- SUSEConnect
-
- Update to 0.3.29
- replace env ruby path with native ruby path during build phase
- bind
-
- Updated named.root (aka /var/lib/named/root.hint) to the newest
version available at ftp://FTP.INTERNIC.NET/domain/named.cache
[named.root, bsc#1181372]
- Each subpackage which has the sonum in its name now Provides:
its basename:
libbind9, libdns, libirs, libisccc, libisccfg, liblwres
and Obsoletes: any previous version, so when thas package is
upgraded, the old version can be easily removed.
[bind.spec]
- cloud-init
-
- Update cloud-init-write-routes.patch (bsc#1180176)
+ Follow up to previous changes. Fix order of operations
error to make gateway comparison between subnet configuration and
route configuration valuable rather than self-comparing.
- Add cloud-init-sle12-compat.patch (jsc#PM-2335)
- Python 3.4 compatibility in setup.py
- Disable some test for mock version compatibility
- Add wget as a requirement (bsc#1178029)
+ wget is used in the CloudStack data source
- Add cloud-init-azure-def-usr-pass.patch (bsc#1179150, bsc#1179151)
+ Properly set the password for the default user in all circumstances
- Patch the full package version into the cloud-init version file
- Update cloud-init-write-routes.patch (bsc#1177526)
+ Fix missing default route when dual stack network setup is used. Once
a default route was configured for Ipv6 or IPv4 the default route
configuration for the othre protocol was skipped.
- Update cloud-init-write-routes.patch (bsc#1177526)
+ Avoid exception if no gateway information is present and warning
is triggered for existing routing.
- Update to version 20.2 (bsc#1174443, bsc#1174444)
+ Remove patches included upstream:
- 0001-Make-tests-work-with-Python-3.8-139.patch
- cloud-init-ostack-metadat-dencode.patch
- cloud-init-use-different-random-src.diff
- cloud-init-long-pass.patch
- cloud-init-mix-static-dhcp.patch
+ Remove patches build switched to Python 3 for all distributions
(jsc#PM-2335)
- cloud-init-python2-sigpipe.patch
- cloud-init-template-py2.patch
+ Add
- cloud-init-after-kvp.diff
- cloud-init-recognize-hpc.patch
+ doc/format: reference make-mime.py instead of an inline script (#334)
+ Add docs about creating parent folders (#330) [Adrian Wilkins]
+ DataSourceNoCloud/OVF: drop claim to support FTP (#333) (LP: #1875470)
+ schema: ignore spurious pylint error (#332)
+ schema: add json schema for write_files module (#152)
+ BSD: find_devs_with_ refactoring (#298) [Gonéri Le Bouder]
+ nocloud: drop work around for Linux 2.6 (#324) [Gonéri Le Bouder]
+ cloudinit: drop dependencies on unittest2 and contextlib2 (#322)
+ distros: handle a potential mirror filtering error case (#328)
+ log: remove unnecessary import fallback logic (#327)
+ .travis.yml: don't run integration test on ubuntu/* branches (#321)
+ More unit test documentation (#314)
+ conftest: introduce disable_subp_usage autouse fixture (#304)
+ YAML align indent sizes for docs readability (#323) [Tak Nishigori]
+ network_state: add missing space to log message (#325)
+ tests: add missing mocks for get_interfaces_by_mac (#326) (LP: #1873910)
+ test_mounts: expand happy path test for both happy paths (#319)
+ cc_mounts: fix incorrect format specifiers (#316) (LP: #1872836)
+ swap file "/size"/ being used before checked if str (#315) [Eduardo Otubo]
+ HACKING.rst: add pytest version gotchas section (#311)
+ docs: Add steps to re-run cloud-id and cloud-init (#313) [Joshua Powers]
+ readme: OpenBSD is now supported (#309) [Gonéri Le Bouder]
+ net: ignore 'renderer' key in netplan config (#306) (LP: #1870421)
+ Add support for NFS/EFS mounts (#300) [Andrew Beresford] (LP: #1870370)
+ openbsd: set_passwd should not unlock user (#289) [Gonéri Le Bouder]
+ tools/.github-cla-signers: add beezly as CLA signer (#301)
+ util: remove unnecessary lru_cache import fallback (#299)
+ HACKING.rst: reorganise/update CLA signature info (#297)
+ distros: drop leading/trailing hyphens from mirror URL labels (#296)
+ HACKING.rst: add note about variable annotations (#295)
+ CiTestCase: stop using and remove sys_exit helper (#283)
+ distros: replace invalid characters in mirror URLs with hyphens (#291)
(LP: #1868232)
+ rbxcloud: gracefully handle arping errors (#262) [Adam Dobrawy]
+ Fix cloud-init ignoring some misdeclared mimetypes in user-data.
[Kurt Garloff]
+ net: ubuntu focal prioritize netplan over eni even if both present
(#267) (LP: #1867029)
+ cloudinit: refactor util.is_ipv4 to net.is_ipv4_address (#292)
+ net/cmdline: replace type comments with annotations (#294)
+ HACKING.rst: add Type Annotations design section (#293)
+ net: introduce is_ip_address function (#288)
+ CiTestCase: remove now-unneeded parse_and_read helper method (#286)
+ .travis.yml: allow 30 minutes of inactivity in cloud tests (#287)
+ sources/tests/test_init: drop use of deprecated inspect.getargspec (#285)
+ setup.py: drop NIH check_output implementation (#282)
+ Identify SAP Converged Cloud as OpenStack [Silvio Knizek]
+ add Openbsd support (#147) [Gonéri Le Bouder]
+ HACKING.rst: add examples of the two test class types (#278)
+ VMWware: support to update guest info gc status if enabled (#261)
[xiaofengw-vmware]
+ Add lp-to-git mapping for kgarloff (#279)
+ set_passwords: avoid chpasswd on BSD (#268) [Gonéri Le Bouder]
+ HACKING.rst: add Unit Testing design section (#277)
+ util: read_cc_from_cmdline handle urlencoded yaml content (#275)
+ distros/tests/test_init: add tests for _get_package_mirror_info (#272)
+ HACKING.rst: add links to new Code Review Process doc (#276)
+ freebsd: ensure package update works (#273) [Gonéri Le Bouder]
+ doc: introduce Code Review Process documentation (#160)
+ tools: use python3 (#274)
+ cc_disk_setup: fix RuntimeError (#270) (LP: #1868327)
+ cc_apt_configure/util: combine search_for_mirror implementations (#271)
+ bsd: boottime does not depend on the libc soname (#269)
[Gonéri Le Bouder]
+ test_oracle,DataSourceOracle: sort imports (#266)
+ DataSourceOracle: update .network_config docstring (#257)
+ cloudinit/tests: remove unneeded with_logs configuration (#263)
+ .travis.yml: drop stale comment (#255)
+ .gitignore: add more common directories (#258)
+ ec2: render network on all NICs and add secondary IPs as static (#114)
(LP: #1866930)
+ ec2 json validation: fix the reference to the 'merged_cfg' key (#256)
[Paride Legovini]
+ releases.yaml: quote the Ubuntu version numbers (#254) [Paride Legovini]
+ cloudinit: remove six from packaging/tooling (#253)
+ util/netbsd: drop six usage (#252)
+ workflows: introduce stale pull request workflow (#125)
+ cc_resolv_conf: introduce tests and stabilise output across Python
versions (#251)
+ fix minor issue with resolv_conf template (#144) [andreaf74]
+ doc: CloudInit also support NetBSD (#250) [Gonéri Le Bouder]
+ Add Netbsd support (#62) [Gonéri Le Bouder]
+ tox.ini: avoid substition syntax that causes a traceback on xenial (#245)
+ Add pub_key_ed25519 to cc_phone_home (#237) [Daniel Hensby]
+ Introduce and use of a list of GitHub usernames that have signed CLA
(#244)
+ workflows/cla.yml: use correct username for CLA check (#243)
+ tox.ini: use xenial version of jsonpatch in CI (#242)
+ workflows: CLA validation altered to fail status on pull_request (#164)
+ tox.ini: bump pyflakes version to 2.1.1 (#239)
+ cloudinit: move to pytest for running tests (#211)
+ instance-data: add cloud-init merged_cfg and sys_info keys to json
(#214) (LP: #1865969)
+ ec2: Do not fallback to IMDSv1 on EC2 (#216)
+ instance-data: write redacted cfg to instance-data.json (#233)
(LP: #1865947)
+ net: support network-config:disabled on the kernel commandline (#232)
(LP: #1862702)
+ ec2: only redact token request headers in logs, avoid altering request
(#230) (LP: #1865882)
+ docs: typo fixed: dta → data [Alexey Vazhnov]
+ Fixes typo on Amazon Web Services (#217) [Nick Wales]
+ Fix docs for OpenStack DMI Asset Tag (#228)
[Mark T. Voelker] (LP: #1669875)
+ Add physical network type: cascading to openstack helpers (#200)
[sab-systems]
+ tests: add focal integration tests for ubuntu (#225)
- From 20.1 (first vesrion after 19.4)
+ ec2: Do not log IMDSv2 token values, instead use REDACTED (#219)
(LP: #1863943)
+ utils: use SystemRandom when generating random password. (#204)
[Dimitri John Ledkov]
+ docs: mount_default_files is a list of 6 items, not 7 (#212)
+ azurecloud: fix issues with instances not starting (#205) (LP: #1861921)
+ unittest: fix stderr leak in cc_set_password random unittest
output. (#208)
+ cc_disk_setup: add swap filesystem force flag (#207)
+ import sysvinit patches from freebsd-ports tree (#161) [Igor Galić]
+ docs: fix typo (#195) [Edwin Kofler]
+ sysconfig: distro-specific config rendering for BOOTPROTO option (#162)
[Robert Schweikert] (LP: #1800854)
+ cloudinit: replace "/from six import X"/ imports (except in util.py) (#183)
+ run-container: use 'test -n' instead of 'test ! -z' (#202)
[Paride Legovini]
+ net/cmdline: correctly handle static ip= config (#201)
[Dimitri John Ledkov] (LP: #1861412)
+ Replace mock library with unittest.mock (#186)
+ HACKING.rst: update CLA link (#199)
+ Scaleway: Fix DatasourceScaleway to avoid backtrace (#128)
[Louis Bouchard]
+ cloudinit/cmd/devel/net_convert.py: add missing space (#191)
+ tools/run-container: drop support for python2 (#192) [Paride Legovini]
+ Print ssh key fingerprints using sha256 hash (#188) (LP: #1860789)
+ Make the RPM build use Python 3 (#190) [Paride Legovini]
+ cc_set_password: increase random pwlength from 9 to 20 (#189)
(LP: #1860795)
+ .travis.yml: use correct Python version for xenial tests (#185)
+ cloudinit: remove ImportError handling for mock imports (#182)
+ Do not use fallocate in swap file creation on xfs. (#70)
[Eduardo Otubo] (LP: #1781781)
+ .readthedocs.yaml: install cloud-init when building docs (#181)
(LP: #1860450)
+ Introduce an RTD config file, and pin the Sphinx version to the RTD
default (#180)
+ Drop most of the remaining use of six (#179)
+ Start removing dependency on six (#178)
+ Add Rootbox & HyperOne to list of cloud in README (#176) [Adam Dobrawy]
+ docs: add proposed SRU testing procedure (#167)
+ util: rename get_architecture to get_dpkg_architecture (#173)
+ Ensure util.get_architecture() runs only once (#172)
+ Only use gpart if it is the BSD gpart (#131) [Conrad Hoffmann]
+ freebsd: remove superflu exception mapping (#166) [Gonéri Le Bouder]
+ ssh_auth_key_fingerprints_disable test: fix capitalization (#165)
[Paride Legovini]
+ util: move uptime's else branch into its own boottime function (#53)
[Igor Galić] (LP: #1853160)
+ workflows: add contributor license agreement checker (#155)
+ net: fix rendering of 'static6' in network config (#77) (LP: #1850988)
+ Make tests work with Python 3.8 (#139) [Conrad Hoffmann]
+ fixed minor bug with mkswap in cc_disk_setup.py (#143) [andreaf74]
+ freebsd: fix create_group() cmd (#146) [Gonéri Le Bouder]
+ doc: make apt_update example consistent (#154)
+ doc: add modules page toc with links (#153) (LP: #1852456)
+ Add support for the amazon variant in cloud.cfg.tmpl (#119)
[Frederick Lefebvre]
+ ci: remove Python 2.7 from CI runs (#137)
+ modules: drop cc_snap_config config module (#134)
+ migrate-lp-user-to-github: ensure Launchpad repo exists (#136)
+ docs: add initial troubleshooting to FAQ (#104) [Joshua Powers]
+ doc: update cc_set_hostname frequency and descrip (#109)
[Joshua Powers] (LP: #1827021)
+ freebsd: introduce the freebsd renderer (#61) [Gonéri Le Bouder]
+ cc_snappy: remove deprecated module (#127)
+ HACKING.rst: clarify that everyone needs to do the LP->GH dance (#130)
+ freebsd: cloudinit service requires devd (#132) [Gonéri Le Bouder]
+ cloud-init: fix capitalisation of SSH (#126)
+ doc: update cc_ssh clarify host and auth keys
[Joshua Powers] (LP: #1827021)
+ ci: emit names of tests run in Travis (#120)
- Disable testing to aid elimination of unittest2 in Factory
- containerd
-
- Update to containerd v1.3.9, which is needed for Docker v19.03.14-ce and
fixes CVE-2020-15257. bsc#1178969 bsc#1180243
- Update to containerd v1.3.7, which is required for Docker 19.03.13-ce.
boo#1176708
- Refresh patches:
* 0001-makefile-remove-emoji.patch
- Use Go 1.13 for build.
- cups
-
- cups-1.7.5-CVE-2020-10001.patch fixes CVE-2020-10001
access to uninitialized buffer in ipp.c (bsc#1180520)
- cups-1.7.5-CVE-2019-8842.patc fixes CVE-2019-8842 (bsc#1170671)
the ippReadIO function may under-read an extension field
- cyrus-sasl
-
- bsc#1159635 VUL-0: CVE-2019-19906: cyrus-sasl: cyrus-sasl
has an out-of-bounds write leading to unauthenticated remote
denial-of-service in OpenLDAP via a malformed LDAP packet
o apply upstream patch
- 0001-Fix-587.patch
- docker
-
- Update to Docker 19.03.14-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. CVE-2020-15257 bsc#1180243
https://github.com/docker/docker-ce/releases/tag/v19.03.14
- Enable fish-completion
- Add a patch which makes Docker compatible with firewalld with
nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548
(boo#1178801, SLE-16460)
* boo1178801-0001-Add-docker-interfaces-to-firewalld-docker-zone.patch
- Update to Docker 19.03.13-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1176708
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
- Emergency fix: %requires_eq does not work with provide symbols,
only effective package names. Convert back to regular Requires.
- Update to Docker 19.03.12-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md.
- Use Go 1.13 instead of Go 1.14 because Go 1.14 can cause all sorts of
spurrious errors due to Go returning -EINTR from I/O syscalls much more often
(due to Go 1.14's pre-emptive goroutine support).
- bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
- Add BuildRequires for all -git dependencies so that we catch missing
dependencies much more quickly.
- docker-runc
-
- Switch to Go 1.13 for build.
- golang-github-docker-libnetwork
-
- Update to libnetwork 55e924b8a842, which is required for Docker 19.03.14-ce.
bsc#1180243
- Add patch which makes libnetwork compatible with firewalld with
nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548
(boo#1178801, SLE-16460)
* boo1178801-0001-Add-docker-interfaces-to-firewalld-docker-zone.patch
- Update to libnetwork 026aabaa6598, which is required for Docker 19.03.12-ce.
- kernel-azure
-
- ocfs2: fix unbalanced locking (bsc#1180506).
- commit 099ccd0
- net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
(git-fixes).
- commit c49f357
- net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes).
- commit 1fd70ca
- cirrus: cs89x0: remove set but not used variable 'lp'
(git-fixes).
- commit 6687442
- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify
code (git-fixes).
- commit 4c54ea7
- net: dsa: bcm_sf2: Do not assume DSA master supports WoL
(git-fixes).
- commit 5fb1080
- phy: Revert toggling reset changes (git-fixes).
- Refresh
patches.suse/powerpc-perf-Fix-crash-with-is_sier_available-when-p.patch.
- commit 62de49e
- blacklist.conf: update blacklist
- commit 87a267c
- ibmvnic: continue fatal error reset after passive init
(bsc#1171078 ltc#184239 git-fixes).
- commit b7607e6
- powerpc: Fix incorrect stw{, ux, u, x} instructions in
__set_pte_at (bsc#1065729).
- commit b54cca9
- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).
- commit 03768a2
- powerpc/64: Set up a kernel stack for secondaries before
cpu_restore() (bsc#1065729).
- commit 3691693
- Move upstreamed bt fixes into sorted section
- commit adeed42
- powerpc/smp: Add __init to init_big_cores() (bsc#1109695
ltc#171067 git-fixes).
- commit 1c279b3
- Refresh patches.suse/powerpc-rtas-fix-typo-of-ibm-open-errinjct-in-rtas-f.patch
Refresh to upstream version.
- commit 76e9945
- powerpc/pseries/hibernation: remove redundant cacheinfo update
(bsc#1138374 ltc#178199 git-fixes).
- commit 266cbfe
- Revert "/powerpc/pseries/hotplug-cpu: Remove double free in
error path"/ (bsc#1065729).
- commit fc70ab6
- blacklist.conf: Add e91d8d78237d mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING
The option is not enabled.
- commit e440c95
- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231
git-fixes).
- commit 17726be
- btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1174784).
- commit 291590a
- blacklist.conf: already gone in by another ID
- commit 05679b8
- USB: serial: digi_acceleport: fix write-wakeup deadlocks
(git-fixes).
- commit 04432c4
- USB: serial: digi_acceleport: clean up set_termios (git-fixes).
- commit 2f23f9d
- USB: serial: digi_acceleport: clean up modem-control handling
(git-fixes).
- commit 1d56162
- USB: serial: digi_acceleport: rename tty flag variable
(git-fixes).
- commit 88c9db6
- USB: serial: digi_acceleport: use irqsave() in USB's complete
callback (git-fixes).
- Refresh
patches.suse/USB-serial-digi_acceleport-remove-redundant-assignme.patch.
- commit 793718c
- USB: serial: digi_acceleport: remove in_interrupt() usage.
- commit 0518924
- USB: serial: digi_acceleport: remove redundant assignment to
pointer priv (git-fixes).
- commit 4451caf
- blacklist.conf: fix not relevant in our kernel configs
- commit acef26c
- Delete the following patch as a quick workaround
patches.suse/0001-dm-fix-redundant-IO-accounting-for-bios-that-need-sp.patch.
due to bug report for special configuration, it will be added
back after the problem solved. (bsc#1179444)
- commit 9d32dc4
- Delete the following patch as a quick workaround,
patches.suse/0001-dm-fix-redundant-IO-accounting-for-bios-that-need-sp.patch.
due to bug report for special configuration, it will be added
back after the problem solved. (bsc#1179444)
- commit ed3ac98
- blacklist.conf: 3d51507f29f2 x86/entry/32: Add missing ASM_CLAC to general_protection entry
- commit dc56fa2
- x86/apic: Fix integer overflow on 10 bit left shift of cpu_khz
(bsc#1112178).
- commit f39ec16
- KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid
bits (bsc#1112178).
- commit 066a4f5
- x86/mm/ident_map: Check for errors from ident_pud_init()
(bsc#1112178).
- commit 0f2605a
- EDAC/i10nm: Use readl() to access MMIO registers (12sp5).
- commit d170d3f
- mm,memory_failure: always pin the page in madvise_inject_error
(bsc#1180258).
- commit 200d6f3
- blacklist.conf: ff17bbe0bb40 x86/vdso: Prevent segfaults due to hoisted vclock reads
- commit 564d16e
- rtc: hym8563: enable wakeup when applicable (git-fixes).
- commit 5b645ec
- power: supply: bq24190_charger: fix reference leak (git-fixes).
- HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
(git-fixes).
- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).
- Bluetooth: Fix slab-out-of-bounds read in
hci_le_direct_adv_report_evt() (git-fixes).
- inet_ecn: Fix endianness of checksum update when setting ECT(1)
(git-fixes).
- commit 532c400
- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: If fcport is undergoing deletion complete I/O
with retry (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix the call trace for flush workqueue
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian
machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle aborts correctly for port undergoing
deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix N2N and NVMe connect retry failure
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix FW initialization error on big endian
machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix crash during driver load on big endian
machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Don't check for fw_started while posting NVMe
command (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Tear down session if FW say it is down
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Limit interrupt vectors to number of CPUs
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Change post del message from debug level to
log level (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove trailing semicolon in macro definition
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt())
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix return of uninitialized value in rval
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Initialize variable in qla8044_poll_reg()
(bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not consume srb greedily (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Use constant when it is known (bsc#1172538
bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1172538
bsc#1179142 bsc#1179810).
- commit 54e4d29
- tracing: Fix race in trace_open and buffer resize call
(CVE-2020-27825 bsc#1179960).
- commit 8b99744
- ring-buffer: speed up buffer resets by avoiding synchronize_rcu
for each CPU (CVE-2020-27825 bsc#1179960).
- commit 0d53945
- ring-buffer: Make resize disable per cpu buffer instead of
total buffer (CVE-2020-27825 bsc#1179960).
- commit 39cee5c
- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1164780).
- scsi: lpfc: Correct null ndlp reference on routine exit
(bsc#1164780).
- scsi: lpfc: Use generic power management (bsc#1164780).
- scsi: lpfc: Fix variable 'vport' set but not used in
lpfc_sli4_abts_err_handler() (bsc#1164780).
- scsi: lpfc: Fix missing prototype for
lpfc_nvmet_prep_abort_wqe() (bsc#1164780).
- scsi: lpfc: Fix set but unused variables in
lpfc_dev_loss_tmo_handler() (bsc#1164780).
- scsi: lpfc: Fix set but not used warnings from Rework remote
port lock handling (bsc#1164780).
- scsi: lpfc: Fix missing prototype warning for
lpfc_fdmi_vendor_attr_mi() (bsc#1164780).
- scsi: lpfc: Fix memory leak on lcb_context (bsc#1164780).
- scsi: lpfc: Remove dead code on second !ndlp check
(bsc#1164780).
- scsi: lpfc: Fix pointer defereference before it is null checked
issue (bsc#1164780).
- scsi: lpfc: Update changed file copyrights for 2020
(bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1164780).
- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers
(bsc#1164780).
- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4
handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI path to use common I/O submission path
(bsc#1164780).
- scsi: lpfc: Enable common send_io interface for SCSI and NVMe
(bsc#1164780).
- scsi: lpfc: Enable common wqe_template support for both SCSI
and NVMe (bsc#1164780).
- scsi: lpfc: Refactor WQE structure definitions for common use
(bsc#1164780).
- scsi: lpfc: Fix NPIV Fabric Node reference counting
(bsc#1164780).
- scsi: lpfc: Fix NPIV discovery and Fabric Node detection
(bsc#1164780).
- scsi: lpfc: Unsolicited ELS leaves node in incorrect state
while dropping it (bsc#1164780).
- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI
ultimately fails (bsc#1164780).
- scsi: lpfc: Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs
(bsc#1164780).
- scsi: lpfc: Fix removal of SCSI transport device get and put
on dev structure (bsc#1164780).
- scsi: lpfc: Rework locations of ndlp reference taking
(bsc#1164780).
- scsi: lpfc: Rework remote port ref counting and node freeing
(bsc#1164780).
- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation
issues (bsc#1164780).
- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc
misdemeanours (bsc#1164780).
- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined
functions (bsc#1164780).
- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues
(bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1164780).
- scsi: lpfc: Reject CT request for MIB commands (bsc#1164780).
- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1164780).
- scsi: lpfc: Enlarge max_sectors in scsi host templates
(bsc#1164780).
- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1164780).
- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1164780).
- commit 3a954de
- net: sonic: replace dev_kfree_skb in sonic_send_packet
(git-fixes).
- commit 597c84a
- forcedeth: use per cpu to collect xmit/recv statistics
(git-fixes).
- commit ed24dc6
- net: sonic: return NETDEV_TX_OK if failed to map buffer
(git-fixes).
- commit 16e3e9e
- net: seeq: Fix the function used to release some memory in an
error handling path (git-fixes).
- commit a8513c7
- Drop a backported uvcvideo patch that caused a regression (bsc#1180117)
Also blacklisting the commit
- commit d0a83ca
- net:ethernet:aquantia: Extra spinlocks removed (git-fixes).
- commit 673b7af
- ravb: Fix use-after-free ravb_tstamp_skb (git-fixes).
- commit 3b19bd7
- can: mcp251x: add error check when wq alloc failed (git-fixes).
- commit 83dec18
- net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
(git-fixes).
- commit 432aa93
- net: macb: add missing barriers when reading descriptors
(git-fixes).
- commit e0bb50a
- net: macb: fix dropped RX frames due to a race (git-fixes).
- commit daca00d
- Refresh patches.suse/ibmvnic-add-some-debugs.patch.
- commit d50d59c
- blacklist.conf: update blacklist
- commit 0c5fc8b
- blacklist: Add e5785d3ec32f ("/scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()"/)
We don't need e5785d3ec32f ("/scsi: lpfc: Re-fix use after free in
lpfc_rq_buf_free()"/) as we dont have 6c621a2229b0 ("/scsi: lpfc:
Separate NVMET RQ buffer posting from IO resources SGL/iocbq/context"/)
which undoes the fix by 9816ef6ecbc1 ("/scsi: lpfc: Use after free in
lpfc_rq_buf_free()"/)
- commit 824fa9a
- scsi: lpfc: Fix scheduling call while in softirq context in
lpfc_unreg_rpi (bsc#1164780).
- scsi: lpfc: Fix invalid sleeping context in
lpfc_sli4_nvmet_alloc() (bsc#1164780).
- scsi: Remove unneeded break statements (bsc#1164780).
- scsi: lpfc: Remove unneeded variable 'status' in
lpfc_fcp_cpu_map_store() (bsc#1164780).
- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req()
(bsc#1164780).
- scsi: lpfc: Remove set but not used 'qp' (bsc#1164780).
- scsi: lpfc: Fix spelling mistake "/Cant"/ -> "/Can't"/
(bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1164780).
- scsi: lpfc: Extend the RDF FPIN Registration descriptor for
additional events (bsc#1164780).
- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt
discovery (bsc#1164780).
- commit 08cb9ae
- series.conf: cleanup
- update upstream reference and resort:
patches.suse/ibmvnic-add-some-debugs.patch
- commit b715549
- platform/x86: mlx-platform: remove an unused variable
(git-fixes).
- commit 225af87
- crypto: af_alg - avoid undefined behavior accessing salg_name
(git-fixes).
- commit 983a9c1
- wimax: fix duplicate initializer warning (git-fixes).
- crypto: omap-aes - Fix PM disable depth imbalance in
omap_aes_probe (git-fixes).
- crypto: talitos - Fix return type of current_desc_hdr()
(git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: mtk-vcodec: add missing put_device() call in
mtk_vcodec_release_dec_pm() (git-fixes).
- drm/msm/dsi_phy_10nm: implement PHY disabling (git-fixes).
- drm/msm/dpu: Add newline to printks (git-fixes).
- drm/meson: dw-hdmi: Register a callback to disable the regulator
(git-fixes).
- drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
(git-fixes).
- drm/amdgpu: fix build_coefficients() argument (git-fixes).
- drm/amd/display: remove useless if/else (git-fixes).
- matroxfb: avoid -Warray-bounds warning (git-fixes).
- drm/dp_aux_dev: check aux_dev before use in
drm_dp_aux_dev_get_by_minor() (git-fixes).
- drm/gma500: fix double free of gma_connector (git-fixes).
- commit b0a0e8e
- USB: serial: option: add interface-number sanity check to flag
handling (git-fixes).
- USB: serial: mos7720: fix parallel-port state restore
(git-fixes).
- USB: serial: keyspan_pda: fix write unthrottling (git-fixes).
- USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
(git-fixes).
- USB: serial: keyspan_pda: fix write-wakeup use-after-free
(git-fixes).
- USB: serial: keyspan_pda: fix stalled writes (git-fixes).
- USB: serial: keyspan_pda: fix write deadlock (git-fixes).
- USB: serial: keyspan_pda: fix dropped unthrottle interrupts
(git-fixes).
- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).
- commit e793376
- spi: davinci: Fix use-after-free on unbind (git-fixes).
- spi: pic32: Don't leak DMA channels in probe error path
(git-fixes).
- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on
error in bcm63xx_hsspi_resume (git-fixes).
- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).
- usb: ehci-omap: Fix PM disable depth umbalance in
ehci_hcd_omap_probe (git-fixes).
- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag
to imx6ul (git-fixes).
- commit ff557b2
- platform/x86: mlx-platform: Fix item counter assignment for
MSN2700, MSN24xx systems (git-fixes).
- platform/x86: dell-smbios-base: Fix error return code in
dell_smbios_init (git-fixes).
- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
(git-fixes).
- spi: tegra20-slink: fix reference leak in slink ops of tegra20
(git-fixes).
- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
(git-fixes).
- spi: spi-mem: fix reference leak in spi_mem_access_start
(git-fixes).
- spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes).
- spi: img-spfi: fix reference leak in img_spfi_resume
(git-fixes).
- regmap: Remove duplicate `type` field from regmap
`regcache_sync` trace event (git-fixes).
- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
(git-fixes).
- commit fce435e
- PCI: Fix pci_slot_release() NULL pointer dereference
(git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x
platform configuration (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from default
platform configuration (git-fixes).
- Revert "/platform/x86: wmi: Destroy on cleanup rather than
unregister"/ (git-fixes).
- memstick: r592: Fix error return in r592_probe() (git-fixes).
- staging: olpc_dcon: Do not call platform_device_unregister()
in dcon_probe() (git-fixes).
- nfc: s3fwrn5: Release the nfc firmware (git-fixes).
- orinoco: Move context allocation after processing the skb
(git-fixes).
- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
(git-fixes).
- staging: olpc_dcon: add a missing dependency (git-fixes).
- commit a67a0cb
- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).
- Input: omap4-keypad - fix runtime PM error handling (git-fixes).
- Input: ads7846 - fix unaligned access on 7845 (git-fixes).
- memstick: fix a double-free bug in memstick_check (git-fixes).
- mac80211: don't set set TDLS STA bandwidth wider than possible
(git-fixes).
- media: saa7146: fix array overflow in vidioc_s_audio()
(git-fixes).
- media: siano: fix memory leak of debugfs members in
smsdvb_hotplug (git-fixes).
- media: solo6x10: fix missing snd_card_free in error handling
case (git-fixes).
- commit 7e8f579
- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Input: ads7846 - fix integer overflow on Rt calculation
(git-fixes).
- Input: ads7846 - fix race that causes missing releases
(git-fixes).
- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare()
on error in rockchip_saradc_resume (git-fixes).
- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).
- iio: buffer: Fix demux update (git-fixes).
- extcon: max77693: Fix modalias string (git-fixes).
- cw1200: fix missing destroy_workqueue() on error in
cw1200_init_common (git-fixes).
- commit 3738e1e
- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).
- staging: comedi: mf6x4: Fix AI end-of-conversion detection
(git-fixes).
- bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
(git-fixes).
- ASoC: cx2072x: Fix doubly definitions of Playback and Capture
streams (git-fixes).
- Bluetooth: btusb: Fix detection of some fake CSR controllers
with a bcdDevice val of 0x0134 (git-fixes).
- Bluetooth: Fix null pointer dereference in hci_event_packet()
(git-fixes).
- ath10k: Release some resources in an error handling path
(git-fixes).
- ath10k: Fix an error handling path (git-fixes).
- ath6kl: fix enum-conversion warning (git-fixes).
- commit 977d977
- Revert "/ACPI / resources: Use AE_CTRL_TERMINATE to terminate
resources walks"/ (git-fixes).
- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).
- ASoC: wm8998: Fix PM disable depth imbalance on error
(git-fixes).
- ASoC: pcm: DRAIN support reactivation (git-fixes).
- ASoC: wm_adsp: remove "/ctl"/ from list on error in
wm_adsp_create_control() (git-fixes).
- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).
- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).
- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).
- ALSA: hda: Fix regressions on clear and reconfig sysfs
(git-fixes).
- commit 99727ca
- drivers: soc: ti: knav_qmss_queue: Fix error return code in
knav_queue_probe (git-fixes).
- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).
- soc: ti: knav_qmss: fix reference leak in knav_queue_probe
(git-fixes).
- soc: qcom: smp2p: Safely acquire spinlock without IRQs
(git-fixes).
- soc: mediatek: Check if power domains can be powered on at
boot time (git-fixes).
- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).
- pinctrl: falcon: add missing put_device() call in
pinctrl_falcon_probe() (git-fixes).
- mfd: rt5033: Fix errorneous defines (git-fixes).
- drm/rockchip: Avoid uninitialized use of endpoint id in LVDS
(git-fixes).
- commit 4d43e7b
- fix regression in "/epoll: Keep a reference on files added to the check list"/ (bsc#1180031, git-fixes).
- commit d9c444f
- do_epoll_ctl(): clean the failure exits up a bit
(bsc#1180031,CVE-2020-0466).
- epoll: Keep a reference on files added to the check list
(bsc#1180031).
- commit e792e5d
- blacklist.conf: bcee52789588 ("/tracing: Fix userstacktrace option for instances"/)
The kernel is missing many prerequisities. It is not worth it as it is.
- commit c9bd898
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
(CVE-2020-27068 bsc#1180086).
- commit 886ad61
- x86/resctrl: Fix incorrect local bandwidth when mba_sc is
enabled (bsc#1112178).
- x86/resctrl: Remove unused struct mbm_state::chunks_bw
(bsc#1112178).
- commit e69f129
- HID: Fix slab-out-of-bounds read in hid_field_extract
(bsc#1180052).
- commit 5b124d9
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- commit e88bce8
- kABI: ath10k: move a new structure member to the end
(git-fixes).
- commit a09f969
- ath10k: Remove msdu from idr when management pkt send fails
(git-fixes).
- commit 18aa5a0
- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP
(bsc#1112178).
- commit 537b04d
- Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset
lists (git-fixes).
- commit 3be4f5a
- Input: trackpoint - add new trackpoint variant IDs (git-fixes).
- commit 4e28298
- blacklist.conf: misattributed
- commit 3901fbf
- blacklist.conf: misattributed patch
- commit dc93bbb
- HID: Add another Primax PIXART OEM mouse quirk (git-fixes).
- commit 4856fe1
- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
(git-fixes).
- commit 3f777ce
- x86/resctrl: Fix AMD L3 QOS CDP enable/disable (bsc#1114648).
- commit 6bc1c36
- HID: core: Sanitize event code and type when mapping input
(CVE-2020-0465 bsc#1180029).
- commit ebf9f0e
- audit: fix error handling in audit_data_to_entry()
(CVE-2020-0444 bsc#1180027).
- commit f2e7691
- kABI workaround for dsa/b53 changes (git-fixes).
- commit 91cef6b
- blacklist.conf: update blacklist
- commit 3be6f55
- scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).
- commit e765599
- USB: serial: ch341: sort device-id entries (git-fixes).
- commit 82a21d7
- USB: serial: ch341: add new Product ID for CH341A (git-fixes).
- commit 441ce2e
- USB: serial: option: add support for Thales Cinterion EXS82
(git-fixes).
- commit f0f391f
- USB: serial: option: add Fibocom NL668 variants (git-fixes).
- commit ac04fe0
- blacklist.conf: build fix
- commit 7fd9334
- blacklist.conf: build fix
- commit d198655
- blacklist.conf: for tools for kernel development
- commit c0358a7
- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID
flag (git-fixes).
- NFS: fix nfs_path in case of a rename retry (git-fixes).
- NFSv4.2: fix client's attribute cache management for
copy_file_range (git-fixes).
- xprtrdma: fix incorrect header size calculations (git-fixes).
- SUNRPC: Properly set the @subbuf parameter of
xdr_buf_subsegment() (git-fixes).
- pNFS/flexfiles: Fix list corruption if the mirror count changes
(git-fixes).
- sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).
- SUNRPC: The RDMA back channel mustn't disappear while requests
are outstanding (git-fixes).
- commit 7d0cc0f
- blacklist.conf: some git-fixes that aren't wanted.
- commit 6565891
- md/raid5: fix oops during stripe resizing (git-fixes).
- commit 66e0a61
- btrfs: fix use-after-free on readahead extent after failure
to create it (bsc#1179963).
- commit 110503c
- x86/traps: Simplify pagefault tracing logic (bsc#1179895).
- Refresh
patches.suse/10-x86-xen-get-rid-of-paravirt-op-adjust_exception_frame.patch.
- Refresh
patches.suse/msft-hv-1590-x86-hyperv-Reenlightenment-notifications-support.patch.
- Refresh
patches.suse/msft-hv-1616-Drivers-hv-vmbus-Implement-Direct-Mode-for-stimer0.patch.
- commit 65edff3
- x86/tracing: Introduce a static key for exception tracing
(bsc#1179895).
- commit c8c1b50
- net: dsa: b53: Ensure the default VID is untagged (git-fixes).
- commit ee7b5d7
- net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (git-fixes).
- commit d77dec2
- can: softing: softing_netdev_open(): fix error handling
(git-fixes).
- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).
- commit d70481b
- tty: Fix ->session locking (bsc#1179745 CVE-2020-29660).
- tty: Fix ->pgrp locking in tiocspgrp() (bsc#1179745
CVE-2020-29661).
- commit a59c61c
- kABI: genirq: add back irq_create_mapping (bsc#1065729).
- commit 33424fe
- genirq/irqdomain: Add an irq_create_mapping_affinity() function
(bsc#1065729).
- commit b6d89d7
- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest
kernels (bsc#1179888 ltc#190253).
- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation
(bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- powerpc/64s: Trim offlined CPUs from mm_cpumasks (bsc#1055117
ltc#159753 git-fixes bsc#1179888 ltc#190253).
- kernel/cpu: add arch override for clear_tasks_mm_cpumask()
mm handling (bsc#1055117 ltc#159753 git-fixes bsc#1179888
ltc#190253).
- commit 0a5bcee
- powerpc/pseries: Pass MSI affinity to irq_create_mapping()
(bsc#1065729).
- ibmvnic: delay next reset if hard reset fails (bsc#1094840
ltc#167098 git-fixes).
- ibmvnic: restore adapter state on failed reset (bsc#1152457
ltc#174432 git-fixes).
- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231
git-fixes).
- ibmvnic: enhance resetting status check during module exit
(bsc#1065729).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
(FATE#322021 bsc#1040855 ltc#155067 git-fixes).
- ibmvnic: notify peers when failover and migration happen
(bsc#1044120 ltc#155423 git-fixes).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431
ltc#171853 git-fixes).
- commit 41d7e0e
- ibmvnic: add some debugs (bsc#1179896 ltc#190255).
- commit ad19f68
- powerpc/rtas: fix typo of ibm,open-errinjct in rtas filter
(CVE-2020-27777 bsc#1179107 bsc#1179887 ltc#190092).
- commit 153fdda
- blacklist.conf: 5861381d4866 PM / arch: x86: Rework the MSR_IA32_ENERGY_PERF_BIAS handling
- commit 14d58b3
- net: aquantia: fix LRO with FCS error (git-fixes).
- commit ea8c575
- net: stmmac: fix csr_clk can't be zero issue (git-fixes).
- commit adf66bd
- net: macb: fix error format in dev_err() (git-fixes).
- commit 8695ebc
- net: dsa: qca8k: remove leftover phy accessors (git-fixes).
- commit 8133bc6
- net: sh_eth: fix a missing check of of_get_phy_mode (git-fixes).
- commit 8dfd281
- net: dsa: b53: Properly account for VLAN filtering (git-fixes).
- commit 4a18e4f
- net: dsa: b53: Fix default VLAN ID (git-fixes).
- commit 027d280
- net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() (git-fixes).
- commit 9dd1cb2
- timer: Fix wheel index calculation on last level (git fixes)
- commit 3d19ae6
- timer: Prevent base->clk from moving backward (git-fixes)
- commit dc0c942
- x86/insn-eval: Use new for_each_insn_prefix() macro to loop
over prefixes bytes (bsc#1112178).
- commit b0c9a61
- Input: xpad - support Ardwiino Controllers (git-fixes).
- Input: i8042 - add ByteSpeed touchpad to noloop table
(git-fixes).
- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).
- commit 7180cbf
- x86/uprobes: Do not use prefixes.nbytes when looping over
prefixes.bytes (bsc#1112178).
- commit 217789f
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (git-fixes).
- commit 3f679b5
- usb: gadget: f_fs: Use local copy of descriptors for userspace
copy (git-fixes).
- commit 828ad1d
- kgdb: Fix spurious true from in_dbg_master() (git-fixes).
- commit 2f24ae4
- blacklist.conf: kABI issues
- commit ea26da1
- blacklist.conf: known to be faulty
- commit ffb8bbb
- kABI workaround for net/ipvlan changes (git-fixes).
- commit 1e1bd88
- btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).
- commit 12f09de
- Update kabi files: sync with 2020-12 update (commit b3ff9f627d17)
- commit 75f73d9
- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).
- commit 83a4d6a
- reiserfs: Fix oops during mount (bsc#1179715).
- commit da0b6c2
- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).
- commit a9af12c
- reiserfs: Initialize inode keys properly (bsc#1179713).
- commit 8725996
- fs: Don't invalidate page buffers in block_write_full_page()
(bsc#1179711).
- commit bc27d05
- ocfs2: initialize ip_next_orphan (bsc#1179724).
- commit d783ef4
- ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
(bsc#1179673).
- commit 73b3913
- ext4: correctly report "/not supported"/ for {usr,grp}jquota
when !CONFIG_QUOTA (bsc#1179672).
- commit b5db6a5
- ext4: fix invalid inode checksum (bsc#1179723).
- commit 8bd755f
- ext4: limit entries returned when counting fsmap records
(bsc#1179671).
- commit 1b09384
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- commit 4d9a78d
- ext4: fix leaking sysfs kobject after failed mount
(bsc#1179670).
- commit d275bba
- net/x25: prevent a couple of overflows (bsc#1178590).
- commit 3f48ad3
- SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- commit 9af0dc4
- SMB3: Honor 'handletimeout' flag for multiuser mounts
(bsc#1176558).
- commit c329fee
- SMB3: Honor lease disabling for multiuser mounts (git-fixes).
- commit 46e76fa
- net: macb: fix random memory corruption on RX with 64-bit DMA (git-fixes). - blacklist.conf:
- commit 8f3e7a6
- media: xirlink_cit: add missing descriptor sanity checks
(bsc#1168952 CVE-2020-11668).
- commit e978e80
- net: ethernet: ti: cpsw: fix runtime_pm while add/kill vlan (git-fixes).
- commit 7051077
- net: ethernet: ti: cpsw: clear all entries when delete vid (git-fixes).
- commit 0e0028e
- ppp: remove the PPPIOCDETACH ioctl (git-fixes).
- commit 44baa88
- ipvlan: use per device spinlock to protect addrs list updates (git-fixes). - Refresh patches.suse/ipvlan-do-not-add-hardware-address-of-master-to-its-.patch. - Refresh patches.suse/ipvlan-fix-IFLA_MTU-ignored-on-NEWLINK.patch.
- commit ef3234d
- net: stmmac: Fix reception of Broadcom switches tags (git-fixes).
- commit 76370d0
- uapi/if_ether.h: prevent redefinition of struct ethhdr (git-fixes).
- commit c699bc8
- blacklist.conf: update blacklist
- commit 5abd0c8
- Avoid a GCC warning about "//*"/ within a comment.
- commit 338fc13
- Update
patches.suse/sched-fair-Don-t-free-p-numa_faults-with-concurrent-.patch
(bsc#1144920, bsc#1179663, CVE-2019-20934).
- commit fad2215
- kABI fix for g2d (git-fixes).
- commit 7e9c2d3
- s390/pci: fix CPU address in MSI for directed IRQ (git-fixes).
- s390/qeth: fix tear down of async TX buffers (git-fixes).
- s390/qeth: fix af_iucv notification race (git-fixes).
- s390/qeth: make af_iucv TX notification call more robust
(git-fixes).
- s390/dasd: fix null pointer dereference for ERP requests
(git-fixes).
- s390/cpum_sf.c: fix file permission for cpum_sfb_size
(git-fixes).
- s390/stp: add locking to sysfs functions (git-fixes).
- net/smc: fix valid DMBE buffer sizes (git-fixes).
- s390/bpf: Fix multiple tail calls (git-fixes).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (git-fixes).
- s390/cpuinfo: show processor physical address (git-fixes).
- commit 44903bb
- tty: Fix ->pgrp locking in tiocspgrp() (git-fixes).
- USB: serial: kl5kusb105: fix memleak on open (git-fixes).
- USB: serial: option: fix Quectel BG96 matching (git-fixes).
- coredump: fix core_pattern parse error (git-fixes).
- commit 5eec673
- Input: i8042 - fix error return code in i8042_setup_aux()
(git-fixes).
- i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc()
(git-fixes).
- commit cb6c842
- blacklist.conf: 586b58cac8b4 exit: Move preemption fixup up, move blocking operations down
- commit bea10a1
- kABI workaround for snd_rawmidi buffer_ref field addition
(CVE-2020-27786 bsc#1179601).
- commit 0e8d69d
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
(CVE-2020-27786 bsc#1179601).
- commit 3c00a93
- blacklist.conf: update blacklist
- commit c2d6bf2
- powerpc/perf: Fix crash with is_sier_available when pmu is
not set (bsc#1179578 ltc#189313).
- commit 7521d8f
- Delete patches.suse/fs-select.c-batch-user-writes-in-do_sys_poll.patch.
(CVE-2020-4788 bsc#1179419).
Patch causes DLM regression. Drop for now.
- commit a422074
- cifs: fix potential use-after-free in cifs_echo_request()
(bsc#1139944).
- commit 68b342e
- cifs: allow syscalls to be restarted in __smb_send_rqst()
(bsc#1176956).
- commit d71fec6
- Add missing RESTORE_CTR (CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64s-Convert-slb_miss_common-to-use-RFI_TO_US.patch.
- Refresh patches.suse/powerpc-64s-Set-assembler-machine-type-to-POWER4.patch.
patches.suse/powerpc-64s-SLB-miss-already-has-CTR-saved-for-reloc.patch
adds RESTORE_CTR to the SLB miss handler so
patches.suse/powerpc-64s-Convert-slb_miss_common-to-use-RFI_TO_US.patch
must now copy it in the other fork of the exit code as well.
- commit a382dc2
- ALSA: hda/realtek: Add mute LED quirk to yet another HP x360
model (git-fixes).
- ALSA: usb-audio: US16x08: fix value count for level meters
(git-fixes).
- ALSA: hda/realtek - Add new codec supported for ALC897
(git-fixes).
- ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA
with ALC294 (git-fixes).
- ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220)
(git-fixes).
- commit 13118e3
- x86/speculation: Fix prctl() when
spectre_v2_user={seccomp,prctl},ibpb (bsc#1112178).
- commit 2a7ed1e
- x86/resctrl: Add necessary kernfs_put() calls to prevent
refcount leak (bsc#1112178).
- commit 835979d
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
refcount leak (bsc#1112178).
- commit e2c3455
- mm/userfaultfd: do not access vma->vm_mm after calling
handle_userfault() (bsc#1179204).
- commit d3ad4f2
- splice: only read in as much information as there is pipe
buffer space (bsc#1179520).
- commit e4a54f3
- btrfs: qgroup: don't commit transaction when we already hold
the handle (bsc#1178634).
- commit 12019de
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam()
with mutex (bsc#1050242 FATE#322914).
- commit cdfc450
- media: mtk-mdp: Fix a refcounting bug on error in init
(git-fixes).
- commit 321e276
- media: s5p-g2d: Fix a memory leak in an error handling path in
'g2d_probe()' (git-fixes).
- commit beb2b48
- blacklist.conf: cosmetic fix
- commit e651872
- media: uvcvideo: Silence shift-out-of-bounds warning
(git-fixes).
- commit b045f99
- media: uvcvideo: Set media controller entity functions
(git-fixes).
- commit b0b0fbf
- net: ena: fix packet's addresses for rx_offset feature
(bsc#1174852).
- net: ena: handle bad request id in ena_netdev (git-fixes).
- tcp: Set INET_ECN_xmit configuration in
tcp_reinit_congestion_control (bsc#1109837).
- net/tls: missing received data after fast remote close
(bsc#1109837).
- qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536
FATE#322898 bsc#1050545 FATE#322893).
- igc: Fix returning wrong statistics (bsc#1118657 FATE#325278).
- mlxsw: core: Fix memory leak on module removal (bsc#1112374).
- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545
FATE#322893).
- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
(bsc#1103992 FATE#326009).
- svcrdma: fix bounce buffers for unaligned offsets and multiple
pages (bsc#1103992 FATE#326009).
- nfp: use correct define to return NONE fec (bsc#1109837).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990
FATE#326006).
- cxgb4: Fix offset when clearing filter byte counters
(bsc#1064802 bsc#1066129).
- net/tls: Fix kmap usage (bsc#1109837).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
(bsc#1103992 FATE#326009).
- net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
(bsc#1110096).
- qed: suppress false-positives interrupt error messages on HW
init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: suppress "/don't support RoCE & iWARP"/ flooding on HW init
(bsc#1050536 FATE#322898 bsc#1050545 FATE#322893).
- bnxt_en: Fix race when modifying pause settings (bsc#1050242
FATE#322914).
- net_sched: fix a memory leak in atm_tc_init() (bsc#1056657
FATE#322189 bsc#1056653 FATE#322190 bsc#1056787).
- net: qed: fix "/maybe uninitialized"/ warning (bsc#1136460
jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix use-after-free on recovery and AER handling
(bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix PTP initialization on recovery (bsc#1136460
jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qed: fix async event callbacks unregistering (bsc#1104393
FATE#325891 bsc#1104389 FATE#325890).
- RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532
(bsc#1050545 FATE#322893).
- commit 6f45bee
- blacklist.conf: false positive
- commit 37fb76a
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
(boo#1179082).
- commit 76a9256
- kABI workaround for usermodehelper changes (bsc#1179406).
- commit 987e580
- blacklist.conf: Remove duplicate entry (git-fixes)
- commit 7ac6460
- xfrm: Fix memleak on xfrm state destroy (bsc#1158775).
- commit 23790eb
- romfs: fix uninitialized memory leak in romfs_dev_read()
(CVE-2020-29371 bsc#1179429).
- commit c4cfc72
- block: Fix use-after-free in blkdev_get() (bsc#1173834
bsc#1179141 CVE-2020-15436).
- commit 0475fee
- blacklist.conf: printk: cosmetic, documentation
- commit 78e2348
- reboot: fix overflow parsing reboot cpu number (bsc#1179421).
- commit d34d078
- Revert "/kernel/reboot.c: convert simple_strtoul to kstrtoint"/
(bsc#1179418).
- commit 45d71b4
- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1111666)
- commit 5ebb055
- RDMA/qedr: Endianness warnings cleanup (bsc#1111666)
- commit c4ffd65
- i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)
- commit 9a35e08
- usermodehelper: reset umask to default before executing user
process (bsc#1179406).
- commit 14548c8
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- blacklist.conf: add non applicable infiniband git-fixes
- commit 53f874e
- tracing: Fix out of bounds write in get_trace_buf (bsc#1179403).
- commit e8c1fc0
- IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)
- commit f7f0712
- IB/rdmavt: Fix sizeof mismatch (bsc#1111666)
- commit b654a5e
- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)
- commit 4fd8928
- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)
- commit d166d3a
- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)
- commit eb7773e
- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)
- commit 0dd30ca
- RDMA/hns: Set the unsupported wr opcode (bsc#1111666)
- commit 8c9094a
- RDMA/qedr: Fix use of uninitialized field (bsc#1111666)
- commit 97b81fb
- RDMA/qedr: Fix doorbell setting (bsc#1111666)
- commit 1768681
- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)
- commit 5319974
- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)
- commit b863390
- IB/mlx4: Add support for MRA (bsc#1111666)
- commit 335d725
- IB/mlx4: Add and improve logging (bsc#1111666)
- commit a452537
- RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)
- commit d325454
- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1111666)
- commit dcd50fb
- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1111666)
- commit 1631664
- RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1111666)
- commit b76b147
- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1111666)
- commit 6c70296
- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1111666)
- commit b095d40
- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)
- commit d33e46a
- RDMA/rxe: Skip dgid check in loopback mode (bsc#1111666)
- commit b337db3
- RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)
- commit 901b7be
- RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)
- commit dd7c8d8
- IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)
- commit e36a90e
- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1111666)
- commit 699ce30
- RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)
- commit 627e59c
- RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)
- commit 15cc03a
- RDMA/rxe: Set default vendor ID (bsc#1111666)
- commit 80b3c96
- RDMA/rxe: Remove useless rxe_init_device_param assignments (bsc#1111666)
- commit f19a3eb
- RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)
- commit 6d0956c
- IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- commit 9a7cd34
- RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)
- commit 7106852
- RDMA/qedr: SRQ's bug fixes (bsc#1111666)
- commit 9022646
- RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)
- commit f052706
- IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)
- commit 4e3a1ba
- IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)
- commit e89d03b
- i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)
- commit e216b10
- RDMA/core: Fix race between destroy and release FD object (bsc#1111666)
- commit a68decf
- RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)
- commit b4dcd90
- RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)
- commit 20860b6
- RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)
- commit 790430d
- IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- commit ef4ec06
- IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)
- commit af2fc8e
- RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (bsc#1111666)
- commit d737ec0
- RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)
- commit a4bc37c
- i40iw: Report correct firmware version (bsc#1111666)
- commit fb20f57
- RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)
- commit 1cbba60
- RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)
- commit 04ef8bc
- kABI: powerpc: Add back __clear_user (CVE-2020-4788
bsc#1177666).
- commit 9ab0140
- RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)
- commit 4a77b03
- kABI: powerpc: avoid including pgtable.h in kup.h (CVE-2020-4788
bsc#1177666).
- commit 81cd22b
- make 'user_access_begin()' do 'access_ok()' (CVE-2020-4788 bsc#1177666).
- Delete patches.suse/drm-i915-CVE-2018-20669-access-check.patch.
- commit ffc3685
- powerpc/64s: SLB miss already has CTR saved for relocatable kernel
(CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64s-Set-assembler-machine-type-to-POWER4.patch.
- commit 741f364
- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (CVE-2020-4788 bsc#1177666).
- Refresh patches.suse/powerpc-64-Call-setup_barrier_nospec-from-setup_arch.patch
- Refresh patches.suse/powerpc-pmem-Update-ppc64-to-use-the-new-barrier-ins.patch.
- Update config files.
- commit b0085a7
- powerpc/64s: flush L1D after user accesses (CVE-2020-4788
bsc#1177666).
- Refresh patches.kabi/kABI-powerpc-avoid-including-pgtable.h-in-kup.h.patch.
- powerpc/uaccess: Evaluate macro arguments once, before user
access is allowed (CVE-2020-4788 bsc#1177666).
- powerpc: Fix __clear_user() with KUAP enabled (CVE-2020-4788
bsc#1177666).
- powerpc: Implement user_access_begin and friends (CVE-2020-4788
bsc#1177666).
- powerpc: Add a framework for user access tracking (CVE-2020-4788
bsc#1177666).
- powerpc/64s: flush L1D on kernel entry (CVE-2020-4788
bsc#1177666).
- powerpc/64s: move some exception handlers out of line
(CVE-2020-4788 bsc#1177666).
- powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
(CVE-2020-4788 bsc#1177666).
- powerpc/64s: Rename slb_miss_realmode() to slb_miss_common()
(CVE-2020-4788 bsc#1177666).
- powerpc/64s: Use BRANCH_TO_COMMON() for slb_miss_realmode
(CVE-2020-4788 bsc#1177666).
- commit f7d6c42
- rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045)
egrep is only a deprecated bash wrapper for "/grep -E"/. So use the latter
instead.
- commit 63d7072
- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- commit adf56a8
- rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014)
%split_extra still contained two.
- commit d9b4c40
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015).
RPM_BUILD_ROOT is cleared before %%install. Do the unpack into
RPM_BUILD_ROOT in %%install
- commit 13bd533
- rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014)
Author: Dominique Leuenberger <dimstar@opensuse.org>
- commit 21f8205
- rpm/mkspec: do not build kernel-obs-build on x86_32
We want to use 64bit kernel due to various bugs (bsc#1178762 to name
one).
There is:
ExportFilter: ^kernel-obs-build.*.x86_64.rpm$ . i586
in Factory's prjconf now. No other actively maintained distro (i.e.
merging packaging branch) builds a x86_32 kernel, hence pushing to
packaging directly.
- commit 8099b4b
- fs/select.c: batch user writes in do_sys_poll (CVE-2020-4788
bsc#1177666).
- commit 011abbd
- Updated Copyright line in rpm templates with SUSE LLC
- commit 39a1fcf
- rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
- commit 33ded45
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- commit 2fd7b70
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- commit 0293f73
- libnl3
-
- Add libnl3-fix-ipv6-privacy-extension.patch: fix ipv6 privacy
extension of NetworkManager not working by backporting these 3
commits (bsc#1025043):
42c41336000e ("/add support for IFA_FLAGS nl attribute"/)
dcc0baac020e ("/addr: add address flag IFA_F_MANAGETEMPADDR"/)
b203c89d862a ("/addr: add address flag IFA_F_NOPREFIXROUTE"/)
- libxml2
-
- Avoid quadratic checking of identity-constraints: [bsc#1178823]
* key/unique/keyref schema attributes currently use qudratic loops
to check their various constraints (that keys are unique and that
keyrefs refer to existing keys).
* This fix uses a hash table to avoid the quadratic behaviour.
- Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
- libzypp
-
- RepoManager: Carefully tidy up the caches. Remove non-directory
entries. (bsc#1178966)
- version 16.21.4 (0)
- ZYPP_MEDIA_CURL_DEBUG logs full Authorization: header (bsc#1174215)
The Authorization: header may include base64 encoded credentials
which could be restored from the log file. The credentials are
now stripped from the log.
- version 16.21.3 (0)
- logrotate
-
- Fix false alarm when using su and compress (bsc#1179189)
Applies commit 15a768b340d1010e22955ace518425cdb13bba5f
* Added patch logrotate-3.11.0-false-alarm-for-su-compress.patch
- lvm2
-
- pvmove destination LV always has KRahead=0 (bsc#1179326)
+ bug-1179326_pvmove-correcting-read_ahead-setting.patch
- in %postun, disable restart blk-availability.service & lvm2-monitor.service
- openldap2-client
-
- bsc#1178909 CVE-2020-25709 CVE-2020-25710 - Resolves two issues
where openldap would crash due to malformed inputs.
* patch: 0207-ITS-9383-remove-assert-in-certificateListValidate.patch
* patch: 0208-ITS-9384-remove-assert-in-obsolete-csnNormalize23.patch
- openssh
-
- Add openssh-bsc1148566-scp-handle-quotes-while-checking-filenames-from-serv.patch,
openssh-bsc1148566-scp-show-filename-match-patterns-in-verbose-mode.patch
(bsc#1148566). Fixes a class of false alarms due to filename
validation. Patches by Josef Cejka <jcejka@suse.com>.
- Add openssh-bsc1161684-authorizedkeyscommand-deadlock.patch
(bsc#1161684), which fixes a deadlock when AuthorizedKeysCommand
or AuthorizedPrincipalsCommand produce a lot of output and a
key is matched early.
- Add openssh-CVE-2020-14145-information-leak.patch
(CVE-2020-14145, bsc#1173513). This partially mitigates a
potential information leak during host key exchange that could
be exploited by a man-in-the-middle attacker.
- openssl-1_0_0
-
- Add declaration of BN_secure_new() needed by other packages
* add openssl-1.0.2p-declare-BN_secure_new.patch
* [bsc#1180777]
- Add FIPS key check necessary for certification.
* modified openssl-DH.patch
* [bsc#1180959]
* Fix EDIPARTYNAME NULL pointer dereference
(CVE-2020-1971, bsc#1179491)
- pam-modules
-
- The fail delay is fixed and annoying. The relevant code sections
from factory are backported here. There is not patch as the
file with the offending code resides in the top level directory.
[unix2_chkpw.c, bsc#1070595]
- parted
-
- skip probing _part devices (bsc#1137259)
+ parted-bsc1137259-fix-_part-error.patch
- python
-
- Replace bundled wheels for pip and setuptools with the updated ones
(bsc#1176262 CVE-2019-20916).
- python-azure-agent
-
- Add sysvinit-tools as dependency (bsc#1181600, bsc#1181601)
- Add sle_hpc-is-sles.patch (bsc#1180719)
+ Recognise SLE_HPC as SLES and use the proper RDMA handler and
distro specific initialization code
- python-base
-
- Replace bundled wheels for pip and setuptools with the updated ones
(bsc#1176262 CVE-2019-20916).
- python-jsonschema
-
- Update in SLE-12 (fate#326950, bsc#1122668, jsc#PM-1447)
- Convert to single-spec (fate#324191, bsc#1065275)
- Run fdupes to hardlink duplicate files
+ Add fdupes to BuildRequires
+ Add %fdupes %{buildroot}/%{_prefix} to %install
- Add condition around the python2 code to make sure we can build
in python3 only enviroment
- Source url must be https.
- Fix source url.
- Update to 2.6.0
* Improved performance on CPython by adding caching around ref resolution
(#203)
- Implement single-spec version
- Adjust dependencies for Python 2.6 based SLE 11
- update to version 2.5.1:
(no changelog available)
- update to version 2.5.0:
* Improved performance on CPython by adding caching around ref
resolution (#203)
- specfile:
* add python-vcversioner
- drop test requirements and %check section, which is broken
- Fix update-alternatives usage
- python-paramiko
-
- Add 0006-CVE-2018-1000805-auth_bypass.patch to fix bsc#1111151
(CVE-2018-1000805) authentication bypass in auth_handler.py
- python-pyserial
-
- Setup single spec build (jsc#PM-2335)
- python-urllib3
-
- Add CVE-2020-26116-CRLF-injection.patch which raises ValueError
if method contains control characters and thus prevents CRLF
injection into URLs (bsc#1177211, bpo#39603, CVE-2020-26116,
gh#urllib3/urllib3#1800).
- release-notes-sles
-
- 12.5.20210104 (tracked in bsc#1180183)
- Made sure Containers section is included in the output
document
- 12.5.20201217 (tracked in bsc#1180183)
- Added note about Git 2.26.2 update (jsc#SLE-11177)
- Added note about postgressql 12 (jsc#SLE-11078)
- Added note about Salt 3000 update (jsc#SLE-12830)
- Added note about end of support for packaged Docker images
(bsc#1168741)
- Added note about PHP 7.4 Upgrade (jsc#SLE-12474)
- Added note about updated Apache NSS to SLES 12 SP5
(jsc#SLE-12751)
- Added note about new kernel-firmware package (bsc#1143465)
- Fixed section about software requiring external contracts
(bsc#1173570)
- Python 3.6 is shipped in `python-3.6` package (bsc#1172752)
- Added info that Btrfs quota groups can degrade performance
(bsc#1024946)
- Btrfs features: Added missing data for SLES 12 SP5
- Fixed typo in the word "/module"/ (bsc#1170958)
- sudo
-
- Fix Heap-based buffer overflow in Sudo [bsc#1181090,CVE-2021-3156]
* sudo-CVE-2021-3156.patch
- Possible Dir Existence Test due to Race Condition in `sudoedit`
[bsc#1180684,CVE-2021-23239]
* sudo-CVE-2021-23239.patch
- Possible Symlink Attack in SELinux Context in `sudoedit` [bsc#1180685,
CVE-2021-23240]
* sudo-CVE-2021-23240.patch
- User Could Enable Debug Settings not Intended for it [bsc#1180687]
* sudo-fix-bsc-1180687.patch
- timezone
-
- timezone update 2021a (bsc#1177460)
* South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.
- timezone update 2020f (bsc#1177460)
* 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
fixing a 2020e bug.
- timezone update 2020e (bsc#1177460)
* Volgograd switches to Moscow time on 2020-12-27 at 02:00.
- util-linux
-
- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
util-linux-libblkid-cdrom-autoclose-1.patch,
util-linux-libblkid-cdrom-autoclose-2.patch,
util-linux-libblkid-cdrom-autoclose-3.patch).
- Modernize patch util-linux-sulogin4bsc1175514.patch
* Try to autoconfigure broken serial lines
- Add patch util-linux-sulogin4bsc1175514.patch
Avoid sulogin failing on not existing or not functional console
devices (bsc#1175514)
- Build with libudev support to support non-root users
(boo#1169006).
- lscpu: avoid segfault on PowerPC systems with valid hardware
configurations
(bsc#1175623, bsc#1178554, bsc#1178825,
lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
- Fix for SG#57988, bsc#1174942:
libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
to CIFS with mount –a.
- util-linux-systemd
-
- libblkid: Do not trigger CDROM autoclose (bsc#1084671,
util-linux-libblkid-cdrom-autoclose-1.patch,
util-linux-libblkid-cdrom-autoclose-2.patch,
util-linux-libblkid-cdrom-autoclose-3.patch).
- Modernize patch util-linux-sulogin4bsc1175514.patch
* Try to autoconfigure broken serial lines
- Add patch util-linux-sulogin4bsc1175514.patch
Avoid sulogin failing on not existing or not functional console
devices (bsc#1175514)
- Build with libudev support to support non-root users
(boo#1169006).
- lscpu: avoid segfault on PowerPC systems with valid hardware
configurations
(bsc#1175623, bsc#1178554, bsc#1178825,
lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch)
- Fix for SG#57988, bsc#1174942:
libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts
to CIFS with mount –a.
- yast2-tune
-
- Backport: Fixed scheduler activation: do not activate the new
scheduler for devices which do not support it (bsc#1052770)
(backport request at bsc#1177035)
- 3.2.1
- zypper
-
- Fix typo in list-patches help (bsc#1178925)
- version 1.13.58