aaa_base
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
  drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
  make sure the script does not exit with 1 if a file
  with content is found (bsc#1222547)

- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
  home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
ca-certificates
- Update to version 2+git20240416.98ae794 (bsc#1221184):
  * Use flock to serialize calls (boo#1188500)
  * Make certbundle.run container friendly
  * Create /var/lib/ca-certificates if needed
cloud-init
- Add cloud-init-no-nmcfg-needed.patch (bsc#1221726)
  + Do not require a NetworkManager config file in order to detect
    NetworkManager as the renderer

- Add cloud-init-no-openstack-guess.patch (bsc#1222113)
  + Do not guess if we are running on OpenStack or not. Only recognize
    the known markers and enable cloud-init if we know for sure.

- Add  cloud-init-ds-deterministic.patch (bsc#1221132)
  + Do not guess a data source when checking for a CloudStack
    environment

- Hardcode distribution to suse for proper cloud.cfg generation
  (bsc#1220132).

- Prepare for RPM 4.20 switch patch syntax
curl
- Security fix: [bsc#1221665, CVE-2024-2004]
  * Usage of disabled protocol
  * Add curl-CVE-2024-2004.patch

- Security fix: [bsc#1221667, CVE-2024-2398]
  * curl: HTTP/2 push headers memory-leak
  * Add curl-CVE-2024-2398.patch
glibc
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
  writes when writing escape sequence (CVE-2024-2961, bsc#1222992)

- duplocale-global-locale.patch: duplocale: protect use of global locale
  (bsc#1220441, BZ #23970)
grub2
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
  * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch
hwdata
- update to 0.380:
  * Update pci, usb and vendor ids

- update to 0.379:
  * Update pci, usb and vendor ids
kernel-default
- Refresh patches.kabi/kabi-allow-extra-bugints.patch. (bsc#1222952)
- commit a04a1a9

- mm/vmalloc: huge vmalloc backing pages should be split rather
  than compound (bsc#1217829).
- commit 539be83

- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
  Properly check whether the feature we are patching in the alternatives
  is a feature or a bug. This was broken because in apply_alternative()
  boot_cpu_has is used and if we have an alternative that depends on a bug
  bit (such as X86_BUG_SYSRET_SS_ATTRS) the boot_cpu_has will erroneously
  check if this bit is set in the feature ints rather than the bug ints.
  While at it ensure that static_cpu_has isn't called with extended
  bugs features as those aren't supported right now.
- commit 793068f

- Refresh
  patches.kabi/PCI-Add-locking-to-RMW-PCI-Express-Capability-Regist.patch.
  Drop a bogus hunk. It was introduced by mistake.
  Fixes: acf0d9920aee
- commit 3a754ef

- blacklist.conf: Add f7ec1cd5cc7e getrusage: use sig->stats_lock rather than lock_task_sighand()
  and its prereqs
- commit 0650209

- blacklist.conf: Add d9b3ce8769e3 mm: writeback: ratelimit stat flush from mem_cgroup_wb_stats
- commit 3201b4c

- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  (bsc#1222619).
- commit 3d3186c

- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- commit aa158b4

- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit 4edf006

- blacklist.conf: We don't have annotate_noendbr in this kernel
  So shut up the warning.
- commit f6d75ac

- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- commit eb744cd

- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
  (bsc#1219264 CVE-2024-0841).
- commit fe3c052

- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
  (bsc#1219264 CVE-2024-0841).
- commit aa8204a

- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
  CVE-2023-52591).
- commit a849be1

- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- Drivers: hv: vmbus: Calculate ring buffer size for more
  efficient use of memory (git-fixes).
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER
  missed (git-fixes).
- hv_netvsc: Fix race condition between netvsc_probe and
  netvsc_remove (git-fixes).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not
  4 Kbytes (git-fixes).
- commit 82617ea

- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- commit 22061fc

- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- commit a61527a

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card")
- commit 4b90502

- arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
- commit b828266

- blacklist.conf: add a couple of PCI git-fixes
- commit 37743ca

- ata: sata_mv: Fix PCI device ID table declaration compilation
  warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
  (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling
  (git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
  (git-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support
  headset with microphone (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the
  CCS (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- commit 56ef24f

- scsi: pm80xx: Avoid leaking tags when processing
  OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
  cve-2023-52500).
- commit fc88013

- KVM: x86: Add BHI_NO (bsc#1217339 CVE-2024-2201).
- commit c0e1ffe

- Update
  patches.suse/ALSA-sh-aica-reorder-cleanup-operations-to-avoid-UAF.patch
  (git-fixes CVE-2024-26654 bsc#1222304).
- Update
  patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch
  (git-fixes CVE-2024-26717 bsc#1222360).
- Update
  patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch
  (bsc#1219443 CVE-2024-26670 bsc#1222356).
- Update
  patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch
  (git-fixes CVE-2024-26695 bsc#1222373).
- Update
  patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch
  (git-fixes CVE-2024-26667 bsc#1222331).
- Update
  patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch
  (git-fixes CVE-2024-26664 bsc#1222355).
- Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch
  (bsc#1218968 CVE-2024-26629 bsc#1221379).
- Update
  patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch
  (git-fixes CVE-2024-26599 bsc#1220365).
- Update
  patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
  (git-fixes bsc1220398 CVE-2024-26602 bsc#1220398).
- Update
  patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch
  (git-fixes CVE-2024-26627 bsc#1221090).
- Update
  patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch
  (git-fixes CVE-2024-26651 bsc#1221337).
- Update
  patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch
  (git-fixes CVE-2024-26645 bsc#1222056).
- Update
  patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch
  (git-fixes CVE-2024-26659 bsc#1222317).
- commit bd16cf6

- Update
  patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch
  (git-fixes CVE-2023-52518 bsc#1221056).
- Update
  patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch
  (git-fixes CVE-2023-52604 bsc#1221067).
- Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch
  (git-fixes CVE-2023-52587 bsc#1221082).
- Update
  patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch
  (git-fixes bsc#1220393 CVE-2023-52639 bsc#1222300).
- Update
  patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch
  (git-fixes CVE-2023-52617 bsc#1221613).
- Update
  patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch
  (git-fixes CVE-2023-52623 bsc#1222060).
- Update
  patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch
  (git-fixes CVE-2023-52603 bsc#1221066).
- Update
  patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch
  (git-fixes CVE-2023-52494 bsc#1221273).
- Update
  patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch
  (git-fixes CVE-2023-52493 bsc#1221274).
- Update
  patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch
  (git-fixes CVE-2023-52637 bsc#1222291).
- Update
  patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch
  (git-fixes CVE-2023-52612 bsc#1221616).
- Update
  patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch
  (git-fixes CVE-2023-52486 bsc#1221277).
- Update
  patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch
  (git-fixes CVE-2023-52632 bsc#1222274).
- Update
  patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch
  (git-fixes CVE-2023-52563 bsc#1220937).
- Update
  patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch
  (git-fixes CVE-2023-52615 bsc#1221614).
- Update
  patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch
  (bsc#1215921 CVE-2023-52484 bsc#1220797).
- Update
  patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch
  (git-fixes CVE-2023-52601 bsc#1221068).
- Update
  patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch
  (git-fixes CVE-2023-52599 bsc#1221062).
- Update
  patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch
  (git-fixes CVE-2023-52602 bsc#1221070).
- Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch
  (git-fixes CVE-2023-52600 bsc#1221071).
- Update
  patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch
  (bsc#1218958 CVE-2023-52450 bsc#1220237).
- Update
  patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch
  (git-fixes CVE-2023-52619 bsc#1221618).
- Update
  patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
  (git-fixes CVE-2023-52500 bsc#1220883).
- Update
  patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch
  (git-fixes CVE-2023-52594 bsc#1221045).
- Update
  patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch
  (git-fixes CVE-2023-52595 bsc#1221046).
- commit b1046c1

- Update
  patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
  (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc

- mm,page_owner: Fix printing of stack records (bsc#1222366).
- commit a7b445d

- mm,page_owner: Fix accounting of pages when migrating
  (bsc#1222366).
- commit 37b3731

- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- commit 4dc29b0

- iommu/mediatek: Fix forever loop in error handling (git-fixes).
- commit 21d467e

- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
  CVE-2023-52591).
- commit 66a189d

- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- commit b2b2b31

- mm,page_owner: fix recursion (bsc#1222366).
- commit 4517a6d

- mm,page_owner: drop unnecessary check (bsc#1222366).
- commit 0c42427

- mm,page_owner: check for null stack_record before bumping its
  refcount (bsc#1222366).
- commit 81f3531

- Update patches metadata
- commit f6df04d

- x86/bhi: Mitigate KVM by default (bsc#1217339 CVE-2024-2201).
- commit e8a52ff

- x86/bhi: Add BHI mitigation knob (bsc#1217339 CVE-2024-2201).
- Update config files.
- commit 66b3207

- x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1217339 CVE-2024-2201).
- commit 797a250

- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace  (bsc#1217339 CVE-2024-2201).
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- commit d9a50a1

- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1217339 CVE-2024-2201).
- commit c5355fd

- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
  Extend existing functionality to allow adding extra feature words in
  addition to extra bug words. This code is adjusted from SLE12-SP5 patch.
- commit 44177f4

- x86/bhi: Add support for clearing branch history at syscall entry (bsc#1217339 CVE-2024-2201).
- commit 7297553

- x86/cpufeature: Add missing leaf enumeration (bsc#1217339 CVE-2024-2201).
- commit 72a3a61

- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
  (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in
  intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2
  (stable-fixes).
- drm/amd/display: Return the correct HDCP error code
  (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
  (stable-fixes).
- drm/exynos: do not return negative values from .get_modes()
  (stable-fixes).
- drm/panel: do not return negative error codes from
  drm_panel_get_modes() (stable-fixes).
- drm/probe-helper: warn about negative .get_modes()
  (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
  (stable-fixes).
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
  (stable-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
  (stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges
  (stable-fixes).
- commit 9310237

- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
  (bsc#1209657 CVE-2023-0160).
- blacklist.conf: omit previous incomplete sockmap fix
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t
  (git-fixes).
- commit 9a86a18

- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- commit f738a42

- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
  (bsc#1209657 CVE-2023-0160).
- commit 989b8c6

- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e

- netfilter: nf_tables: disallow anonymous set with timeout flag
  (CVE-2024-26642 bsc#1221830).
- commit 02a907f

- netfilter: ctnetlink: fix possible refcount leak in
  ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032

- usb: typec: ucsi: Check for notifications after init
  (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
  (git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds
  (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface()
  (git-fixes).
- staging: vc04_services: fix information leak in
  create_component() (git-fixes).
- commit 74f6b3e

- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/qxl: remove unused variable from
  `qxl_process_single_command()` (git-fixes).
- drm/qxl: remove unused `count` variable from
  `qxl_surface_id_alloc()` (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if
  needed (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object()
  in acpi_db_walk_for_fields() (git-fixes).
- commit 22f136e

- README.BRANCH: Remove copy of branch name
- commit 4834fba

- README.BRANCH: Remove copy of branch name
- commit 9b22290

- thermal: intel: hfi: Add syscore callbacks for system-wide PM
  (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Disable an HFI instance when all its CPUs
  go offline (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Enable an HFI instance from its first
  online CPU (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Refactor enabling code into helper
  functions (CVE-2024-26646 bsc#1222070).
- commit 8d3563b

- ASoC: meson: t9015: fix function pointer type mismatch
  (git-fixes).
- drm/tegra: hdmi: Fix some error handling paths in
  tegra_hdmi_probe() (git-fixes).
- drm/tegra: dsi: Fix some error handling paths in
  tegra_dsi_probe() (git-fixes).
- net/x25: fix incorrect parameter validation in the
  x25_getsockopt() function (git-fixes).
- Bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- lib/cmdline: Fix an invalid format specifier in an assertion
  msg (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio
  (stable-fixes).
- firewire: core: use long bus reset on gap count error
  (stable-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
  (stable-fixes).
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
  (stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
  (stable-fixes).
- drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
  (stable-fixes).
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
  (stable-fixes).
- commit 2335ed9

- ACPI: resource: Add Infinity laptops to
  irq1_edge_low_force_override (stable-fixes).
- Refresh
  patches.suse/ACPI-resource-Add-MAIBENBEN-X577-to-irq1_edge_low_fo.patch.
- commit a322c3a

- ASoC: meson: aiu: fix function pointer type mismatch
  (git-fixes).
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
  (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
  (stable-fixes).
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
  (stable-fixes).
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono
  mode (stable-fixes).
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
  (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi
  Vi8 tablet (stable-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise
  (stable-fixes).
- ASoC: meson: Use dev_err_probe() helper (stable-fixes).
- commit 8f94a4d

- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- ALSA: aoa: avoid false-positive format truncation warning
  (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
  (git-fixes).
- wifi: iwlwifi: fw: don't always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
  (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function
  (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
  (git-fixes).
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
  (stable-fixes).
- commit a43d7a1

- ipv6: init the accept_queue's spinlocks in inet6_create
  (bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f

- net/bnx2x: Prevent access to a freed page in page_pool
  (bsc#1215322).
- commit 6d39ac9

- tcp: make sure init the accept_queue's spinlocks once
  (bsc#1221293 CVE-2024-26614).
- commit 943f002

- powerpc/boot: Disable power10 features after BOOTAFLAGS
  assignment (bsc#1194869).
- commit 17f8de7

- powerpc/boot: Fix boot wrapper code generation with
  CONFIG_POWER10_CPU (bsc#1194869).
- commit 9b67460

- powerpc/lib: Validate size for vector operations (bsc#1194869 CVE-2023-52606 bsc#1221069).
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
  (CVE-2023-52607 bsc#1221061).
- powerpc: add compile-time support for lbarx, lharx
  (bsc#1194869).
- Update config files.
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- Update config files.
- powerpc/sstep: Use bitwise instead of arithmetic operator for
  flags (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__
  (bsc#1194869).
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
  (bsc#1194869).
- powerpc/lib/sstep: Don't use __{get/put}_user() on kernel
  addresses (bsc#1194869).
- commit b17389a

- RDMA/mlx5: Relax DEVX access upon modify commands (git-fixes)
- commit 9423a91

- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (git-fixes)
- commit 16e4eca

- Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
  This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d.
  This fixes bsc#1221814
- commit bc3a73c

- Update
  patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch
  (git-fixes CVE-2023-52519 bsc#1220920).
- Update
  patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch
  (git-fixes CVE-2023-52529 bsc#1220929).
- Update
  patches.suse/IB-hfi1-Fix-bugs-with-non-PAGE_SIZE-end-multi-iovec-.patch
  (git-fixes CVE-2023-52474 bsc#1220445).
- Update
  patches.suse/RDMA-siw-Fix-connection-failure-handling.patch
  (git-fixes CVE-2023-52513 bsc#1221022).
- Update
  patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch
  (git-fixes CVE-2023-52515 bsc#1221048).
- Update
  patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch
  (git-fixes CVE-2023-52564 bsc#1220938).
- Update
  patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch
  (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
  patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch
  (git-fixes CVE-2023-52510 bsc#1220898).
- Update
  patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch
  (git-fixes CVE-2023-52524 bsc#1220927).
- Update
  patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch
  (git-fixes CVE-2023-52528 bsc#1220843).
- Update
  patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch
  (git-fixes CVE-2023-52507 bsc#1220833).
- Update
  patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch
  (git-fixes CVE-2023-52566 bsc#1220940).
- Update
  patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
  (bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
  patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
  (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
  patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch
  (git-fixes CVE-2023-52520 bsc#1220921).
- Update
  patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
  (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
  patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch
  (git-fixes CVE-2023-52501 bsc#1220885).
- Update
  patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch
  (git-fixes CVE-2023-52567 bsc#1220839).
- Update
  patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch
  (git-fixes CVE-2023-52517 bsc#1221055).
- Update
  patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch
  (git-fixes CVE-2023-52511 bsc#1221012).
- Update
  patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch
  (git-fixes CVE-2023-52525 bsc#1220840).
- Update
  patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch
  (git-fixes CVE-2023-52504 bsc#1221553).
- Update
  patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
  (git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0

- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
  (bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
  patches.suse/crypto-qcom-rng-ensure-buffer-for-generate-is-comple.patch
  (git-fixes CVE-2022-48629 bsc#1220989).
- Update
  patches.suse/crypto-qcom-rng-fix-infinite-loop-on-requests-not-mu.patch
  (git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886

- Update
  patches.suse/ALSA-hda-intel-sdw-acpi-harden-detection-of-controll.patch
  (git-fixes CVE-2021-46926 bsc#1220478).
- Update
  patches.suse/ALSA-rawmidi-fix-the-uninitalized-user_pversion.patch
  (git-fixes CVE-2021-47096 bsc#1220981).
- Update
  patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
  (git-fixes CVE-2021-47104 bsc#1220960).
- Update
  patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
  (git-fixes CVE-2021-47097 bsc#1220982).
- Update
  patches.suse/KVM-x86-mmu-Don-t-advance-iterator-after-restart-due.patch
  (git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
  (git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
  patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
  (git-fixes CVE-2021-47101 bsc#1220987).
- Update
  patches.suse/drm-mediatek-hdmi-Perform-NULL-pointer-check-for-mtk.patch
  (git-fixes CVE-2021-47108 bsc#1220986).
- Update
  patches.suse/hwmon-lm90-Prevent-integer-overflow-underflow-in-hys.patch
  (git-fixes CVE-2021-47098 bsc#1220983).
- Update
  patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
  (git-fixes CVE-2021-47100 bsc#1220985).
- Update
  patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
  (bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
  patches.suse/mac80211-fix-locking-in-ieee80211_start_ap-error-pat.patch
  (git-fixes CVE-2021-47091 bsc#1220959).
- Update
  patches.suse/net-fix-use-after-free-in-tw_timer_handler.patch
  (bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
  patches.suse/net-marvell-prestera-fix-incorrect-structure-access.patch
  (git-fixes CVE-2021-47102 bsc#1221009).
- Update
  patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock
  (git-fixes CVE-2021-46925 bsc#1220466).
- Update
  patches.suse/nitro_enclaves-Use-get_user_pages_unlocked-call-to-handle-mmap-assert.patch
  (git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
  patches.suse/platform-x86-intel_pmc_core-fix-memleak-on-registrat.patch
  (git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
  (CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
  (jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
  patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
  (bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
  bsc#1220969).
- Update
  patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
  (git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
  (git-fixes CVE-2021-46930 bsc#1220484).
- Update
  patches.suse/veth-ensure-skb-entering-GRO-are-not-cloned.patch
  (git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e

- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- commit 1bac2ee

- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- commit 0a6b09b

- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- commit 11123f1

- selftests/bpf: add generic BPF program tester-loader
  (bsc#1222033).
- Refresh patches.suse/selftests-bpf-convenience-macro-for-use-with-asm-vol.patch
- commit fac2b7e

- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - resolve race condition during AER recovery
  (git-fixes).
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - fix unregistration of compression algorithms
  (git-fixes).
- crypto: qat - fix unregistration of crypto algorithms
  (git-fixes).
- crypto: qat - ignore subsequent state up commands (git-fixes).
- commit 57086a4

- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- commit b45a9b9

- PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
  (git-fixes).
- PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
  (git-fixes).
- commit 71917a0

- md/raid5: fix atomicity violation in raid5_cache_count
  (bsc#1219169, CVE-2024-23307).
- commit 30c5680

- s390/vtime: fix average steal time calculation (git-fixes
  bsc#1221951).
- commit dcc65eb

- s390/ptrace: handle setting of fpc register correctly
  (CVE-2023-52598 bsc#1221060 git-fixes).
- commit 997994b

- wifi: ath10k: fix NULL pointer dereference in
  ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
  CVE-2023-7042).
- commit 1784f9f

- ubi: Check for too small LEB size in VTBL code (bsc#1219834
  CVE-2024-25739).
- commit ad7e175

- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
  (git-fixes).
- commit 617f4f7

- PCI: rockchip: Fix window mapping and address translation for
  endpoint (git-fixes).
- Refresh
  patches.suse/PCI-rockchip-Use-u32-variable-to-access-32-bit-regis.patch.
- commit ebc378b

- PCI: qcom: Enable BDF to SID translation properly (git-fixes).
- PCI: mediatek-gen3: Fix translation window size calculation
  (git-fixes).
- PCI: mediatek: Clear interrupt status before dispatching handler
  (git-fixes).
- PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment
  support (git-fixes).
- PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
  (git-fixes).
- Revert "PCI: tegra194: Enable support for 256 Byte payload"
  (git-fixes).
- PCI: fu740: Set the number of MSI vectors (git-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL
  (git-fixes).
- PCI: Add locking to RMW PCI Express Capability Register
  accessors (git-fixes).
- kABI: PCI: Add locking to RMW PCI Express Capability Register
  accessors (kabi).
- PCI: qcom: Use DWC helpers for modifying the read-only DBI
  registers (git-fixes).
- commit 150da46

- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- commit 20654b5

- wifi: ath11k: decrease MHI channel buffer length to 8KB
  (bsc#1207948).
- commit ccda276

- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- commit 76719ba

- nvme: fix reconnection fail due to reserved tag allocation
  (git-fixes).
- commit 08c50ef

- blacklist.conf: add a couple of PCI ones
- commit 37e30e0

- bpf, scripts: Correct GPL license name (git-fixes).
- commit b7a1062

- Refresh
  patches.suse/nfsd4-add-refcount-for-nfsd4_blocked_lock.patch.
  Add another commit id
- commit 6697f38

- blacklist.conf: add unwanted nfs commit
- commit a4cc44e

- NFSv4.2: fix wrong shrinker_id (git-fixes).
- commit 5ba59c3

- Add cherry-picked id of amdgpu patch (git-fixes)
- commit 3498702

- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
  (git-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- nouveau: reset the bo resource bus info after an eviction
  (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
  (git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
  (git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end
  of file (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx()
  API (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- serial: 8250_exar: Don't remove GPIO device on suspend
  (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
  (git-fixes).
- serial: max310x: fix syntax error in IRQ error message
  (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to
  net2272_probe_fin (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma
  (git-fixes).
- usb: audio-v2: Correct comments for struct
  uac_clock_selector_descriptor (git-fixes).
- commit d110a91

- blacklist.conf: add usb gadget patch to be reverted later
- commit d1cbd2f

- Add cherry-picked id to amdgpu patch
- commit 2d7799f

- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a

- ubifs: Queue up space reservation tasks if retrying many times
  (git-fixes).
- commit 061dcaa

- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed
  (git-fixes).
- commit 493a02c

- ubifs: Remove unreachable code in dbg_check_ltab_lnum
  (git-fixes).
- commit 2771652

- ubifs: fix sort function prototype (git-fixes).
- commit 6125609

- Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes bsc#1221276 CVE-2023-52492)
- commit 7007f7d

- ubifs: Set page uptodate in the correct place (git-fixes).
- commit 219703b

- iommu/vt-d: Allow to use flush-queue when first level is
  default (git-fixes).
- commit 1821f9c

- iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
- commit 23b5322

- iommu/vt-d: Set No Execute Enable bit in PASID table entry
  (git-fixes).
- commit 3ba9d71

- iommu/mediatek-v1: Fix an error handling path in
  mtk_iommu_v1_probe() (git-fixes).
- commit 3b5ce5d

- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
  (bsc#1219170 CVE-2024-22099).
- commit ece27a6

- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Change debug message during driver unload
  (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
  (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
  (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- commit ac0c897

- scsi: lpfc: Copyright updates for 14.4.0.1 patches
  (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3
  ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr
  (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr
  (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state
  (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
  (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in
  lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
  (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
  (bsc#1221777 bsc#1217959).
- scsi: lpfc: Move NPIV's transport unregistration to after
  resource clean up (bsc#1221777).
- scsi: lpfc: Remove unnecessary log message in queuecommand path
  (bsc#1221777).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
  (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- commit 173a64c

- firmware: arm_scmi: Check mailbox/SMT channel for consistency (bsc#1221375 CVE-2023-52608)
- commit f829935

- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- commit dfc50d6

- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- commit c06fc74

- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
  (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
  (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is
  shut down (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work
  (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount
  (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE
  (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian
  (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- commit 90396a4

- clk: zynq: Prevent null pointer dereference caused by kmalloc
  failure (git-fixes).
- commit 6c59283

- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
  (git-fixes).
- commit c2aa41d

- iommu/dma: Trace bounce buffer usage when mapping buffers
  (git-fixes).
- commit e3645be

- media: staging: ipu3-imgu: Set fields before
  media_entity_pads_init() (git-fixes).
- commit 5978536

- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- commit 936859f

- Drop temporarily amdgpu patch (to be reapplied later)
- commit 809ae8f

- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- commit 373361b

- RDMA/device: Fix a race between mad_client and cm_client init (git-fixes)
- commit 5b52744

- RDMA/hns: Fix mis-modifying default congestion control algorithm (git-fixes)
- commit 95141c0

- RDMA/srpt: Do not register event handler until srpt device is fully setup (git-fixes)
- commit 5d33595

- RDMA/irdma: Remove duplicate assignment (git-fixes)
- commit 9841c04

- blacklist.conf: cleanup only
- commit ecab69c

- blacklist.conf: kABI
- commit 94731b9

- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
  (git-fixes).
- commit dc89308

- drm/amd/display: Fix possible underflow for displays with
  large vblank (git-fixes).
- drm/amd/display: Revert vblank change that causes null pointer
  crash (git-fixes).
- commit 7e422d7

- Revert "Revert "drm/amdgpu/display: change pipe policy for
  DCN 2.0"" (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty
  rectangles (git-fixes).
- commit 7922bac

- Refresh patches.suse/drm-amd-display-always-switch-off-ODM-before-committ.patch
  Add cherry-pickd id
- commit feac6cf

- Refresh patches.suse/drm-amd-display-Write-to-correct-dirty_rect.patch
  Add cherry-picked id
- commit d1b610a

- drm/amd/display: For prefetch mode > 0, extend prefetch if
  possible (git-fixes).
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
  (git-fixes).
- drm/amd/display: Increase frame warning limit with KASAN or
  KCSAN in dml (git-fixes).
- drm/amd: Enable PCIe PME from D3 (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/display: fix ABM disablement (git-fixes).
- drm/amd/display: Update min Z8 residency time to 2100 for DCN314
  (git-fixes).
- drm/amd/display: Remove min_dst_y_next_start check for Z8
  (git-fixes).
- drm/amd/display: Use DRAM speed from validation for dummy
  p-state (git-fixes).
- drm/amdgpu: Force order between a read and write to the same
  address (git-fixes).
- drm/amd/display: Include udelay when waiting for INBOX0 ACK
  (git-fixes).
- drm/i915: Call intel_pre_plane_updates() also for pipes getting
  enabled (git-fixes).
- drm/panel: auo,b101uan08.3: Fine tune the panel power sequence
  (git-fixes).
- drm/amd/display: Enable fast plane updates on DCN3.2 and above
  (git-fixes).
- drm/amd/display: fix a NULL pointer dereference in
  amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: Guard against invalid RPTR/WPTR being set
  (git-fixes).
- drm/amdgpu: lower CS errors to debug severity (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
- drm/i915: Add missing CCS documentation (git-fixes).
- drm/amdgpu: Unset context priority is now invalid (git-fixes).
- drm/panel: Move AUX B116XW03 out of panel-edp back to
  panel-simple (git-fixes).
- Revert "drm/amd: Disable S/G for APUs when 64GB or more host
  memory" (git-fixes).
- drm/amd/display: always switch off ODM before committing more
  streams (git-fixes).
- drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for
  DCN31 (git-fixes).
- drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK
  (git-fixes).
- drm/amd/display: Fix a bug when searching for insert_above_mpcc
  (git-fixes).
- commit e9791f4

- Refresh patches.suse/drm-amdgpu-vcn-Disable-indirect-SRAM-on-Vangogh-brok.patch (git-fixes)
  Alt-commit
- commit 633cb3b

- Refresh patches.suse/1398-drm-i915-pass-a-pointer-for-tlb-seqno-at-vma_invalid.patch (git-fixes)
  Alt-commit
- commit 4cec8c9

- Refresh patches.suse/1866-drm-i915-ttm-fix-32b-build.patch (git-fixes)
  Alt-commit
- commit a1a2486

- drm/amd/display: ensure async flips are only accepted for fast
  updates (git-fixes).
- drm/exynos: fix a possible null-pointer dereference due to
  data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
  (git-fixes).
- drm/amd/display: Fix underflow issue on 175hz timing
  (git-fixes).
- drm/amd/display: dc.h: eliminate kernel-doc warnings
  (git-fixes).
- drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
- drm/bridge: tc358762: Instruct DSI host to generate HSE packets
  (git-fixes).
- drm/amdgpu: Match against exact bootloader status (git-fixes).
- drm/amd/display: Exit idle optimizations before attempt to
  access PHY (git-fixes).
- drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
  (git-fixes).
- drm/amd/smu: use AverageGfxclkFrequency* to replace previous
  GFX Curr Clock (git-fixes).
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
  (git-fixes).
- drm/ttm: Don't leak a resource on eviction error (git-fixes).
- drm/amd/display: Fix the delta clamping for shaper LUT
  (git-fixes).
- Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON"
  (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
  Phoenix (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
  Rembrandt (git-fixes).
- drm/amd/display: Update correct DCN314 register header
  (git-fixes).
- drm/amd/display: Fix possible underflow for displays with
  large vblank (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards
  (git-fixes).
- drm/amd/display: Restore rptr/wptr for DMCUB as workaround
  (git-fixes).
- drm/amd/display: Add FAMS validation before trying to use it
  (git-fixes).
- drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence
  (git-fixes).
- drm/amd/display: add ODM case when looking for first split pipe
  (git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"
  (git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.1"
  (git-fixes).
- commit 5e1df8b

- drm/amd/display: Keep PHY active for dp config (git-fixes).
- drm/ttm: Don't print error message if eviction was interrupted
  (git-fixes).
- Revert "drm/vc4: hdmi: Enforce the minimum rate at
  runtime_resume" (git-fixes).
- drm/amd/display: Write to correct dirty_rect (git-fixes).
- drm/amd/display: clean code-style issues in
  dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off
  (git-fixes).
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate
  modes on dcn315 (git-fixes).
- drm/amd/display: use low clocks for no plane configs
  (git-fixes).
- drm/amd/display: Use min transition for all SubVP plane
  add/remove (git-fixes).
- drm/amd/display: Rework comments on dc file (git-fixes).
- drm/amd/display: Expand kernel doc for DC (git-fixes).
- drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
  (git-fixes).
- drm/amd/display: Update OTG instance in the commit stream
  (git-fixes).
- drm/amd/display: Handle seamless boot stream (git-fixes).
- drm/amd/display: Add function for validate and update new stream
  (git-fixes).
- drm/amd/display: Handle virtual hardware detect (git-fixes).
- drm/amd/display: Include surface of unaffected streams
  (git-fixes).
- drm/amd/display: Copy DC context in the commit streams
  (git-fixes).
- drm/amd/display: Enable new commit sequence only for DCN32x
  (git-fixes).
- drm/amd/display: Rework context change check (git-fixes).
- drm/amd/display: Check if link state is valid (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Acer Switch V 10
  (SW5-017) (git-fixes).
- drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
  (git-fixes).
- drm/vc4: Add module dependency on hdmi-codec (git-fixes).
- drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
  (git-fixes).
- commit 17a985c

- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
  (git-fixes).
- mtd: rawnand: meson: fix scrambling mode value in command macro
  (git-fixes).
- mtd: maps: physmap-core: fix flash size larger than 32-bit
  (git-fixes).
- media: usbtv: Remove useless locks in usbtv_video_free()
  (git-fixes).
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang
  (git-fixes).
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: remove redundant NULL check (git-fixes).
- media: go7007: add check of return value of go7007_read_addr()
  (git-fixes).
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
  (git-fixes).
- media: sun8i-di: Fix chroma difference threshold (git-fixes).
- media: sun8i-di: Fix power on/off sequences (git-fixes).
- media: sun8i-di: Fix coefficient writes (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
  (git-fixes).
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: em28xx: annotate unchecked call to
  media_device_register() (git-fixes).
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
  (git-fixes).
- media: staging: ipu3-imgu: Set fields before
  media_entity_pads_init() (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop
  (git-fixes).
- mmc: mmci: stm32: fix DMA API overlapping mappings warning
  (git-fixes).
- drm/amd/display: Wrong colorimetry workaround (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned DMA requests
  (git-fixes).
- commit 6d10a8f

- blacklist.conf: kABI
- commit 6018730

- blacklist.conf: merely a cleanup
- commit f35d79c

- xhci: handle isoc Babble and Buffer Overrun events properly
  (git-fixes).
- commit b33a274

- xhci: process isoc TD properly when there was a transaction
  error mid TD (git-fixes).
- commit ef9dcf9

- Refresh patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch (git-fixes)
  Alt-commit
- commit 51173ed

- Refresh patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes)
  Alt-commit
- commit 9a337ae

- Refresh patches.suse/drm-amdgpu-display-Initialize-gamma-correction-mode-.patch (git-fixes)
  Alt-commit
- commit ae35079

- Refresh patches.suse/drm-amd-display-Fix-possible-NULL-dereference-on-dev.patch (git-fixes)
  Alt-commit
- commit 968007a

- Refresh patches.suse/Revert-drm-amd-display-increased-min_dcfclk_mhz-and-.patch (git-fixes)
  Alt-commit
- commit 29d289f

- Refresh patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes)
  Alt-commit
- commit 6c8d470

- Refresh patches.suse/drm-amd-display-Fix-possible-buffer-overflow-in-find.patch (git-fixes)
  Alt-commit
- commit d66904a

- Refresh patches.suse/drm-amdgpu-Fix-missing-error-code-in-gmc_v6-7-8-9_0_.patch (git-fixes)
  Alt-commit
- commit 17a587a

- Refresh patches.suse/drm-bridge-sii902x-Fix-probing-race-issue.patch (git-fixes)
  Alt-commit
- commit 0c6bf24

- Refresh patches.suse/drm-i915-dp-Fix-passing-the-correct-DPCD_REV-for-drm.patch (git-fixes)
  Alt-commit
- commit eeb30fc

- Refresh patches.suse/drm-amd-Disable-ASPM-for-VI-w-all-Intel-systems.patch (git-fixes)
  Alt-commit
- commit 2b0efc6

- Refresh patches.suse/drm-amd-Fix-detection-of-_PR3-on-the-PCIe-root-port.patch (git-fixes)
  Alt-commit
- commit 0458ace

- Refresh patches.suse/drm-amd-display-fix-the-white-screen-issue-when-64GB.patch (git-fixes)
  Alt-commit
- commit 46ed395

- Refresh patches.suse/drm-amd-display-prevent-potential-division-by-zero-e.patch (git-fixes)
  Alt-commit
- commit b7ab8de

- Refresh patches.suse/drm-amd-display-enable-cursor-degamma-for-DCN3-DRM-l.patch (git-fixes)
  Alt-commit
- commit 885580e

- Refresh patches.suse/drm-amd-display-Remove-wait-while-locked.patch (git-fixes)
  Alt-commit
- commit 43c45c5

- Refresh patches.suse/drm-amd-display-Add-smu-write-msg-id-fail-retry-proc.patch (git-fixes)
  Alt-commit
- commit b800d81

- Refresh patches.suse/drm-amd-display-register-edp_backlight_control-for-D.patch (git-fixes)
  Alt-commit
- commit 164cdf4

- Refresh patches.suse/drm-amdgpu-fix-Null-pointer-dereference-error-in-amd.patch (git-fixes)
  Alt-commit
- commit c814bba

- Refresh patches.suse/drm-amdgpu-gfx10-Disable-gfxoff-before-disabling-pow.patch (git-fixes)
  Alt-commit
- commit e937913

- Refresh patches.suse/drm-amd-pm-parse-pp_handle-under-appropriate-conditi.patch (git-fixes)
  Alt-commit
- commit f5d987c

- Refresh patches.suse/drm-amd-display-fix-access-hdcp_workqueue-assert.patch (git-fixes)
  Alt-commit
- commit 0906f4d

- Refresh patches.suse/drm-amdgpu-nv-Apply-ASPM-quirk-on-Intel-ADL-AMD-Navi.patch (git-fixes)
  Alt-commit
- commit c25da25

- Refresh patches.suse/drm-amdgpu-Correct-the-power-calcultion-for-Renior-C.patch (git-fixes)
  Alt-commit
- commit bb8f92f

- Refresh patches.suse/0549-drm-amdgpu-enable-Vangogh-VCN-indirect-sram-mode.patch (git-fixes)
  Alt-commit
- commit aa42634

- Refresh patches.suse/drm-i915-Never-return-0-if-not-all-requests-retired.patch (git-fixes)
  Alt-commit
- commit bf8aa0c

- Refresh patches.suse/drm-i915-Fix-negative-value-passed-as-remaining-time.patch (git-fixes)
  Alt-commit
- commit 33c3117

- Refresh patches.suse/drm-display-dp_mst-Fix-drm_dp_mst_add_affected_dsc_c.patch (git-fixes)
  Alt-commit
- commit 5f0e59c

- Refresh patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch (git-fixes)
  Alt-commit
- commit ae7a01a

- Refresh patches.suse/drm-amdgpu-dm-dp_mst-Don-t-grab-mst_mgr-lock-when-co.patch (git-fixes)
  Alt-commit
- commit a480119

- Refresh patches.suse/drm-amdgpu-dm-mst-Use-the-correct-topology-mgr-point.patch (git-fixes)
  Alt-commit
- commit cfd3d6f

- Refresh patches.suse/1625-drm-i915-vdsc-Set-VDSC-PIC_HEIGHT-before-using-for-D.patch (git-fixes)
  Alt-commit
- commit 0691a9b

- Refresh patches.suse/1585-drm-i915-slpc-Let-s-fix-the-PCODE-min-freq-table-set.patch (git-fixes)
  Alt-commit
- commit b19cad4

- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
  Alt-commit
- commit fb1fad7

- Refresh patches.suse/1396-drm-i915-gt-Batch-TLB-invalidations.patch (git-fixes)
  Alt-commit
- commit 1d66c31

- Refresh patches.suse/1394-drm-i915-gt-Invalidate-TLB-of-the-OA-unit-at-TLB-inv.patch (git-fixes)
  Alt-commit
- commit 5c89722

- Refresh patches.suse/1393-drm-i915-gt-Ignore-TLB-invalidations-on-idle-engines.patch (git-fixes)
  Alt-commit
- commit 43ab4df

- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
  Alt-commit
- commit 9329ad7

- Refresh patches.suse/1859-drm-i915-selftests-fix-subtraction-overflow-bug.patch (git-fixes)
  Alt-commit
- commit 3943b71

- Refresh patches.suse/1855-drm-i915-ttm-fix-sg_table-construction.patch (git-fixes)
  Alt-commit
- commit d989f7a

- Refresh patches.suse/1644-i915-guc-reset-Make-__guc_reset_context-aware-of-gui.patch (git-fixes)
  Alt-commit
- commit 4511955

- Refresh patches.suse/1639-drm-amd-Don-t-reset-dGPUs-if-the-system-is-going-to-.patch (git-fixes)
  Alt-commit
- commit 69ca555

- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
  CVE-2023-52476).
- commit c52b506

- fs: introduce lock_rename_child() helper (bsc#1221044
  CVE-2023-52591).
  Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0

- rename(): avoid a deadlock in the case of parents having no
  common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098

- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef

- rename(): fix the locking of subdirectories (bsc#1221044
  CVE-2023-52591).
- commit 146d81f

- f2fs: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 5344280

- ext4: don't access the source subdirectory content on
  same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374

- ext2: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 2edcc11

- udf_rename(): only access the child content on cross-directory
  rename (bsc#1221044 CVE-2023-52591).
- commit 0257614

- ocfs2: Avoid touching renamed directory if parent does not
  change (bsc#1221044 CVE-2023-52591).
- commit e786f3a

- reiserfs: Avoid touching renamed directory if parent does not
  change (git-fixes bsc#1221044 CVE-2023-52591).
  Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
  Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca

- fs: don't assume arguments are non-NULL (bsc#1221044
  CVE-2023-52591).
- commit 2177893

- fs: Restrict lock_two_nondirectories() to non-directory inodes
  (bsc#1221044 CVE-2023-52591).
- commit a59a7cb

- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f

- s390/pai: fix attr_event_free upper limit for pai device drivers
  (git-fixes bsc#1221633).
- commit dcd390e

- KVM: s390: only deliver the set service event bits (git-fixes
  bsc#1221631).
- commit 6e3593c

- Update
  patches.suse/s390-vfio-ap-always-filter-entire-AP-matrix.patch
  (git-fixes bsc#1219012 CVE-2024-26620 bsc#1221298).
- commit 4fb9779

- iommu/vt-d: Don't issue ATS Invalidation request when device
  is disconnected (git-fixes).
- commit 4c37f6f

- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nilfs2: fix failure to detect DAT corruption in btree and
  direct mappings (git-fixes).
- ALSA: usb-audio: Stop parsing channels bits when all channels
  are found (git-fixes).
- ALSA: aaci: Delete unused variable in aaci_do_suspend
  (git-fixes).
- ASoC: meson: axg-tdm-interface: add frame rate constraint
  (git-fixes).
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
  (git-fixes).
- ASoC: amd: acp: Add missing error handling in sof-mach
  (git-fixes).
- ALSA: seq: fix function cast warnings (git-fixes).
- ALSA: aw2: avoid casting function pointers (git-fixes).
- ALSA: ctxfi: avoid casting function pointers (git-fixes).
- PCI: dwc: endpoint: Fix advertised resizable BAR size
  (git-fixes).
- PCI: switchtec: Fix an error handling path in
  switchtec_pci_probe() (git-fixes).
- PCI/P2PDMA: Fix a sleeping issue in a RCU read section
  (git-fixes).
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
  (git-fixes).
- PCI/DPC: Print all TLP Prefixes, not just the first (git-fixes).
- PCI/AER: Fix rootport attribute paths in ABI docs (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check
  (git-fixes).
- leds: aw2013: Unlock mutex before destroying it (git-fixes).
- backlight: lp8788: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: lm3639: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: da9052: Fully initialize backlight_properties during
  probe (git-fixes).
- backlight: lm3630a: Don't set bl->props.brightness in
  get_brightness (git-fixes).
- backlight: lm3630a: Initialize backlight_properties on init
  (git-fixes).
- mfd: altera-sysmgr: Call of_node_put() only when
  of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: Call of_node_put() only when of_parse_phandle()
  takes a ref (git-fixes).
- pinctrl: mediatek: Drop bogus slew rate register range for
  MT8192 (git-fixes).
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
  (git-fixes).
- HID: amd_sfh: Update HPD sensor structure elements (git-fixes).
- commit d46946b

- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
  This is an optimisation patch which got added late so there's no hurry
  to merge it.
- commit 69db574

- Properly sort already upstream patches
- Refresh
  patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
  patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
  patches.suse/x86-entry-ia32-Ensure-s32-is-sign-extended-to-s64.patch.
- Refresh
  patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit fe7e19d

- iommu/amd: Mark interrupt as managed (git-fixes).
- commit 7365cc3

- arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
- commit e4605be

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL")
- commit 037b20c

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pull resistors for SD card")
- commit a5753b4

- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals")
- commit 1c17a18

- arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
- commit f4fdf95

- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- commit a51708e

- arm64: mm: fix VA-range sanity check (git-fixes)
- commit dd606ae

- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- commit 4c81404

- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- commit 59dc2f8

- arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
- commit b5996a2

- arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
- commit 499e8df

- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
  (jsc#PED-7167 bsc#1218643 bsc#1221338 bsc#1220114).
- commit 727559f

- Make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- commit d2f65b3

- drm/msm/dpu: add division of drm_display_mode's hskew parameter
  (git-fixes).
- drm/etnaviv: Restore some id values (git-fixes).
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of
  atom_get_src_int() (git-fixes).
- drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
  enabled (git-fixes).
- drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
  (git-fixes).
- drm/msm/dpu: improve DSC allocation (git-fixes).
- drm/mediatek: Fix a null pointer crash in
  mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
  (git-fixes).
- drm/tidss: Fix sync-lost issue with two displays (git-fixes).
- drm/tidss: Fix initial plane zpos values (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
  (git-fixes).
- drm/radeon/ni: Fix wrong firmware size logging in
  ni_init_microcode() (git-fixes).
- drm/amd/display: Fix a potential buffer overflow in
  'dp_dsc_clock_en_read()' (git-fixes).
- drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode()
  (git-fixes).
- drm/vmwgfx: Fix possible null pointer derefence with invalid
  contexts (git-fixes).
- media: tc358743: register v4l2 async device only after
  successful setup (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- PM: suspend: Set mem_sleep_current during kernel command line
  setup (git-fixes).
- mmc: core: Fix switch on gp3 partition (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region()
  call in the .remove function (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done()
  (git-fixes).
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data
  (git-fixes).
- commit 7758a76

- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing
  defer (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
- drm/tegra: output: Fix missing i2c_put_adapter() in the error
  handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: rgb: Fix missing clk_put() in the error handling
  paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: Fix some error handling paths in
  tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error
  handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dpaux: Fix PM disable depth imbalance in
  tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: Add missing check for of_find_device_by_node
  (git-fixes).
- ACPI: processor_idle: Fix memory leak in
  acpi_processor_power_exit() (git-fixes).
- ACPI: resource: Add MAIBENBEN X577 to
  irq1_edge_low_force_override (git-fixes).
- ACPI: scan: Fix device check notification handling (git-fixes).
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
  (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's
  return value (git-fixes).
- cpufreq: amd-pstate: Fix min_perf assignment in
  amd_pstate_adjust_perf() (git-fixes).
- commit 1cf1fe2

- RAS: Export helper to get ras_debugfs_dir (jsc#PED-7619).
- commit 2d174a0

- powerpc/pseries: Fix potential memleak in papr_get_attr()
  (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- commit 3aea930

- RAS/AMD/FMPM: Fix off by one when unwinding on error (jsc#PED-7619).
- commit b104443

- RAS/AMD/FMPM: Add debugfs interface to print record entries (jsc#PED-7619).
- commit 0fb8312

- RAS/AMD/FMPM: Save SPA values (jsc#PED-7619).
- commit 749cc57

- Sort the AMD edac patches
- Refresh
  patches.suse/Documentation-RAS-Add-index-and-address-translation-sectio.patch.
- Refresh
  patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
- Refresh
  patches.suse/RAS-AMD-ATL-Add-MI300-DRAM-to-normalized-address-translati.patch.
- Refresh
  patches.suse/RAS-AMD-ATL-Add-MI300-row-retirement-support.patch.
- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch.
- Refresh
  patches.suse/RAS-AMD-ATL-Fix-array-overflow-in-get_logical_coh_st_fabri.patch.
- Refresh
  patches.suse/RAS-AMD-ATL-Fix-bit-overflow-in-denorm_addr_df4_np2.patch.
- Refresh
  patches.suse/RAS-Introduce-AMD-Address-Translation-Library.patch.
- Refresh
  patches.suse/RAS-Introduce-a-FRU-memory-poison-manager.patch.
- commit 9e22745

- net: phy: fix phy_get_internal_delay accessing an empty array
  (git-fixes).
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
  (git-fixes).
- Bluetooth: mgmt: Remove leftover queuing of power_off work
  (git-fixes).
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
  (git-fixes).
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init
  is complete (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning
  up all interfaces (git-fixes).
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
  (git-fixes).
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
  (git-fixes).
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices
  (git-fixes).
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures
  (git-fixes).
- wifi: brcmfmac: fix copyright year mentioned in platform_data
  header (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in
  ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- can: softing: remove redundant NULL check (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for
  debugfs_create_dir() (git-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif
  (git-fixes).
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
  (git-fixes).
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
  (git-fixes).
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is
  disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is
  disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros
  (git-fixes).
- commit 15851fa

- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
  (git-fixes).
- commit 407c3c5

- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
  Add git-commit info
- commit bc859f9

- pNFS: Fix the pnfs block driver's calculation of layoutget size
  (git-fixes).
- NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
  (git-fixes).
- blocklayoutdriver: Fix reference leak of pnfs_device_node
  (git-fixes).
- SUNRPC: Fix a suspicious RCU usage warning (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
  (git-fixes).
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- SUNRPC: Add an IS_ERR() check back to where it was (git-fixes).
- SUNRPC: ECONNRESET might require a rebind (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same
  fs (git-fixes).
- pNFS/flexfiles: Check the layout validity in
  ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
- Revert "SUNRPC dont update timeout value on connection reset"
  (git-fixes).
- NFSv4: Fix a state manager thread deadlock regression
  (git-fixes).
- NFSv4: Fix a nfs4_state_manager() race (git-fixes).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
  (git-fixes).
- NFS: rename nfs_client_kset to nfs_kset (git-fixes).
- commit dc5b918

- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
  Fix for kABI workaround.
- commit 6ba2f5d

- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
  CVE-2023-52583).
- commit 1a81018

- sched/rt: Disallow writing invalid values to sched_rt_period_us
  (bsc#1220176).
- commit ee86051

- Update
  patches.suse/netfs-fscache-Prevent-Oops-in-fscache_put_cache.patch
  (bsc#1220003 bsc#1221291 CVE-2024-26612).
- commit 0607d13

- netfs: Only call folio_start_fscache() one time for each folio
  (CVE-2023-52582 bsc#1220878).
- commit dfd082b

- netfs: Only call folio_start_fscache() one time for each folio
  (CVE-2023-52582 bsc#1220878).
- commit b301f9c

- Refresh
  patches.suse/mm-ima-kexec-of-use-memblock_free_late-from-ima_free.patch.
  Fix:
  * Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
  WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01

- scsi: target: core: Silence the message about unknown VPD pages
  (bsc#1221252).
- commit 1d550ca

- sched/rt: sysctl_sched_rr_timeslice show default timeslice
  after reset (bsc#1220176).
- commit 4ac46cd

- powerpc/pseries/iommu: IOMMU table is not initialized for
  kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 27b28f5

- Update
  patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
  (bsc#1220790 CVE-2023-52477).
- commit d33bab7

- nvmet-fc: take ref count on tgtport before delete assoc
  (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- commit 4d1e993

- raid1: fix use-after-free for original bio in
  raid1_write_request() (bsc#1221097).
- md: fix data corruption for raid456 when reshape restart while
  grow up (git-fixes).
- commit 35ee14b

- i2c: aspeed: Fix the dummy irq expected print (git-fixes).
- i2c: wmt: Fix an error handling path in wmt_i2c_probe()
  (git-fixes).
- i2c: i801: Avoid potential double call to
  gpiod_remove_lookup_table (git-fixes).
- comedi: comedi_test: Prevent timers rescheduling during deletion
  (git-fixes).
- iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS
  is enabled (git-fixes).
- vt: fix unicode buffer corruption when deleting characters
  (git-fixes).
- usb: port: Don't try to peer unused USB ports based on location
  (git-fixes).
- usb: gadget: ncm: Fix handling of zero block length packets
  (git-fixes).
- USB: usb-storage: Prevent divide-by-0 error in
  isd200_ata_command (git-fixes).
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
  (git-fixes).
- ASoC: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- ASoC: madera: Fix typo in madera_set_fll_clks shift value
  (git-fixes).
- ALSA: hda/realtek - Fix headset Mic no show at resume back
  for Lenovo ALC897 platform (git-fixes).
- drm/i915/selftests: Fix dependency of some timeouts on HZ
  (git-fixes).
- drm/i915: Check before removing mm notifier (git-fixes).
- commit 5e91dbb

- s390/vfio-ap: wire in the vfio_device_ops request callback
  (bsc#1205316).
- commit dc0bc15

- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
  (bsc#1205316).
- commit 17d9de4

- Fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775)
  Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit 8983adc

- raid1: fix use-after-free for original bio in
  raid1_write_request() (bsc#1221097).
- commit 5154c94

- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
  (bsc#1205316).
- commit dbbf2ae

- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
  (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
  (git-fixes).
- commit d4f6f9f

- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799

- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4

- coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
- commit 4473cfd

- coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit ef5cdf7

- IB/ipoib: Fix mcast list locking (git-fixes)
- commit 8d1c71a

- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (git-fixes)
- commit c54bb31

- coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
- commit fba33fc

- group-source-files.pl: Quote filenames (boo#1221077).
  The kernel source now contains a file with a space in the name.
  Add quotes in group-source-files.pl to avoid splitting the filename.
  Also use -print0 / -0 when updating timestamps.
- commit a005e42

- mm,ima,kexec,of: use memblock_free_late from
  ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a

- PCI/MSI: Prevent MSI hardware interrupt number truncation (bsc#1218777)
- commit 5410859

- Update patches.suse/phy-ti-phy-omap-usb2-Fix-NULL-pointer-dereference-fo.patch (git-fixes,bsc#1220340,CVE-2024-26600)
- commit e321d5a

- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a

- erofs: fix lz4 inplace decompression (CVE-2023-52497
  bsc#1220879).
- commit ddeedf9

- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
  CVE-2023-52605).
- commit 635c481

- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivileged-load-workaround.patch (bsc#1219443, bsc#1220887, CVE-2023-52481)
- commit 52243ca

- kernel-binary: Fix i386 build
  Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351

- btrfs: remove BUG() after failure to insert delayed dir index
  item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
  index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d

- net: nfc: fix races in nfc_llcp_sock_get() and
  nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586

- kabi: team: Hide new member header_ops (bsc#1220870
  CVE-2023-52574).
- commit 9f49992

- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
  bsc#1221040 CVE-2023-52597).
- commit a90b87c

- tracing: Inform kmemleak of saved_cmdlines allocation
  (git-fixes).
- commit bb07230

- Update
  patches.suse/ceph-drop-messages-from-MDS-when-unmounting.patch
  (jsc#SES-1880 CVE-2022-48628 bsc#1220848).
- commit 187fa94

- kernel-binary: vdso: fix filelist for non-usrmerged kernel
  Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221

- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
  (bsc#1220926 CVE-2023-52523).
- commit 90d9f50

- md: Make sure md_do_sync() will set MD_RECOVERY_DONE
  (git-fixes).
- md: Don't ignore suspended array in md_check_recovery()
  (git-fixes).
- md: Whenassemble the array, consult the superblock of the
  freshest device (git-fixes).
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of
  md_set_readonly() (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should
  wait on the reshape (git-fixes).
- md/raid5: release batch_last before waiting for another
  stripe_head (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
  (git-fixes).
- md: introduce md_ro_state (git-fixes).
- commit cef73db

- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  (bsc#1218562 CVE-2023-6270).
- commit 57a4cd4

- efivarfs: force RO when remounting if SetVariable is not
  supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0

- topology: Fix up build warning in topology_is_visible()
  (jsc#PED-7618).
- commit 6c82a8d

- topology/sysfs: Hide PPIN on systems that do not support it
  (jsc#PED-7618).
- commit d8d9717

- blacklist.conf: add non-backport md git-fixes commits
- commit b13564d

- iommu/vt-d: Avoid memory allocation in iommu_suspend()
  (CVE-2023-52559 bsc#1220933).
- commit c9b01ef

- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
  - update to upstream version
  - rename to same name as SLE15 SP5
- commit 1d2def1

- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
  (bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
  (bsc#1220870 CVE-2023-52574).
- commit 2cc53f5

- Update
  patches.suse/ice-xsk-return-xsk-buffers-back-to-pool-when-cleanin.patch
  (jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
  (bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
  patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
  (jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
  Added CVE references.
- commit 3e396c2

- Input: pm8941-powerkey - fix debounce on gen2+ PMICs
  (git-fixes).
- commit bbebd44

- Input: pm8941-pwrkey - add support for PON GEN3 base addresses
  (git-fixes).
- commit 7ab5a9e

- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
  (git-fixes bsc#1220469 CVE-2021-46934).
  Add bug and CVE references.
- commit 3a04060

- bpf: fix check for attempt to corrupt spilled pointer
  (bsc#1220325 CVE-2023-52462).
- commit 34faa5d

- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- commit 6793acf
less
- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
  metacharacters, bsc#1219901
  * CVE-2022-48624.patch
util-linux
- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,
  util-linux-wall-migrate-to-memstream.patch
  util-linux-fputs_careful2.patch).
c-ares
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
  (bsc#1220279, CVE-2024-25629)
expat
- Security fix (boo#1221289, CVE-2024-28757): XML Entity Expansion
  attack when there is isolated use of external parsers.
  * Added expat-CVE-2024-28757.patch

- Security fix:
  * (CVE-2023-52425, bsc#1219559) denial of service (resource
    consumption) caused by processing large tokens.
  - Added patch expat-CVE-2023-52425-1.patch
  - Added patch expat-CVE-2023-52425-2.patch
  - Added patch expat-CVE-2023-52425-backport-parser-changes.patch
  - Added patch expat-CVE-2023-52425-fix-tests.patch
gcc13
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
  [bsc#1221239]

- Revert libgccjit dependency change.  [boo#1220724]

- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.

- Use %patch -P N instead of %patchN.

- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
  crypt and crypt_r interceptors.  The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]

- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
  - fmin-function-alignment.  [bsc#1214934]

- Use %{_target_cpu} to determine host and build.

- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
  * Includes fix for building TVM.  [boo#1218492]

- Add cross-X-newlib-devel requires to newlib cross compilers.
  [boo#1219031]

- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
  in gcc13-devel.  [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
  are linked against libstdc++6.

- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205

- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
  * Includes fix for building mariadb on i686.  [bsc#1217667]
  * Remove pr111411.patch contained in the update.

- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]
gnutls
- Security fix: [bsc#1221747, CVE-2024-28835]
  * gnutls: certtool crash when verifying a certificate chain
  * Add gnutls-CVE-2024-28835.patch

- Security fix: [bsc#1221746, CVE-2024-28834]
  * gnutls: side-channel in the deterministic ECDSA
  * Add gnutls-CVE-2024-28834.patch

- jitterentropy: Release the memory of the entropy collector when
  using jitterentropy with phtreads as there is also a
  pre-intitization done in the main thread. [bsc#1221242]
  * Add gnutls-FIPS-jitterentropy-deinit-threads.patch
ncurses
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
  * Backport from ncurses-6.4-20230615.patch
    improve checks in convert_string() for corrupt terminfo entry
nghttp2
- security update
- added patches
  fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-1.patch
  fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-2.patch
protobuf
- update to 25.1:
  * Raise warnings for deprecated python syntax usages
  * Add support for extensions in CRuby, JRuby, and FFI Ruby
  * Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
  * Implement proto2/proto3 with editions
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add utf8_validation feature back to the global feature set.
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Merge the protobuf and upb Bazel repos
  * Editions: Introduce functionality to protoc for generating
    edition feature set defaults.
  * Editions: Migrate edition strings to enum in C++ code.
  * Create a reflection helper for ExtensionIdentifier.
  * Editions: Provide an API for C++ generators to specify their
    features.
  * Editions: Refactor feature resolution to use an intermediate
    message.
  * Publish extension declarations with declaration
    verifications.
  * Editions: Stop propagating partially resolved feature sets to
    plugins.
  * Editions: Migrate string_field_validation to a C++ feature
  * Editions: Include defaults for any features in the generated
    pool.
  * Protoc: parser rejects explicit use of map_entry option
  * Protoc: validate that reserved range start is before end
  * Protoc: support identifiers as reserved names in addition to
    string literals (only in editions)
  * Drop support for Bazel 5.
  * Allow code generators to specify whether or not they support
    editions.
  [#] C++
  * Set `PROTOBUF_EXPORT` on
    `InternalOutOfLineDeleteMessageLite()`
  * Update stale checked-in files
  * Apply PROTOBUF_NOINLINE to declarations of some functions
    that want it.
  * Implement proto2/proto3 with editions
  * Make JSON UTF-8 boundary check inclusive of the largest
    possible UTF-8 character.
  * Reduce `Map::size_type` to 32-bits. Protobuf containers can't
    have more than that
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Fix bug in reflection based Swap of map fields.
  * Add utf8_validation feature back to the global feature set.
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Add prefetching to arena allocations.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    repeated and map field accessors.
  * Editions: Migrate edition strings to enum in C++ code.
  * Create a reflection helper for ExtensionIdentifier.
  * Editions: Provide an API for C++ generators to specify their
    features.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    string field accessors.
  * Editions: Refactor feature resolution to use an intermediate
    message.
  * Fixes for 32-bit MSVC.
  * Publish extension declarations with declaration
    verifications.
  * Export the constants in protobuf's any.h to support DLL
    builds.
  * Implement AbslStringify for the Descriptor family of types.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    message field accessors.
  * Editions: Stop propagating partially resolved feature sets to
    plugins.
  * Editions: Migrate string_field_validation to a C++ feature
  * Editions: Include defaults for any features in the generated
    pool.
  * Introduce C++ feature for UTF8 validation.
  * Protoc: validate that reserved range start is before end
  * Remove option to disable the table-driven parser in protoc.
  * Lock down ctype=CORD in proto file.
  * Support split repeated fields.
  * In OSS mode omit some extern template specializations.
  * Allow code generators to specify whether or not they support
    editions.
  [#] Java
  * Implement proto2/proto3 with editions
  * Remove synthetic oneofs from Java gencode field accessor
    tables.
  * Timestamps.parse: Add error handling for invalid
    hours/minutes in the timezone offset.
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Add missing debugging version info to Protobuf Java gencode
    when multiple files are generated.
  * Fix a bad cast in putBuilderIfAbsent when already present due
    to using the result of put() directly (which is null if it
    currently has no value)
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Fix a NPE in putBuilderIfAbsent due to using the result of
    put() directly (which is null if it currently has no value)
  * Update Kotlin compiler to escape package names
  * Add MapFieldBuilder and change codegen to generate it and the
    put{field}BuilderIfAbsent method.
  * Introduce recursion limit in Java text format parsing
  * Consider the protobuf.Any invalid if typeUrl.split("/")
    returns an empty array.
  * Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
  * Fixed Python memory leak in map lookup.
  * Loosen upb for json name conflict check in proto2 between
    json name and field
  * Defines Protobuf compiler version strings as macros and
    separates out suffix string definition.
  * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
    oneof accessors.
  * Ensure Timestamp.ToDatetime(tz) has correct offset
  * Do not check required field for upb python MergeFrom
  * Setting up version updater to prepare for poison pills and
    embedding version info into C++, Python and Java gencode.
  * Merge the protobuf and upb Bazel repos
  * Comparing a proto message with an object of unknown returns
    NotImplemented
  * Emit __slots__ in pyi output as a tuple rather than a list
    for --pyi_out.
  * Fix a bug that strips options from descriptor.proto in
    Python.
  * Raise warings for message.UnknownFields() usages and navigate
    to the new add
  * Add protobuf python keyword support in path for stub
    generator.
  * Add tuple support to set Struct
  * ### Python C-Extension (Default)
  * Comparing a proto message with an object of unknown returns
    NotImplemented
  * Check that ffi-compiler loads before using it to define
    tasks.
  [#] UPB (Python/PHP/Ruby C-Extension)
  * Include .inc files directly instead of through a filegroup
  * Loosen upb for json name conflict check in proto2 between
    json name and field
  * Add utf8_validation feature back to the global feature set.
  * Do not check required field for upb python MergeFrom
  * Merge the protobuf and upb Bazel repos
  * Added malloc_trim() calls to Python allocator so RSS will
    decrease when memory is freed
  * Upb: fix a Python memory leak in ByteSize()
  * Support ASAN detection on clang
  * Upb: bugfix for importing a proto3 enum from within a proto2
    file
  * Expose methods needed by Ruby FFI using UPB_API
  * Fix `PyUpb_Message_MergeInternal` segfault

- build against modern python on sle15

- Build with source and target levels 8
  * fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
  macro resolves the variables at the install time

- update to 23.4:
  * Add dllexport_decl for generated default instance.
  * Deps: Update Guava to 32.0.1

- update to 23.3:
  C++
  * Regenerate stale files
  * Use the same ABI for static and shared libraries on non-
    Windows platforms
  * Add a workaround for GCC constexpr bug
  Objective-C
  * Regenerate stale files
  UPB (Python/PHP/Ruby C-Extension)
  * Fixed a bug in `upb_Map_Delete()` that caused crashes in
    map.delete(k) for Ruby when string-keyed maps were in use.
  Compiler
  * Add missing header to Objective-c generator
  * Add a workaround for GCC constexpr bug
  Java
  * Rollback of: Simplify protobuf Java message builder by
    removing methods that calls the super class only.
  Csharp
  * [C#] Replace regex that validates descriptor names
- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream)

- Add patch to fix linking ThreadSafeArena:
  * 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch
- Drop the protobuf-source package, no longer used

- update to 22.5:
  C++
  * Add missing cstdint header
  * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
  * Avoid using string(JOIN..., which requires cmake 3.12
  * Explicitly include GTest package in examples
  * Bump Abseil submodule to 20230125.3 (#12660)
- update to 22.4:
  C++
  * Fix libprotoc: export useful symbols from .so
  * Fix btree issue in map tests.
  Python
  * Fix bug in _internal_copy_files where the rule would fail in
    downstream repositories.
  Other
  * Bump utf8_range to version with working pkg-config (#12584)
  * Fix declared dependencies for pkg-config
  * Update abseil dependency and reorder dependencies to ensure
    we use the version specified in protobuf_deps.
  * Turn off clang::musttail on i386

- drop python2 handling
- fix version handling and package the private libs again

- Fix confusion in versions

- Mention the rpmlintrc file in the spec.

- Make possible to build on older systems, like SLE12 that miss
  some of the used macros.

- update to v22.3
  UPB (Python/PHP/Ruby C-Extension)
  * Remove src prefix from proto import
  * Fix .gitmodules to use the correct absl branch
  * Remove erroneous dependency on googletest
- update to 22.2:
  Java
  * Add version to intra proto dependencies and add kotlin stdlib
    dependency
  * Add $ back for osgi header
  * Remove $ in pom files
- update to 22.1:
  * Add visibility of plugin.proto to python directory
  * Strip "src" from file name of plugin.proto
  * Add OSGi headers to pom files.
  * Remove errorprone dependency from kotlin protos.
  * Version protoc according to the compiler version number.
- update to 22.0:
  * This version includes breaking changes to: Cpp.
    Please refer to the migration guide for information:
    https://protobuf.dev/support/migration/#compiler-22
  * [Cpp] Migrate to Abseil's logging library.
  * [Cpp] `proto2::Map::value_type` changes to `std::pair`.
  * [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
    and DefaultFieldComparator classes.
  * [Cpp] Add a dependency on Abseil (#10416)
  * [Cpp] Remove all autotools usage (#10132)
  * [Cpp] Add C++20 reserved keywords
  * [Cpp] Dropped C++11 Support
  * [Cpp] Delete Arena::Init
  * [Cpp] Replace JSON parser with new implementation
  * [Cpp] Make RepeatedField::GetArena non-const in order to
    support split RepeatedFields.
  * long list of bindings specific fixes see
    https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
- python sub packages version is set 4.22.3 as defined in
  python/google/protobuf/__init__.py to stay compatible
- skip python2 builds by default
- drop patches:
  * 10355.patch,
  * gcc12-disable-__constinit-with-c++-11.patch (merged upstream)
- added patches:
  * add-missing-stdint-header.patch   added for compile fixes

- Enable LTO (boo#1133277).

- update to v21.12:
  * Python
  * Fix broken enum ranges (#11171)
  * Stop requiring extension fields to have a sythetic oneof (#11091)
  * Python runtime 4.21.10 not works generated code can not load valid
    proto.

- update to 21.11:
  * Python
  * Add license file to pypi wheels (#10936)
  * Fix round-trip bug (#10158)

- update to 21.10:
  * Java
  * Use bit-field int values in buildPartial to skip work on unset groups of
    fields. (#10960)
  * Mark nested builder as clean after clear is called (#10984)

- update to 21.9:
  * Ruby
  * Replace libc strdup usage with internal impl to restore musl compat (#10818)
  * Auto capitalize enums name in Ruby (#10454) (#10763)
  * Other
  * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
  * C++
  * 21.x No longer define no_threadlocal on OpenBSD (#10743)
  * Java
  * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
  * Refactoring java full runtime to reuse sub-message builders and prepare to
    migrate parsing logic from parse constructor to builder.
  * Move proto wireformat parsing functionality from the private "parsing
    constructor" to the Builder class.
  * Change the Lite runtime to prefer merging from the wireformat into mutable
    messages rather than building up a new immutable object before merging. This
    way results in fewer allocations and copy operations.
  * Make message-type extensions merge from wire-format instead of building up
    instances and merging afterwards. This has much better performance.
  * Fix TextFormat parser to build up recurring (but supposedly not repeated)
    sub-messages directly from text rather than building a new sub-message and
    merging the fully formed message into the existing field.

- update to 21.6:
  C++:
  * Reduce memory consumption of MessageSet parsing

- update to 21.5:
  PHP
  * Added getContainingOneof and getRealContainingOneof to descriptor.
  * fix PHP readonly legacy files for nested messages
  Python
  * Fixed comparison of maps in Python.

- add 10355.patch to fix soversioning

- update to 21.4:
  * Reduce the required alignment of ArenaString from 8 to 4

- update to 21.3:
  * C++
  * Add header search paths to Protobuf-C++.podspec (#10024)
  * Fixed Visual Studio constinit errors (#10232)
  * Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
  * UPB
  * Allow empty package names (fixes behavior regression in 4.21.0)
  * Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
  * Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
  * for x in mapping now yields keys rather than values, to match Python
    conventions and the behavior of the old library.
  * Lookup operations now correctly reject unhashable types as map keys.
  * We implement repr() to use the same format as dict.
  * Fix maps to use the ScalarMapContainer class when appropriate
  * Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
  * PHP
  * Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
  * Python
  * Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
  * Bazel
  * Add back a filegroup for :well_known_protos (#10061)

- Update to 21.2:
- C++
  - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
  - Escape GetObject macro inside protoc-generated code (#9739)
  - Update CMake configuration to add a dependency on Abseil (#9793)
  - Fix cmake install targets (#9822)
  - Use __constinit only in GCC 12.2 and up (#9936)
- Java
  - Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python
  - Increment python major version to 4 in version.json for python upb (#9926)
  - The C extension module for Python has been rewritten to use the upb library.
  - This is expected to deliver significant performance benefits, especially when
    parsing large payloads. There are some minor breaking changes, but these
    should not impact most users. For more information see:
    https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP
  - [PHP] fix PHP build system (#9571)
  - Fix building packaged PHP extension (#9727)
  - fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633)
  - fix: phpdoc syntax for repeatedfield parameters (#9784)
  - fix: phpdoc for repeatedfield (#9783)
  - Change enum string name for reserved words (#9780)
  - chore: [PHP] fix phpdoc for MapField keys (#9536)
  - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby
  - Allow pre-compiled binaries for ruby 3.1.0 (#9566)
  - Implement respond_to? in RubyMessage (#9677)
  - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
  - Do not use range based UTF-8 validation in truffleruby (#9769)
  - Improve range handling logic of RepeatedField (#9799)
- Other
  - Fix invalid dependency manifest when using descriptor_set_out (#9647)
  - Remove duplicate java generated code (#9909)

- Do not use %%autosetup, but %%setup and %%patch on other line
  * Allows building on SLE-12-SP5

- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch
  that addresses gh#protocolbuffers/protobuf#9916.
python3
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
  gh#python/cpython!16557) fixes syslog making default "ident"
  from sys.argv[0].
libzypp
- Don't try to refresh volatile media as long as raw metadata are
  present (bsc#1223094)
- version 17.32.5 (32)

- Fix creation of sibling cache dirs with too restrictive mode
  (bsc#1222398)
  Some install workflows in YAST may lead to too restrictive (0700)
  raw cache directories in case of newly created repos. Later
  commands running with user privileges may not be able to access
  these repos.
- version 17.32.4 (32)

- Update RepoStatus fromCookieFile according to the files mtime
  (bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)

- Fixup New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
  Fixed the name of the keyword to "support_superseded" as it was
  agreed on in jsc#OBS-301.
- version 17.32.2 (32)

- Add resolver option 'removeUnneeded' to file weak remove jobs
  for unneeded packages (bsc#1175678)
- version 17.32.1 (32)

- Add resolver option 'removeOrphaned' for distupgrade
  (bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
  defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)

- ProblemSolution::skipsPatchesOnly overload to handout the
  patches.
- Remove https->http redirection exceptions for
  download.opensuse.org.
- version 17.31.32 (22)
openssh
- Add patches from upstream to change the default value of
  UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
  This makes ssh update the known_hosts stored keys with all
  published versions by the server (after it's authenticated
  with an existing key), which will allow to identify the
  server with a different key if the existing key is considered
  insecure at some point in the future (bsc#1222831).
  * 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
  * 0002-upstream-disable-UpdateHostkeys-by-default-if.patch

- Add patches openssh-7.7p1-seccomp_getuid.patch and
  openssh-bsc1216474-s390-leave-fds-open.patch
  (bsc#1216474, bsc#1218871)

- Fix hostbased ssh login failing occasionally with "signature
  unverified: incorrect signature" by fixing a typo in patch
  (bsc#1221123):
  * openssh-7.8p1-role-mls.patch
python-azure-agent
- Keep the existing config file (bsc#1222620)
  + During separation of the config file into subpackages it was forgotten
    that on update of the main package the previously provided config file
    would be removed. SInce we do not know which flavor of our images the
    package is being upgraded on, preserve the previously existing config
    file. This will orphan the file if non of the -config-* packages gets
    installed.

- Do not force wicked dependency for networking, allow NM in SLE Micro 5.5
  and for ALP based products
- Change patch syntax in preparetion for RPM 4.20

- Recognise SLE-Micro as a SLE based distro
  + Add agent-micro-is-sles.patch

- Create sub-packages for the config (jsc#PED-7869)
  + Remove config manipulation from image building
  + Set up a config for SLE-Micro
  + Makes deafult upstream config available
- Update to 2.9.1.1 (bsc#1217301, bsc#1217302)
  + Update remove-mock.patch
  + Download certificates when goal state source is fast track #2761
  + Increase the max number of extension events by 20% #2785
  + Remove version suffix from extension slice #2782
  + Support int type for eventPid and eventTid fields #2786
  + Improve log for swap counter not found #2789
  + Remove cgroup files during deprovisioning #2790
  + Log VM architecture in heartbeat telemetry for arm64 adoption
    monitoring #2818
  + Enforce memory usage for agent #2671
  + Use common download logic for agent downloads #2682
  + Implement Fedora distro #2642
  + Report message in handler heartbeat #2688
  + Remove dependency on pathlib from makepkg #2717
  + Do not fetch extensions goal state in log collector #2713
  + Update log collector unit file to remove memory limit #2757
  + Fix bug in get_dhcp_pid (CoreOS) #2784
  + Fetch full distro version for mariner #2773
  From 2.9.04
  + Resource Governance on extensions (CPU monitoring and enforcing & Memory
    monitoring) #2632 #2581 #2555
  + Agent resource governance #2597 #2591 #2546
  + monitor system-wide memory metrics (#2610)
  + Additional telemetry for goal state (#2675)
  + HostGAPlugin usage improvements #2662 #2673 #2655 #2651
  + Add logging statements for mrseq migration during update (#2667)
  + Logcollector memory usage #2658 #2637
  + Update Log Collector default in Comments and Readme (#2608)
  + Improve telemetry success and failure markers (#2605) #2604 #2599
  + Fix formatting of exceptions on Python 3.10
    (traceback.format's etype argument) (#2663)
  + Fix UNKNOWN(Zombie) Process in unexpected processes check (#2644)
  + SUSE: Fix valid values for DHCLIENT_HOSTNAME_OPTION (#2643)
  + Debian - string conversion for systemd service (#2574)
  + Do not set a CPU quota on the agent for RHEL and Centos (#2685) #2689 #2693
  + support rhel distro (#2620) #2598
  + Added support for devuan linux distribution (#2553)
  No incremental updates between 2.8.011 and 2.9.0.4

- Clean up conditions in spec file:
  + There is no maintained distro > 1315 (SLE12) AND < 1500
    (SLE15). Only openSUSE 13.2 and 13.3 lived in that space, but
    they are clearly not the target of this spec file.
  + if 0%{?Suse_version} && 0{?suse_version} > 1315: no need to
    first validate suse_version being defined: whenever it
    is > 1315, must be defined.

- Add patch remove-mock.patch:
  * Use unittest.mock first, falling back to mock if required.
- Tighten Requires against python3-mock.
python-idna
- Add CVE-2024-3651.patch, backported from upstream commit
  gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
  (bsc#1222842, CVE-2024-3651)
rpm-ndb
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
samba
-  fd_handle_destructor() panics within an smbd_smb2_close()
  if vfs_stat_fsp() fails in fd_close(); (bso#15527);
  (bsc#1219937).

- Remove -x from bash shebang update-apparmor-samba-profile;
  (bsc#1218431).
000release-packages:sle-module-basesystem-release
n/a
000release-packages:sle-module-containers-release
n/a
000release-packages:sle-module-public-cloud-release
n/a
000release-packages:sle-module-server-applications-release
n/a
000release-packages:SLES-release
n/a
systemd-default-settings
- Import 0.10
  5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)

- Import 0.9
  bb859bf user@.service: Disable controllers by default (jsc#PED-2276)

- The usage of drop-ins is now the official way for configuring systemd and its
  various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
  "feature" has been abandoned.

- Import 0.8
  f34372f User priority '26' for SLE-Micro
  c8b6f0a Revert "Convert more drop-ins into early ones"

- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
  6b8dde1 Convert more drop-ins into early ones
util-linux-systemd
- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,
  util-linux-wall-migrate-to-memstream.patch
  util-linux-fputs_careful2.patch).

- Add upstream patch
  util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
  bsc#1207987 gh#util-linux/util-linux@1d98827edde4
vim
- Updated to version 9.1 with patch level 0330, fixes the following problems
  * Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330

- Updated to version 9.1 with patch level 0111, fixes the following security problems
  * Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
  * Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
  * Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
  * Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
  * Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
  * Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
  * Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
  * Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
  * Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
  * Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
wicked
- client: do not convert sec to msec twice (bsc#1222105)
  [+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]

- addrconf: fix fallback-lease drop (bsc#1220996)
  [+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
  [+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
  [+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
  [+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
zypper
- Do not try to refresh repo metadata as non-root user
  (bsc#1222086)
  Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
  them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
  list them.
- Don't print 'reboot required' message if download-only or
  dry-run (fixes #529)
  Instead point out that a reboot would be required if the option
  was not used.
- Resepect zypper.conf option `showAlias` search commands
  (bsc#1221963)
  Repository::asUserString (or Repository::label) respects the
  zypper.conf option, while name/alias return the property.
- version 1.14.71

- dup: New option --remove-orphaned to remove all orphaned
  packages in dup (bsc#1221525)
- version 1.14.70

- info,summary: Support VendorSupportOption flag
  VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires:  libzypp-devel >= 17.32.0.
  API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
  The problem description() is one rule out possibly many in
  completeProblemInfo() the solver has chosen to represent the
  problem. So either description or completeProblemInfo should be
  printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
  1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
  first one (bsc#1218171)
- version 1.14.69