: fuzzycollect regex based completion not working as expected
9.1.0548: it's not possible to get a unique id for some vars
9.1.0547: No way to get the arity of a Vim function
9.1.0546: vim-tiny fails on CTRL-X/CTRL-A
9.1.0545: MSVC conversion warning
9.1.0544: filetype: ldapconf files are not recognized
9.1.0543: Behavior of CursorMovedC is strange
9.1.0542: Vim9: confusing string() output for object functions
9.1.0541: failing test with Vim configured without channel
9.1.0540: Unused assignment in sign_define_cmd()
9.1.0539: Not enough tests for what v9.1.0535 fixed
9.1.0538: not possible to assign priority when defining a sign
9.1.0537: signed number detection for CTRL-X/A can be improved
9.1.0536: filetype: zone files are not recognized
9.1.0535: newline escape wrong in ex mode
9.1.0534: completion wrong with fuzzy when cycling back to original
9.1.0533: Vim9: need more tests for nested objects equality
9.1.0532: filetype: Cedar files not recognized
9.1.0531: resource leak in mch_get_random()
9.1.0530: xxd: MSVC warning about non-ASCII character
9.1.0529: silent! causes following try/catch to not work
9.1.0528: spell completion message still wrong in translations
9.1.0527: inconsistent parameter in Makefiles for Vim executable
9.1.0526: Unwanted cursor movement with pagescroll at start of buffer
9.1.0525: Right release selects immediately when pum is truncated.
9.1.0524: the recursive parameter in the *_equal functions can be removed
9.1.0523: Vim9: cannot downcast an object
9.1.0522: Vim9: string(object) hangs for recursive references
9.1.0521: if_py: _PyObject_CallFunction_SizeT is dropped in Python 3.13
9.1.0520: Vim9: incorrect type checking for modifying lists
9.1.0519: MS-Windows: libvterm compilation can be optimized
9.1.0518: initialize the random buffer can be improved
9.1.0517: MS-Windows: too long lines in Make_mvc.mak
9.1.0516: need more tests for nested dicts and list comparision
9.1.0515: Vim9: segfault in object_equal()
9.1.0514: Vim9: issue with comparing objects recursively
9.1.0513: Vim9: segfault with object comparison
9.1.0512: Mode message for spell completion doesn't match allowed keys
9.1.0511: CursorMovedC triggered wrongly with setcmdpos()
9.1.0510: CI: test_gettext fails on MacOS14 + MSVC Win
9.1.0509: not possible to translate Vim script messages
9.1.0508: termdebug plugin can be further improved
9.1.0507: hard to detect cursor movement in the command line
9.1.0506: filetype: .envrc & .prettierignore not recognized
9.1.0505: filetype: Faust files are not recognized
9.1.0504: inner-tag textobject confused about ">" in attributes
9.1.0503: cannot use fuzzy keyword completion
9.1.0502: MS-Windows: too much legacy code
9.1.0501: too complicated mapping restore in termdebug
9.1.0500: cannot switch buffer in a popup
9.1.0499: MS-Windows: doesn't handle symlinks properly
9.1.0498: getcmdcompltype() interferes with cmdline completion
9.1.0497: termdebug can be further improved
9.1.0496: matched text is highlighted case-sensitively
9.1.0495: Matched text isn't highlighted in cmdline pum
9.1.0494: Wrong matched text highlighted in pum with 'rightleft'
9.1.0493: Test for patch 9.1.0489 doesn't fail without the fix
9.1.0492: filetype: Vim-script files not detected by shebang line
9.1.0491: Cmdline pum doesn't work properly with 'rightleft'
9.1.0490: minor style problems with patch 9.1.0487
9.1.0489: default completion may break with fuzzy
9.1.0488: Wrong padding for pum "kind" with 'rightleft'
9.1.0487: completed item not update on fuzzy completion
9.1.0486: filetype: Snakemake files are not recognized
9.1.0485: Matched text shouldn't be highlighted in "kind" and "menu"
9.1.0484: Sorting of completeopt+=fuzzy is not stable
9.1.0483: glob() not sufficiently tested
9.1.0482: termdebug plugin needs more love
9.1.0481: Vim9: term_getjob() throws an exception on error
9.1.0480: fuzzy string matching executed when not needed
9.1.0479: fuzzy_match_str_with_pos() does unnecessary list operations
9.1.0478: potential deref of NULL pointer in fuzzy_match_str_with_pos
9.1.0477: block_editing errors out when using <enter>
9.1.0476: Cannot see matched text in popup menu
9.1.0475: cmod_split modifier is always reset in term_start()
9.1.0474: CI: Test_ColonEight() fails on github runners
9.1.0473: term_start() does not clear vertical modifier
9.1.0472: Inconsistencies between functions for option flags
9.1.0471: Crash when using autocmd_get() after removing event inside autocmd
9.1.0470: tests: Test_ColonEight_MultiByte() fails sporadically
9.1.0469: Cannot have buffer-local value for 'completeopt'
9.1.0468: GvimExt does not consult HKEY_CURRENT_USER
9.1.0467: typos in some comments
9.1.0466: Missing comments for fuzzy completion
9.1.0465: missing filecopy() function
9.1.0464: no whitespace padding in commentstring option in ftplugins
9.1.0463: no fuzzy-matching support for insert-completion
9.1.0462: eval5() and eval7 are too complex
9.1.0461: too many strlen() calls in drawline.c
9.1.0460: filetype: lintstagedrc files are not recognized
9.1.0459: Vim9: import autoload does not work with symlink
9.1.0458: Coverity complains about division by zero
9.1.0457: tests: test_gui fails on Wayland
9.1.0456: Left shift is incorrect with vartabstop and shiftwidth=0
9.1.0455: MS-Windows: compiler warning for size_t to int conversion
9.1.0454: minor issues in test_filetype with rasi test
9.1.0453: filetype: rasi files are not recognized
9.1.0452: Configure checks for libelf unnecessarily
9.1.0451: No test for escaping '<' with shellescape()
9.1.0450: evalc. code too complex
9.1.0449: MS-Windows: Compiler warnings
9.1.0448: compiler warning in eval.c
9.1.0447: completion may be wrong when deleting all chars
9.1.0446: getregionpos() inconsistent for partly-selected multibyte char
9.1.0445: Coverity warning after 9.1.0440
9.1.0444: Not enough tests for getregion() with multibyte chars
9.1.0443: Can't use blockwise selection with width for getregion()
9.1.0442: hare runtime files outdated
9.1.0441: getregionpos() can't properly indicate positions beyond eol
9.1.0440: function get_lval() is too long
9.1.0439: Cannot filter the history
9.1.0438: Wrong Ex command executed when :g uses '?' as delimiter
9.1.0437: Motif requires non-const char pointer for XPM data
9.1.0436: Crash when using '?' as separator for :s
9.1.0435: filetype: cygport files are not recognized
9.1.0434: make errors trying to access autoload/zig
9.1.0433: Wrong yanking with exclusive selection and ve=all
9.1.0432: Ancient XPM preprocessor hack may cause build errors
9.1.0431: eval.c is too long
9.1.0430: getregionpos() doesn't handle one char selection
9.1.0429: Coverity complains about eval.c refactor
9.1.0428: Tag guessing leaves wrong search history with very short names
9.1.0427: tests: some issues with termdebug mapping test
9.1.0426: too many strlen() calls in search.c
9.1.0425: filetype: purescript files are not recognized
9.1.0424: filetype: slint files are not recognized
9.1.0423: getregionpos() wrong with blockwise mode and multibyte
9.1.0422: function echo_string_core() is too long
9.1.0421: filetype: hyprlang files are not recognized
9.1.0420: :browse oldfiles prompts even with single entry
9.1.0419: eval.c not sufficiently tested
9.1.0418: Cannot move to previous/next rare word
9.1.0417: if_py: find_module has been removed in Python 3.12.0a7
9.1.0416: some screen dump tests can be improved
9.1.0415: Some functions are not tested
9.1.0414: Unable to leave long line with 'smoothscroll' and 'scrolloff'
9.1.0413: smoothscroll may cause infinite loop
9.1.0412: typo in regexp_bt.c in DEBUG code
9.1.0411: too long functions in eval.c
9.1.0410: warning about uninitialized variable
9.1.0409: too many strlen() calls in the regexp engine
9.1.0408: configure fails on Fedora when including perl
9.1.0407: Stuck with long line and half-page scrolling
9.1.0406: Divide by zero with getmousepos() and 'smoothscroll'
9.1.0405: tests: xxd buffer overflow fails on 32-bit
9.1.0404: [security] xxd: buffer-overflow with specific flags
9.1.0403: Vim9: not able to import file from start dir
9.1.0402: filetype: mdd files detected as zsh filetype
9.1.0401: filetype: zsh module files are not recognized
9.1.0400: Vim9: confusing error message for unknown type
9.1.0399: block_editing errors out when using del
9.1.0398: Vim9: imported vars are not properly type checked
9.1.0397: Wrong display with 'smoothscroll' when changing quickfix list
9.1.0396: filetype: jj files are not recognized
9.1.0395: getregionpos() may leak memory on error
9.1.0394: Cannot get a list of positions describing a region
9.1.0393: 'viewdir' not respecting $XDG_CONFIG_HOME
9.1.0392: tests: Vim9 debug tests may be flaky
9.1.0391: Vim9: could improve testing
9.1.0390: filetype: inko files are not recognized
9.1.0389: filetype: templ files are not recognized
9.1.0388: cursor() and getregion() don't handle v:maxcol well
9.1.0387: Vim9: null value tests not sufficient
9.1.0386: filetype: stylus files not recognized
9.1.0385: Vim9: crash with null_class and null_object
9.1.0384: tests: vt420 terminfo entry may not be found
9.1.0383: filetype: .out files recognized as tex files
9.1.0382: filetype: Kbuild files are not recognized
9.1.0381: cbuffer and similar commands don't accept a range
9.1.0380: Calculating line height for unnecessary amount of lines
9.1.0379: There are a few typos
9.1.0378: Vim9: no comments allowed after class vars
9.1.0377: Formatting text wrong when 'breakindent' is set
9.1.0376: Vim9: Trailing commands after class/enum keywords ignored
9.1.0375: tests: 1-second delay after Test_BufEnter_botline()
9.1.0374: wrong botline in BufEnter
9.1.0373: ops.c code uses too many strlen() calls
9.1.0372: Calling CLEAR_FIELD() on the same struct twice
9.1.0371: Vim9: compile_def_function() still too long
9.1.0370: MS-Windows: patch number is zero in installer
9.1.0369: Vim9: problem when importing autoloaded scripts
9.1.0368: MS-Windows: Hard to define the Vim Patchlevel with leading zeroes
9.1.0367: compile_def_function is too long
9.1.0366: filetype: ondir files are not recognized
9.1.0365: Crash when typing many keys with D- modifier
9.1.0364: tests: test_vim9_builtin is a bit slow
9.1.0363: tests: test_winfixbuf is a bit slow
9.1.0362: expanding rc config files does not work well
9.1.0361: Vim9: vim9type.c is too complicated
9.1.0360: Vim9: does not handle autoloaded variables well
9.1.0359: MS-Windows: relative import in a script sourced from a buffer doesn't work
9.1.0358: wrong drawing in GUI with setcellwidth()
9.1.0357: Page scrolling should place cursor at window boundaries
9.1.0356: MS-Windows: --remote may change working directory
9.1.0355: filetype: flake.lock files are not recognized
9.1.0354: runtime(uci): No support for uci file types
9.1.0353: tests: Test_autoload_import_relative_compiled fails on Windows
9.1.0352: Finding cmd modifiers and cmdline-specials is inefficient
9.1.0351: No test that completing a partial mapping clears 'showcmd'
9.1.0350: tests: test_vim9_dissamble may fail
9.1.0349: Vim9: need static type for typealias
9.1.0348: X11 does not ignore smooth scroll event
9.1.0347: A few typos in test_xdg when testing gvimrc
9.1.0346: Patch v9.1.0338 fixed sourcing a script with import
9.1.0345: Problem: gvimrc not sourced from XDG_CONFIG_HOME
9.1.0344: Cursor wrong after using setcellwidth() in terminal
9.1.0343: 'showcmd' wrong for partial mapping with multibyte
9.1.0342: tests: test_taglist fails when 'helplang' contains non-english
9.1.0341: Problem: a few memory leaks are found
9.1.0340: Problem: Error with matchaddpos() and empty list
9.1.0339: tests: xdg test uses screen dumps
9.1.0338: Vim9: import through symlinks not correctly handled
9.1.0337: Missing entry for XDG vimrc file in :version
9.1.0336: tests: typo in test_xdg
9.1.0335: String interpolation fails for List type
9.1.0334: No test for highlight behavior with 'ambiwidth'
9.1.0333: tests: test_xdg fails on the appimage repo
9.1.0332: tests: some assert_equal() calls have wrong order of args
9.1.0331: make install does not install all files