- crypto-policies
-
- Fix fips-mode-setup in EFI or Secure Boot mode. [bsc#1227637]
* Rebase crypto-policies-FIPS.patch
- fips-mode-setup: tolerate fips dracut module presence w/o FIPS
* Fixes the "Inconsistent state detected" warning when disabling
the FIPS mode [bsc#1236165]
* Upstream commit [gl#redhat-crypto/fedora-crypto-policies#78773542]
* Add crypto-policies-fips-mode-setup-dracut.patch
- Remove dangling symlink for the libreswan config [bsc#1236858]
- docker
-
- Update to Docker 27.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741> bsc#1237335
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Update to docker-buildx 0.20.1. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.20.1>
- Update to Docker 27.4.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741>
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Update to docker-buildx 0.19.3. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.19.3>
- Update to Docker 27.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#274>
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- dracut
-
- Update to version 059+suse.552.g232957b4:
Fixes related to getting live image size (bsc#1235912):
* fix(livenet): split `imgsize` calculation to avoid misleading error message
* fix(livenet): check also `content-length` from live image header
* fix(livenet): propagate error code
Fixes for booting from iSCSI offload with bnx2i (bsc#1228086):
* fix(iscsi): attempt iSCSI login before all interfaces are up
* fix(iscsi): don't require network setup for bnx2i
Other:
* fix(dracut): rework timeout for devices added via --mount and --add-device (bsc#1231792)
- findutils
-
- do not crash when file system loop was encountered [bsc#1231472]
- added patches
fix https://git.savannah.gnu.org/cgit/findutils.git/commit/?id=e5d6eb919b9
+ findutils-avoid-crash-system-loop.patch
- modified patches
% findutils-xautofs.patch (p1)
- glibc
-
- assert-message-allocation.patch: Fix underallocation of abort_msg_s
struct (CVE-2025-0395, bsc#1236282, BZ #32582))
- grub2
-
- Fix zfs.mo not found message when booting on legacy BIOS (bsc#1237865)
* 0001-autofs-Ignore-zfs-not-found.patch
- Cherry-pick upstream XFS fixes
* 0001-fs-xfs-Add-new-superblock-features-added-in-Linux-6..patch
* 0002-fs-xfs-Fix-grub_xfs_iterate_dir-return-value-in-case.patch
- Fix "attempt to read of write outside of partition" error message (bsc#1237844)
* 0003-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch
- Security fixes for 2024
* 0001-misc-Implement-grub_strlcpy.patch
- Fix CVE-2024-45781 (bsc#1233617)
* 0002-fs-ufs-Fix-a-heap-OOB-write.patch
- Fix CVE-2024-56737 (bsc#1234958)
- Fix CVE-2024-45782 (bsc#1233615)
* 0003-fs-hfs-Fix-stack-OOB-write-with-grub_strcpy.patch
- Fix CVE-2024-45780 (bsc#1233614)
* 0004-fs-tar-Integer-overflow-leads-to-heap-OOB-write.patch
- Fix CVE-2024-45783 (bsc#1233616)
* 0005-fs-hfsplus-Set-a-grub_errno-if-mount-fails.patch
* 0006-kern-file-Ensure-file-data-is-set.patch
* 0007-kern-file-Implement-filesystem-reference-counting.patch
- Fix CVE-2025-0624 (bsc#1236316)
* 0008-net-Fix-OOB-write-in-grub_net_search_config_file.patch
- Fix CVE-2024-45774 (bsc#1233609)
* 0009-video-readers-jpeg-Do-not-permit-duplicate-SOF0-mark.patch
- Fix CVE-2024-45775 (bsc#1233610)
* 0010-commands-extcmd-Missing-check-for-failed-allocation.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0011-commands-pgp-Unregister-the-check_signatures-hooks-o.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0012-normal-Remove-variables-hooks-on-module-unload.patch
- Fix CVE-2025-0622 (bsc#1236317)
* 0013-gettext-Remove-variables-hooks-on-module-unload.patch
- Fix CVE-2024-45776 (bsc#1233612)
* 0014-gettext-Integer-overflow-leads-to-heap-OOB-write-or-.patch
- Fix CVE-2024-45777 (bsc#1233613)
* 0015-gettext-Integer-overflow-leads-to-heap-OOB-write.patch
- Fix CVE-2025-0690 (bsc#1237012)
* 0016-commands-read-Fix-an-integer-overflow-when-supplying.patch
- Fix CVE-2025-1118 (bsc#1237013)
* 0017-commands-minicmd-Block-the-dump-command-in-lockdown-.patch
- Fix CVE-2024-45778 (bsc#1233606)
- Fix CVE-2024-45779 (bsc#1233608)
* 0018-fs-bfs-Disable-under-lockdown.patch
- Fix CVE-2025-0677 (bsc#1237002)
- Fix CVE-2025-0684 (bsc#1237008)
- Fix CVE-2025-0685 (bsc#1237009)
- Fix CVE-2025-0686 (bsc#1237010)
- Fix CVE-2025-0689 (bsc#1237011)
* 0019-fs-Disable-many-filesystems-under-lockdown.patch
- Fix CVE-2025-1125 (bsc#1237014)
- Fix CVE-2025-0678 (bsc#1237006)
* 0020-fs-Prevent-overflows-when-allocating-memory-for-arra.patch
- Bump upstream SBAT generation to 5
- Fix CVE-2024-49504 (bsc#1229163) (bsc#1229164)
- Restrict CLI access if the encrypted root device is automatically unlocked by
the TPM. LUKS password authentication is required for access to be granted
* 0001-cli_lock-Add-build-option-to-block-command-line-inte.patch
* 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch
- Obsolete, as CLI access is now locked and granted access no longer requires
the previous restrictions
* 0002-Restrict-file-access-on-cryptodisk-print.patch
* 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch
- Rediff
* 0004-Key-revocation-on-out-of-bound-file-access.patch
- kdump
-
- upgrade to version kdump-2.0.6+git25.g1dbf786
* fix bonding options (bsc#1235933)
* don't use wicked to read bond and bridge config (bsc#1235933)
* prevent KDUMP_NET_TIMEOUT busy loop when DNS fails
* limit dump file permissions (bsc#1237497, bsc#1237529)
- upgrade to version kdump-2.0.6+git20.gf8ecc01:
* fix KDUMP_AUTO_RESIZE (bsc#1236921)
- upgrade to version kdump-2.0.6+git20.gf8ecc01:
* dracut: fix filtering ro keys in kdump_bond_config (bsc#1233137)
- kernel-default
-
- initcall_blacklist: Does not allow kernel_lockdown be
blacklisted (bsc#1237521).
- commit c830a3e
- drm/amd/display: Fix null check for pipe_ctx->plane_state in
resource_build_scaling_params (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking
(git-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: don't try to talk to a dead firmware
(git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with
other flags (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in
mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
(git-fixes).
- bluetooth: btusb: Initialize .owner field of
force_poll_sync_fops (git-fixes).
- commit ba6baa3
- net: hns3: fix oops when unload drivers paralleling
(CVE-2025-21802 bsc#1238751).
- commit 1e9156e
- NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795
bsc#1238759).
- commit b38b339
- vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790
bsc#1238753).
- commit f088d3b
- clocksource: Use migrate_disable() to avoid calling
get_random_u32() in atomic context (CVE-2025-21767 bsc#1238509).
- commit 63a12d3
- vxlan: Fix uninit-value in vxlan_vnifilter_dump()
(CVE-2025-21716 bsc#1237891).
- commit dd55756
- mptcp: handle fastopen disconnect correctly (CVE-2025-21705
bsc#1238525).
- commit fd8b648
- exfat: fix timing of synchronizing bitmap and inode
(bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file
(bsc#1237356).
- commit 7d766d0
- smb: client: fix oops due to unset link speed (CVE-2025-21725
bsc#1238877).
- commit b5023ae
- exfat: do not zero the extended part (bsc#1237356).
- commit 156857e
- ipmr: do not call mr_mfc_uses_dev() for unres entries
(CVE-2025-21719 bsc#1238860).
- commit d4d6c1b
- net: davicom: fix UAF in dm9000_drv_remove (CVE-2025-21715
bsc#1237889).
- commit 0308747
- iommufd/iova_bitmap: Fix shift-out-of-bounds in
iova_bitmap_offset_to_index() (CVE-2025-21724 bsc#1238863).
- commit fa2cf3e
- net: ethernet: ti: am65-cpsw: fix freeing IRQ in
am65_cpsw_nuss_remove_tx_chns() (CVE-2025-21799 bsc#1238739).
- commit b9602c4
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- commit 8be63c4
- scsi: hisi_sas: Remove redundant checks for automatic debugfs
dump (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump
(git-fixes).
- commit 2531f6e
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- commit 4c3f2b6
- scsi: mpi3mr: Fix possible crash when setting up bsg fails
(git-fixes).
- commit f1f6d56
- scsi: myrb: Remove dead code (git-fixes).
- commit 11c2ac0
- scsi: iscsi: Fix redundant response for
ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- commit 3d258a5
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- commit 6998b85
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- commit 13d0e59
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- commit 330c415
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040
(git-fixes).
- commit f2ba519
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after
device reset (git-fixes).
- commit 1ead6e0
- scsi: st: Don't modify unknown block number in MTIOCGET
(git-fixes).
- commit fb5d2a0
- scsi: sg: Enable runtime power management (git-fixes).
- Refresh
patches.suse/scsi-sg-Fix-slab-use-after-free-read-in-sg_release.patch.
- commit 89afcac
- scsi: hisi_sas: Enable all PHYs that are not disabled by user
during controller reset (git-fixes).
- commit 27a4afa
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- commit 782dd6e
- scsi: hisi_sas: Allocate DFX memory during dump trigger
(git-fixes).
- Refresh patches.suse/scsi-hisi_sas-Create-all-dump-files-during-debugfs-initialization.patch
- commit 9b4cb76
- scsi: hisi_sas: Directly call register snapshot instead of
using workqueue (git-fixes).
- commit 1286dd4
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
(git-fixes).
- commit 7c8c098
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848
bsc#1230497).
- commit df06d93
- packaging: Turn gcc version into config.sh variable
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit 011d54b
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- commit 1ccb01b
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- commit a9f56ff
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- commit 85cc91e
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- commit 67ea9f3
- mm: hugetlb: add huge page size param to set_huge_pte_at() (git-fixes).
Refresh patches.suse/s390-mm-Fix-clearing-storage-keys-for-huge-pages.patch.
- commit f491ee9
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC
isn't in-kernel (git-fixes).
- commit 82bdecd
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- commit 1f1e842
- Update
patches.suse/s390-pci-Fix-SR-IOV-for-PFs-initially-in-standby.patch
(git-fixes bsc#1236752 bsc#1238368).
- commit bf69596
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Pull search for parent PF out of
zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- commit 0745d9f
- bpf: Send signals asynchronously if !preemptible (git-fixes
bsc#1237879 CVE-2025-21728).
- commit 180a0da
- rxrpc: Fix missing locking causing hanging calls (git-fixes
bsc#1233483 CVE-2024-50294).
- commit d2475e0
- scsi: lpfc: Copyright updates for 14.4.0.8 patches
(bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID
routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk
(bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when
pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring
clean up (bsc#1238347).
- commit 0a7ad68
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU
(git-fixes).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count
(git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk
(git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk
(git-fixes).
- commit 7d2a8bd
- Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
(CVE-2024-50029 bsc#1231949).
- commit 64f3840
- gup: make the stack expansion warning a bit more targeted
(bsc#1238214).
- commit feae374
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL
masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT
(git-fixes).
- commit 92e733c
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq
(git-fixes).
- commit 6c35b3b
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- commit d778b71
- soc/mediatek: mtk-devapc: Convert to platform remove callback
returning void (stable-fixes).
- Refresh
patches.suse/soc-mediatek-mtk-devapc-Fix-leaking-IO-map-on-error-.patch.
- commit b320307
- smb: client: Fix netns refcount imbalance causing leaks and
use-after-free (git-fixes).
- commit 7fb2f0e
- scsi: core: Clear driver private data when retrying request
(git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats
(git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper
md_bitmap_get_stats() (git-fixes).
- scsi: core: Handle depopulation and restoration in progress
(git-fixes).
- commit 72dfeb6
- cifs: Fix parsing reparse point with native symlink in SMB1
non-UNICODE session (git-fixes).
- commit 37da1d3
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer
DJM-900NXS2 (stable-fixes).
- commit 1b4de08
- usbnet: gl620a: fix endpoint checking in genelink_bind()
(git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD
(git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15
(git-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple
ports (git-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup()
(git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training
(stable-fixes).
- drm/i915: Make sure all planes in use by the joiner have their
crtc included (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove
(git-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
(git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER
(stable-fixes).
- commit 73ebe5d
- md/raid5: Wait sync io to finish before changing group cnt
(git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md: Don't flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- md/raid1: don't free conf on raid0_run failure (git-fixes).
- md/raid0: don't free conf on raid0_run failure (git-fixes).
- commit b66645f
- kabi: hide adding RCU head into struct netdev_name_node
(bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: fix removing a namespace with conflicting altnames
(bsc#1233749).
- net: do not send a MOVE event when netdev changes netns
(bsc#1233749).
- net: Fix undefined behavior in netdev name allocation
(bsc#1233749).
- net: remove else after return in dev_prep_valid_name()
(bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name()
(bsc#1233749).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: make dev_alloc_name() call dev_prep_valid_name()
(bsc#1233749).
- net: don't use input buffer of __dev_alloc_name() as a scratch
space (bsc#1233749).
- net: move altnames together with the netdevice (bsc#1233749).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns
(bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- commit ff5990f
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
(git-fixes).
- commit 23d3ebd
- smb: client: handle path separator of created SMB symlinks
(git-fixes).
- Refresh
patches.suse/smb-client-move-most-of-reparse-point-handling-code-to-common-file.patch.
- commit c241ea6
- smb: client: ignore unhandled reparse tags (git-fixes).
- commit f2d26a5
- smb: client: fix double put of @cfile in smb2_rename_path()
(git-fixes).
- commit 4ac349c
- smb: client: fix double put of @cfile in smb2_set_path_size()
(git-fixes).
- commit 647e9ab
- cifs: Remove intermediate object of failed create reparse call
(git-fixes).
- commit fa14b80
- ptr_ring: do not block hard interrupts in
ptr_ring_resize_multiple() (CVE-2024-57994 bsc#1237901).
- commit e5a0226
- printk: Fix signed integer overflow when defining
LOG_BUF_LEN_MAX (bsc#1237950).
- commit 1ff6bc3
- add nf_tables for iptables non-legacy network handling
This is needed for example by docker on the Alpine Linux distribution,
but can also be used on openSUSE.
- commit f9b0903
- af_packet: do not call packet_read_pending() from
tpacket_destruct_skb() (bsc#1237849).
- commit 4ff6762
- zram: fix potential UAF of zram table (git-fixes).
- commit b9770a4
- Fix memory-hotplug regression (bsc#1237504)
Refreshed
patches.suse/mm-memory_hotplug-add-missing-mem_hotplug_lock.patch
- commit 248260f
- kernel-source: Also replace bin/env
- commit dc2037c
- net: do not delay dst_entries_add() in dst_release()
(CVE-2024-50036 bsc#1231912).
- commit 1203cd1
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- commit 72d0292
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- commit a50daa9
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- commit d0d2370
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- commit c4c267b
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- commit 2106458
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- commit a795049
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- commit 8f2604e
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- commit d076f6b
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- commit 92c60dc
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- commit 06e0da5
- zram: fix uninitialized ZRAM not releasing backing device
(git-fixes).
- zram: refuse to use zero sized block device as backing device
(git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- commit ef8009a
- blk-cgroup: Properly propagate the iostat update up the
hierarchy (bsc#1225606).
- commit fb4fada
- Refresh
patches.suse/btrfs-fix-extent-map-merging-not-happening-for-adjacent-ex.patch.
Fix the `-Wparentheses` build warning.
../fs/btrfs/extent_map.c: In function 'mergable_maps':
../fs/btrfs/extent_map.c:219:48: warning: suggest parentheses around comparison in operand of '&' [-Wparentheses]
- commit a88d495
- smb: client: fix corruption in cifs_extend_writeback
(bsc#1235609).
- commit 7111675
- Move upstreamed ACPI patch into sorted section
- commit 34b98f4
- btrfs: fix defrag not merging contiguous extents due to merged
extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents
(bsc#1237232).
- commit a57c147
- zram: split memory-tracking and ac-time tracking (git-fixes).
- Update config files.
- commit d2eb9a9
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations
(git-fixes).
- commit 0b597f1
- KVM: arm64: Flush hyp bss section after initialization of
variables in bss (git-fixes).
- commit 7a0da9b
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR
(git-fixes).
- commit 361bd1c
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO
registration (git-fixes).
- commit eb69c06
- KVM: arm64: Don't eagerly teardown the vgic on init error
(git-fixes).
- commit 09d2069
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU
(git-fixes).
- commit b54256b
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU
(git-fixes).
- commit 497fc9a
- KVM: x86: Zero out PV features cache when the CPUID leaf is
not present (git-fixes).
- commit b3e323a
- KVM: x86: Account for KVM-reserved CR4 bits when passing
through CR4 on VMX (git-fixes).
- commit fe0be3a
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0
(bsc#1237563).
- cpu/hotplug: Don't offline the last non-isolated CPU
(bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug
(bsc#1237562).
- commit 285ec7d
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- commit 986c213
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable
bit is cleared (git-fixes).
- commit 19b003b
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module
init (git-fixes).
- commit c214d6b
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB
(git-fixes).
- commit 08a45f2
- KVM: x86: Fix a comment inside
__kvm_set_or_clear_apicv_inhibit() (git-fixes).
- commit dc6e2e8
- blk-cgroup: Fix class @block_class's subsystem refcount leakage
(bsc#1237558).
- commit 908404a
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was
a leaf SPTE (git-fixes).
- commit d7ef6bb
- KVM: x86: Unconditionally set irr_pending when updating APICv
state (jsc#PED-348).
- commit 7089ba6
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with
VPID disabled (jsc#PED-348 git-fixes).
- commit ce778dd
- KVM: VMX: reset the segment cache after segment init in
vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- commit 57ae6ea
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- commit 3cc9281
- virtio_blk: reverse request order in virtio_queue_rqs
(git-fixes).
- commit 08ef4d5
- x86/xen: allow larger contiguous memory regions in PV guests
(git-fixes).
- commit cbf742d
- xen/swiotlb: relax alignment requirements (git-fixes).
- commit 85ac962
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- commit 23eecda
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
(git-fixes).
- commit e343881
- Grab mm lock before grabbing pt lock (git-fixes).
- commit ae619e6
- platform/x86/intel-uncore-freq: Increase minor number support
(bsc#1237452).
- commit 43ac95b
- platform/x86/intel-uncore-freq: Ignore minor version change
(bsc#1237452).
- commit 6b5df6d
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- commit 904b0d7
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- commit 17cda63
- platform/x86/intel/tpmi: Add defines to get version information
(bsc#1237452).
- commit 1c56c6e
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- commit 129191d
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- commit 1052c36
- RDMA/efa: Reset device on probe failure (git-fixes)
- commit c120211
- selftest: hugetlb_dio: fix test naming (git-fixes).
- commit 303d120
- selftests: hugetlb_dio: fixup check for initial conditions to
skip in the start (git-fixes).
- commit 35f33c3
- selftests: hugetlb_dio: check for initial conditions to skip
in the start (git-fixes).
- commit 89353b1
- selftest: mm: Test if hugepage does not get leaked during
__bio_release_pages() (git-fixes).
- commit 56d43b6
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- commit f3e10b9
- drm/msm/dpu: Don't leak bits_per_component into random DSC_ENC
fields (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- nouveau/svm: fix missing folio unlock + put after
make_device_exclusive_range() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
(git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address
(git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init()
(git-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist
(stable-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone
(stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI
(stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name
(stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions
(stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: hub: Ignore non-compliant devices with too many configs
or interfaces (stable-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue
during MIDI bind retries (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- efi: Avoid cold plugged memory for placing the kernel
(stable-fixes).
- drm/amdgpu: avoid buffer overflow attach in
smu_sys_set_pp_table() (stable-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case
(stable-fixes).
- HID: hid-steam: Don't use cancel_delayed_work_sync in IRQ
context (git-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla
10 tablet 5V (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10
tablet 5V (stable-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements
(stable-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P
(stable-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
(stable-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix
Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of
usb packets (stable-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list
(stable-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal
(stable-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format
(stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding
options (stable-fixes).
- HID: hid-steam: Update list of identifiers from SDL
(stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat
(stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter
(stable-fixes).
- commit df6a4bb
- block: avoid to reuse `hctx` not removed from cpuhp callback
list (git-fixes).
- block: use the right type for stub rq_integrity_vec()
(git-fixes).
- block: Fix page refcounts for unaligned buffers in
__bio_release_pages() (git-fixes).
- commit 27674be
- devlink: avoid potential loop in
devlink_rel_nested_in_notify_work() (bsc#1237234).
- commit 3a39566
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- commit 859fe45
- ocfs2: fix incorrect CPU endianness conversion causing mount
failure (bsc#1236138).
re-enable patch ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch
(bsc#1236138).
- commit 1f4d40a
- iommu/arm-smmu-v3: Clean up more on probe failure
(stable-fixes).
- commit f5873b7
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64
(bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path
(bsc#1237415).
- ice: add ice_adapter for shared data across PFs on the same NIC
(bsc#1237415).
- commit 9bb3389
- Fix conditional for selecting gcc-13
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit 07542ae
- kasan: don't call find_vm_area() in a PREEMPT_RT kernel
(git-fixes).
- lib/iov_iter: fix import_iovec_ubuf iovec management
(git-fixes).
- lib: stackinit: hide never-taken branch from compiler
(stable-fixes).
- commit 08ac036
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- commit 484a6fb
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- commit d8f1799
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- commit 44f383d
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- commit 13bd685
- block: copy back bounce buffer to user-space correctly in case
of split (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation
(git-fixes).
- nbd: don't allow reconnect after disconnect (git-fixes).
- block: retry call probe after request_module in
blk_request_module (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
(git-fixes).
- blk-iocost: Avoid using clamp() on inuse in
__propagate_weights() (git-fixes).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock
(git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray
table (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into
account (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex
less long (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request
adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED
request adding (git-fixes).
- block: fix missing dispatching request when queue is started
or unquiesced (git-fixes).
- Revert "blk-throttle: Fix IO hang for a corner case"
(git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set
(git-fixes).
- blk_iocost: remove some duplicate irq disable/enables
(git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- bio-integrity: don't restrict the size of integrity metadata
(git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings
(git-fixes).
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings
(git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait
(git-fixes).
- loop: don't set QUEUE_FLAG_NOMERGES (git-fixes).
- block: change rq_integrity_vec to respect the iterator
(git-fixes).
- block: remove the blk_flush_integrity call in
blk_integrity_unregister (git-fixes).
- block: sed-opal: avoid possible wrong address reference in
read_sed_opal_key() (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller
then zone size (git-fixes).
- null_blk: Print correct max open zones limit in
null_init_zoned_dev() (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions
(git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
(git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing
(git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal
(git-fixes).
- block: propagate partition scanning errors to the BLKRRPART
ioctl (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue
(git-fixes).
- rbd: don't move requests to the running list on errors
(git-fixes).
- commit 267ddd1
- null_blk: Remove usage of the deprecated ida_simple_xx() API
(git-fixes).
- Refresh
patches.suse/null_blk-fix-null-ptr-dereference-while-configuring-.patch.
- commit cea38e9
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: fix bus type (bsc#1236896).
- commit 175404f
- PCI: imx6: Simplify clock handling by using clk_bulk*() function
(git-fixes).
- Refresh
patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch.
- Refresh
patches.suse/PCI-imx6-Skip-controller_id-generation-logic-for-i.M.patch.
- commit f03d03e
- PCI: Use downstream bridges for distributing resources
(bsc#1237325).
- commit 7c0294f
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device
(git-fixes).
- commit bbb24b0
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
(stable-fixes).
- commit 5d15622
- ALSA: seq: Drop UMP events when no UMP-conversion is set
(git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic
(git-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in
snd_hda_create_dig_out_ctls() (git-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close
(git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in
sof_ipc_msg_data() (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for
SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality()
(git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- commit 6fb0aa0
- block: ensure we hold a queue reference when using queue limits
(git-fixes).
- Refresh
patches.suse/block-Fix-where-bio-IO-priority-gets-set.patch.
- commit 36d897c
- null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS
(git-fixes).
- block: add check of 'minors' and 'first_minor' in
device_add_disk() (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error
path (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- blk-mq: don't count completed flush data request as inflight
in case of quiesce (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- commit 3e547cf
- doc: update managed_irq documentation (bsc#1236897).
- blk-mq: issue warning when offlining hctx with online isolcpus
(bsc#1236897).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled
(bsc#1236897).
- lib/group_cpus: honor housekeeping config when grouping CPUs
(bsc#1236897).
- virtio: blk/scsi: use block layer helpers to calculate num of
queues (bsc#1236897).
- scsi: use block layer helpers to calculate num of queues
(bsc#1236897).
- nvme-pci: use block layer helpers to calculate num of queues
(bsc#1236897).
- blk-mq: add number of queue calc helper (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized
masks (bsc#1236897).
- commit 3a935fa
- blk-mq: create correct map for fallback case (bsc#1236896).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with
blk_mq_map_hw_queues (bsc#1236896).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- driver core: bus: add irq_get_affinity callback to bus_type
(bsc#1236896).
- commit 1f8d7a5
- Update
patches.suse/USB-serial-quatech2-fix-null-ptr-deref-in-qt2_proces.patch (CVE-2025-21689 bsc#1237017).
- Update
patches.suse/drm-v3d-Assign-job-pointer-to-NULL-before-signaling-.patch (CVE-2025-21688 bsc#1237007
- Update
patches.suse/drm-v3d-Ensure-job-pointer-is-set-to-NULL-after-job-.patch (CVE-2025-21697 bsc#1237132)
- Update
patches.suse/gfs2-Truncate-address-space-when-flipping-GFS2_DIF_JDATA-flag.patch (CVE-2025-21699 bsc#1237139)
- Update
patches.suse/gpio-xilinx-Convert-gpio_lock-to-raw-spinlock.patch (CVE-2025-21684 bsc#1236952)
- Update
patches.suse/msft-hv-3155-scsi-storvsc-Ratelimit-warning-logs-to-prevent-VM-de.patch (CVE-2025-21690 bsc#1237025)
- commit a20ee68
- kABI fix for mptcp: fix inconsistent state on fastopen race
(CVE-2024-26708 bsc#1222672).
Upstream commit 4fd19a307016 ("mptcp: fix inconsistent state
on fastopen race") introduced three breaking changes, which are handled in
this patch.
* a new variable `pending_state` was added to `struct mptcp_sock`, which
is now moved into a hole.
* a new define replaces an old one, so renumber the new one and re-add
the old one.
* an API function was removed, so re-add it again.
```
u8 in_accept_queue:1; /* 1562: 4 1 */
/* XXX 3 bits hole, try to pack */
/* XXX 5 bytes hole, try to pack */
struct work_struct work; /* 1568 32 */
```
- commit a4771c0
- bpf, sockmap: Several fixes to bpf_msg_pop_data (CVE-2024-56720
bsc#1235592).
- commit a218d9d
- net: Fix icmp host relookup triggering ip_rt_bug (CVE-2024-56647
bsc#1235435).
- commit 713c9c9
- USB: Fix the issue of task recovery failure caused by USB
status when S4 wakes up (git-fixes).
- commit 686e836
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
(bsc#1215199).
- commit 73fb25c
- powerpc/code-patching: Fix KASAN hit by not flagging text
patching area as VM_ALLOC (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as
static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching
via temporary mm (bsc#1215199).
- commit cb15126
- usbnet: ipheth: document scope of NCM implementation
(stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in
brcmf_txfinalize() (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH
(stable-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss
(stable-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: brcmfmac: Check the return value of
of_property_read_string_index() (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow
value (stable-fixes).
- wifi: brcmsmac: add gain range check to
wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- commit b67568f
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes
(stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1"
(stable-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- net: rose: lock the socket in rose_bind() (git-fixes).
- scripts/gdb: fix aarch64 userspace detection in get_current_task
(stable-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- ata: libata-sff: Ensure that we cannot write outside the
allocated buffer (stable-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- drm/modeset: Handle tiled displays in pan_display_atomic
(stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15
(stable-fixes).
- ASoC: amd: Add ACPI dependency to fix build error
(stable-fixes).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- tomoyo: don't emit warning in tomoyo_write_control()
(stable-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg
(git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration
(git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock
(git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks
(git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate
(git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during
gdsc_disable() (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to
mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to
mtk_clk_simple_probe (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
(stable-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator
(stable-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card
(stable-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
(stable-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O
(git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer
SoC families (stable-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in
rtattr_pack() (stable-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in
mgmt_remove_adv_monitor_sync (stable-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver
around it (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1
Monitor (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer
(stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching
(stable-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready
(stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT
(stable-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs
(stable-fixes).
- commit 32eeef9
- net: sched: Disallow replacing of child qdisc from one parent
to another (CVE-2025-21700 bsc#1237159).
- commit fd65855
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (CVE-2025-21640 bsc#1236123)
- commit 7a3b711
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (CVE-2025-21639 bsc#1236122)
- commit e818833
- pktgen: Avoid out-of-bounds access in get_imix_entries
(CVE-2025-21680 bsc#1236700).
- commit 8cb9ad2
- sctp: sysctl: auth_enable: avoid using current->nsproxy (CVE-2025-21638 bsc#1236115)
- commit e4e9666
- sctp: sysctl: udp_port: avoid using current->nsproxy (CVE-2025-21637 bsc#1236114)
- commit b35279d
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (CVE-2025-21636 bsc#1236113)
- commit 3f71e7d
- add bug reference to hv_storvsc change (bsc#1237025 CVE-2025-21690).
- commit 45e9861
- kABI fix for mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit d478aac
- idpf: fix VF dynamic interrupt ctl register initialization
(git-fixes).
- Refresh
patches.suse/idpf-add-support-for-SW-triggered-interrupts.patch.
- commit da462e1
- igc: Set buffer type for empty frames in igc_init_empty_frame
(git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: gather page_count()'s of each frag right before XDP prog
call (git-fixes).
- ice: put Rx buffers after being done with current frame
(git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit
(git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1
(git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- igc: return early when failing to read EECD register
(git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- eth: gve: use appropriate helper to set xdp_features
(git-fixes).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails
(git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params
(git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit
(git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend
(git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type
(git-fixes).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset
(git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- commit a2c0ed6
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- commit 51dacec
- kbuild: userprogs: fix bitsize and target detection on clang
(git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools
in parallel (git-fixes).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal
(git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work
(git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0
(git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from
halt state (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk
(git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access
(git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths
(git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop
(git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning
(git-fixes).
- commit f681ca5
- gpio: stmpe: Check return value of stmpe_reg_read in
stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string
(git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting
IRQ (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0
(git-fixes).
- commit 72e2a5f
- exfat: fix file being changed by unaligned direct write
(git-fixes).
- commit c5a2490
- exfat: fix zero the unwritten part for dio read (git-fixes).
- commit ab0ec4f
- hfs: Sanity check the root record (git-fixes).
- commit 6977b91
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- commit 3303370
- exfat: fix out-of-bounds access of directory entries
(bsc#1234857 CVE-2024-53147).
- commit 8127e11
- exfat: change to get file size from DataLength (bsc#1234857
CVE-2024-53147).
- commit 34f63a5
- exfat: convert to ctime accessor functions (git-fixes).
- commit 430eb66
- mmc: mtk-sd: Fix register settings for hs400(es) mode
(git-fixes).
- commit 0e84651
- smb: client: instantiate when creating SFU files (git-fixes).
- commit 1658f01
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support
(git-fixes).
- commit eacadae
- smb: client: return reparse type in /proc/mounts (git-fixes).
- commit 5c949e8
- smb: client: set correct d_type for reparse DFS/DFSR and mount
point (git-fixes).
- commit 99477ce
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs()
(git-fixes).
- commit dcd4483
- smb: client: parse uid, gid, mode and dev from WSL reparse
points (git-fixes).
- commit 86b1707
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit 6f30059
- smb: client: get rid of smb311_posix_query_path_info()
(git-fixes).
- commit 08f4b23
- smb: client: add support for WSL reparse points (git-fixes).
- commit 4773bbe
- smb: client: reduce number of parameters in smb2_compound_op()
(git-fixes).
- commit 5bf06b7
- smb: client: retry compound request without reusing lease
(git-fixes).
- commit 44ecf42
- smb: client: reuse file lease key in compound operations
(git-fixes).
- commit e1d39cc
- smb: client: parse owner/group when creating reparse points
(git-fixes).
- commit 2b1f34d
- cifs: open_cached_dir(): add FILE_READ_EA to desired access
(git-fixes).
- commit f59c050
- cifs: update the same create_guid on replay (git-fixes).
- commit 651496d
- smb: client: reduce stack usage in smb2_query_reparse_point()
(git-fixes).
- commit a2f52a1
- cifs: update desired access while requesting for directory lease
(git-fixes).
- commit 3577933
- smb: client: move most of reparse point handling code to common
file (git-fixes).
- commit 90c5825
- smb: client: handle special files and symlinks in SMB3 POSIX
(git-fixes).
- commit 7ddb775
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- commit 56a04ed
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- commit a9edfbd
- smb: client: allow creating symlinks via reparse points
(git-fixes).
- commit 93e7dee
- smb: client: fix hardlinking of reparse points (git-fixes).
- commit 6805b33
- drm/i915/selftests: avoid using uninitialized context
(git-fixes).
- drm/amdgpu: bail out when failed to load fw in
psp_init_cap_microcode() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on
udev->serial (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path
(git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages
with data length zero (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- commit 30daf36
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- commit 8fa207f
- smb: client: stop revalidating reparse points unnecessarily
(git-fixes).
- commit ce08be7
- smb: client: fix potential broken compound request (git-fixes).
- commit a4415de
- smb: client: fix renaming of reparse points (git-fixes).
- commit 32e853e
- smb: client: optimise reparse point querying (git-fixes).
- commit a53eec6
- smb: client: allow creating special files via reparse points
(git-fixes).
- commit 74e26d4
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- commit 39b0787
- smb: client: set correct file type from NFS reparse points
(git-fixes).
- Delete
patches.suse/cifs-Fix-buffer-overflow-when-parsing-NFS-reparse-points.patch.
(deleted patch will be added later)
- commit 7b28133
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- commit 5e66e50
- smb3: fix creating FIFOs when mounting with "sfu" mount option
(git-fixes).
- commit 82c7e6d
- mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (CVE-2024-50085 bsc#1232508)
- commit 25971ed
- smb: client: Fix minor whitespace errors and warnings
(git-fixes).
- commit 1eedc39
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- commit 6936009
- smb: client: introduce reparse mount option (git-fixes).
- commit e5a8c1e
- smb: client: implement ->query_reparse_point() for SMB1
(git-fixes).
- commit 2615bfd
- smb: cilent: set reparse mount points as automounts (git-fixes).
- commit da6e3c8
- smb: client: do not query reparse points twice on symlinks
(git-fixes).
- commit b7e62c9
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes
bsc#1237158).
- commit 3e00897
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages
(git-fixes bsc#1237155).
- commit 6d87f47
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2
(bsc#1236994).
- net: smc: fix spurious error message from __sock_release()
(bsc#1237126).
- commit 2c0a5e1
- mptcp: fix data races on local_id (git-fixes)
- Refresh patches.suse/mptcp-fix-data-races-on-remote_id.patch
- commit 661ea6e
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- commit 1d30f2b
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- commit 8638b2c
- mptcp: unify pm set_flags interfaces (git-fixes)
- commit 493b268
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- commit 57ae267
- mptcp: unify pm get_local_id interfaces (git-fixes)
- commit f1f0e12
- mptcp: export local_address (git-fixes)
- commit 2e22243
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- commit 9c72df8
- mptcp: pm: only decrement add_addr_accepted for MPJ req (CVE-2024-45009 bsc#1230438)
- commit 9337031
- mptcp: pm: only mark 'subflow' endp as available (CVE-2024-45010 bsc#1230439)
- commit 9e1f869
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- commit 0d1e602
- Update config files.
Use the upstream default for TSX_MODE.
- commit 55bbd12
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- commit 2798558
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- commit 405e62f
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- commit 42e63a4
- mptcp: fix NL PM announced address accounting (git-fixes)
- commit 28d5efa
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- commit adfc1dd
- mptcp: pm: avoid possible UaF when selecting endp (CVE-2024-44974 bsc#1230235)
- commit e827535
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- commit 262fe7b
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- commit 20e7fdf
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- commit 54ad8c1
- mptcp: pm: don't try to create sf if alloc failed (git-fixes)
- commit 9185902
- mptcp: pm: reduce indentation blocks (git-fixes)
- commit a393115
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- commit 71a0164
- mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit 01e9763
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- Refresh patches.suse/powerpc-pseries-iommu-IOMMU-incorrectly-marks-MMIO-r.patch
- commit d8f69df
- usb: dwc3: core: Defer the probe until USB power supply ready
(git-fixes).
- commit f3ecf26
- vfio/platform: check the bounds of read/write syscalls
(bsc#1237045 CVE-2025-21687).
- commit e52d676
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- commit 806156f
- net: sched: fix ets qdisc OOB Indexing (bsc#1237028
CVE-2025-21692).
- commit 1b093fe
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Refresh patches.suse/RDMA-rxe-Fix-mismatched-max_msg_sz.patch
- Pickup RXE code change introduced by upstream merge: af96134dc856 ("Merge tag 'rcu.2023.06.22a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu")
- commit 1492681
- smb: client: fix possible double free in smb2_set_ea()
(git-fixes).
- commit b6cd961
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API
(bsc#1236967 ltc#210988).
- Update config files.
- commit 83bff51
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
Update to match upstream commit 6636c58b946c ("drm/mgag200: Added
support for the new device G200eH5").
- commit 7ba9f89
- usb: xhci: Fix NULL pointer dereference on certain command
aborts (git-fixes).
- commit 8628513
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- commit 01b2939
- s390/topology: Improve topology detection (bsc#1236591).
- commit 101e515
- HID: hid-thrustmaster: fix stack-out-of-bounds read in
usb_check_int_endpoints() (git-fixes).
- HID: multitouch: Add NULL check in mt_input_configured
(git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware
(git-fixes).
- commit 1dbe333
- scsi: storvsc: Set correct data length for sending SCSI command
without payload (git-fixes).
- commit 93c01ea
- net/mlx5: Fix msix vectors to respect platform limit
(bsc#1225981).
- commit b7a2367
- s390/pci: Fix SR-IOV for PFs initially in standby
(git-fixes bsc#1236752).
- commit dcf85a0
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device()
fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices
(bsc#1236752).
- s390/pci: Sort PCI functions prior to creating virtual busses
(bsc#1236752).
- commit 004cfd2
- iommu/arm-smmu: Make instance lookup robust (bsc#1235032, CVE-2024-56568).
- commit 8f1b23e
- Update
patches.suse/ALSA-6fire-Release-resources-at-card-release.patch
(git-fixes CVE-2024-53239 bsc#1235054 bsc#1234853).
- Update
patches.suse/Bluetooth-L2CAP-Fix-uaf-in-l2cap_connect.patch
(CVE-2024-49950 bsc#1232159 bsc#1225742).
- Update
patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch
(stable-fixes CVE-2024-56605 bsc#1235061 bsc#1234853).
- Update
patches.suse/KVM-nSVM-Ignore-nCR3-4-0-when-loading-PDPTEs-from-me.patch
(CVE-2024-50115 bsc#1232919 bsc#1225742).
- Update
patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch
(git-fixes CVE-2024-53173 bsc#1234891 bsc#1234853).
- Update
patches.suse/RDMA-hns-Fix-NULL-pointer-derefernce-in-hns_roce_map.patch
(git-fixes CVE-2024-53226 bsc#1236576).
- Update
patches.suse/ext4-avoid-OOB-when-system.data-xattr-changes-undern.patch
(bsc#1231920 CVE-2024-47701 bsc#1225742).
- Update
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198 bsc#1225742).
- Update
patches.suse/hfsplus-don-t-query-the-device-logical-block-size-multiple-times.patch
(git-fixes CVE-2024-56548 bsc#1235073 bsc#1234853).
- Update
patches.suse/mac802154-check-local-interfaces-before-deleting-sda.patch
(stable-fixes CVE-2024-57948 bsc#1236677).
- Update
patches.suse/media-amphion-Set-video-drvdata-before-register-vide.patch
(git-fixes CVE-2024-56579 bsc#1236575).
- Update
patches.suse/mm-prevent-derefencing-NULL-ptr-in-pfn_section_valid.patch
(git-fixes CVE-2024-41055 bsc#1228521).
- Update
patches.suse/pinctrl-mcp23s08-Fix-sleeping-in-atomic-context-due-.patch
(git-fixes CVE-2024-57889 bsc#1236573).
- Update
patches.suse/tty-n_gsm-Fix-use-after-free-in-gsm_cleanup_mux.patch
(stable-fixes CVE-2024-50073 bsc#1232520 bsc#1225742).
- Update
patches.suse/vfio-pci-Lock-external-INTx-masking-ops.patch
(bsc#1222803 CVE-2024-26810).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning-d241a13.patch
(git-fixes CVE-2024-56539 bsc#1234963 bsc#1234853).
- commit 2e394be
- Update
patches.suse/netfilter-nf_tables-don-t-fail-inserts-if-dupl.patch
(bsc#1012628 CVE-2023-52925 bsc#1236822).
- Update
patches.suse/netfilter-nf_tables-don-t-skip-expired-element.patch
(bsc#1012628 CVE-2023-52924 bsc#1236821).
- commit 6257a48
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- commit 43ff004
- wifi: mt76: mt7915: improve hardware restart reliability
(stable-fixes).
- commit 8478fb6
- ASoC: Intel: avs: Prefix SKL/APL-specific members
(stable-fixes).
- Refresh
patches.suse/ASoC-Intel-avs-Fix-theoretical-infinite-loop.patch.
- commit 01a2134
- serial: sc16is7xx: use device_property APIs when configuring
irda mode (stable-fixes).
- Refresh
patches.suse/serial-sc16is7xx-remove-global-regmap-from-struct-sc.patch.
- commit 5b3248c
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize
(git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware
reset (git-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: Fix the windows switch between different
layers (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
(stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT
(stable-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at
vop2_post_config (stable-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: move output interface related definition to
rockchip_drm_drv.h (stable-fixes).
- crypto: hisilicon/sec2 - optimize the error return process
(stable-fixes).
- commit 21fab4a
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms
(git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context
is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check
(git-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list()
(git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- ACPI: property: Fix return value for nval == 0 in
acpi_data_prop_read() (git-fixes).
- ACPI: PRM: Remove unnecessary strict handler address checks
(git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- commit e018ad6
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- commit 4ce1907
- filemap: avoid truncating 64-bit offset to 32 bits
(CVE-2025-21665 bsc#1236684).
- commit 597c6a3
- smb: client: fix double free of TCP_Server_Info::hostname
(CVE-2025-21673 bsc#1236689).
- commit 3139e94
- openvswitch: fix lockup on tx to unregistering netdev with
carrier (CVE-2025-21681 bsc#1236702).
- commit b85304e
- pmdomain: imx8mp-blk-ctrl: add missing loop break condition
(CVE-2025-21668 bsc#1236682).
- commit 99dbd95
- iomap: avoid avoid truncating 64-bit offset to 32 bits
(CVE-2025-21667 bsc#1236681).
- commit e233a3c
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- Refresh
patches.suse/cpufreq-qcom-nvmem-Enable-virtual-power-domain-devices.patch.
- commit f530449
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- commit 785700c
- cpufreq: mediatek-hw: Don't error out if supply is not found
(git-fixes).
- commit 8cc17c1
- mptcp: error out earlier on disconnect (CVE-2024-53123 bsc#1234070)
- commit b7c16f4
- drop_monitor: replace spin_lock by raw_spin_lock (CVE-2024-40980 bsc#1227937)
- commit 72b4850
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142 bsc#1233028)
- commit 821a08b
- selftests/bpf: Add apply_bytes test to
test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485
CVE-2024-56633).
- tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
(bsc#1235485 CVE-2024-56633).
- commit 92f3cb7
- smb: During unmount, ensure all cached dir instances drop
their dentry (bsc#1231432, bsc#1234894, CVE-2024-53176).
- commit c66b2d4
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit b56ad4e
- smb: client: properly close cfids on umount (bsc#1231432,
bsc#1232299, bsc#1235599, bsc#1234896).
- commit 189365b
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- commit 5e11827
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses
(git-fixes).
- commit 60005f6
- cpufreq: qcom: Implement clk_ops::determine_rate() for
qcom_cpufreq* clocks (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT
if LMh IRQ is not available (git-fixes).
- commit 3e10296
- cpufreq: mediatek-hw: Wait for CPU supplies before probing
(git-fixes).
- commit b08f9e8
- sched: sch_cake: add bounds checks to host bulk flow fairness
counts (CVE-2025-21647 bsc#1236133).
- commit 1f1bc5f
- locking/lockdep: Avoid creating new name string literals in
lockdep_set_subclass() (git-fixes).
- commit c137ed9
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- commit d6daab7
- locking/rwsem: Add __always_inline annotation to
__down_write_common() and inlined callers (git-fixes).
- commit 1366984
- selftests/futex: pass _GNU_SOURCE without a value to the
compiler (git-fixes).
- commit 6c47425
- futex: Don't include process MM in futex key on no-MMU
(git-fixes).
- commit 925398b
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a
header (git-fixes).
- commit 870636f
- selftests/bpf: Test the update operations for htab of maps
(bsc#1235244 CVE-2024-56592).
- selftests/bpf: Move ENOTSUPP from bpf_util.h (bsc#1235244
CVE-2024-56592).
- bpf: Call free_htab_elem() after htab_unlock_bucket()
(bsc#1235244 CVE-2024-56592).
- selftests/bpf: Clean up open-coded gettid syscall invocations
(bsc#1235244 CVE-2024-56592).
- commit 1ed8f4f
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in
.remove() and in the error path of .probe() (git-fixes).
- commit 243c2cb
- vsock: Keep the binding until socket destruction (git-fixes)
- commit 545191e
- vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (CVE-2025-21666 bsc#1236680)
- commit 5667481
- vsock: reset socket state when de-assigning the transport (git-fixes)
- commit 70de10a
- vsock/virtio: cancel close work in the destructor (git-fixes)
- commit b47a8e2
- vsock/bpf: return early if transport is not assigned (CVE-2025-21670 bsc#1236685)
- commit 938e02d
- vsock/virtio: discard packets if the transport changes (CVE-2025-21669 bsc#1236683)
- commit 01b1ae3
- net/mlx5: Clear port select structure when fail to create (bsc#1236694 CVE-2025-21675)
- commit 97050c4
- mptcp: fix TCP options overflow. (bsc#1235914 CVE-2024-57882)
- commit bfacfe0
- mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088 CVE-2024-46858)
- commit 2b80245
- kABI fix for net: defer final 'struct net' free in netns
dismantle (CVE-2024-56658 bsc#1235441)
- commit fd18f29
- net: defer final 'struct net' free in netns dismantle
(CVE-2024-56658 bsc#1235441).
- commit 5df7b43
- net: mana: Add get_link and get_link_ksettings in ethtool
(bsc#1236761).
- commit 037abed
- virtio-mem: check if the config changed before fake offlining memory
(git-fixes).
- commit 7c5b67f
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM)
(git-fixes).
- commit 50036f1
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY
(git-fixes).
- commit cf4a9ad
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM)
(git-fixes).
- commit 7506a2e
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- commit 6e44a14
- media: firewire: firedtv-avc.c: replace BUG with proper,
error return (git-fixes).
- commit 658942c
- media: dvb: mb86a16: check the return value of mb86a16_read()
(git-fixes).
- commit fc29200
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- commit 1d9d1fd
- cifs: fix potential null pointer use in destroy_workqueue in
init_cifs error path (bsc#1231432).
- commit 21eeced
- smb: cached directories can be more than root file handle
(bsc#1231432).
- commit 2629c95
- smb3: retrying on failed server close (bsc#1231432).
- commit f1f31c8
- smb: prevent use-after-free due to open_cached_dir error paths
(bsc#1231432, bsc#1234896, CVE-2024-53177).
- commit 741a327
- smb: Don't leak cfid when reconnect races with open_cached_dir
(bsc#1231432, bsc#1234895, CVE-2024-53178).
- commit e22906f
- smb3: request handle caching when caching directories
(bsc#1231432).
- commit 186ab6d
- cifs: new mount option called retrans (bsc#1231432).
- commit 000ea56
- cifs: open_cached_dir should not rely on primary channel
(bsc#1231432).
- commit 056e43b
- cifs: commands that are retried should have replay flag set
(bsc#1231432).
- commit d12c685
- cifs: helper function to check replayable error codes
(bsc#1231432).
- commit 4a4d52e
- smb: client: extend smb2_compound_op() to accept more commands
(bsc#1231432).
- commit e198fe7
- smb: client: reduce stack usage in smb2_query_info_compound()
(bsc#1231432).
- commit 267f6c8
- smb: client: parse reparse point flag in create response
(bsc#1231432).
- commit 1f48f01
- smb: client: make smb2_compound_op() return resp buffer on
success (bsc#1231432).
- commit 14ca1d2
- smb: client: move some params to cifs_open_info_data
(bsc#1231432).
- commit e3cf607
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- commit 1ebc808
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
(mm/compaction)).
- commit 6473a2a
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- commit 8c537c0
- gtp: Destroy device along with udp socket's netns dismantle
(CVE-2025-21678 bsc#1236698).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp()
(git-fixes).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all
children (bsc#1236760).
- r8169: enable SG/TSO on selected chip versions per default
(bsc#1235874).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- commit 2caa23f
- cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
(git-fixes).
- cpufreq: imx6q: don't warn for disabling a non-existing
frequency (git-fixes).
- commit 42b12da
- Update
patches.suse/nvme-tcp-Fix-I-O-queue-cpu-spreading-for-multiple-co.patch
(git-fixes bsc#1224049).
- commit 6783feb
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths
(git-fixes).
- commit 3d6407c
- cpufreq: qcom-nvmem: Enable virtual power domain devices
(git-fixes).
- commit b63737d
- xfs: Add error handling for xfs_reflink_cancel_cow_range
(git-fixes).
- commit 1aaaa62
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in
xfs_dax_write_iomap_end (git-fixes).
- commit f8ad9a2
- net/mlx5e: Fix inversion dependency warning while enabling
IPsec tunnel (CVE-2025-21674 bsc#1236688).
- net: fec: handle page_pool_dev_alloc_pages error (CVE-2025-21676
bsc#1236696).
- eth: bnxt: always recalculate features after XDP clearing,
fix null-deref (CVE-2025-21682 bsc#1236703).
- commit a806d7c
- cpufreq: qcom-nvmem: Simplify driver data allocation
(stable-fixes).
- commit dc928a8
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- commit 151b149
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- commit b286575
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- commit f58c1e4
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call
(git-fixes).
- commit a1514a4
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- commit addff98
- afs: Fix directory format encoding struct (git-fixes).
- commit 595632c
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY
(git-fixes).
- commit 39c4f67
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
(git-fixes).
- commit e9c67fd
- nilfs2: fix possible int overflows in nilfs_fiemap()
(git-fixes).
- commit 2d81bbb
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in
ip_tunnel_find() (CVE-2024-50304 bsc#1233522).
- commit 0aac3e1
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- commit 6bedda5
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- commit 5678238
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- commit 3ba529a
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- commit fe1f6b4
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- commit 79b2b46
- netfilter: nft_payload: sanitize offset and length before
calling skb_checksum() (CVE-2024-50251 bsc#1233248).
- commit d7e2f51
- net: fix crash when config small gso_max_size/gso_ipv4_max_size
(CVE-2024-50258 bsc#1233221 CVE-2024-50258 bsc#1233221).
- commit a93195b
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- commit 43c09a7
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
Update arm64 default configuration file
- commit 1003b05
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- commit cbbcd61
- net: inet6: do not leave a dangling sk pointer in inet6_create()
(CVE-2024-56600 bsc#1235217).
- commit d23e8d7
- printk: Defer legacy printing when holding printk_cpu_sync
(bsc#1236733).
- commit 8ea5df4
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- commit 15926fc
- nvme: fix bogus kzalloc() return check in
nvme_init_effects_log() (git-fixes).
- commit ab15bce
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of
service (git-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl()
(git-fixes).
- commit 20e731b
- nvme: Add error path for xa_store in nvme_init_effects
(git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log
(git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers
(git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- commit f7cc3e5
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- commit 9d2e9a7
- usbnet: ipheth: break up NCM header size computation
(git-fixes).
- commit 2cdc4a6
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- commit aade1ad
- workqueue: Add rcu lock check at the end of work item execution
(bsc#1236732).
- commit 4c72d5a
- Move upstreamed sound patch into sorted section
- commit ca47985
- Input: atkbd - map F23 key to support default copilot shortcut
(stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone
(stable-fixes).
- Input: xpad - add support for wooting two he (arm)
(stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106
(stable-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller
(stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s
(stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994
(stable-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf()
(stable-fixes).
- commit c243755
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro
(stable-fixes).
- commit 7bec8fa
- kconfig: fix file name in warnings when loading
KCONFIG_DEFCONFIG_LIST (git-fixes).
- genksyms: fix memory leak when the same symbol is read from
* .symref file (git-fixes).
- genksyms: fix memory leak when the same symbol is added from
source (git-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback
(git-fixes).
- commit 472aca3
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- commit 43b97fb
- ALSA: hda: Fix headset detection failure due to unstable sort
(git-fixes).
- commit 6dcca9b
- blacklist.conf: Not affected by CVE-2024-44932 and CVE-2024-44964
- Delete
patches.suse/idpf-fix-UAFs-when-destroying-the-queues.patch.
- Delete
patches.suse/idpf-fix-memory-leaks-and-crashes-while-performing-a.patch.
This fixes bsc#1236628
- commit 3ac3069
- kcsan: Turn report_filterlist_lock into a raw_spinlock
(CVE-2024-56610 bsc#1235390).
- commit d41073a
- io_uring/eventfd: ensure io_eventfd_signal() defers another
RCU period (CVE-2025-21655 bsc#1236163).
- commit 4487b43
- Refresh
patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch.
There was an error on my backport of this patch that caused an Oops as
soon as a pbuf is registered.
- commit 83010fb
- cpuidle: Avoid potential overflow in integer multiplication
(git-fixes).
- commit 0568366
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock
(git-fixes).
- commit ade7f79
- cpufreq: amd-pstate: remove global header file (git-fixes).
- commit be74a4f
- mm/rodata_test: use READ_ONCE() to read const variable
(git-fixes).
- commit 915b6ed
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is
missing (git-fixes).
- commit 1e10ad3
- cpufreq: intel_pstate: fix pstate limits enforcement for
adjust_perf call back (git-fixes).
- commit dd83446
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- commit 54e5cf5
- cpufreq: Don't unregister cpufreq cooling on CPU hotplug
(git-fixes).
- commit d893e3e
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read
(git-fixes).
- PM: hibernate: Add error handling for syscore_suspend()
(git-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU
auto-selection (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming
(git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header
(git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check
(git-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: phy: c45-tjaxx: add delay between MDIO write and read in
soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- NFC: nci: Add bounds checking in nci_hci_create_pipe()
(git-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite
P10-554 (git-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function
(git-fixes).
- commit d7c0bf6
- io_uring: check for overflows in io_pin_pages (CVE-2024-53187
bsc#1234947).
- commit 5155778
- brd: defer automatic disk creation until module initialization
succeeds (CVE-2024-56693 bsc#1235418).
- commit b6cdeb6
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- commit b41af30
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro
7130 (bsc#1235686).
- commit 63a2d06
- Correct typos in patch-mainline versions in previous patches
- commit 9e305bb
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver
(git-fixes).
- regulator: core: Add missing newline character (git-fixes).
- commit a55a5c7
- Delete patches.suse/iommu-arm-smmu-Defer-probe-of-clients-after-smmu-dev.patch
Reverted upstream by 97cb1fa02726 iommu/arm-smmu: Retire probe deferral
workaround.
- commit 2dda00e
- virtio-blk: don't keep queue frozen during system suspend
(CVE-2024-57946 bsc#1236247).
- commit bc49326
- netfilter: x_tables: fix LED ID check in led_tg_check()
(CVE-2024-56650 bsc#1235430).
- commit e2ba4f9
- netfilter: nf_tables: validate family when identifying table
via handle (bsc#1233778 ZDI-24-1454).
- commit 8a5e7e8
- driver core: class: Fix wild pointer dereferences in API
class_dev_iter_next() (git-fixes).
- devcoredump: cleanup some comments (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in
sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- commit 3ee6c35
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- commit 8e0a712
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- commit 45ca433
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- commit 2c0d67d
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- commit d370cc3
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- commit fffca3b
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- commit 95b5d71
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- commit d17536e
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- commit 0c1e11b
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- commit c001bb0
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- commit 61636fb
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- commit 14d9179
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- commit 97d4114
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- commit 46965f9
- srcu: Only accelerate on enqueue time (git-fixes)
- commit 61de5d1
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- commit 2ff5969
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- commit 0aacfbc
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- commit a054e16
- rcuscale: Move rcu_scale_writer() (git-fixes)
- commit f5a8f5c
- PCI: microchip: Set inbound address translation for coherent
or non-coherent mode (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset()
(git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D
(git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test
(git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in
pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in
pci_epc_set_bar() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available
(git-fixes).
- commit 9d69135
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- commit af61fc0
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- commit 1b67735
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- commit a22f80f
- x86/asm: Make serialize() always_inline (git-fixes).
- commit 7e805b9
- ibmvnic: Free any outstanding tx skbs during scrq reset
(bsc#1226980).
- commit 82833f0
- drm/v3d: Assign job pointer to NULL before signaling the fence
(git-fixes).
- iio: light: as73211: fix channel handling in only-color
triggered buffer (git-fixes).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- bus: mhi: host: Free mhi_buf vector inside
mhi_alloc_bhie_table() (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page
alignment (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in
ad_sd_read_reg_raw() (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error
scenarios (git-fixes).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection
(git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf()
(git-fixes).
- uio: Fix return value of poll (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic
minors (git-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to
null to fix the crash caused by port being null" (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in
qt2_process_read_urb() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to
PD_T_SENDER_RESPONSE (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk()
(git-fixes).
- usb: gadget: f_tcm: Don't prepare BOT write request twice
(git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint
(git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value
(git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup
(git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: Don't free command immediately (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors
(git-fixes).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API
(stable-fixes).
- commit 15d6406
- Move upstreamed lpfc patches into sorted section
- commit c33f2a8
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)")
Apparently, jsc#PED-7242 is only deprecate ceph for 15-SP6 and
disable for 15-SP7.
Revert the disabling.
- commit 4573861
- padata: add pd get/put refcnt helper (git-fixes).
- commit c209bf7
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- commit 9cec1e0
- net: stmmac: dwmac-tegra: Read iommu stream id from device tree
(CVE-2025-21663 bsc#1236260).
- commit fc91755
- selftests/mm/cow: modify the incorrect checking parameters
(git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- latencytop: use correct kernel-doc format for func params
(git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- commit 2970302
- remoteproc: core: Fix ida_free call while not allocated
(git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read()
(git-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling
devm_request_mem_region() (git-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq
(git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL
on error (git-fixes).
- PCI: endpoint: Finish virtual EP removal in
pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy()
(git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1
(git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
af9035_i2c_master_xfer (git-fixes).
- staging: media: imx: fix OF node leak in
imx_media_add_of_subdevs() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors
(git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events
(git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use
(git-fixes).
- staging: media: max96712: fix kernel oops when removing module
(git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure
(git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes
(git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in
detach_pm() (git-fixes).
- commit 059dbb0
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx
(stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device
(stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400
(stable-fixes).
- commit 744cb45
- mailbox: tegra-hsp: Clear mailbox before using message
(git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number
(git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path
(git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths
(git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in
tegra_emc_find_node_by_ram_code() (git-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init()
(git-fixes).
- fbdev: omapfb: Fix an OF node leak in
dss_of_port_get_parent_device() (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer
Aspire A115-31 laptop (git-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is
set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in
init_ixp_crypto() (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error
path (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs
(git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins
are non-wake (git-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if
platform_get_irq_optional() fails (git-fixes).
- commit b034543
- Move upstreamed ppc patch into sorted section
- commit d058975
- Move upstreamed TPM patch into sorted section
- commit ccb7b48
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (CVE-2024-56728 bsc#1235656)
- commit acc444a
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (CVE-2024-56727 bsc#1235583)
- commit b6e61cf
- octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (CVE-2024-56726 bsc#1235582)
- commit ac2994c
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (CVE-2024-56725 bsc#1235578)
- commit 4f995f2
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (CVE-2024-56707 bsc#1235545)
- commit 67e8754
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (CVE-2024-56679 bsc#1235498)
- commit becbeeb
- drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (CVE-2024-56608 bsc#1235487)
- commit df4e9dd
- dm thin: make get_first_thin use rcu-safe list first function (CVE-2025-21664 bsc#1236262)
- commit 83d356e
- selinux: ignore unknown extended permissions (CVE-2024-57931 bsc#1236192)
- commit 4334198
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (CVE-2025-21653 bsc#1236161)
- commit 9089d3b
- ipvlan: Fix use-after-free in ipvlan_get_iflink() (CVE-2025-21652 bsc#1236160)
- commit 8201e7e
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (CVE-2024-57938 bsc#1236182)
- commit 338cf1f
- topology: Keep the cpumask unchanged when printing cpumap (CVE-2024-57917 bsc#1236127)
- commit 1d17273
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (CVE-2024-57884 bsc#1235948)
- commit abc82c3
- netrom: check buffer length before accessing it (CVE-2024-57802 bsc#1235941)
- commit 606eed5
- ionic: Fix netdev notifier unregister on failure (CVE-2024-56715 bsc#1235612)
- commit 28b55e0
- sched/fair: Fix value reported by hot tasks pulled in
/proc/schedstat -kabi (bsc#1235865).
- commit a0069bc
- wifi: ath12k: fix tx power, max reg power update to firmware
(git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event
(git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU
PPDU (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second
pcie link (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality
(git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit
attributes (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit
attributes (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz
on MT7916 (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after
disconnection (git-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages
when -EPROTO (git-fixes).
- commit f15e8b4
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests: harness: fix printing of mismatch values in
__EXPECT() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc()
(git-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024
(git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data
(git-fixes).
- wifi: mac80211: don't flush non-uploaded STAs (git-fixes).
- wifi: mac80211: Fix common size calculation for ML element
(git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding
(git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var
(git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing
memory (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe
error path (git-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails
(git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails
(git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory
(git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading
as last step (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly
(git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix
infinite loop (git-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg
(git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size
(git-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for
WCN6750/WCN6855 (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind()
(git-fixes).
- commit 40f350b
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function
(git-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- landlock: Handle weird files (git-fixes).
- samples/landlock: Fix possible NULL dereference in parse_path()
(git-fixes).
- selftests: timers: clocksource-switch: Adapt progress to
kselftest framework (git-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- HID: core: Fix assumption that Resolution Multipliers must be
in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by
adding endpoint check (git-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
(stable-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a
response (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value
(git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- leds: netxbig: Fix an OF node reference leak in
netxbig_leds_get_of_pdata() (git-fixes).
- leds: lp8860: Write full EEPROM, not only half of it
(git-fixes).
- HID: hid-sensor-hub: don't use stale platform-data on remove
(git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match()
(git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt()
(git-fixes).
- drm/msm: don't clean up priv->kms prematurely (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub()
(git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer
(stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex
(stable-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type
(stable-fixes).
- commit 3e5bf1b
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it
(git-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in
amdgpu_ttm_fini() (git-fixes).
- drm/etnaviv: Fix page property being used for non writecombine
buffers (git-fixes).
- Revert "drm/i915/dpt: Make DPT object unshrinkable"
(stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init
(git-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amd/pm: Fix an error handling path in
vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE
(git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows
on rk3566/8 (git-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0
(git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters
offset (git-fixes).
- commit 2f1e321
- ACPI: fan: cleanup resources in the error path of .probe()
(git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc
(git-fixes).
- Align git commit ID abbreviation guidelines and checks
(git-fixes).
- drm/tidss: Clear the interrupt status for interrupts being
disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue
(git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed
(git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event()
(git-fixes).
- commit 737a47e
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes
(stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch
(stable-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last
(stable-fixes).
- mac802154: check local interfaces before deleting sdata list
(stable-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- kheaders: Ignore silly-rename files (stable-fixes).
- commit cbbd806
- Drop PCI patch that caused a regression
Deleted:
patches.suse/PCI-Use-preserve_config-in-place-of-pci_flags.patch
- commit 30fb9e7
- sched/fair: Fix value reported by hot tasks pulled in
/proc/schedstat (bsc#1235865).
- commit 9837653
- Update
patches.suse/ALSA-seq-oss-Fix-races-at-processing-SysEx-messages.patch
(stable-fixes CVE-2024-57893 bsc#1235920).
- Update
patches.suse/RDMA-bnxt_re-Fix-max-SGEs-for-the-Work-Request.patch
(git-fixes CVE-2024-57936 bsc#1236181).
- Update
patches.suse/RDMA-hns-Fix-accessing-invalid-dip_ctx-during-destro.patch
(git-fixes CVE-2024-57935 bsc#1236180).
- Update
patches.suse/RDMA-rtrs-Ensure-ib_sge-list-is-accessible.patch
(git-fixes CVE-2024-36476 bsc#1235902).
- Update
patches.suse/RDMA-uverbs-Prevent-integer-overflow-issue.patch
(git-fixes CVE-2024-57890 bsc#1235919).
- Update patches.suse/afs-Fix-the-maximum-cell-name-length.patch
(git-fixes CVE-2025-21646 bsc#1236168).
- Update
patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_TAGGED_ADDR_CTRL.patch
(git-fixes CVE-2024-57874 bsc#1235808).
- Update
patches.suse/cpufreq-CPPC-Fix-possible-null-ptr-deref-for-cppc_ge.patch
(git-fixes CVE-2024-53230 bsc#1235976).
- Update
patches.suse/cpufreq-CPPC-Fix-possible-null-ptr-deref-for-cpufreq.patch
(git-fixes CVE-2024-53231 bsc#1235977).
- Update
patches.suse/drm-adv7511-Fix-use-after-free-in-adv7533_attach_dsi.patch
(git-fixes CVE-2024-57887 bsc#1235952).
- Update
patches.suse/drm-amd-display-Add-check-for-granularity-in-dml-cei.patch
(stable-fixes CVE-2024-57922 bsc#1236080).
- Update
patches.suse/drm-amdkfd-Correct-the-migration-DMA-map-direction.patch
(stable-fixes CVE-2024-57897 bsc#1235969).
- Update
patches.suse/drm-dp_mst-Ensure-mst_primary-pointer-is-valid-in-dr.patch
(stable-fixes CVE-2024-57798 bsc#1235818).
- Update
patches.suse/drm-dp_mst-Fix-resetting-msg-rx-state-after-topology.patch
(git-fixes CVE-2024-57876 bsc#1235806).
- Update
patches.suse/drm-mediatek-Set-private-all_drm_private-i-drm-to-NU.patch
(git-fixes CVE-2024-57926 bsc#1236082).
- Update
patches.suse/exfat-fix-the-infinite-loop-in-exfat_readdir.patch
(git-fixes CVE-2024-57940 bsc#1236227).
- Update
patches.suse/hwmon-drivetemp-Fix-driver-producing-garbage-data-wh.patch
(git-fixes CVE-2025-21656 bsc#1236248).
- Update
patches.suse/iio-adc-at91-call-input_free_device-on-allocated-iio.patch
(git-fixes CVE-2024-57904 bsc#1236078).
- Update
patches.suse/iio-adc-rockchip_saradc-fix-information-leak-in-trig.patch
(git-fixes CVE-2024-57907 bsc#1236090).
- Update
patches.suse/iio-adc-ti-ads8688-fix-information-leak-in-triggered.patch
(git-fixes CVE-2024-57906 bsc#1236088).
- Update
patches.suse/iio-dummy-iio_simply_dummy_buffer-fix-information-le.patch
(git-fixes CVE-2024-57911 bsc#1236098).
- Update
patches.suse/iio-imu-kmx61-fix-information-leak-in-triggered-buff.patch
(git-fixes CVE-2024-57908 bsc#1236091).
- Update
patches.suse/iio-light-vcnl4035-fix-information-leak-in-triggered.patch
(git-fixes CVE-2024-57910 bsc#1236097).
- Update
patches.suse/iio-pressure-zpa2326-fix-information-leak-in-trigger.patch
(git-fixes CVE-2024-57912 bsc#1236101).
- Update
patches.suse/jffs2-Prevent-rtime-decompress-memory-corruption.patch
(git-fixes CVE-2024-57850 bsc#1235812).
- Update
patches.suse/misc-microchip-pci1xxxx-Resolve-kernel-panic-during-.patch
(git-fixes CVE-2024-57916 bsc#1236125).
- Update
patches.suse/net-wwan-t7xx-Fix-FSM-command-timeout-issue.patch
(git-fixes CVE-2024-39282 bsc#1235903).
- Update
patches.suse/netfilter-nf_tables-adapt-set-backend-to-use-G.patch
(bsc#1012628 CVE-2023-52923 bsc#1236104).
- Update patches.suse/nilfs2-prevent-use-of-deleted-inode.patch
(git-fixes CVE-2024-53690 bsc#1235842).
- Update
patches.suse/platform-x86-amd-pmc-Only-disable-IRQ1-wakeup-where-.patch
(git-fixes CVE-2025-21645 bsc#1236131).
- Update
patches.suse/powerpc-pseries-vas-Add-close-callback-in-vas_vm_ops.patch
(bsc#1234825 CVE-2024-56765 bsc#1235643).
- Update
patches.suse/s390-cpum_sf-Handle-CPU-hotplug-remove-during-sampling.patch
(git-fixes CVE-2024-57849 bsc#1235814).
- Update
patches.suse/usb-gadget-f_fs-Remove-WARN_ON-in-functionfs_bind.patch
(git-fixes CVE-2024-57913 bsc#1236102).
- Update
patches.suse/usb-gadget-u_serial-Disable-ep-before-setting-port-t.patch
(git-fixes CVE-2024-57915 bsc#1236120).
- Update
patches.suse/wifi-mac80211-fix-mbss-changed-flags-corruption-on-3.patch
(stable-fixes CVE-2024-57899 bsc#1235924).
- Update
patches.suse/workqueue-Do-not-warn-when-cancelling-WQ_MEM_RECLAIM-work-from-WQ_MEM_RECLAIM-worker.patch
(bsc#1235416 CVE-2024-57888 bsc#1235918).
- commit 56e243f
- net: inet: do not leave a dangling sk pointer in inet_create()
(CVE-2024-56601 bsc#1235230).
- commit 959586f
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- commit 8b4d1ad
- usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (CVE-2024-53203 bsc#1235001)
- commit 601cb11
- net: add more sanity checks to qdisc_pkt_len_init()
(CVE-2024-49948 bsc#1232161).
- commit 940829f
- bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (CVE-2024-56665 bsc#1235489)
- commit b2f97f8
- gso: fix udp gso fraglist segmentation after pull from frag_list
(CVE-2024-49978 bsc#1232101).
- commit 8453570
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711
ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711
ltc#205755).
- commit 5733e6d
- powerpc/iommu: Move pSeries specific functions to
pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries
(bsc#1220711 ltc#205755).
- commit 1165a9d
- ceph: improve error handling and short/overflow-read logic in
__ceph_sync_read() (bsc#1228592).
- commit b40380c
- doc/README.SUSE: Point to the updated version of LKMPG
- commit 624b259
- Input: bbnsm_pwrkey - fix missed key press after suspend
(git-fixes).
- commit 51a70b3
- x86/fpu: Ensure shadow stack is active before "getting"
registers (CVE-2025-21632 bsc#1236106).
- commit 6ea3a8f
- net: restrict SO_REUSEPORT to inet sockets (bsc#1235967 CVE-2024-57903)
- commit 0b70e79
- net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143 CVE-2025-21649)
- commit ab51b8f
- net/mlx5: Fix variable not being completed when function returns (bsc#1236198 CVE-2025-21662)
- commit 766ce3e
- net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of
bounds issue (CVE-2025-21650 bsc#1236144).
- net: hns3: Support tlv in regs data for HNS3 VF driver
(CVE-2025-21650 bsc#1236144).
- commit d07cfee
- tracing: Prevent bad count for tracing_cpumask_write (CVE-2024-56763 bsc#1235638)
- commit b7a1a0d
- dccp: Fix memory leak in dccp_feat_change_recv (CVE-2024-56643 bsc#1235132)
- commit 13d2c8a
- iommu/arm-smmu: Defer probe of clients after smmu device bound (CVE-2024-56568 bsc#1235032)
- commit cd5e85b
- EDAC/igen6: Avoid segmentation fault on module unload (CVE-2024-56708 bsc#1235564)
- commit cbccd47
- net/smc: initialize close_work early to avoid warning (CVE-2024-56641 bsc#1235526)
- commit 075f0f7
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- commit 6767706
- net: hns3: don't auto enable misc vector (CVE-2025-21651
bsc#1236145).
- gve: guard XSK operations on the existence of queues
(CVE-2024-57933 bsc#1236178).
- gve: guard XDP xmit NDO on existence of xdp queues
(CVE-2024-57932 bsc#1236190).
- commit 4cf5801
- mm: memory-failure: remove unneeded PageHuge() check
(git-fixes).
- commit 7ff9700
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
(bsc#1218470 ltc#204531).
- commit 7a7f1e1
- mm/memory-failure: use raw_spinlock_t in struct
memory_failure_cpu (git-fixes).
- commit 25daa9d
- mm/memory-failure: fix crash in split_huge_page_to_list from
soft_offline_page (git-fixes).
- commit 044809f
- memory-failure: use a folio in me_huge_page() (git-fixes).
- commit a51c830
- mm/memory-failure: cast index to loff_t before shifting it
(git-fixes).
- commit 4552d04
- mm/memory-failure: check the mapcount of the precise page
(git-fixes).
- commit 08d463b
- mm/memory-failure: pass the folio and the page to
collect_procs() (git-fixes).
- commit e29780e
- mm: convert DAX lock/unlock page to lock/unlock folio
(git-fixes).
- commit 4b2c66d
- mm: memory-failure: fix potential page refcnt leak in
memory_failure() (git-fixes).
- commit 2df790d
- mm: memory-failure: fix race window when trying to get hugetlb
folio (git-fixes).
- commit fdf1377
- mm: memory-failure: fetch compound head after extra page refcnt
is held (git-fixes).
- commit dea0e54
- mm: memory-failure: ensure moving HWPoison flag to the raw
error pages (git-fixes).
- commit 8250e5e
- mm/migrate: make migrate_pages_batch() stats consistent
(git-fixes).
Refreshed:
patches.suse/mm-migrate-fix-deadlock-in-migrate_pages_batch-on-la.patch
- commit 69ecdc4
- s390/cio: rename bitmap_size() -> idset_bitmap_size()
(git-fixes bsc#1236205).
- commit 07eeeda
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops
(git-fixes bsc#1236203).
- commit 950d01b
- s390/iucv: fix receive buffer virtual vs physical address
confusion (git-fixes bsc#1236200).
- commit 976f377
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- commit 686f749
- KVM: x86: Play nice with protected guests in
complete_hypercall_exit() (CVE-2024-55881 bsc#1235745).
- commit 4bd067f
- netfilter: ipset: Hold module reference while requesting a module (CVE-2024-56637 bsc#1235523)
- commit 53ff17c
- btrfs: fix use-after-free when COWing tree bock and tracing
is enabled (bsc#1235645 CVE-2024-56759).
- btrfs: flush delalloc workers queue before stopping cleaner
kthread during unmount (bsc#1235965 CVE-2024-57896).
- btrfs: rename and export __btrfs_cow_block() (bsc#1235645
CVE-2024-56759).
- btrfs: use round_down() to align block offset at
btrfs_cow_block() (bsc#1235645 CVE-2024-56759).
- btrfs: remove noinline attribute from btrfs_cow_block()
(bsc#1235645 CVE-2024-56759).
- commit 503809f
- geneve: do not assume mac header is set in geneve_xmit_skb() (CVE-2024-56636 bsc#1235520)
- commit 3073d9c
- net: avoid potential UAF in default_operstate() (CVE-2024-56635 bsc#1235519)
- commit 37cf286
- dm array: fix releasing a faulty array block twice in
dm_array_cursor_end (bsc#1236096, CVE-2024-57929).
- commit 38c0041
- net: lapb: increase LAPB_HEADER_LEN (CVE-2024-56659 bsc#1235439)
- commit e4681a0
- net: enetc: Do not configure preemptible TCs if SIs do not support (CVE-2024-56649 bsc#1235449)
- commit 4181889
- smb: Initialize cfid->tcon before performing network ops (CVE-2024-56729 bsc#1235503)
- commit fd558fd
- mm/migrate: fix kernel BUG at mm/compaction.c:2761! (git-fixes).
Refreshed: patches.suse/mm-migrate-fix-deadlock-in-migrate_pages_batch-on-la.patch
- commit 7d17ae8
- series.conf: temporarily disable upstream patch
patches.suse/ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch
(bsc#1236138)
- commit 9179570
- mm/migrate: putback split folios when numa hint migration fails
(git-fixes).
- commit 0acef71
- vmscan,migrate: fix page count imbalance on node stats when
demoting pages (git-fixes).
- commit 4d259d3
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is
enabled (git-fixes).
- commit 86638ef
- mm/migrate: fix deadlock in migrate_pages_batch() on large
folios (git-fixes).
- commit a0d118b
- mm/migrate: split source folio if it is on deferred split list
(git-fixes).
- commit 0fa5f5f
- mm/migrate: correct nr_failed in migrate_pages_sync()
(git-fixes).
- commit 3743659
- mm,page_owner: don't remove __GFP_NOLOCKDEP in
add_stack_record_to_list (git-fixes).
- commit 26a8c23
- mm/page_owner: remove free_ts from page_owner output
(git-fixes).
- commit dfa6a27
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- commit a04bd5d
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit ff2e445
- lib/stackdepot: print disabled message only if truly disabled
(git-fixes).
- commit cfe7741
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- commit 7879380
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- commit fe21e4e
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- commit 3178b0e
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- commit eeedd44
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- commit a1e1198
- mm/memory_hotplug: use pfn math in place of direct struct page
manipulation (git-fixes).
- commit 120d675
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- commit 86cb612
- mm/memory_hotplug: fix error handling in add_memory_resource()
(git-fixes).
- commit 3ebdf6a
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- commit c68beb1
- RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters (git-fixes)
Refresh patches:
- patches.suse/RDMA-bnxt_re-Disable-use-of-reserved-wqes.patch
- patches.suse/RDMA-bnxt_re-Fix-the-max-CQ-WQEs-for-older-adapters.patch
- commit c3e9f58
- RDMA/bnxt_re: Allow MSN table capability check (git-fixes)
Refresh patches:
- patches.suse/RDMA-bnxt_re-Fix-the-GID-table-length.patch
- patches.suse/RDMA-bnxt_re-Remove-always-true-dattr-validity-check.patch
- commit 1ac774c
- RDMA/hns: Remove unused parameters and variables (git-fixes)
Refresh patches.suse/RDMA-hns-Fix-mapping-error-of-zero-hop-WQE-buffer.patch
- commit ad435f0
- RDMA/hns: Refactor mtr find (git-fixes)
Refresh patches.suse/RDMA-hns-Use-macro-instead-of-magic-number.patch
- commit de53bbe
- bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
(CVE-2024-53091 bsc#1233638).
- commit 313e9b6
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
(bsc#1235964 CVE-2024-57892).
- ocfs2: correct return value of ocfs2_local_free_info()
(bsc#1235964 CVE-2024-57892).
- commit d27bf4b
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr
to data" (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too
(git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter()
(git-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device
(stable-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to
irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to
irq1_level_low_skip_override[] (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor
helpers (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported
by hw (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: rt722: add delay time to wait for the calibration
procedure (stable-fixes).
- commit 356d535
- KVM: arm64: Get rid of userspace_irqchip_in_use (CVE-2024-53195
bsc#1234957).
- commit 9fc6672
- cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429 CVE-2024-56617).
- commit 9e688fc
- s390/entry: Mark IRQ entries to fix stack depot warnings
(CVE-2024-57838 bsc#1235798).
- commit 17604ac
- KVM: arm64: Don't retire aborted MMIO instruction
(CVE-2024-53196 bsc#1234906).
- commit 8dbc3ed
- xen: Fix the issue of resource not being properly released in
xenbus_dev_probe() (CVE-2024-53198 bsc#1234923).
- commit aeb4569
- Refresh
patches.suse/x86-xen-don-t-do-PV-iret-hypercall-through-hypercall.patch.
- commit 745fddd
- x86/static-call: Remove early_boot_irqs_disabled check to fix
Xen PVH dom0 (git-fixes).
- commit cbe946f
- drm/v3d: Ensure job pointer is set to NULL after job completion
(git-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect
(git-fixes).
- commit 5e7e8a8
- ftrace: Fix regression with module command in stack_trace_filter
(CVE-2024-56569 bsc#1235031).
- commit fe237c2
- Move upstreamed DRM patch into sorted section
- commit 9ec91cd
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched
in sysfs (CVE-2024-57804 bsc#1235779).
- block: fix uaf for flush rq while iterating tags (CVE-2024-53170
bsc#1234888).
- scsi: qedi: Fix a possible memory leak in
qedi_alloc_and_init_sb() (CVE-2024-56747 bsc#1234934).
- scsi: bfa: Fix use-after-free in bfad_im_module_exit()
(CVE-2024-53227 bsc#1235011).
- scsi: hisi_sas: Create all dump files during debugfs
initialization (CVE-2024-56588 bsc#1235123).
- commit 2865882
- RDMA/siw: Remove direct link to net_device (bsc#1235946 CVE-2024-57857)
- commit c33e2ed
- RDMA/rxe: Remove the direct link to net_device (bsc#1235906 CVE-2024-57795)
- commit 03de29b
- net/mlx5e: Skip restore TC rules for vport rep without loaded
flag (CVE-2024-57801 bsc#1235940).
- commit 2c1c8f0
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259
bsc#1232421).
- commit dfc801e
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
Deleted (to be replaced with the newer upstream fix):
patches.suse/tpm-eventlog-Limit-memory-allocations-for-event-logs.patch
- commit 39b3b52
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE)
(stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-Samsung-Galaxy-Book.patch.
- commit 231fb10
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41
HDA (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27
Z272SD_A272SD audio (stable-fixes).
- commit 4039f17
- bpf: fix recursive lock when verdict program return SK_PASS (CVE-2024-56694 bsc#1235412)
- commit 19cb085
- bpf: fix OOB devmap writes when deleting elements (CVE-2024-56615 bsc#1235426)
- commit 2f8d474
- xsk: fix OOB map writes when deleting elements (CVE-2024-56614 bsc#1235424)
- commit 5188b69
- mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (CVE-2024-56611 bsc#1235391)
- commit 2731a92
- netdevsim: prevent bad user input in
nsim_dev_health_break_write() (bsc#1235587 CVE-2024-56716).
- commit 28d54d6
- bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
(bsc#1235555 CVE-2024-56675).
- commit 403c5dd
- xsk: Free skb when TX metadata options are invalid (bsc#1235000
CVE-2024-53236).
- commit 7d68164
- ipc: fix memleak if msg_init_ns failed in create_ipc_ns
(bsc#1234893 CVE-2024-53175).
- commit 5f77971
- i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (CVE-2024-45828 bsc#1235705)
- commit 6a03a5a
- ceph: give up on paths longer than PATH_MAX (CVE-2024-53685 bsc#1235720)
- commit cd5b8ed
- btrfs: add a sanity check for btrfs root in btrfs_search_slot()
(CVE-2024-56774 bsc#1235653).
- commit cd76b1a
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (CVE-2024-48881 bsc#1235727)
- commit 5c5ddcb
- net/smc: check return value of sock_recvmsg when draining clc
data (CVE-2024-57791 bsc#1235759).
- commit a343ecd
- scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (CVE-2024-56748 bsc#1235627)
- commit 75f84ca
- scsi: ufs: core: sysfs: Prevent div by zero (CVE-2024-56622 bsc#1235251)
- commit 8bc4baa
- cpufreq: intel_pstate: Check turbo_is_disabled() in
store_no_turbo() (bsc#1234619).
- commit f5b59a5
- cpufreq: intel_pstate: Fix unchecked HWP MSR access
(bsc#1234619).
- commit df6b669
- cpufreq: intel_pstate: Update the maximum CPU frequency
consistently (bsc#1234619).
- commit 110e6ef
- cpufreq: intel_pstate: Replace three global.turbo_disabled
checks (bsc#1234619).
- commit 0ad4ebe
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE()
(bsc#1234619).
- Refresh
patches.suse/cpufreq-intel_pstate-Ramp-up-frequency-faster-when-u.patch.
- Refresh
patches.suse/cpufreq-intel_pstate-Temporarily-boost-P-state-when-.patch.
- commit 1c8960e
- cpufreq: intel_pstate: Rearrange show_no_turbo() and
store_no_turbo() (bsc#1234619).
- commit 9383d66
- scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (CVE-2024-56620 bsc#1235227)
- commit 00c6f8f
- cpufreq: intel_pstate: Do not update global.turbo_disabled
after initialization (bsc#1234619).
- Refresh
patches.suse/cpufreq-intel_pstate-Ramp-up-frequency-faster-when-u.patch.
- commit 536c9fc
- cpufreq: intel_pstate: Refine computation of P-state for given
frequency (bsc#1234619).
- commit 8135bb3
- cpufreq: intel_pstate: Revise global turbo disable check
(bsc#1234619).
- commit 4089ec6
- Drop uvcvideo fix due to regression (bsc#1235894)
- Delete
patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch.
- blacklist.conf update
- commit 90c0ac7
- virt: tdx-guest: Just leak decrypted memory on unrecoverable
errors (CVE-2024-57793 bsc#1235768).
- commit 0fbd2e1
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits()
into caller (bsc#1234619).
- commit 430dfdb
- cpufreq: intel_pstate: Use __ro_after_init for three variables
(bsc#1234619).
- commit e421ce1
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE()
annotations (bsc#1234619).
- commit 682d75a
- cpufreq: intel_pstate: Wait for canceled delayed work to
complete (bsc#1234619).
- commit a725954
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- commit 6583c13
- cpufreq: intel_pstate: Drop redundant locking from
intel_pstate_driver_cleanup() (bsc#1234619).
- commit e58d8d7
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now'
This reverts commit 2ccfee6be929dd4ea49ef59a7ae686473aae40b6
CONFIG_ARM64_SME is enabled by default so some customers may
rely on SME. We need further analysis to evaluate to what
extent we are impacted and in case we'll disable SME support
later.
- commit f83551c
- PCI: imx6: Fix suspend/resume support on i.MX6QDL
(CVE-2024-57809 bsc#1235793).
- commit 11fd956
- net: tun: fix tun_napi_alloc_frags() (CVE-2024-56372
bsc#1235753).
- net: renesas: rswitch: avoid use-after-put for a device tree
node (CVE-2024-55639 bsc#1235737).
- commit 0d5db72
- mm: prevent derefencing NULL ptr in pfn_section_valid()
(git-fixes).
- commit 6f62e94
- mm, kmsan: fix infinite recursion due to RCU critical section
(git-fixes).
- commit 509127e
- mm/sparsemem: fix race in accessing memory_section->usage
(bsc#1221326 CVE-2023-52489).
- commit 13000fd
- scsi: hisi_sas: Add cond_resched() for no forced preemption model (CVE-2024-56589 bsc#1235241)
- commit a1ef870
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes).
- commit 2ccfee6
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL
(git-fixes).
- commit 834d2d0
- arm64: dts: rockchip: add hevc power domain clock to rk3328
(git-fixes).
- commit 7aa2931
- Update
patches.suse/ALSA-6fire-Release-resources-at-card-release.patch
(git-fixes CVE-2024-53239 bsc#1235054).
- Update
patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch
(git-fixes CVE-2024-56531 bsc#1235057).
- Update
patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch
(git-fixes CVE-2024-56532 bsc#1235059).
- Update
patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch
(git-fixes CVE-2024-53197 bsc#1235464).
- Update
patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch
(git-fixes CVE-2024-56533 bsc#1235053).
- Update
patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch
(stable-fixes CVE-2024-56590 bsc#1235038).
- Update
patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch
(git-fixes CVE-2024-56654 bsc#1235532).
- Update
patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch
(git-fixes CVE-2024-56629 bsc#1235473).
- Update
patches.suse/NFSv3-only-use-NFS-timeout-for-MOUNT-when-protocols-.patch
(bsc#1231016 CVE-2024-50106 bsc#1232882).
- Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch
(git-fixes CVE-2024-56745 bsc#1235563).
- Update
patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch
(stable-fixes CVE-2024-53194 bsc#1235459).
- Update
patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch
(git-fixes CVE-2024-56760 bsc#1235616).
- Update
patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch
(git-fixes CVE-2024-56722 bsc#1235570).
- Update
patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch
(git-fixes CVE-2024-56662 bsc#1235533).
- Update
patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch
(CVE-2024-56606 bsc#123541 bsc#1235417).
- Update
patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch
(git-fixes CVE-2024-56741 bsc#1235502).
- Update
patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch
(bsc#1234726 CVE-2024-56672 bsc#1235534).
- Update
patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch
(git-fixes CVE-2024-56625 bsc#1235223).
- Update
patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch
(git-fixes CVE-2024-56651 bsc#1235528).
- Update
patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch
(git-fixes CVE-2024-56681 bsc#1235557).
- Update
patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch
(git-fixes CVE-2024-56690 bsc#1235428).
- Update
patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch
(git-fixes CVE-2024-47809 bsc#1235714).
- Update
patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch
(stable-fixes CVE-2024-47143 bsc#1235710).
- Update
patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch
(git-fixes CVE-2024-56767 bsc#1235160).
- Update
patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch
(git-fixes CVE-2024-56546 bsc#1235070).
- Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch
(git-fixes CVE-2024-46896 bsc#1235707).
- Update
patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch
(stable-fixes CVE-2024-56594 bsc#1235413).
- Update
patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch
(stable-fixes CVE-2024-56616 bsc#1235427).
- Update
patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch
(stable-fixes CVE-2024-56369 bsc#1235750).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch
(git-fixes CVE-2024-56776 bsc#1235647).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch
(git-fixes CVE-2024-56777 bsc#1235641).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch
(git-fixes CVE-2024-56778 bsc#1235635).
- Update
patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch
(git-fixes CVE-2024-56683 bsc#1235497).
- Update
patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch
(git-fixes CVE-2024-56538 bsc#1235051).
- Update
patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch
(git-fixes CVE-2024-56573 bsc#1235042).
- Update
patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch
(git-fixes CVE-2024-56746 bsc#1235622).
- Update
patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch
(git-fixes CVE-2024-56634 bsc#1235486).
- Update
patches.suse/hfsplus-don-t-query-the-device-logical-block-size-multiple-times.patch
(git-fixes CVE-2024-56548 bsc#1235073).
- Update
patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch
(git-fixes CVE-2024-52332 bsc#1235700).
- Update
patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch
(git-fixes CVE-2024-56557 bsc#1235122).
- Update
patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch
(git-fixes CVE-2024-56709 bsc#1235552).
- Update
patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch
(git-fixes CVE-2024-56584 bsc#1235117).
- Update
patches.suse/jfs-add-a-check-to-prevent-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2024-56595 bsc#1235410).
- Update
patches.suse/jfs-array-index-out-of-bounds-fix-in-dtReadFirst.patch
(git-fixes CVE-2024-56598 bsc#1235220).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-jfs_readdir.patch
(git-fixes CVE-2024-56596 bsc#1235458).
- Update patches.suse/jfs-fix-shift-out-of-bounds-in-dbSplit.patch
(git-fixes CVE-2024-56597 bsc#1235222).
- Update
patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch
(stable-fixes CVE-2024-56587 bsc#1235125).
- Update
patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch
(git-fixes CVE-2024-56705 bsc#1235568).
- Update
patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch
(git-fixes CVE-2024-56769 bsc#1235155).
- Update
patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch
(git-fixes CVE-2024-56575 bsc#1235039).
- Update
patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch
(git-fixes CVE-2024-56578 bsc#1235115).
- Update
patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch
(git-fixes CVE-2024-56577 bsc#1235112).
- Update
patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch
(git-fixes CVE-2024-56572 bsc#1235043).
- Update
patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch
(git-fixes CVE-2024-56574 bsc#1235040).
- Update
patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch
(git-fixes CVE-2024-56571 bsc#1235037).
- Update
patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch
(git-fixes CVE-2024-56700 bsc#1235500).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch
(git-fixes CVE-2024-56723 bsc#1235571).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch
(git-fixes CVE-2024-56724 bsc#1235577).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch
(git-fixes CVE-2024-56691 bsc#1235425).
- Update
patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch
(git-fixes CVE-2024-55916 bsc#1235747).
- Update
patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch
(git-fixes CVE-2024-56766 bsc#1235219).
- Update
patches.suse/net-ipv6-release-expired-exception-dst-cached-in-soc.patch
(bsc#1216813 CVE-2024-56644 bsc#1235133).
- Update
patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch
(git-fixes CVE-2024-56779 bsc#1235632).
- Update
patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch
(git-fixes CVE-2024-56558 bsc#1235100).
- Update
patches.suse/nilfs2-fix-potential-out-of-bounds-memory-access-in-nilfs_find_entry.patch
(git-fixes CVE-2024-56619 bsc#1235224).
- Update
patches.suse/nvme-apple-fix-device-reference-counting.patch
(git-fixes CVE-2024-43913 bsc#1229833).
- Update
patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch
(git-fixes CVE-2024-49569 bsc#1235730).
- Update
patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch
(git-fixes CVE-2024-56632 bsc#1235483).
- Update
patches.suse/ocfs2-free-inode-when-ocfs2_get_init_inode-fails.patch
(git-fixes CVE-2024-56630 bsc#1235479).
- Update
patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch
(stable-fixes CVE-2024-47141 bsc#1235708).
- Update
patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch
(git-fixes CVE-2024-57792 bsc#1235764).
- Update
patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch
(bsc#1215199 CVE-2024-56677 bsc#1235494).
- Update
patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch
(bsc#1194869 CVE-2024-56678 bsc#1235495).
- Update
patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch
(bsc#1194869 CVE-2024-56701 bsc#1235496).
- Update
patches.suse/quota-flush-quota_release_work-upon-quota-writeback.patch
(bsc#1234195 CVE-2024-56780 bsc#1235650).
- Update
patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch
(git-fixes CVE-2024-56739 bsc#1235611).
- Update
patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch
(bsc#1235406 CVE-2024-56623 bsc#1235466).
- Update
patches.suse/smb-client-fix-TCP-timers-deadlock-after-rmmod.patch
(CVE-2024-53095 bsc#1233642 CVE-2024-54680 bsc#1235723).
- Update
patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch
(stable-fixes CVE-2024-56787 bsc#1235663).
- Update
patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch
(git-fixes CVE-2024-50051 bsc#1235739).
- Update
patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch
(git-fixes CVE-2024-56688 bsc#1235538).
- Update
patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp.patch
(git-fixes CVE-2024-53168 bsc#1234887).
- Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch
(CVE-2024-56642 bsc#1235433 CVE-2024-56661 bsc#1234931).
- Update patches.suse/unicode-Fix-utf8_load-error-path.patch
(git-fixes CVE-2024-53233 bsc#1235046).
- Update
patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch
(git-fixes CVE-2024-56698 bsc#1235491).
- Update
patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch
(git-fixes CVE-2024-56670 bsc#1235488).
- Update
patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch
(git-fixes CVE-2024-56687 bsc#1235537).
- Update
patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch
(git-fixes CVE-2024-56543 bsc#1235065).
- Update
patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch
(stable-fixes CVE-2024-56607 bsc#1235423).
- Update
patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch
(stable-fixes CVE-2024-56593 bsc#1235252).
- Update
patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch
(git-fixes CVE-2024-56663 bsc#1235454).
- Update
patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch
(stable-fixes CVE-2024-56609 bsc#1235389).
- Update
patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch
(stable-fixes CVE-2024-48873 bsc#1235716).
- commit 8258b9d
- Move upstreamed NFS patch into sorted section
- commit b16f043
- net: dsa: improve shutdown sequence (CVE-2024-49998 bsc#1232087).
- commit 4c71ee1
- smb: client: fix OOBs when building SMB2_IOCTL request
(bsc#1233055, CVE-2024-50151).
- commit 6434503
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits
(bsc#1234635).
- commit e5c720c
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol
VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb()
(git-fixes bsc#1235778).
- iommu/s390: Implement blocking domain (CVE-2024-53232
bsc#1235050).
- commit aa0d65c
- mm/swapfile: skip HugeTLB pages for unuse_vma (CVE-2024-50199
bsc#1233112).
- commit 57bc3bb
- exfat: fix the infinite loop in __exfat_free_cluster()
(git-fixes).
- commit f091e41
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- commit 3298782
- dlm: fix possible lkb_resource null dereference (git-fixes).
- commit f2b8780
- Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
(CVE-2024-49951 bsc#1232158).
- commit 8b8b4db
- afs: Fix the maximum cell name length (git-fixes).
- commit 77a0ae0
- drm/amd/display: Fix handling of plane refcount (bsc#1235657 CVE-2024-56775)
- commit b028260
- misc: microchip: pci1xxxx: Resolve return code mismatch during
GPIO set config (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO
IRQ handling (git-fixes).
- commit 5eb3001
- iio: inkern: call iio_device_put() only on mapped devices
(git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev
(git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
(git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer
(git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered
buffer (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer
(git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer
(git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer
(git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in
triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger
handler (git-fixes).
- iio: test : check null return of kunit_kmalloc in
iio_rescale_test_scale (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time
(git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
(git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null
to fix the crash caused by port being null (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to
cdev (git-fixes).
- USB: usblp: return error when setting unsupported protocol
(git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
(git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix error code in
max_contaminant_read_resistance_kohm() (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- commit 04c952e
- tty: serial: 8250: Fix another runtime PM usage counter
underflow (git-fixes).
- commit 1e248c9
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI
errors occur (git-fixes).
- commit b04cc0b
- thermal: of: fix OF node leak in of_thermal_zone_find()
(git-fixes).
- drm/mediatek: Add return value check when reading DPCD
(git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix
MT8186/MT8188 (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP
(git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the
display driver (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if
mtk_drm_bind returns err (git-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger
(git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042
actually enabled it (git-fixes).
- commit 4e3d452
- Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch
(CVE-2024-56642 bsc#1235433).
- commit 6f4f559
- Disable ceph (jsc#PED-7242)
- commit 0dd7856
- bpf, sockmap: Fix race between element replace and close()
(CVE-2024-56664 bsc#1235249).
- commit 81511fb
- platform/x86/intel/tpmi: Add defines to get version information
(bsc#1225897).
- commit 00f1af2
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- commit 4e210b3
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- commit e9be640
- platform/x86/intel-uncore-freq: Ignore minor version change
(bsc#1225897).
- commit 33349ec
- udmabuf: fix memory leak on last export_udmabuf() error path
(CVE-2024-56712 bsc#1235565).
- commit bbc81b4
- modpost: fix the missed iteration for the max bit in do_input()
(git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in
ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P
(stable-fixes).
- sound: usb: format: don't warn that raw DSD is unsupported
(stable-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions
(stable-fixes).
- wifi: mac80211: wake the queues in case of failure in resume
(stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit
systems (stable-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the
restart handler (stable-fixes).
- wifi: ath12k: fix atomic calls in
ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb
(stable-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers
(stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper
reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe
(stable-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035
(stable-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag
(stable-fixes).
- commit c96ed05
- Bluetooth: btnxpuart: Fix driver sending truncated data
(git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing
(git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when
required (git-fixes).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in
ca8210_probe() (git-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in
union gic_base (stable-fixes).
- drm/amdkfd: Correct the migration DMA map direction
(stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model
(stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A
(stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger
(stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925
(stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in
btusb_disconnect (stable-fixes).
- docs: media: update location of the media patches
(stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning
(stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature
decoding (stable-fixes).
- irqchip/gic-v3: Force propagation of the active state with a
read-back (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11
(stable-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature
(stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume
(stable-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too
many bytes (git-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925
(stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary
(stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to
digits (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925
(stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related
macros (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status
bitfields (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces
(stable-fixes).
- mailbox: pcc: Add support for platform notification handling
(stable-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- commit 964672e
- scsi: sg: Fix slab-use-after-free read in sg_release()
(CVE-2024-56631 bsc#1235480).
- commit cb70e79
- Fix CVE reference for patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606)
- commit f8ce5de
- 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584).
- commit f0916d2
- net: ieee802154: do not leave a dangling sk pointer in
ieee802154_create() (CVE-2024-56602 bsc#1235521).
- commit 2d367ac
- net: hsr: avoid potential out-of-bound access in
fill_frame_info() (CVE-2024-56648 bsc#1235451).
- commit 79ce319
- net/mlx5: DR, prevent potential error pointer dereference (CVE-2024-56660 bsc#1235437)
- commit 0e2235c
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- commit 8448fe4
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (CVE-2024-56656 bsc#1235444)
- commit a44ef4d
- af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-5660 bsc#123541)
- commit c21a9e5
- smb: client: fix NULL ptr deref in crypto_aead_setkey() (CVE-2024-53185 bsc#1234901)
- commit 77b5b00
- net: af_can: do not leave a dangling sk pointer in can_create() (CVE-2024-56603 bsc#1235415)
- commit 53bb420
- btrfs: fix use-after-free waiting for encoded read endios
(bsc#1235445).
- btrfs: fix use-after-free in btrfs_encoded_read_endio()
(bsc#1235445).
- commit ae44992
- ovl: Filter invalid inodes with missing lookup function
(bsc#1235035 CVE-2024-56570).
- commit 0cddc7c
- ubi: fastmap: Fix duplicate slab cache names while attaching (CVE-2024-53172 bsc#1234898)
- commit f996297
- net: sched: fix ordering of qlen adjustment (CVE-2024-53164 bsc#1234863)
- commit ac3c374
- tipc: Fix use-after-free of kernel socket in cleanup_bearer()
(CVE-2024-56642 bsc#1235433).
- commit 644f840
- sctp: properly validate chunk size in sctp_sf_ootb() (CVE-2024-50299 bsc#1233488)
- commit 9038d7f
- libgcrypt
-
- FIPS: Differentiate non-compliant flags in the SLI [bsc#1225939]
* Add libgcrypt-FIPS-SLI-Differentiate-non-compliant-flags-in-the-SLI.patch
- FIPS: Implement KAT for non-deterministic ECDSA [bsc#1225939]
* Add libgcrypt-FIPS-SLI-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
- FIPS: Disable setting the library in non-FIPS mode [bsc#1220893]
* Add libgcrypt-FIPS-disable-GCRYCTL_NO_FIPS_MODE.patch
- FIPS: Disallow rsa < 2048 [bsc#1225941]
* Mark RSA operations with keysize < 2048 as non-approved in the SLI
* Add libgcrypt-FIPS-SLI-Disallow-RSA-keys-with-size-lt-2048.patch
- FIPS: Service level indicator for libgcrypt [bsc#1225939]
* Factor out `prepare_datasexp_to_be_signed` for FIPS SLI
* Add libgcrypt-FIPS-SLI-Factor-out-data-SEXP-preparation.patch
* Include missing checks for EdDSA and ECDSA for FIPS SLI
* Add libgcrypt-FIPS-SLI-Only-allow-defined-digest-algo-for-EdDSA.patch
* Add libgcrypt-FIPS-SLI-Reject-use-of-SHAKE-when-its-ECDSA-with-RFC6979.patch
* Include upstream patches for FIPS SLI for libgcrypt
* Add libgcrypt-FIPS-SLI-Introduce-an-internal-API-for-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_md_hash_*.patch
* Add libgcrypt-FIPS-SLI-Add-t-digest.patch
* Add libgcrypt-FIPS-SLI-Fix-t-digest-for-a-minimal-configuration.patch
* Add libgcrypt-FIPS-SLI-Extend-tests-t-digest-to-test-hmac-too.patch
* Add libgcrypt-FIPS-SLI-Fix-comment-in-t-thread-local.patch
* Add libgcrypt-FIPS-SLI-Change-the-internal-API-for-new-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
* Add libgcrypt-FIPS-SLI-Add-tests-for-md_open-write-read-close-for-t-digest.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
* Add libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-cipher_open.patch
* Add libgcrypt-FIPS-SLI-Add-gcry_mac_open-tests.patch
* Add libgcrypt-FIPS-SLI-Rename-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Move-KDF-tests-to-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Add-gcry_cipher_open-tests.patch
* Add libgcrypt-FIPS-SLI-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
* Add libgcrypt-FIPS-SLI-Implement-FIPS-service-indicator-for-gcry_pk_hash_API.patch
* Add libgcrypt-FIPS-SLI-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
* Add libgcrypt-FIPS-SLI-Fix-the-previous-change.patch
* Add libgcrypt-FIPS-SLI-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
* Add libgcrypt-FIPS-SLI-Add-behavior-not-to-reject-but-mark-non-compliant.patch
* Add libgcrypt-FIPS-SLI-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
* Add libgcrypt-FIPS-SLI-Add-more-tests-to-tests-t-fips-service-ind.patch
* Add libgcrypt-FIPS-SLI-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
* Add libgcrypt-FIPS-SLI-Fix-memory-leak-for-gcry_pk_hash_sign.patch
* Add libgcrypt-FIPS-SLI-Improve-__thread-specifier-check.patch
* Add libgcrypt-FIPS-SLI-mark-non-compliant-cipher-modes-as-non-approved-in-the-SLI.patch
* Add libgcrypt-FIPS-SLI-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-.patch
* Add libgcrypt-FIPS-SLI-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
* Implement `hex2buffer` in tests/t-common.h for FIPS SLI testing
* Add hex2buffer-Factor-from-existing-uses.patch
* Remove redundant/reworked patches now in FIPS SLI
* Remove libgcrypt-FIPS-SLI-pk.patch
* Remove libgcrypt-FIPS-SLI-hash-mac.patch
* Remove libgcrypt-FIPS-SLI-kdf-leylength.patch
* Rebased patches:
* libgcrypt-1.10.0-allow_FSM_same_state.patch
* libgcrypt-no-deprecated-grep-alias.patch
* libgcrypt-FIPS-rndjent_poll.patch
* libgcrypt-Chacha20-poly1305-Optimized-chacha20-poly1305.patch
- FIPS: Consider deprecate sha1 [bsc#1225942]
* In FIPS 180-5 revision, NIST announced EOL for SHA-1 and will
transition at the end of 2030. Mark SHA1 as non-approved in SLI.
* Add libgcrypt-FIPS-SLI-md-Make-SHA1-non-FIPS-and-differentiate-in-the-SLI.patch
* Add libgcrypt-FIPS-SLI-cipher-Differentiate-SHA1-with-GCRY_FIPS_FLAG_REJECT_MD_SHA1.patch
- FIPS: Unnecessary RSA KAT Encryption/Decryption [bsc#1225936]
* cipher: Do not run RSA encryption selftest by default
* Add libgcrypt-FIPS-SLI-Do-not-run-RSA-encryption-selftest-by-default.patch
- FIPS: Make sure that Libgcrypt makes use of the built-in Jitter RNG
for the whole length entropy buffer in FIPS mode. [bsc#1220893]
* Add libgcrypt-FIPS-jitter-whole-entropy.patch
- FIPS: Set the FSM into error state if Jitter RNG is returning an
error code to the caller when an health test error occurs when
random bytes are requested through the jent_read_entropy_safe()
function. [bsc#1220895]
* Add libgcrypt-FIPS-jitter-errorcodes.patch
- FIPS: Replace the built-in jitter rng with standalone version
* Remove the internal jitterentropy copy [bsc#1220896]
* Add libgcrypt-FIPS-jitter-standalone.patch
* Remove not needed libgcrypt-jitterentropy-3.4.0.patch
- gnutls
-
- Security fix [bsc#1236974, CVE-2024-12243]
* gnutls: inefficient DER Decoding in libtasn1 could lead to remote DoS
* Add gnutls-CVE-2024-12243.patch
- nfs-utils
-
- rpc.idmapd: nfsopen() failures should not be fatal (bsc#1239165)
- add 0007-rpc.idmapd-nfsopen-failures-should-not-be-fatal.patch
- enable ldap support for nfsidmap (bsc#1226533)
- openssl-1_1
-
- Fix bsc#1236771 - Non approved PBKDF parameters wrongly resulting as approved
* Add openssl-FIPS-PBKDF-params.patch
- Security fix: [bsc#1236136, CVE-2024-13176]
* timing side-channel in the ECDSA signature computation
* Add openssl-CVE-2024-13176.patch
- procps
-
- Add patch CVE-2023-4016-part2.patch
* Fix the ps command segfaults when pid argument has a leading space (bsc#1236842)
- python3
-
- Add CVE-2025-0938-sq-brackets-domain-names.patch which
disallows square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704)
- systemd
-
- Add 1020-core-create-the-credential-directory-even-if-it-s-em.patch (bsc#1229228)
- Rename 5012-Revert-macro-terminate-the-temporary-VA_ARGS_FOREACH.patch into
1021-Revert-macro-terminate-the-temporary-VA_ARGS_FOREACH.patch
Commit dc571cccd75db7be49b2aada64baf92e3a498c39 was backported and included in
v254.9 bumping the version requirement on gcc from 4.7 to 8. Unfortunately
this breakage won't be fixed by upstream therefore there's no longer a need to
keep the patch that reverts the offending commit in quarantine.
- Import commit 127e162c9cc0beb5058a718b3a9a1fec6942a927 (merge of v254.23)
eab1d9753b stdio-bridge: fix polled fds
f028f2298e hwdb: comment out the entry for Logitech MX Keys for Mac
e808cbdd6d test: answer 2nd mdadm --create question for compat with new version
bf01f3d692 core/unit-serialize: fix serialization of markers
f043ab6f34 locale-setup: do not load locale from environemnt when /etc/locale.conf is unchanged
71efbe69b6 core: fix assert when AddDependencyUnitFiles is called with invalid parameter
- Fix systemd-network recommending libidn2-devel (boo#1234765)
- Import commit 127e162c9cc0beb5058a718b3a9a1fec6942a927
679c57667d tpm2-util: Also retry unsealing after policy_pcr returns PCR_CHANGED (boo#1233752 bsc#1234313)
- Import commit eb5a78f50e64a39a2a509fd5141e68ff216a4273 (merge of v254.22)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/600986ba4d9c562390d99513416f49a5be5559f3...eb5a78f50e64a39a2a509fd5141e68ff216a4273
- libtasn1
-
- Security fix: [bsc#1236878, CVE-2024-12133]
* Potential DoS in handling of numerous SEQUENCE OF or SET OF elements
* Add libtasn1-CVE-2024-12133.patch
- libxml2
-
- security update
- added patches
fix CVE-2024-56171 [bsc#1237363], use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
+ libxml2-CVE-2024-56171.patch
fix CVE-2025-24928 [bsc#1237370], stack-based buffer overflow in xmlSnprintfElements in valid.c
+ libxml2-CVE-2025-24928.patch
fix CVE-2025-27113 [bsc#1237418], NULL Pointer Dereference in libxml2 xmlPatMatch
+ libxml2-CVE-2025-27113.patch
- libzypp
-
- Disable zypp.conf:download.use_deltarpm by default (fixes #620)
Measurements show that you don't benefit from using deltarpms
unless your network connection is very slow. That's why most
distributions even stop offering deltarpms. The default remains
unchanged on SUSE-15.6 and older.
- Make sure repo variables are evaluated in the right context
(bsc#1237044)
- Introducing MediaCurl2 a alternative HTTP backend.
This patch adds MediaCurl2 as a testbed for experimenting with a
more simple way to download files. Set ZYPP_CURL2=1 in the
environment to use it.
- version 17.36.3 (35)
- Filesystem usrmerge must not be done in singletrans mode
(bsc#1236481, bsc#1189788)
Commit will amend the backend in case the transaction would
perform a filesystem usrmerge.
- Workaround bsc#1216091 on Code16.
- version 17.36.2 (35)
- Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983)
Released libyui packages compile with -Werror=deprecated-declarations
so we can't add deprecated warnings without breaking them.
- make gcc15 happy (fixes #613)
- version 17.36.1 (35)
- Drop zypp-CheckAccessDeleted in favor of 'zypper ps'.
- Fix Repoverification plugin not being executed (fixes #614)
- Refresh: Fetch the master index file before key and signature
(bsc#1236820)
- Allow libzypp to compile with C++20.
- Deprecate RepoReports we do not trigger.
- version 17.36.0 (35)
- openssh
-
- Fix a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
client and a DoS attack against OpenSSH's client and server
(bsc#1237040, CVE-2025-26465, bsc#1237041, CVE-2025-26466):
* fix-CVE-2025-26465-and-CVE-2025-26466.patch
- permissions
-
- Update to version 20240826:
* permissions: reintroduce nscd socket, which acts as a whitelisting for glibc (bsc#1236960)
- pkg-config
-
- Build with system GLib instead of bundled GLib (bsc#1237374).
- samba
-
- Fix crossing automounter mount points; (bsc#1215212);
(bsc#1236803);
- Update shipped /etc/samba/smb.conf to point to smb.conf
man page;(bsc#1233880).
- timezone
-
- Update to 2025a:
* Paraguay adopts permanent -03 starting spring 2024
* Improve pre-1991 data for the Philippines
* Etc/Unknown is now reserved
- Update to 2024b:
* Improve historical data for Mexico, Mongolia, and Portugal.
* System V names are now obsolescent.
* The main data form now uses %z.
* The code now conforms to RFC 8536 for early timestamps.
* Support POSIX.1-2024, which removes asctime_r and ctime_r.
* Assume POSIX.2-1992 or later for shell scripts.
* SUPPORT_C89 now defaults to 1.
- Add revert-philippines-historical-data.patch, revert-systemv-deprecation.patch
* Fixes testsuite failures for other packages
- vim
-
- 9.1.1101 is a fix for:
bsc#1229685 (CVE-2024-43790)
bsc#1229822 (CVE-2024-43802)
bsc#1230078 (CVE-2024-45306)
bsc#1235695 (CVE-2025-22134)
bsc#1236151 (CVE-2025-24014)
bsc#1237137 (CVE-2025-1215)
- Remove obsoleted patch:
* vim-7.3-mktemp_tutor.patch
- update to 9.1.1101
* insexpand.c hard to read
* tests: Test_log_nonexistent only works on Linux
* Update base-syntax, improve variable matching
* Vim9: import with extends may crash
* leaking memory with completing multi lines
* --log with non-existent path causes a crash
* if_perl: Perl 5.38 adds new symbols causing link failure
* tests: matchparen plugin test wrongly named
* Vim9: problem finding implemented method in type hierarchy
* runtime(qf): Update syntax file, match second delimiter
* tests: output of test ...win32_ctrl_z depends on python version
* tests: fix expected return code for python 3.13 on Windows
* tests: timeout might be a bit too small
* tests: test_terminwscroll_topline2 unreliable
* tests: No check when tests are run under Github actions
* tests: plugin tests are named inconsistently
* Vim9: import with extends may crash
* completion doesn't work with multi lines
* filetype: cmmt files are not recognized
* Unable to persistently ignore events in a window and its buffers
* improve syntax highlighting
* setreg() doesn't correctly handle mbyte chars in blockwise mode
* unexpected DCS responses may cause out of bounds reads
* has('bsd') is true for GNU/Hurd
* filetype: Mill files are not recognized
* GUI late startup leads to uninitialized scrollbars
* Add support for lz4 to tar & gzip plugin
* Terminal ansi colors off by one after tgc reset
* included syntax items do not understand contains=TOP
* vim_strnchr() is strange and unnecessary
* Vim9: len variable not used in compile_load()
* runtime(vim): Update base-syntax, match :debuggreedy count prefix
* Strange error when heredoc marker starts with "trim"
* tests: test_compiler fails on Windows without Maven
* 'diffopt' "linematch" cannot be used with {n} less than 10
* args missing after failing to redefine a function
* Cannot control cursor positioning of getchar()
* preinsert text completions not deleted with <C-W>/<C-U>
* getchar() can't distinguish between C-I and Tab
* tests: Test_termwinscroll_topline2 fails on MacOS
* heap-use-after-free and stack-use-after-scope with :14verbose
* no digraph for "Approaches the limit"
* not possible to use plural forms with gettext()
* too many strlen() calls in userfunc.c
* terminal: E315 when dragging the terminal with the mouse
* runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()
* runtime(doc): Tweak documentation style a bit
* tests: test_glvs fails when unarchiver not available
* Vim always enables 'termguicolors' in a terminal
* completion: input text deleted with preinsert when adding leader
* translation(sr): Missing Serbian translation for the tutor
* Superfluous cleanup steps in test_ins_complete.vim
* runtime(netrw): correct wrong version check
* Vim doesn't highlight to be inserted text when completing
* runtime(netrw): upstream snapshot of v176
* runtime(dist/vim9): fix regressions in dist#vim9#Open
* runtime(hyprlang): fix string recognition
* make install fails because of a missing dependency
* runtime(asm): add byte directives to syntax script
* Vim doesn't work well with TERM=xterm-direct
* runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection
* runtime: decouple Open and Launch commands and gx mapping from netrw
* "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
* runtime(just): fix typo in syntax file
* runtime(filetype): Improve Verilog detection by checking for modules definition
* tests: off-by-one error in CheckCWD in test_debugger.vim
* tests: no support for env variables when running Vim in terminal
* too many strlen() calls in os_unix.c
* insert-completed items are always sorted
* crash after scrolling and pasting in silent Ex mode
* Makefiles uses non-portable syntax
* fuzzymatching doesn't prefer matching camelcase
* filetype: N-Tripels and TriG files are not recognized
* Vim9: Patch 9.1.1014 causes regressions
* translation(sr): Update Serbian messages translation
- updade to 9.1.1043
* [security]: segfault in win_line()
* update helptags
* filetype: just files are not recognized
* Update base-syntax, match ternary and falsy operators
* Vim9: out-of-bound access when echoing an enum
* Vim9: imported type cannot be used as func return type
* runtime(kconfig): updated ftplugin and syntax script
* runtime(doc): rename last t_BG reference to t_RB
* Vim9: comments are outdated
* tests: test_channel.py fails with IPv6
* runtime(vim): Update base-syntax, fix is/isnot operator matching
* Vim9: confusing error when using abstract method via super
* make install fails when using shadowdir
* Vim9: memory leak with blob2str()
* runtime(tex): add texEmphStyle to texMatchGroup in syntax script
* runtime(netrw): upstream snapshot of v175
* Vim9: compiling abstract method fails without return
* runtime(c): add new constexpr keyword to syntax file (C23)
* tests: shaderslang was removed from test_filetype erroneously
* link error when FEAT_SPELL not defined
* Coverity complains about insecure data handling
* runtime(sh): update syntax script
* runtime(c): Add missing syntax test files
* filetype: setting bash filetype is backwards incompatible
* runtime(c): Update syntax and ftplugin files
* the installer can be improved
* too many strlen() calls in screen.c
* no sanitize check when running linematch
* filetype: swc configuration files are not recognized
* runtime(netrw): change netrw maintainer
* wrong return type of blob2str()
* blob2str/str2blob() do not support list of strings
* runtime(doc): fix typo in usr_02.txt
* Coverity complains about dereferencing NULL pointer
* linematch option value not completed
* string might be used without a trailing NUL
* no way to get current selected item in a async context
* filetype: fd ignore files are not recognized
* v9.1.0743 causes regression with diff mode
* runtime(doc): fix base64 encode/decode examples
* Vim9: Patch 9.1.1013 causes a few problems
* Not possible to convert string2blob and blob2string
* Coverity complains about dereferencing NULL value
* Vim9: variable not found in transitive import
* runtime(colors): Update colorschemes, include new unokai colorscheme
* Vim9: Regression caused by patch v9.1.0646
* runtime(lyrics): support milliseconds in syntax script
* runtime(vim): Split Vim legacy and Vim9 script indent tests
* Vim9: class interface inheritance not correctly working
* popupmenu internal error with some abbr in completion item
* filetype: VisualCode setting file not recognized
* diff feature can be improved
* tests: test for patch 9.1.1006 doesn't fail without the patch
* filetype: various ignore are not recognized
* tests: Load screendump files with "git vimdumps"
* PmenuMatch completion highlight can be combined
* completion text is highlighted even with no pattern found
* tests: a few termdebug tests are flaky
* [security]: heap-buffer-overflow with visual mode
* runtime(doc): add package-<name> helptags for included packages
* Vim9: unknown func error with interface declaring func var
* runtime(filetype): don't detect string interpolation as angular
* ComplMatchIns highlight hard to read on light background
* runtime(vim): Update base-syntax, highlight literal string quote escape
* runtime(editorconfig): set omnifunc to syntaxcomplete func
* tests: ruby tests fail with Ruby 3.4
* Vim9: leaking finished exception
* runtime(tiasm): use correct syntax name tiasm in syntax script
* filetype: TI assembly files are not recognized
* too many strlen() calls in drawscreen.c
* runtime(xf86conf): add section name OutputClass to syntax script
* ComplMatchIns may highlight wrong text
* runtime(vim): Update base-syntax, improve ex-bang matching
* runtime(doc): clarify buffer deletion on popup_close()
* filetype: shaderslang files are not detected
* Vim9: not able to use comment after opening curly brace
- update to 9.1.0993
* 9.1.0993: New 'cmdheight' behavior may be surprising
* runtime(sh): fix typo in Last Change header
* 9.1.0992: Vim9: double-free after v9.1.0988
* 9.1.0991: v:stacktrace has wrong type in Vim9 script
* runtime(sh): add PS0 to bashSpecialVariables in syntax script
* runtime(vim): Remove trailing comma from match_words
* runtime(zsh): sync syntax script with upstream repo
* runtime(doc): Capitalise the mnemonic "Zero" for the 'z' flag of search()
* 9.1.0990: Inconsistent behavior when changing cmdheight
* 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
* runtime(java): Quietly opt out for unsupported markdown.vim versions
* runtime(vim): fix failing vim syntax test
* 9.1.0988: Vim9: no error when using uninitialized var in new()
* runtime(doc): update index.txt
* 9.1.0987: filetype: cake files are not recognized
* 9.1.0986: filetype: 'jj' filetype is a bit imprecise
* runtime(jj): Support diffs in jj syntax
* runtime(vim): Update matchit pattern, no Vim9 short names
* 9.1.0985: Vim9: some ex commands can be shortened
* 9.1.0984: exception handling can be improved
* runtime(doc): update doc for :horizontal
* runtime(doc): update index.txt, windows.txt and version9.txt
* runtime(doc): Tweak documentation about base64 function
* runtime(chordpro): update syntax script
* 9.1.0983: not able to get the displayed items in complete_info()
* runtime(doc): use standard SGR format at :h xterm-true-color
* 9.1.0982: TI linker files are not recognized
* runtime(vim): update vim generator syntax script
* 9.1.0981: tests: typo in test_filetype.vim
* 9.1.0980: no support for base64 en-/decoding functions in Vim Script
* syntax(sh): Improve the recognition of bracket expressions
* runtime(doc): mention how NUL bytes are handled
* 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
* 9.1.0978: GUI tests sometimes fail when setting 'scroll' options
* 9.1.0977: filetype: msbuild filetypes are not recognized
* 9.1.0976: Vim9: missing return statement with throw
* 9.1.0975: Vim9: interpolated string expr not working in object methods
* 9.1.0974: typo in change of commit v9.1.0873
* 9.1.0973: too many strlen() calls in fileio.c
* runtime(sh): set shellcheck as the compiler for supported shells
* runtime(doc): Fix enum example syntax
* 9.1.0972: filetype: TI linker map files are not recognized
* runtime(vim): Improve syntax script generator for Vim Script
* 9.1.0971: filetype: SLNX files are not recognized
* 9.1.0970: VMS: build errors on VMS architecture
* runtime(doc): Fix documentation typos
* runtime(doc): update for new keyprotocol option value (after v9.1.0969)
* 9.1.0969: ghostty not using kitty protocol by default
* 9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
* runtime(doc): update version9.txt for bash filetype
* runtime(netrw): update last change header for #16265
* runtime(doc): fix doc error in :r behaviour
* 9.1.0967: SpotBugs compiler setup can be further improved
* 9.1.0966: Vim9: :enum command can be shortened
* runtime(compiler): include a basic bash syntax checker compiler
* 9.1.0965: filetype: sh filetype set when detecting the use of bash
* runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt
* 9.1.0963: fuzzy-matching does not prefer full match
* 9.1.0962: filetype: bun.lock file is not recognized
* runtime(vim): update indentation plugin for Vim script
* runtime(doc): tweak documentation style in helphelp.txt
* runtime(vim): Update base-syntax, allow parens in default arguments
* runtime(doc): mention auto-format using clang-format for sound.c/sign.c
* runtime(help): fix typo s/additional/arbitrary/
* runtime(help): Add better support for language annotation highlighting
* 9.1.0961: filetype: TI gel files are not recognized
* 9.1.0960: filetype: hy history files are not recognized
* translation(fi): Fix typoes in Finish menu translation
* 9.1.0959: Coverity complains about type conversion
* runtime(vim): Use supported syntax in indent tests
* 9.1.0958: filetype: supertux2 config files detected as lisp
* 9.1.0956: completion may crash, completion highlight wrong with preview window
* 9.1.0955: Vim9: vim9compile.c can be further improved
* runtime(doc): move help tag E1182
* runtime(graphql): contribute vim-graphql to Vim core
* 9.1.0954: popupmenu.c can be improved
* 9.1.0953: filetype: APKBUILD files not correctly detected
* 9.1.0952: Vim9: missing type checking for any type assignment
* 9.1.0951: filetype: jshell files are not recognized
* runtime(dockerfile): do not set commentstring in syntax script
* 9.1.0950: filetype: fennelrc files are not recognized
* runtime(netrw): do not double escape Vim special characters
* git: ignore reformatting change of netrw plugin
* runtime(netrw): more reformating #16248
* runtime(doc): Add a note about handling symbolic links in starting.txt
* 9.1.0949: popups inconsistently shifted to the left
* git: ignore reformatting change of netrw plugin
* runtime(netrw): change indent size from 1 to 2
* 9.1.0948: Missing cmdline completion for :pbuffer
* runtime(tutor): Reformat tutor1
* 9.1.0947: short-description
* 9.1.0946: cross-compiling fails on osx-arm64
* 9.1.0945: ComplMatchIns highlight doesn't end after inserted text
* translation(sv): re-include the change from #16240
* 9.1.0944: tests: test_registers fails when not run under X11
* 9.1.0943: Vim9: vim9compile.c can be further improved
* runtime(doc): Update README and mention make check to verify
* translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec
* runtime(vim): update base-syntax after v9.1.0936
* 9.1.0942: a few typos were found
* 9.1.0941: ComplMatchIns doesn't work after multibyte chars
* runtime(doc): Fix style in fold.txt
* translation(sv): Fix typo in Swedish translation
* 9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
* runtime(doc): fix some small errors
* 9.1.0939: make installtutor fails
* 9.1.0938: exclusive selection not respected when re-selecting block mode
* 9.1.0937: test_undolist() is flaky
* 9.1.0936: cannot highlight completed text
* 9.1.0935: SpotBugs compiler can be improved
* 9.1.0934: hard to view an existing buffer in the preview window
* runtime(doc): document how to minimize fold computation costs
* 9.1.0933: Vim9: vim9compile.c can be further improved
* 9.1.0932: new Italian tutor not installed
* runtime(doc): fix a few minor errors from the last doc updates
* translation(it): add Italian translation for the interactive tutor
* runtime(doc): update the change.txt help file
* runtime(help): Add Vim lang annotation support for codeblocks
* 9.1.0931: ml_get error in terminal buffer
* 9.1.0930: tests: test_terminal2 may hang in GUI mode
* 9.1.0929: filetype: lalrpop files are not recognized
* 9.1.0928: tests: test_popupwin fails because the filter command fails
* editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim
* 9.1.0927: style issues in insexpand.c
* 9.1.0926: filetype: Pixi lock files are not recognized
* runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`
* runtime(doc): add a note about inclusive motions and exclusive selection
* 9.1.0925: Vim9: expression compiled when not necessary
* 9.1.0924: patch 9.1.0923 causes issues
* 9.1.0923: too many strlen() calls in filepath.c
* 9.1.0923: wrong MIN macro in popupmenu.c
* 9.1.0921: popupmenu logic is a bit convoluted
* 9.1.0920: Vim9: compile_assignment() too long
* 9.1.0919: filetype: some assembler files are not recognized
* runtime(netrw): do not pollute search history with symlinks
* 9.1.0918: tiny Vim crashes with fuzzy buffer completion
* 9.1.0917: various vartabstop and shiftround bugs when shifting lines
* runtime(typst): add definition lists to formatlistpat, update maintainer
* 9.1.0916: messages.c is exceeding 80 columns
* runtime(proto): include filetype plugin for protobuf
* 9.1.0915: GVim: default font size a bit too small
* 9.1.0914: Vim9: compile_assignment() is too long
* 9.1.0913: no error check for neg values for 'messagesopt'
* runtime(netrw): only check first arg of netrw_browsex_viewer for being executable
* 9.1.0912: xxd: integer overflow with sparse files and -autoskip
* 9.1.0911: Variable name for 'messagesopt' doesn't match short name
* 9.1.0910: 'messagesopt' does not check max wait time
* runtime(doc): update wrong Vietnamese localization tag
* 9.1.0909: Vim9: crash when calling instance method
- update to 9.1.0908
* refresh vim-7.3-mktemp_tutor.patch
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
* runtime(doc): mention option-backslash at :h CompilerSet
* runtime(compiler): include a Java Maven compiler plugin
* runtime(racket): update Racket runtime files
* runtime(doc): improve indentation in examples for netrw-handler
* runtime(doc): improve examples for netrw-handler functions
* runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg
* runtime(doc): clarify the use of filters and external commands
* 9.1.0861: Vim9: no runtime check for object member access of any var
* runtime(compiler): update pylint linter
* 9.1.0860: tests: mouse_shape tests use hard code sleep value
* 9.1.0859: several problems with the GLVS plugin
* 9.1.0858: Coverity complains about dead code
* runtime(tar): Update tar.vim to support permissions
* 9.1.0857: xxd: --- is incorrectly recognized as end-of-options
* 9.1.0851: too many strlen() calls in getchar.c
* 9.1.0850: Vim9: cannot access nested object inside objects
* runtime(tex): extra Number highlighting causes issues
* runtime(vim): Fix indent after :silent! function
* 9.1.0849: there are a few typos in the source
* runtime(netrw): directory symlink not resolved in tree view
* runtime(doc): add a table of supported Operating Systems
* runtime(tex): update Last Change header in syntax script
* runtime(doc): fix typo in g:termdebug_config
* runtime(vim): Update base-syntax, improve :normal highlighting
* runtime(tex): add Number highlighting to syntax file
* runtime(doc): Tweak documentation style a bit
* 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
* runtime(dune): use :setl instead of :set in ftplugin
* runtime(termdebug): allow to use decimal signs
* translation(it): Updated Italian vimtutor
* runtime(compiler): improve cppcheck
* git: git-blame-ignore-revs shown as an error on Github
* 9.1.0847: tests: test_popupwin fails because of updated help file
* 9.1.0846: debug symbols for xxd are not cleaned in Makefile
* runtime(structurizr): Update structurizr syntax
* runtime(8th): updated 8th syntax
* runtime(doc): Add pi_tutor.txt to help TOC
* runtime(compiler): add mypy and ruff compiler; update pylint linter
* runtime(netrw): fix several bugs in netrw tree listing
* runtime(netrw): prevent polluting the search history
* 9.1.0845: vimtutor shell script can be improved
* 9.1.0844: if_python: no way to pass local vars to python
* 9.1.0843: too many strlen() calls in undo.c
* runtime(doc): update default value for fillchars option
* runtime(compiler): fix typo in cppcheck compiler plugin
* runtime(doc): simplify vimtutor manpage a bit more
* runtime(matchparen): Add matchparen_disable_cursor_hl config option
* 9.1.0842: not checking for the sync() systemcall
* 9.1.0841: tests: still preferring python2 over python3
* 9.1.0840: filetype: idris2 files are not recognized
* 9.1.0839: filetype: leo files are not recognized
* runtime(cook): include cook filetype plugin
* runtime(debversions): Update Debian versions
* patch 9.1.0838: vimtutor is bash-specific
* runtime(doc): add help specific modeline to pi_tutor.txt
* Filelist: vimtutor chapter 2 is missing in Filelist
* 9.1.0837: cross-compiling has some issues
* runtime(vimtutor): Add a second chapter
- zypper
-
- Annonunce --root in commands not launching a Target
(bsc#1237044)
- BuildRequires: libzypp-devel >= 17.36.3.
- version 1.14.85
- Let zypper dup fail in case of (temporarily) unaccessible repos
(bsc#1228434, bsc#1236939, fixes #446)
- version 1.14.84
- New system-architecture command (bsc#1236384)
Prints the detected system architecture.
- version 1.14.83
- requires: libzypp >= 17.36.0.
- Change versioncmp command to return exit code according to the
comparison result (#593)
- version 1.14.82