- Update to 0.3.34
- Manage the `System-Token` header. The `System-Token` header as delivered by
  SCC will be stored inside of the credentials file for later use on API calls.
  This way we add system clone detection for systems using this version of SUSE
- Update to 0.3.33
- Add --keepalive command to send pings to SCC.
- Add service/timer to periodically call --keepalive command to make system
  information in SCC and proxies more accurate. (bsc#1196076)
- Update to containerd v1.6.6 to fix CVE-2022-31030 and meet the requirements
  of Docker v20.10.17-ce. bsc#1200145
- Remove upstreamed patches:
  - bsc1200145-Limit-the-response-size-of-ExecSync.patch
[ This patch was only released in SLES and Leap. ]
- Backport patch to fix GHSA-5ffw-gxpp-mxpf CVE-2022-31030. bsc#1200145
  + bsc1200145-Limit-the-response-size-of-ExecSync.patch
- Update to containerd v1.5.12. Upstream release notes:
- Security fix: [bsc#1200735, CVE-2022-32206]
  * HTTP compression denial of service
  * Add curl-CVE-2022-32206.patch
- Security fix: [bsc#1200737, CVE-2022-32208]
  * FTP-KRB bad message verification
  * Add curl-CVE-2022-32208.patch
- Update to Docker 20.10.17-ce. See upstream changelog online at
  <>. bsc#1200145
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
- Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581)
  * 0001-video-Remove-trailing-whitespaces.patch
  * 0002-video-readers-jpeg-Test-for-an-invalid-next-marker-r.patch
  * 0003-video-readers-jpeg-Catch-files-with-unsupported-quan.patch
  * 0004-video-readers-jpeg-Catch-OOB-reads-writes-in-grub_jp.patch
  * 0005-video-readers-jpeg-Don-t-decode-data-before-start-of.patch
  * 0006-misc-Format-string-for-grub_error-should-be-a-litera.patch
  * 0007-loader-efi-chainloader-Simplify-the-loader-state.patch
  * 0008-commands-boot-Add-API-to-pass-context-to-loader.patch
- Fix CVE-2022-28736 (bsc#1198496)
  * 0009-loader-efi-chainloader-Use-grub_loader_set_ex.patch
- Fix CVE-2022-28735 (bsc#1198495)
  * 0010-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch
  * 0011-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch
  * 0012-video-readers-png-Abort-sooner-if-a-read-operation-f.patch
  * 0013-video-readers-png-Refuse-to-handle-multiple-image-he.patch
- Fix CVE-2021-3695 (bsc#1191184)
  * 0014-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
- Fix CVE-2021-3696 (bsc#1191185)
  * 0015-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch
  * 0016-video-readers-png-Sanity-check-some-huffman-codes.patch
  * 0017-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
  * 0018-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch
  * 0019-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
- Fix CVE-2021-3697 (bsc#1191186)
  * 0020-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch
  * 0021-normal-charset-Fix-array-out-of-bounds-formatting-un.patch
- Fix CVE-2022-28733 (bsc#1198460)
  * 0022-net-ip-Do-IP-fragment-maths-safely.patch
  * 0023-net-netbuff-Block-overly-large-netbuff-allocs.patch
  * 0024-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch
  * 0025-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch
  * 0026-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch
  * 0027-net-tftp-Avoid-a-trivial-UAF.patch
  * 0028-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch
- Fix CVE-2022-28734 (bsc#1198493)
  * 0029-net-http-Fix-OOB-write-for-split-http-headers.patch
- Fix CVE-2022-28734 (bsc#1198493)
  * 0030-net-http-Error-out-on-headers-with-LF-without-CR.patch
  * 0031-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch
  * 0032-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch
  * 0033-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch
  * 0034-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch
  * 0035-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch
  * 0036-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch
  * 0037-Use-grub_loader_set_ex-for-secureboot-chainloader.patch
- Update SBAT security contact (boo#1193282)
- Bump grub's SBAT generation to 2
- Use boot disks in OpenFirmware, fixing regression caused by
  0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch, when
  the root LV is completely in the boot LUN (bsc#1197948)
  * 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch
- ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).
- commit 4bfd1c5
- vringh: Fix loop descriptors check in the indirect cases
- mmc: block: Fix CQE recovery reset success (git-fixes).
- modpost: fix undefined behavior of is_arm_mapping_symbol()
- modpost: fix removing numeric suffixes (git-fixes).
- misc: rtsx: set NULL intfdata when probe fails (git-fixes).
- USB: new quirk for Dell Gen 2 devices (git-fixes).
- USB: serial: option: add Quectel BG95 modem (git-fixes).
- usb: core: hcd: Add support for deferring roothub registration
- usb: dwc2: gadget: don't reset gadget's driver->bus (git-fixes).
- USB: hcd-pci: Fully suspend across freeze/thaw cycle
- drivers: usb: host: Fix deadlock in oxu_bus_suspend()
- USB: host: isp116x: check return value after calling
  platform_get_resource() (git-fixes).
- serial: msm_serial: disable interrupts in __msm_console_write()
- drivers: tty: serial: Fix deadlock in sa1100_set_termios()
- tty: Fix a possible resource leak in icom_probe (git-fixes).
- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
- staging: rtl8712: fix uninit-value in r871xu_drv_init()
- staging: rtl8712: fix uninit-value in usb_read8() and friends
- drivers: staging: rtl8192e: Fix deadlock in
  rtllib_beacons_stop() (git-fixes).
- drivers: staging: rtl8192u: Fix deadlock in
  ieee80211_beacons_stop() (git-fixes).
- watchdog: wdat_wdt: Stop watchdog when rebooting the system
- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (git-fixes).
- video: fbdev: pxa3xx-gcu: release the resources correctly in
  pxa3xx_gcu_probe/remove() (git-fixes).
- rtlwifi: Use pr_warn instead of WARN_ONCE (git-fixes).
- rtl818x: Prevent using not initialized queues (git-fixes).
- mwifiex: add mutex lock for call in
  mwifiex_dfs_chan_sw_work_queue (git-fixes).
- media: cx25821: Fix the warning when removing the module
- media: pci: cx23885: Fix the error handling in cx23885_initdev()
- media: venus: hfi: avoid null dereference in deinit (git-fixes).
- PM / devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).
- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).
- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width}
  based on DMA direction (git-fixes).
- mmc: jz4740: Apply DMA engine limits to maximum segment size
- pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).
- platform/chrome: cros_ec_proto: Send command again when timeout
  occurs (git-fixes).
- commit f8749e6
- efi: Do not import certificates from UEFI Secure Boot for T2
  Macs (git-fixes).
- Refresh
- commit 316d54d
- drm/atomic: Force bridge self-refresh-exit on CRTC switch
- drm/bridge: analogix_dp: Support PSR-exit to disable transition
- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
- iio: dummy: iio_simple_dummy: check the return value of
  kstrdup() (git-fixes).
- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour
- drm/radeon: fix a possible null pointer dereference (git-fixes).
- i2c: cadence: Increase timeout per message if necessary
- drm/amdgpu/ucode: Remove firmware load type check in
  amdgpu_ucode_free_bo (git-fixes).
- drm: msm: fix error check return value of irq_of_parse_and_map()
- drm/plane: Move range check for format_count earlier
- drm/komeda: return early if drm_universal_plane_init() fails
- fbcon: Consistently protect deferred_takeover with
  console_lock() (git-fixes).
- drm/virtio: fix NULL pointer dereference in
  virtio_gpu_conn_get_modes (git-fixes).
- drm/i915: Fix -Wstringop-overflow warning in call to
  intel_read_wm_latency() (git-fixes).
- iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).
- mac80211: upgrade passive scan to active scan on DFS channels
  after beacon rx (git-fixes).
- ipw2x00: Fix potential NULL dereference in libipw_xmit()
- HID: bigben: fix slab-out-of-bounds Write in bigben_probe
- HID: multitouch: Add support for Google Whiskers Touchpad
- hwmon: Make chip parameter for with_info API mandatory
- irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).
- irqchip/armada-370-xp: Do not touch Performance Counter Overflow
  on A375, A38x, A39x (git-fixes).
- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
- irqchip/exiu: Fix acknowledgment of edge triggered interrupts
- efi: Add missing prototype for efi_capsule_setup_info
- drivers: i2c: thunderx: Allow driver to work with ACPI defined
  TWSI controllers (git-fixes).
- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
- Input: goodix - fix spurious key release events (git-fixes).
- commit 71b82f0
- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
- ALSA: hda/conexant - Fix loopback issue with CX20632
- ALSA: usb-audio: Set up (implicit) sync for Saffire 6
- ALSA: usb-audio: Skip generic sync EP parse for secondary EP
- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map()
  return value (git-fixes).
- clocksource/drivers/sp804: Avoid error on multiple instances
- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size
  data type (git-fixes).
- ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).
- ASoC: rt5645: Fix errorenous cleanup order (git-fixes).
- ASoC: tscs454: Add endianness flag in snd_soc_component_driver
- ASoC: dapm: Don't fold register value changes into notifications
- ALSA: usb-audio: Workaround for clock setup on TEAC devices
- ath9k: fix QCA9561 PA bias level (git-fixes).
- b43: Fix assigning negative value to unsigned variable
- b43legacy: Fix assigning negative value to unsigned variable
- ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).
- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
- cfg80211: set custom regdomain after wiphy registration
- ACPI: sysfs: Make sparse happy about address space in use
- commit d8922a7
- Refresh 0002-PKCS-7-Check-codeSigning-EKU-for-kernel-module-and-k.patch
- commit 4835ae7
- platform/x86: wmi: Fix driver->notify() vs ->probe() race
- commit e932131
- platform/x86: wmi: Replace read_takes_no_args with a flags field
- commit 2771a0e
- Update config files
- commit 0d6e862
- s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST
  flag (git-fixes).
- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM
- s390/lcs: fix variable dereferenced before check (git-fixes).
- s390/ctcm: fix potential memory leak (git-fixes).
- s390/ctcm: fix variable dereferenced before check (git-fixes).
- s390/dasd: Fix read inconsistency for ESE DASD devices
  (bsc#1200206 LTC#198455).
- s390/dasd: Fix read for ESE with blksize < 4k (bsc#1200206
- s390/dasd: prevent double format of tracks for ESE devices
  (bsc#1200207 LTC#198454).
- s390/dasd: fix data corruption for ESE devices (bsc#1200207
- KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).
- s390/nmi: handle vector validity failures for KVM guests
- s390/nmi: handle guarded storage validity failures for KVM
  guests (git-fixes).
- vfio/ccw: Remove unneeded GFP_DMA (git-fixes).
- KVM: s390: pv: avoid stalls for kvm_s390_pv_init_vm (git-fixes).
- KVM: s390: pv: avoid double free of sida page (git-fixes).
- KVM: s390: pv: add macros for UVC CC values (git-fixes).
- s390: fix strrchr() implementation (git-fixes).
- s390/pv: fix the forcing of the swiotlb (git-fixes).
- s390/qdio: cancel the ESTABLISH ccw after timeout (git-fixes).
- s390/qdio: fix roll-back after timeout on ESTABLISH ccw
- s390/ftrace: fix ftrace_update_ftrace_func implementation
- s390/cio: dont call css_wait_for_slow_path() inside a lock
- s390/cio: Fix the "/type"/ field in s390_cio_tpi tracepoint
- s390/mcck: fix invalid KVM guest condition check (git-fixes).
- vfio-ccw: Check initialized flag in cp_init() (git-fixes).
- s390: fix detection of vector enhancements facility 1 vs. vector
  packed decimal facility (git-fixes).
- s390/vfio-ap: fix circular lockdep when setting/clearing crypto
  masks (git-fixes).
- virtio/s390: implement virtio-ccw revision 2 correctly
- commit 61a09d5
- NFS: Don't report ENOSPC write errors twice (git-fixes).
- nfsd: Fix null-ptr-deref in nfsd_fill_super() (git-fixes).
- md: fix an incorrect NULL check in md_reload_sb (git-fixes).
- md: fix an incorrect NULL check in does_sb_need_changing
- raid5: introduce MD_BROKEN (git-fixes).
- commit a49fc21
- Rename colliding patches before the next origin/cve/linux-5.3 -> SLE15-SP3 merge
- commit 070ca14
- blk-mq: Fix wrong wakeup batch configuration which will cause
  hang (bsc#1200263).
- commit d25a54b
- blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
- commit 0a1fb57
- PCI: hv: Fix NUMA node assignment when kernel boots with custom
  NUMA topology (bsc#1199365).
- commit 533234b
- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
  architectural PMU (git-fixes).
- commit b46bf26
- KVM: x86/emulator: Defer not-present segment check in
  __load_segment_descriptor() (git-fixes).
- commit 27bee90
- KVM: x86: Fix emulation in writing cr8 (git-fixes).
- commit a28f4e5
- KVM: nVMX: Query current VMCS when determining if MSR bitmaps
  are in use (git-fixes).
- commit d008aa3
- kvm: fix wrong exception emulation in check_rdtsc (git-fixes).
- commit 5797afc
- KVM: nVMX: Unconditionally clear nested.pi_pending on nested
  VM-Enter (git-fixes).
- commit acadff0
- KVM: VMX: Use current VMCS to query WAITPKG support for MSR
  emulation (git-fixes).
- commit e4539a4
- KVM: x86: Don't force set BSP bit when local APIC is managed
  by userspace (git-fixes).
- commit eb244fb
- KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any
  BSP (git-fixes).
- commit e4d1ca5
- KVM: nVMX: Set LDTR to its architecturally defined value on
  nested VM-Exit (git-fixes).
- commit 738798b
- KVM: x86: Immediately reset the MMU context when the SMM flag
  is cleared (git-fixes).
- commit 09330a5
- KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
  intel_arch_events[] (git-fixes).
- commit d9ed32f
- KVM: x86: clflushopt should be treated as a no-op by emulation
- commit 9620f9a
- kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode
- commit ef4dd36
- kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode
- commit f6cd4b8
- KVM: x86: Mark CR4.TSD as being possibly owned by the guest
- commit 0207dce
- KVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in
  64-bit mode (git-fixes).
- commit 167dd6e
- Revert "/KVM: x86: work around leak of uninitialized stack
  contents"/ (git-fixes).
- commit 750d1b0
- nfc: st21nfca: fix incorrect sizing calculations in
  EVT_TRANSACTION (git-fixes).
- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
- drm: imx: fix compiler warning with gcc-12 (git-fixes).
- commit 31b71c0
- KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce
- commit 006ad54
- KVM: nVMX: Invalidate all roots when emulating INVVPID without
  EPT (git-fixes).
- commit 6adfb0f
- KVM: VMX: Flush all EPTP/VPID contexts on remote TLB flush
- commit a06b778
- ftrace: Clean up hash direct_functions on register failures
- commit adaac4e
- tilcdc: tilcdc_external: fix an incorrect NULL check on list
  iterator (git-fixes).
- commit 8f16892
- Refresh
- commit 30ee9bf
- Refresh
- commit e57beef
- blacklist.conf: Remove blacklisting of backported patch
- Refresh
- commit 64d3607
- block: fix bio_clone_blkg_association() to associate with
  proper blkcg_gq (bsc#1200259).
- commit ce6dfd1
- Refresh
- commit fbaa188
- drm/msm/dsi: fix address for second DSI PHY on SDM660
- commit 2435776
- Refresh
- commit 693f083
- Refresh patches.suse/drm-amdkfd-Fix-GWS-queue-count.patch.
- commit cef7148
- Refresh
- commit 7e7296e
- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
- commit 25b074b
- drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).
- commit cd35e5a
- blacklist.conf: 0d979509539e drm/ttm: remove ttm_bo_vm_insert_huge()
- commit b0d7e4a
- blacklist.conf: 10a6de19cad6 seq_file: fix passing wrong private data
- commit 88787ec
- drm/i915: fix i915_globals_exit() section mismatch error
- commit f035fef
- add mainline tag for a pci-hyperv change
- commit 77f42e9
- netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
  (CVE-2022-1972 bsc#1200019).
- commit 323e166
- netfilter: nf_tables: disallow non-stateful expression in sets
  earlier (CVE-2022-1966 bsc#1200015).
- commit 41de480
- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
- scsi: dc395x: Fix a missing check on list iterator (git-fixes).
- scsi: ufs: core: Exclude UECxx from SFR dump list (git-fixes).
- scsi: ufs: qcom: Fix ufs_qcom_resume() (git-fixes).
- drbd: fix duplicate array initializer (git-fixes).
- drbd: use bdev_alignment_offset instead of
  queue_alignment_offset (git-fixes).
- drbd: use bdev based limit helpers in drbd_send_sizes
- drbd: remove assign_p_sizes_qlim (git-fixes).
- commit d165ee8
- Added blacklist git-fix: just fixes compiler warning but breaks kabi
- commit 2f740d4
- jbd2: Fake symbols defined under CONFIG_JBD2_DEBUG
- Update config files to disable mistakenly enabled CONFIG_JBD2_DEBUG
- commit 1c1f326
- net: stmmac: dwmac-sun8i: Balance syscon (de)initialization (git-fixes).
- commit 3c1ac51
- net: stmmac: dwmac-sun8i: Balance internal PHY power (git-fixes).
- commit a293be9
- net: stmmac: dwmac-sun8i: Balance internal PHY resource references (git-fixes).
- commit 5ddd111
- net: stmmac: dwmac-sun8i: Fix probe error handling (git-fixes).
- commit b7d0c5f
- net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (git-fixes).
- commit ac2aae4
- net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs (git-fixes).
- commit dd8afe7
- net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (git-fixes).
- commit de37b40
- net: ethernet: Fix memleak in ethoc_probe (git-fixes).
- commit b06c831
- qlcnic: Fix error code in probe (git-fixes).
- commit 34dcd67
- net: korina: fix return value (git-fixes).
- commit 2399b03
- ice: Fix race conditions between virtchnl handling and VF ndo ops (git-fixes).
- commit ecd49f2
- net: hns3: fix kernel crash when unload VF while it is being reset (git-fixes).
- commit 5655db7
- btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
- commit 9d94c81
- netdevice: demote the type of some dev_addr_set() helpers
- commit eaa7009
- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15
  9520 laptop (git-fixes).
- ALSA: hda/realtek - Add new type for ALC245 (git-fixes).
- ASoC: rt5514: Fix event generation for "/DSP Voice Wake Up"/
  control (git-fixes).
- ALSA: ctxfi: Add SB046x PCI ID (git-fixes).
- commit f5268ed
- gpio: adp5588: Remove support for platform setup and teardown
  callbacks (git-fixes).
- gpio: pca953x: use the correct register address to do regcache
  sync (git-fixes).
- driver core: fix deadlock in __device_attach (git-fixes).
- driver: base: fix UAF when driver_attach failed (git-fixes).
- selftests: firmware: Use smaller dictionary for XZ compression
- bus: ti-sysc: Fix warnings for unbind for serial (git-fixes).
- firmware: dmi-sysfs: Fix memory leak in
  dmi_sysfs_register_handle (git-fixes).
- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
- phy: qcom-qmp: fix reset-controller leak on probe errors
- phy: qcom-qmp: fix struct clk leak on probe errors (git-fixes).
- iio: adc: sc27xx: Fine tune the scale calibration values
- iio: adc: sc27xx: fix read big scale voltage not right
- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return
  value check (git-fixes).
- iio: adc: ad7124: Remove shift from scan_type (git-fixes).
- firmware: stratix10-svc: fix a missing check on list iterator
- usb: ehci-omap: drop unused ehci_read() function (git-fixes).
- usb: typec: mux: Check dev_set_name() return value (git-fixes).
- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
- usb: musb: Fix missing of_node_put() in omap2430_probe
- USB: storage: karma: fix rio_karma_init return (git-fixes).
- usb: usbip: add missing device lock on tweak configuration cmd
- usb: usbip: fix a refcount leak in stub_probe() (git-fixes).
- serial: stm32-usart: Correct CSIZE, bits, and parity
- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
- serial: sifive: Sanitize CSIZE and c_iflag (git-fixes).
- serial: sh-sci: Don't allow CS5-6 (git-fixes).
- serial: txx9: Don't allow CS5-6 (git-fixes).
- serial: rda-uart: Don't allow CS5-6 (git-fixes).
- serial: digicolor-usart: Don't allow CS5-6 (git-fixes).
- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
- serial: meson: acquire port->lock in startup() (git-fixes).
- serial: pch: don't overwrite xmit->buf[0] by x_char (git-fixes).
- serial: 8250: pxa: Remove unneeded <linux/pm_runtime.h>
- serial: 8250: core: Remove unneeded <linux/pm_runtime.h>
- tty: serial: fsl_lpuart: fix potential bug when using both
  of_alias_get_id and ida_simple_get (git-fixes).
- tty: serial: owl: Fix missing clk_disable_unprepare() in
  owl_uart_probe (git-fixes).
- tty: goldfish: Use tty_port_destroy() to destroy port
- staging: fieldbus: Fix the error handling path in
  anybuss_host_common_probe() (git-fixes).
- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (git-fixes).
- commit e15e5e6
- powerpc/xive: Add some error handling code to
  'xive_spapr_init()' (fate#322438 git-fixes).
- commit 29a15ff
- net: sched: fixed barrier to prevent skbuff sticking in qdisc
  backlog (bsc#1183405).
- commit 5f8489b
- tracing: Fix return value of trace_pid_write() (git-fixes).
- commit 332fdc6
- tracing: Fix potential double free in create_var_ref()
- commit 142f9d7
- wireguard: device: check for metadata_dst with skb_valid_dst()
- commit 9790edc
- nvme-tcp: use __dev_get_by_name instead dev_get_by_name for
  OPT_HOST_IFACE (bsc#1199670).
- commit a8aa700
- ceph: fix setting of xattrs on async created inodes
- commit 91687d7
- i2c: at91: Initialize dma_buf in at91_twi_xfer() (git-fixes).
- commit 9250a63
- soc: rockchip: Fix refcount leak in rockchip_grf_init
- wifi: mac80211: fix use-after-free in chanctx code (git-fixes).
- assoc_array: Fix BUG_ON during garbage collect (git-fixes).
- rtc: mt6397: check return value after calling
  platform_get_resource() (git-fixes).
- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
- pwm: raspberrypi-poe: Fix endianness in firmware struct
- pwm: lp3943: Fix duty calculation in case period was clamped
- i2c: at91: use dma safe buffers (git-fixes).
- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
- commit db358bc
- powerpc/xive: Fix refcount leak in xive_spapr_init (fate#322438
- commit 4062633
- NFC: netlink: fix sleep in atomic bug when firmware download
  timeout (CVE-2022-1975 bsc#1200143).
- commit bcae1e0
- nfc: replace improper check device_is_registered() in netlink
  related functions (CVE-2022-1974 bsc#1200144).
- Refresh
- commit 8ab4a08
- certs: Add EFI_CERT_X509_GUID support for dbx entries
  (bsc#1177282 CVE-2020-26541).
- Update config files.
- commit 6bf28b7
- ARM: omap: remove debug-leds driver (git-fixes)
- commit 43f073a
- arm: mediatek: select arch timer for mt7629 (git-fixes)
- commit 013d17b
- ARM: dts: qcom: msm8974: Drop flags for mdss irqs (git-fixes)
- commit 42eec11
- ARM: dts: suniv: F1C100: fix watchdog compatible (git-fixes)
- commit 93d1bda
- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (git-fixes)
- commit 7e7bd88
- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (git-fixes)
- commit 5ee912a
- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (git-fixes)
- commit 8161416
- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (git-fixes)
- commit 4e538b6
- ARM: dts: imx6ull-colibri: fix vqmmc regulator (git-fixes)
- commit 676db9a
- ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 (git-fixes)
- commit 70b2b9b
- ARM: dts: am3517-evm: Fix misc pinmuxing (git-fixes)
- commit 50fc702
- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (git-fixes)
- commit 12ddc7c
- ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek (git-fixes)
- commit 123bc41
- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (git-fixes)
- commit d5627c3
- ARM: config: u8500: Re-enable AB8500 battery charging (git-fixes)
- commit 5b0fb4f
- ARM: davinci: da850-evm: Avoid NULL pointer dereference (git-fixes)
- commit 7371c56
- ARM: 9187/1: JIVE: fix return value of __setup handler (git-fixes)
- commit f4ca8bd
- blacklist.conf: ("/ARM: dts: spear1340: Update serial node properties"/)
- commit 2719ba1
- blacklist.conf: ("/ARM: dts: spear13xx: Update SPI dma properties"/)
- commit d4905d6
- ARM: dts: qcom: ipq4019: fix sleep clock (git-fixes)
- commit 23153db
- ARM: dts: Fix OpenBMC flash layout label addresses (git-fixes)
- commit 5fc1380
- ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (git-fixes)
- commit 71afe29
- ARM: dts: imx: Add missing LVDS decoder on M53Menlo (git-fixes)
- commit afc6580
- ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (git-fixes)
- commit bc1fb03
- ARM: ftrace: ensure that ADR takes the Thumb bit into account (git-fixes)
- commit fee81b1
- blacklist.conf: ("/ARM: iop32x: offset IRQ numbers by 1"/)
- commit abcec77
- ARM: tegra: Move panels to AUX bus (git-fixes)
- commit 50fd172
- ARM: dts: meson8b: Fix the UART device-tree schema validation (git-fixes)
- commit 0f51816
- ARM: dts: meson8: Fix the UART device-tree schema validation (git-fixes)
- commit 40ff6d7
- ARM: dts: meson: Fix the UART compatible strings (git-fixes)
- commit 27df56a
- ARM: socfpga: fix missing RESET_CONTROLLER (git-fixes)
- commit 62b05df
- ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group (git-fixes)
- commit 587bb4a
- ARM: dts: imx6qdl-udoo: Properly describe the SD card detect (git-fixes)
- commit 8309249
- ARM: 9170/1: fix panic when kasan and kprobe are enabled (git-fixes)
- commit 2e353f0
- ARM: dts: armada-38x: Add generic compatible to UART nodes (git-fixes)
- commit c7c1408
- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling (git-fixes)
- commit ca31c5d
- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name (git-fixes)
- commit 43a6857
- ARM: socfpga: dts: fix qspi node compatible (git-fixes)
- commit 8773156
- nvme-tcp: allow selecting the network interface for connections
- commit 24adf25
- scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200046).
- scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200046).
- scsi: qla2xxx: Remove free_sg command flag (bsc#1200046).
- scsi: qla2xxx: Fix missed DMA unmap for aborted commands
- commit 0e2231e
- Refresh
- commit 971fe0e
- scsi: lpfc: Update lpfc version to (bsc#1200045).
- scsi: lpfc: Use sg_dma_address() and sg_dma_len() macros for
  NVMe I/O (bsc#1200045).
- scsi: lpfc: Alter FPIN stat accounting logic (bsc#1200045).
- scsi: lpfc: Rework FDMI initialization after link up
- scsi: lpfc: Change VMID registration to be based on fabric
  parameters (bsc#1200045).
- scsi: lpfc: Decrement outstanding gidft_inp counter if
  lpfc_err_lost_link() (bsc#1200045).
- scsi: lpfc: Use list_for_each_entry_safe() in
  rscn_recovery_check() (bsc#1200045).
- scsi: lpfc: Fix dmabuf ptr assignment in lpfc_ct_reject_event()
- scsi: lpfc: Inhibit aborts if external loopback plug is inserted
- scsi: lpfc: Fix ndlp put following a LOGO completion
- scsi: lpfc: Fill in missing ndlp kref puts in error paths
- scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()
- scsi: lpfc: Remove redundant lpfc_sli_prep_wqe() call
- scsi: lpfc: Fix additional reference counting in
  lpfc_bsg_rport_els() (bsc#1200045).
- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
- scsi: lpfc: Remove unnecessary null ndlp check in
  lpfc_sli_prep_wqe() (bsc#1200045).
- scsi: lpfc: Remove unneeded variable (bsc#1200045).
- scsi: lpfc: Copyright updates for patches
- scsi: lpfc: Update lpfc version to (bsc#1200045).
- scsi: lpfc: Expand setting ELS_ID field in ELS_REQUEST64_WQE
- scsi: lpfc: Update stat accounting for READ_STATUS mbox command
- scsi: lpfc: Change FA-PWWN detection methodology (bsc#1200045).
- scsi: lpfc: Refactor cleanup of mailbox commands (bsc#1200045).
- scsi: lpfc: Fix field overload in lpfc_iocbq data structure
- scsi: lpfc: Introduce FC_RSCN_MEMENTO flag for tracking post
  RSCN completion (bsc#1200045).
- scsi: lpfc: Register for Application Services FC-4 type in
  Fabric topology (bsc#1200045).
- scsi: lpfc: Remove false FDMI NVMe FC-4 support for NPIV ports
- scsi: lpfc: Revise FDMI reporting of supported port speed for
  trunk groups (bsc#1200045).
- scsi: lpfc: Fix call trace observed during I/O with CMF enabled
- scsi: lpfc: Correct CRC32 calculation for congestion stats
- scsi: lpfc: Move MI module parameter check to handle dynamic
  disable (bsc#1200045).
- scsi: lpfc: Remove unnecessary NULL pointer assignment for
  ELS_RDF path (bsc#1200045).
- scsi: lpfc: Transition to NPR state upon LOGO cmpl if link
  down or aborted (bsc#1200045).
- scsi: lpfc: Update fc_prli_sent outstanding only after
  guaranteed IOCB submit (bsc#1200045).
- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
- scsi: lpfc: Fix null pointer dereference after failing to
  issue FLOGI and PLOGI (bsc#1200045).
- scsi: lpfc: Clear fabric topology flag before initiating a
  new FLOGI (bsc#1200045).
- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
- scsi: lpfc: Requeue SCSI I/O to upper layer when fw reports
  link down (bsc#1200045).
- scsi: lpfc: Zero SLI4 fcp_cmnd buffer's fcpCntl0 field
- scsi: lpfc: Fix diagnostic fw logging after a function reset
- scsi: lpfc: Move cfg_log_verbose check before calling
  lpfc_dmp_dbg() (bsc#1200045).
- scsi: lpfc: Tweak message log categories for ELS/FDMI/NVMe
  rescan (bsc#1200045).
- blk-cgroup: move blkcg_{get,set}_fc_appid out of line
- scsi: lpfc: Correct BDE DMA address assignment for GEN_REQ_WQE
  (bsc#1200045 bsc#1198989 bsc#1197675).
- scsi: lpfc: Fix split code for FLOGI on FCoE (bsc#1200045
  bsc#1198989 bsc#1197675).
- commit d7157b7
- iommu/amd: Increase timeout waiting for GA log enablement
- commit fe9fbe6
- lpfc: Readd update to version (bsc#1197675 bsc#1196478 bsc#1198989)
  The update was reverted due to some regression on older
  hardware. These have been fixed in the meantime, thus update the
- commit 200ac05
- revert scsi: qla2xxx: Changes to support FCP2 Target
- commit 12ff2a5
- net: rtlwifi: properly check for alloc_workqueue() failure
- Revert "/rtlwifi: fix a potential NULL pointer dereference"/
- commit 24fe374
- mt76: check return value of mt76_txq_send_burst in
  mt76_txq_schedule_list (git-fixes).
- commit 962a439
- spi: Introduce device-managed SPI controller allocation
- commit 9cd5722
- powerpc/64s: Add CPU_FTRS_POWER10 to ALWAYS mask (jsc#SLE-13521
- powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask
  (bsc#1061840 git-fixes).
- commit 6362663
- blacklist.conf: kABI, cleanup that renames constants
- commit e8bfcff
- blacklist.conf: kABI, renames declarations
- commit 1b506e7
- blacklist.conf: switches off compilation of a driver on some arches. Either irrelevant or breaks kABI.
- commit a8132c8
- media: netup_unidvb: Don't leak SPI master in probe error path
- commit 539b59b
- Refresh
  In this case, we can not simply use __GENKSYMS__ to wrap new
  LOCKDOWN_DBG_WRITE/READ_KERNEL fields in enum lockdown_reason
  struct. So let's remove __GENKSYMS__ and add a kabi workaround
  patch. (bsc#1199426 CVE-2022-21499)
- commit 88eddb5
- lockdown: kABI workaround for lockdown_reason changes
  (bsc#1199426, CVE-2022-21499).
- commit fe7a29a
- powerpc/powernv: Get STF barrier requirements from device-tree
  (bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Get L1D flush requirements from device-tree
  (bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Add __init attribute to eligible functions
  (bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Remove POWER9 PVR version check for entry
  and uaccess flushes (bsc#1188885 ltc#193722 git-fixes).
- commit 4e35232
- powerpc/fadump: fix PT_LOAD segment for boot memory area
  (bsc#1103269 ltc#169948 git-fixes).
- commit 726e54b
- Update patch metadata references
- commit c29f6ae
- KVM: VMX: Fix stale docs for
  kvm-intel.emulate_invalid_guest_state (git-fixes).
- commit 56b5e51
- Kconfig.debug: drop selecting non-existing
- commit 9876873
- arm64: paravirt: Use RCU read locks to guard stolen_time
- commit 06cf912
- smp: Fix offline cpu check in flush_smp_call_function_queue()
- commit 798956d
- mm, page_alloc: fix build_zonerefs_node() (git-fixes).
- commit 25a1706
- Input: stmfts - do not leave device disabled in
  stmfts_input_open (git-fixes).
- commit 7f01cd9
- dmaengine: stm32-mdma: remove GISR1 register (git-fixes).
- dmaengine: idxd: Fix the error handling path in
  idxd_cdev_register() (git-fixes).
- Input: sparcspkr - fix refcount leak in bbc_beep_probe
- misc: ocxl: fix possible double free in ocxl_file_register_afu
- pinctrl: mvebu: Fix irq_of_parse_and_map() return value
- pinctrl/rockchip: support deferring other gpio params
- commit 9a75e78
- btrfs: extent-tree: kill the BUG_ON() in
  insert_inline_extent_backref() (CVE-2019-19377 bsc#1158266).
- commit 31a8792
- btrfs: extent-tree: kill BUG_ON() in  __btrfs_free_extent()
  (CVE-2019-19377 bsc#1158266).
- commit 75b17c1
- crypto: ecrdsa - Fix incorrect use of vli_cmp (git-fixes).
- crypto: caam - fix i.MX6SX entropy delay value (git-fixes).
- crypto: x86 - eliminate anonymous module_init & module_exit
- mfd: ipaq-micro: Fix error check return value of
  platform_get_irq() (git-fixes).
- clk: imx8mp: fix usb_root_clk parent (git-fixes).
- clk: renesas: r9a06g032: Fix the RTC hclock description
- PCI: rockchip: Fix find_first_zero_bit() limit (git-fixes).
- PCI: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- PCI: qcom: Fix runtime PM imbalance on probe errors (git-fixes).
- PCI: imx6: Fix PERST# start-up sequence (git-fixes).
- PCI: dwc: Fix setting error return on MSI DMA mapping failure
- PCI: cadence: Fix find_first_zero_bit() limit (git-fixes).
- PCI/PM: Power up all devices during runtime resume (git-fixes).
- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- tty: fix deadlock caused by calling printk() under
  tty_port->lock (git-fixes).
- commit ec70afa
- NFC: hci: fix sleep in atomic context bugs in
  nfc_hci_hcp_message_tx (git-fixes).
- commit 61459e4
- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
- nl80211: show SSID for P2P_GO interfaces (git-fixes).
- NFC: NULL out the dev->rfkill to prevent UAF (git-fixes).
- media: ov7670: remove ov7670_power_off from ov7670_remove
- media: pvrusb2: fix array-index-out-of-bounds in
  pvr2_i2c_core_init (git-fixes).
- thermal/drivers/broadcom: Fix potential NULL dereference in
  sr_thermal_probe (git-fixes).
- thermal/drivers/bcm2711: Don't clamp temperature at zero
- spi: spi-fsl-qspi: check return value after calling
  platform_get_resource_byname() (git-fixes).
- spi: img-spfi: Fix pm_runtime_get_sync() error checking
- spi: spi-ti-qspi: Fix return value handling of
  wait_for_completion_timeout (git-fixes).
- spi: spi-cadence: Fix kernel-doc format for resume/suspend
- regulator: pfuze100: Fix refcount leak in
  pfuze_parse_regulators_dt (git-fixes).
- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
- mtd: spi-nor: core: Check written SR value in
  spi_nor_write_16bit_sr_and_check() (git-fixes).
- tpm: Fix buffer access in tpm2_get_tpm_pt() (git-fixes).
- platform/chrome: cros_ec_debugfs: detach log reader wq from devm
- rtc: mc146818-lib: Fix the AltCentury for AMD platforms
- rtc: fix use-after-free on device removal (git-fixes).
- mmc: block: Use generic_cmd6_time when modifying
  INAND_CMD38_ARG_EXT_CSD (git-fixes).
- mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC
- commit 45f0e7e
- gma500: fix an incorrect NULL check on list iterator
- media: uvcvideo: Fix missing check to determine if element is
  found in list (git-fixes).
- media: media-entity.h: Fix documentation for
  media_create_intf_link (git-fixes).
- HID: elan: Fix potential double free in elan_input_configured
- HID: hid-led: fix maximum brightness for Dream Cheeky
- Fix double fget() in vhost_net_set_backend() (git-fixes).
- mac80211: fix rx reordering with non explicit / psmp ack policy
- Input: stmfts - fix reference leak in stmfts_input_open
- Input: add bounds checking to input_set_capability()
- commit 6469b91
- firmware: arm_scmi: Validate BASE_DISCOVER_LIST_PROTOCOLS
  response (git-fixes).
- firmware: arm_scmi: Fix list protocols enumeration in the base
  protocol (git-fixes).
- drm/i915: Fix CFI violation with show_dynamic_id() (git-fixes).
- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (git-fixes).
- drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
- drm/msm/mdp5: Return error code in mdp5_mixer_release when
  deadlock is detected (git-fixes).
- drm/msm/mdp5: Return error code in mdp5_pipe_release when
  deadlock is detected (git-fixes).
- drm/msm/hdmi: fix error check return value of
  irq_of_parse_and_map() (git-fixes).
- commit 0cce114
- drm/msm/hdmi: check return value after calling
  platform_get_resource_byname() (git-fixes).
- drm/msm/dsi: fix error checks and return values for DSI xmit
  functions (git-fixes).
- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use
  after memory free during pm runtime resume (git-fixes).
- drm/msm/dpu: adjust display_v_end for eDP and DP (git-fixes).
- drm/mediatek: Fix mtk_cec_mask() (git-fixes).
- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
- drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
- drm/bridge: Fix error handling in analogix_dp_probe (git-fixes).
- drm: mali-dp: potential dereference of null pointer (git-fixes).
- commit def8c76
- drivers/base/memory: fix an unlikely reference counting issue
  in __add_memory_block() (git-fixes).
- drivers/base/node.c: fix compaction sysfs file leak (git-fixes).
- ALSA: usb-audio: Configure sync endpoints before data
- ASoC: max98090: Move check for invalid values before casting
  in max98090_put_enab_tlv() (git-fixes).
- ASoC: wm2000: fix missing clk_disable_unprepare() on error in
  wm2000_anc_transition() (git-fixes).
- ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (git-fixes).
- ASoC: atmel-classd: Remove endianness flag on class d component
- ASoC: atmel-pdmic: Remove endianness flag on pdmic component
- ASoC: rk3328: fix disabling mclk on pclk probe failure
- ASoC: mediatek: Fix missing of_node_put in
  mt2701_wm8960_machine_probe (git-fixes).
- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
- ALSA: usb-audio: Add missing ep_idx in fixed EP quirks
- ALSA: pcm: Check for null pointer of pointer substream before
  dereferencing it (git-fixes).
- drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
- drm/vc4: txp: Force alpha to be 0xff if it's disabled
- drm/vc4: txp: Don't set TXP_VSTART_AT_EOF (git-fixes).
- drm/vc4: hvs: Reset muxes at probe time (git-fixes).
- drm: sti: don't use kernel-doc markers (git-fixes).
- drm/nouveau/clk: Fix an incorrect NULL check on list iterator
- drm/bridge: adv7511: clean up CEC adapter when probe fails
- drm/edid: fix invalid EDID extension block filtering
- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on
  list iterator (git-fixes).
- drm/blend: fix typo in the comment (git-fixes).
- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
- Bluetooth: hci_qca: Use del_timer_sync() before freeing
- Bluetooth: fix dangling sco_conn and use-after-free in
  sco_sock_timeout (git-fixes).
- carl9170: tx: fix an incorrect use of list iterator (git-fixes).
- ath9k_htc: fix potential out of bounds access with invalid
  rxstatus->rs_keyix (git-fixes).
- ath9k: fix ar9003_get_eepmisc (git-fixes).
- docs: submitting-patches: Fix crossref to 'The canonical patch
  format' (git-fixes).
- ACPI: property: Release subnode properties with data nodes
- ALSA: wavefront: Proper check of get_user() error (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo P360
- crypto: x86/chacha20 - Avoid spurious jumps to other functions
- crypto: stm32 - fix reference leak in stm32_crc_remove
- Bluetooth: call hci_le_conn_failed with hdev lock in
  hci_le_conn_failed (git-fixes).
- commit 72b8536
- Update patch reference for libata fix (bsc#1118212).
- commit 9e93177
- KVM: x86/speculation: Disable Fill buffer clear within guests (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit 3afdfd4
- lockdown: also lock down previous kgdb use (bsc#1199426
- commit 090b59e
- perf: Fix sys_perf_event_open() race against self
  (CVE-2022-1729, bsc#1199507).
- commit feaf8f1
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit 7356a15
- Update bug reference to bsc#1196840
  bsc#1195826 is for SLE15-SP4
- commit c323b60
- ext4: avoid cycles in directory h-tree (bsc#1198577
- commit b98a7a0
- ext4: verify dir block before splitting it (bsc#1198577
- commit 1b10a51
- x86/speculation/srbds: Update SRBDS mitigation selection (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit f7e3619
- series.conf: sort the patches
- commit 77394cc
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit 449a24c
- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
- commit 55daac9
- scsi: fnic: Replace DMA mask of 64 bits with 47 bits
- commit 9223fba
- ionic: fix missing pci_release_regions() on error in
  ionic_probe() (bsc#1167773).
- net/mlx5e: Fix the calling of update_buffer_lossy() API
- bnxt_en: Fix unnecessary dropping of RX packets (jsc#SLE-15075).
- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS
  flag (jsc#SLE-8371 bsc#1153274).
- hinic: fix bug of wq out of bound access (bsc#1176447).
- net: hns3: clear inited state and stop client after failed to
  register netdev (bsc#1154353).
- netfilter: nft_set_rbtree: overlap detection with element
  re-addition after deletion (bsc#1176447).
- mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
  (jsc#SLE-15176, jsc#SLE-16387).
- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
- ice: synchronize_rcu() when terminating rings (jsc#SLE-7926).
- ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
- ice: Clear default forwarding VSI during VSI release
- net: hns3: fix bug when PF set the duplicate MAC address for
  VFs (jsc#SLE-14777).
- ionic: remove the dbid_inuse bitmap (bsc#1167773).
- ionic: disable napi when ionic_lif_init() fails (bsc#1167773).
- ionic: Cleanups in the Tx hotpath code (bsc#1167773).
- ionic: Don't send reset commands if FW isn't running
- ionic: start watchdog after all is setup (bsc#1167773).
- ionic: fix type complaint in ionic_dev_cmd_clean()
- net/mlx5: Fix a race on command flush flow (jsc#SLE-15172).
- i40e: stop disabling VFs due to PF error responses (git-fixes).
- ionic: monitor fw status generation (bsc#1167773).
- ionic: avoid races in ionic_heartbeat_check (bsc#1167773).
- commit 16310e3
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit c2d3c0f
- docs: powerpc: Fix misspellings and grammar errors (bsc#1055117
- commit a757a54
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit 93d2214
- powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117
- commit 76e65ef
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit f354e6f
- blacklist.conf: add Renesas SuperH Ethernet
- commit d918a41
- x86/speculation: Add a common function for MD_CLEAR mitigation update (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit e71b0a6
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in
  cpuset_init_smp() (bsc#1199839).
- commit 1cc3b7f
- Update patch reference for crypto fix (bsc#1197601)
- commit afd04b9
- Update patch references for ax25 fixes (CVE-2022-1204 bsc#1198025)
- commit 18cea2f
- KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).
- commit b16b2e0
- blacklist.conf: riscv architecture not supported.
- commit c0e1845
- i2c: mt7621: fix missing clk_disable_unprepare() on error in
  mtk_i2c_probe() (git-fixes).
- commit ee5045f
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180).
- commit 81d7b12
- Input: ili210x - fix reset timing (git-fixes).
- commit 6a3dd7d
- clk: at91: generated: consider range when calculating best rate
- clk: bcm2835: fix bcm2835_clock_choose_div (git-fixes).
- gpio: mvebu/pwm: Refuse requests with inverted polarity
- gpio: gpio-vf610: do not touch other bits when set the target
  bit (git-fixes).
- commit cb7aee7
- ping: fix the sk_bound_dev_if match in ping_lookup
- commit fc7752f
- NFC: nci: fix sleep in atomic context bugs caused by
  nci_skb_alloc (git-fixes).
- ALSA: usb-audio: Restore Rane SL-1 quirk (git-fixes).
- ALSA: hda - fix unused Realtek function when PM is not enabled
- tty/serial: digicolor: fix possible null-ptr-deref in
  digicolor_uart_probe() (git-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM7590
- USB: serial: option: add Fibocom MA510 modem (git-fixes).
- USB: serial: option: add Fibocom L610 modem (git-fixes).
- USB: serial: pl2303: add device id for HP LM930 Display
- drm/nouveau/tegra: Stop using iommu_present() (git-fixes).
- ASoC: ops: Validate input values in snd_soc_put_volsw_range()
- ASoC: max98090: Generate notifications on changes for custom
  control (git-fixes).
- ASoC: max98090: Reject invalid values in custom control put()
- hwmon: (f71882fg) Fix negative temperature (git-fixes).
- commit f35fecc
- kABI: Fix kABI after CVE-2022-0171 backport (CVE-2022-0171
- commit da4b250
- KVM: SEV: add cache flush to solve SEV cache incoherency issues
  (CVE-2022-0171 bsc#1199509).
- commit b851a8d
- ping: remove pr_err from ping_lookup (bsc#1195826).
- commit d9c0959
- patches.suse/ping-fix-the-dif-and-sdif-check-in-ping_lookup.patch:
- commit 964b9e7
- floppy: use a statically allocated error counter (bsc#1199063
- commit 3cde83e
- media: vim2m: Register video device after setting up internals
- commit c68692a
- netfilter: nf_conntrack_tcp: re-init for syn packets only
- commit adf0a01
- netfilter: nf_conntrack_tcp: preserve liberal flag in tcp
  options (bsc#1199035).
- commit 306abaf
- netfilter: conntrack: re-init state for retransmitted syn-ack
- commit 9167545
- netfilter: conntrack: move synack init code to helper
- commit 0f49ef3
- netfilter: conntrack: connection timeout after re-register
- commit f95a3ee
- copy_process(): Move fd_install() out of sighand->siglock
  critical section (bsc#1199626).
- commit 7c0210b
- blacklist.conf: Add 7d613f9f72ec signal: Remove the bogus sigkill_pending in ptrace_stop
- commit e163427
- blacklist.conf: Add e7f7c99ba911 signal: In get_signal test for signal_group_exit every time through the loop
- commit b279627
- Update patch reference for NFC fix (CVE-2022-1734 bsc#1199605).
- commit d3208d6
- nfc: nfcmrvl: main: reorder destructive operations in
  nfcmrvl_nci_unregister_dev to avoid bugs (CVE-2022-1734
  bsc#1199605 git-fixes).
- commit 4841312
- blacklist.conf: kABI
- commit 3cbffe4
- blacklist.conf: fixes only a warning, generated code not changed
- commit e762772
- blacklist.conf: depends on support for the AST2600, which we don't have
- commit 10f8b9b
- media: platform: add missing put_device() call in
  mtk_jpeg_probe() and mtk_jpeg_remove() (git-fixes).
- commit 686e148
- slimbus: qcom: Fix IRQ check in qcom_slim_probe (git-fixes).
- serial: 8250_mtk: Fix register address for XON/XOFF character
- serial: 8250_mtk: Fix UART_EFR register address (git-fixes).
- usb: typec: tcpci: Don't skip cleanup in .remove() on error
- drm/nouveau: Fix a potential theorical leak in
  nouveau_get_backlight_name() (git-fixes).
- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (git-fixes).
- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (git-fixes).
- hwmon: (tmp401) Add OF device ID table (git-fixes).
- Bluetooth: Fix the creation of hdev->name (git-fixes).
- drm/amd/display/dc/gpio/gpio_service: Pass around correct
  dce_{version, environment} types (git-fixes).
- commit ffb14db
- SUNRPC: Ensure that the gssproxy client can start in a connected
  state (git-fixes).
- commit d77dab5
- Revert "/SUNRPC: Ensure gss-proxy connects on setup"/ (git-fixes).
- commit 7ee04aa
- NFS: limit use of ACCESS cache for negative responses
- Refresh
- commit 0b13da9
- Update
  headers (CVE-2021-23133 bsc#1184675).
  Remove unwanted patch headers which have hidden intended CVE and bugzilla
  references (shown above) when the patch was added. The primary purpose of
  this commit is to get the CVE/bugzilla references to git and rpm changelog.
- commit 33c2a2f
- ata: pata_hpt37x: fix PCI clock detection (git-fixes).
- commit 8a557d3
- sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl
- commit 287c3d2
- sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
- commit 8690a8c
- ARM: dts: at91: fix pinctrl phandles (git-fixes)
- commit f0cde52
- ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name (git-fixes)
- commit 61bf915
- mmc: block: fix read single on recovery logic (CVE-2022-20008
- commit b8775dd
- usb: cdc-wdm: fix reading stuck on device close (git-fixes).
- commit 8f25bcd
- scsi: sr: Do not leak information in ioctl (git-fixes).
- scsi: pm80xx: Enable upper inbound, outbound queues (git-fixes).
- scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
- scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
- scsi: virtio-scsi: Eliminate anonymous module_init & module_exit
- drbd: fix an invalid memory access caused by incorrect use of
  list iterator (git-fixes).
- drbd: Fix five use after free bugs in get_initial_state
- scsi: hisi_sas: Change permission of parameter prot_mask
- scsi: pm8001: Fix abort all task initialization (git-fixes).
- scsi: pm8001: Fix NCQ NON DATA command completion handling
- scsi: pm8001: Fix NCQ NON DATA command task initialization
- scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
- scsi: pm8001: Fix le32 values handling in
  pm80xx_chip_ssp_io_req() (git-fixes).
- scsi: pm8001: Fix payload initialization in
  pm80xx_encrypt_update() (git-fixes).
- scsi: pm8001: Fix le32 values handling in
  pm80xx_set_sas_protocol_timer_config() (git-fixes).
- scsi: pm8001: Fix payload initialization in
  pm80xx_set_thermal_config() (git-fixes).
- scsi: pm8001: Fix command initialization in
  pm8001_chip_ssp_tm_req() (git-fixes).
- scsi: pm8001: Fix command initialization in
  pm80XX_send_read_log() (git-fixes).
- scsi: fnic: Fix a tracing statement (git-fixes).
- commit 4f3c957
- Added two git-fixes to be blacklisted
- commit 35e3e29
- ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on
  PTRACE_SEIZE (CVE-2022-30594 bsc#1199505 bsc#1198413).
- commit fd4d93d
- Add patch reference to seccomp fix (CVE-2022-30594 bsc#1199505 bsc#1198413)
  Also shorten the patch file name to standard size
- commit 483f56d
- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU
  protection (git-fixes).
- mac80211: Reset MBSSID parameters upon connection (git-fixes).
- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
- batman-adv: Don't skb_split skbuffs with frag_list (git-fixes).
- dim: initialize all struct fields (git-fixes).
- ASoC: meson: Fix event generation for G12A tohdmi mux
- ASoC: da7219: Fix change notifications for tone generator
  frequency (git-fixes).
- ASoC: wm8958: Fix change notifications for DSP controls
- firewire: core: extend card->lock in fw_core_handle_bus_reset
- firewire: remove check of list iterator against head past the
  loop body (git-fixes).
- firewire: fix potential uaf in outbound_phy_packet_callback()
- PCI: aardvark: Clear all MSIs at setup (git-fixes).
- commit 7fe0786
- smsc911x: allow using IRQ0 (git-fixes).
- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
- USB: serial: whiteheat: fix heap overflow in
  WHITEHEAT_GET_DTR_RTS (git-fixes).
- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075
  compositions (git-fixes).
- usb: gadget: configfs: clear deactivation flag in
  configfs_composite_unbind() (git-fixes).
- usb: misc: fix improper handling of refcount in uss720_probe()
- xhci: increase usb U3 -> U0 link resume timeout from 100ms to
  500ms (git-fixes).
- xhci: stop polling roothubs after shutdown (git-fixes).
- thermal: int340x: Fix callback prototype (git-fixes).
- commit 432e747
- NFC: netlink: fix sleep in atomic bug when firmware download
  timeout (git-fixes).
- nfc: nfcmrvl: main: reorder destructive operations in
  nfcmrvl_nci_unregister_dev to avoid bugs (git-fixes).
- iio: dac: ad5446: Fix read_raw not returning set value
- iio: magnetometer: ak8975: Fix the error handling in
  ak8975_power_on() (git-fixes).
- phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe
- phy: mapphone-mdm6600: Fix PM error handling in
  phy_mdm6600_probe (git-fixes).
- phy: ti: omap-usb2: Fix error handling in
  omap_usb2_enable_clocks (git-fixes).
- phy: samsung: exynos5250-sata: fix missing device put in probe
  error paths (git-fixes).
- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
- serial: 8250: Also set sticky MCR bits in console restoration
- serial: imx: fix overrun interrupts in DMA mode (git-fixes).
- mtd: rawnand: Fix return value check of
  wait_for_completion_timeout (git-fixes).
- mtd: rawnand: fix ecc parameters for mt7622 (git-fixes).
- pinctrl: pistachio: fix use of irq_of_parse_and_map()
- pinctrl: rockchip: fix RK3308 pinmux bits (git-fixes).
- reset: tegra-bpmp: Restore Handle errors in BPMP response
- mt76: Fix undefined behavior due to shift overflowing the
  constant (git-fixes).
- platform/x86: samsung-laptop: Fix an unsigned comparison which
  can never be negative (git-fixes).
- PCI: Do not enable AtomicOps on VFs (git-fixes).
- PCI: iproc: Set affinity mask on MSI interrupts (git-fixes).
- commit 6ee3f02
- ASoC: dmaengine: Restore NULL prepare_slave_config() callback
- ALSA: fireworks: fix wrong return count shorter than expected
  by 4 bytes (git-fixes).
- gpio: pca953x: fix irq_stat not updated when irq is disabled
  (irq_mask not set) (git-fixes).
- gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
- can: grcan: use ofdev->dev when allocating DMA memory
- can: grcan: grcan_close(): fix deadlock (git-fixes).
- iio: dac: ad5592r: Fix the missing return value (git-fixes).
- bus: sunxi-rsb: Fix the return value of
  sunxi_rsb_device_create() (git-fixes).
- clk: sunxi: sun9i-mmc: check return value after calling
  platform_get_resource() (git-fixes).
- drm/amdkfd: Fix GWS queue count (git-fixes).
- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
- hex2bin: fix access beyond string end (git-fixes).
- ata: pata_marvell: Check the 'bmdma_addr' beforing reading
- ALSA: usb-audio: Clear MIDI port active flag after draining
- drm/msm/mdp5: check the return of kzalloc() (git-fixes).
- brcmfmac: sdio: Fix undefined behavior due to shift overflowing
  the constant (git-fixes).
- ALSA: usb-audio: Fix undefined behavior due to shift overflowing
  the constant (git-fixes).
- commit 12e07e6
- EDAC/synopsys: Read the error count from the correct register
- commit 247c29e
- powerpc/64s/radix: Fix huge vmap false positive (bsc#1156395).
- commit 72503c7
- blacklist.conf: Add 35d2f249ef0 powerpc/64s: Fix copy-paste data exposure into newly created tasks
- commit f5594b7
- NFSv4: nfs_atomic_open() can race when looking up a non-regular
  file (bsc#1195612 CVE-2022-24448).
- commit db3a8ef
- kABI: ivtv: restore caps member (git-fixes).
- commit 2c3f6cc
- ivtv: fix incorrect device_caps for ivtvfb (git-fixes).
- commit 2ffad22
- media: saa7134: fix incorrect use to determine if list is empty
- commit faf8c31
- blacklist.conf: changes API visible to user space
- commit e83f4b0
- blacklist.conf: cleanup designed to break kABI
- commit a17a5f2
- media: davinci: vpif: fix use-after-free on driver unbind
- commit 0d124d5
- media: davinci: vpif: fix unbalanced runtime PM enable
- commit 62da1d6
- media: davinci: Make use of the helper function
  devm_platform_ioremap_resource() (git-fixes).
- commit 8aa4890
- media: videobuf2: Fix the size printk format (git-fixes).
- commit 0442925
- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).
- commit 039ffb2
- Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
- commit 46bcd39
- usb: mtu3: fix USB 3.0 dual-role-switch from device to host
- commit e008ec3
- usb: typec: ucsi: Fix role swapping (git-fixes).
- commit 0f6815d
- usb: typec: ucsi: Fix reuse of completion structure (git-fixes).
- commit 384b054
- USB: quirks: add STRING quirk for VCOM device (git-fixes).
- commit 9995a55
- USB: quirks: add a Realtek card reader (git-fixes).
- commit 1c7cb74
- timekeeping: Really make sure wall_to_monotonic isn't (git-fixes)
- commit e27a1b4
- sched/pelt: Fix attach_entity_load_avg() corner case (git-fixes)
- commit d7997c9
- genirq/affinity: Consider that CPUs on nodes can be (git-fixes)
- commit abdcbca
- genirq/timings: Fix error return code in (git-fixes)
- commit 12c2013
- genirq/msi: Ensure deactivation on teardown (git-fixes)
- commit f56bf3a
- genirq/timings: Prevent potential array overflow in (git-fixes)
- commit 218e50c
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- commit 8a841da
- lib/raid6/test: fix multiple definition linking error
- commit 22722bc
- genirq/affinity: Handle affinity setting on inactive (git-fixes)
- commit bc0a024
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- commit 7b2fde0
- genirq/proc: Reject invalid affinity masks (again) (git-fixes)
- commit 420a601
- series.conf: cleanup
  - Move submitted patch to "/sorted"/ section
- commit d411c20
- timers: Fix warning condition in __run_timers() (git-fixes)
- commit 91079b8
- Revert "/SUNRPC: attempt AF_LOCAL connect on setup"/ (git-fixes).
- SUNRPC: Ensure gss-proxy connects on setup (git-fixes).
- NFSv4: Don't invalidate inode attributes on delegation return
- commit c794712
- cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
  (CVE-2022-0168 bsc#1197472).
- commit 5256a40
- cifs: prevent bad output lengths in smb2_ioctl_query_info()
  (CVE-2022-0168 bsc#1197472).
- commit 3989909
- nvdimm/region: always show the 'align' attribute (bsc#1199114).
- commit 6437352
- net: hns3: add a check for index in hclge_get_rss_key()
- commit 43b8d6e
- net: hdlc_ppp: Fix issues when mod_timer is called while timer
  is running (git-fixes).
- commit e3f1aee
- net: bcmgenet: Fix a resource leak in an error handling path
  in the probe functin (git-fixes).
- commit 93f6ac8
- lan743x: fix rx_napi_poll/interrupt ping-pong (git-fixes).
- commit 47f1751
- lan743x: remove redundant assignment to variable
  rx_process_result (git-fixes).
- commit 529465d
- series.conf: sort out patches
- commit a6ad4ca
- sched/topology: Skip updating masks for non-online nodes
  (bsc#1197446 ltc#183000).
- commit 1e43cf6
- Update patches.suse/powerpc-numa-Update-cpu_cpu_map-on-CPU-online-offlin.patch
  (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes bsc#1197446 ltc#183000).
- commit 89f63a7
- iwlwifi: mvm: fix the return type for DSM functions 1 and 2
- commit 7bb7073
- objtool: Fix type of reloc::addend (git-fixes).
- commit 9c82829
- ixgbevf: add disable link state (bsc#1196426 CVE-2021-33061).
- ixgbe: add improvement for MDD response functionality
  (bsc#1196426 CVE-2021-33061).
- ixgbe: add the ability for the PF to disable VF link state
  (bsc#1196426 CVE-2021-33061).
- commit c5d1777
- mt76: mt7663s: fix rx buffer refcounting (git-fixes).
- commit 098565a
- blacklist.conf: ("/arm64: patch_text: Fixup last cpu should be master"/)
- commit ec52e4c
- blacklist.conf: ("/arm64: prevent instrumentation of bp hardening callbacks"/)
- commit 4711dc6
- blacklist.conf: ("/arm64: dts: ls1046a: Update i2c node dma properties"/)
- commit 35426a5
- blacklist.conf: ("/arm64: dts: ls1043a: Update i2c dma properties"/)
- commit 080fa21
- arm64: dts: rockchip: Fix SDIO regulator supply properties on (git-fixes)
- commit ff56d7c
- arm64: dts: broadcom: Fix sata nodename (git-fixes)
- commit ae709d6
- arm64: dts: ns2: Fix spi-cpol and spi-cpha property (git-fixes)
- commit 7fe2a15
- arm64/mm: avoid fixmap race condition when create pud mapping (git-fixes)
- commit 86007a2
- arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions (git-fixes)
- commit 1b82f10
- drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() (git-fixes)
- commit dd7ee34
- arm64: Always force a branch protection mode when the compiler has one (git-fixes).
  Refresh patches.suse/arm64-enable-tlbi-range-instructions.patch.
- commit fa4122b
- Set initiatorname in %post (at end of install), for cases
  where root is read-only at startup time (bsc#1198457)
- Update to latest upstream, including:
  * Added 'distclean' to Makefile targets
  * Ensure Makefile '.PHONY' targets set up correctly
  * fix an iscsid logout bug generating a false error
    and cleanup logout error messages
- Updated to latest upstream version, tagged 2.1.7. Changes
  * updated/fixed test script
  * updated build system
  * several bug fixes, including one for bsc#1199264
- Updated to latest upstream, including bug fixes and cleanups.
  Changes included:
  * add handling name/value pairs for firmware login (bsc#1196113),
    including man page update for same
  * Fix bug where some package parts were installed using
    DESTDIR twice
  * general build cleanup (in prep for removing DB files from
    /etc/iscsi some day soon)
  Also, now delivering a "/package config"/ file for libopeniscsiusr.
- Encrypt the sixteen bytes that were unencrypted in some circumstances
  on 32-bit x86 platforms.
  * [bsc#1201099, CVE-2022-2097]
  * added openssl-CVE-2022-2097.patch
- Added	openssl-1_1-Fix-file-operations-in-c_rehash.patch
  * bsc#1200550
  * CVE-2022-2068
  * Fixed more shell code injection issues in c_rehash
- Added openssl-update_expired_certificates.patch
  * Openssl failed tests because of expired certificates.
  * bsc#1185637
  * Sourced from
- Security fix: [bsc#1199166, CVE-2022-1292]
  * Added: openssl-CVE-2022-1292.patch
  * properly sanitise shell metacharacters in c_rehash script.
- Remove inotify watch descriptor in imfile on inode change detected
  * add 0001-imfile-Remove-inotify-watch-descriptor-on-inode-chan.patch
- Update to runc v1.1.3. Upstream changelog is available from
  (Includes a fix for bsc#1200088.)
  * Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on
    s390 and s390x. This solves the issue where syscalls the host kernel did not
    support would return `-EPERM` despite the existence of the `-ENOSYS` stub
    code (this was due to how s390x does syscall multiplexing).
  * Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as
    intended; this fix does not affect runc binary itself but is important for
    libcontainer users such as Kubernetes.
  * Inability to compile with recent clang due to an issue with duplicate
    constants in libseccomp-golang.
  * When using systemd cgroup driver, skip adding device paths that don't exist,
    to stop systemd from emitting warnings about those paths.
  * Socket activation was failing when more than 3 sockets were used.
  * Various CI fixes.
  * Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container.
  * runc static binaries are now linked against libseccomp v2.5.4.
- Remove upstreamed patches:
  - bsc1192051-0001-seccomp-enosys-always-return-ENOSYS-for-setup-2-on-s390x.patch
- Backport <> to fix issues
  with newer syscalls (namely faccessat2) on older kernels on s390(x) caused by
  that platform's syscall multiplexing semantics. bsc#1192051 bsc#1199565
  + bsc1192051-0001-seccomp-enosys-always-return-ENOSYS-for-setup-2-on-s390x.patch
- Add ExcludeArch for s390 (not s390x) since we've never supported it.
- Update to runc v1.1.2. Upstream changelog is available from
  CVE-2022-29162 bsc#1199460
  * A bug was found in runc where runc exec --cap executed processes with
    non-empty inheritable Linux process capabilities, creating an atypical Linux
    environment. For more information, see [GHSA-f3fp-gc8g-vw66][] and
    CVE-2022-29162. bsc#1199460
  * `runc spec` no longer sets any inheritable capabilities in the created
    example OCI spec (`config.json`) file.
- Update to runc v1.1.1. Upstream changelog is available from
  * runc run/start can now run a container with read-only /dev in OCI spec,
    rather than error out. (#3355)
  * runc exec now ensures that --cgroup argument is a sub-cgroup. (#3403)
    libcontainer systemd v2 manager no longer errors out if one of the files
    listed in /sys/kernel/cgroup/delegate do not exist in container's
    cgroup. (#3387, #3404)
  * Loosen OCI spec validation to avoid bogus "/Intel RDT is not supported"/
    error. (#3406)
  * libcontainer/cgroups no longer panics in cgroup v1 managers if stat
    of /sys/fs/cgroup/unified returns an error other than ENOENT. (#3435)
- Update to runc v1.1.0. Upstream changelog is available from
  - libcontainer will now refuse to build without the nsenter package being
    correctly compiled (specifically this requires CGO to be enabled). This
    should avoid folks accidentally creating broken runc binaries (and
    incorrectly importing our internal libraries into their projects). (#3331)
- Update to runc v1.1.0~rc1. Upstream changelog is available from
  + Add support for RDMA cgroup added in Linux 4.11.
  * runc exec now produces exit code of 255 when the exec failed.
    This may help in distinguishing between runc exec failures
    (such as invalid options, non-running container or non-existent
    binary etc.) and failures of the command being executed.
  + runc run: new --keep option to skip removal exited containers artefacts.
    This might be useful to check the state (e.g. of cgroup controllers) after
    the container hasexited.
  + seccomp: add support for SCMP_ACT_KILL_PROCESS and SCMP_ACT_KILL_THREAD
    (the latter is just an alias for SCMP_ACT_KILL).
  + seccomp: add support for SCMP_ACT_NOTIFY (seccomp actions). This allows
    users to create sophisticated seccomp filters where syscalls can be
    efficiently emulated by privileged processes on the host.
  + checkpoint/restore: add an option (--lsm-mount-context) to set
    a different LSM mount context on restore.
  + intelrdt: support ClosID parameter.
  + runc exec --cgroup: an option to specify a (non-top) in-container cgroup
    to use for the process being executed.
  + cgroup v1 controllers now support hybrid hierarchy (i.e. when on a cgroup v1
    machine a cgroup2 filesystem is mounted to /sys/fs/cgroup/unified, runc
    run/exec now adds the container to the appropriate cgroup under it).
  + sysctl: allow slashes in sysctl names, to better match sysctl(8)'s
  + mounts: add support for bind-mounts which are inaccessible after switching
    the user namespace. Note that this does not permit the container any
    additional access to the host filesystem, it simply allows containers to
    have bind-mounts configured for paths the user can access but have
    restrictive access control settings for other users.
  + Add support for recursive mount attributes using mount_setattr(2). These
    have the same names as the proposed mount(8) options -- just prepend r
    to the option name (such as rro).
  + Add runc features subcommand to allow runc users to detect what features
    runc has been built with. This includes critical information such as
    supported mount flags, hook names, and so on. Note that the output of this
    command is subject to change and will not be considered stable until runc
    1.2 at the earliest. The runtime-spec specification for this feature is
    being developed in opencontainers/runtime-spec#1130.
  * system: improve performance of /proc/$pid/stat parsing.
  * cgroup2: when /sys/fs/cgroup is configured as a read-write mount, change
    the ownership of certain cgroup control files (as per
    /sys/kernel/cgroup/delegate) to allow for proper deferral to the container
  * runc checkpoint/restore: fixed for containers with an external bind mount
    which destination is a symlink.
  * cgroup: improve openat2 handling for cgroup directory handle hardening.
    runc delete -f now succeeds (rather than timing out) on a paused
  * runc run/start/exec now refuses a frozen cgroup (paused container in case of
    exec). Users can disable this using --ignore-paused.
- Update version data embedded in binary to correctly include the git commit of
  the release.
- Drop runc-rpmlintrc because we don't have runc-test anymore.
- Enable suseconnect-keepalive.timer for SUSEConnect (jsc#SLE-23312)
- Deleted patches:
  * restrict-shell-commands.patch
  * source-check-sandbox.patch
  * vim-8.0.1568-CVE-2021-3778.patch
  * vim-8.0.1568-CVE-2021-3796.patch
  * vim-8.0.1568-CVE-2021-3872.patch
  * vim-8.0.1568-CVE-2021-3927.patch
  * vim-8.0.1568-CVE-2021-3928.patch
  * vim-8.0.1568-CVE-2021-3984.patch
  * vim-8.0.1568-CVE-2021-4019.patch
  * vim-8.0.1568-CVE-2021-4193.patch
  * vim-8.0.1568-CVE-2021-46059.patch
  * vim-8.0.1568-CVE-2022-0319.patch
  * vim-8.0.1568-CVE-2022-0351.patch
  * vim-8.0.1568-CVE-2022-0361.patch
  * vim-8.0.1568-CVE-2022-0413.patch
  * vim-8.0.1568-globalvimrc.patch
- Added patches:
  * vim-8.1.0297-dump3.patch
  * vim-8.2.2411-globalvimrc.patch
  * disable-unreliable-tests-arch.patch
- Updated patches:
  * disable-unreliable-tests.patch
  * vim-7.3-filetype_changes.patch
  * vim-7.3-filetype_ftl.patch
  * vim-7.3-filetype_spec.patch
  * vim-7.3-gvimrc_fontset.patch
  * vim-7.3-help_tags.patch
  * vim-7.3-mktemp_tutor.patch
  * vim-7.3-name_vimrc.patch
  * vim-7.3-sh_is_bash.patch
  * vim-7.3-use_awk.patch
  * vim-7.4-disable_lang_no.patch
  * vim-7.4-filetype_apparmor.patch
  * vim-7.4-filetype_mine.patch
  * vim-7.4-highlight_fstab.patch
  * vim-8.0-ttytype-test.patch
  * vim-8.0.1568-defaults.patch
  * vim73-no-static-libpython.patch
- Updated to version 8.2 with patch level 5038, fixes the following problems
  * Fixing bsc#1191770 VUL-0: CVE-2021-3875: vim: heap-based buffer overflow
  * Fixing bsc#1192167 VUL-0: CVE-2021-3903: vim: heap-based buffer overflow
  * Fixing bsc#1192902 VUL-0: CVE-2021-3968: vim: vim is vulnerable to
    Heap-based Buffer Overflow
  * Fixing bsc#1192903 VUL-0: CVE-2021-3973: vim: vim is vulnerable to
    Heap-based Buffer Overflow
  * Fixing bsc#1192904 VUL-0: CVE-2021-3974: vim: vim is vulnerable to Use
    After Free
  * Fixing bsc#1193466 VUL-1: CVE-2021-4069: vim: use-after-free in ex_open()
    in src/ex_docmd.c
  * Fixing bsc#1193905 VUL-0: CVE-2021-4136: vim: vim is vulnerable to
    Heap-based Buffer Overflow
  * Fixing bsc#1194093 VUL-1: CVE-2021-4166: vim: vim is vulnerable to
    Out-of-bounds Read
  * Fixing bsc#1194216 VUL-1: CVE-2021-4193: vim: vulnerable to
    Out-of-bounds Read
  * Fixing bsc#1194217 VUL-0: CVE-2021-4192: vim: vulnerable to Use After Free
  * Fixing bsc#1194872 VUL-0: CVE-2022-0261: vim: Heap-based Buffer Overflow
    in vim prior to 8.2.
  * Fixing bsc#1194885 VUL-0: CVE-2022-0213: vim: vim is vulnerable to
    Heap-based Buffer Overflow
  * Fixing bsc#1195004 VUL-0: CVE-2022-0318: vim: Heap-based Buffer Overflow in
    vim prior to 8.2.
  * Fixing bsc#1195203 VUL-0: CVE-2022-0359: vim: heap-based buffer overflow in
    init_ccline() in ex_getln.c
  * Fixing bsc#1195354 VUL-0: CVE-2022-0407: vim: Heap-based Buffer Overflow in
    Conda vim prior to 8.2.
  * Fixing bsc#1198596 VUL-0: CVE-2022-1381: vim: global heap buffer overflow
    in skip_range
  * Fixing bsc#1199331 VUL-0: CVE-2022-1616: vim: Use after free in
  * Fixing bsc#1199333 VUL-0: CVE-2022-1619: vim: Heap-based Buffer Overflow in
    function cmdline_erase_chars
  * Fixing bsc#1199334 VUL-0: CVE-2022-1620: vim: NULL Pointer Dereference in
    function vim_regexec_string
  * Fixing bsc#1199747 VUL-0: CVE-2022-1796: vim: Use After in
  * Fixing bsc#1200010 VUL-0: CVE-2022-1897: vim: Out-of-bounds Write in vim
  * Fixing bsc#1200011 VUL-0: CVE-2022-1898: vim: Use After Free in vim prior
    to 8.2
  * Fixing bsc#1200012 VUL-0: CVE-2022-1927: vim: Buffer Over-read in vim prior
    to 8.2
  * Fixing bsc#1070955 VUL-1: CVE-2017-17087: vim: Sets the group ownership of a
    .swp file to the editor's primary group, which allows local users to obtain
    sensitive information
  * Fixing bsc#1194388 VUL-1: CVE-2022-0128: vim: vim is vulnerable to
    Out-of-bounds Read
  * Fixing bsc#1195332 VUL-1: CVE-2022-0392: vim: Heap-based Buffer Overflow
    in vim prior to 8.2
  * Fixing bsc#1196361 VUL-1: CVE-2022-0696: vim: NULL Pointer Dereference in
    vim prior to 8.2
  * Fixing bsc#1198748 VUL-1: CVE-2022-1420: vim: Out-of-range Pointer Offset
  * Fixing bsc#1199651 VUL-1: CVE-2022-1735: vim: heap buffer overflow
  * Fixing bsc#1199655 VUL-1: CVE-2022-1733: vim: Heap-based Buffer Overflow in
  * Fixing bsc#1199693 VUL-1: CVE-2022-1771: vim: stack exhaustion in vim prior
    to 8.2.
  * Fixing bsc#1199745 VUL-1: CVE-2022-1785: vim: Out-of-bounds Write
  * Fixing bsc#1199936 VUL-1: CVE-2022-1851: vim: out of bounds read
- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
  Insufficient care with non-coherent mappings
  fix xsa402-5.patch
- Upstream bug fixes (bsc#1027519)
- bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition
  in typeref acquisition
- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
  Insufficient care with non-coherent mappings
- Update to Xen 4.14.5 bug fix release (bsc#1027519)
- Drop patches contained in new tarball
- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
  CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
  map (AMD-Vi) handling issues (XSA-400)