HANA-Firewall
- HANA-Firewall creates insufficient configuration.
  (bsc#1221231)
SAPHanaSR
- Version bump to 0.162.4
  * unify global.ini examples
  * add demo script SAPHanaSR-upgrade-to-angi-demo
  * update man pages:
    SAPHanaSR_basic_cluster.7
    SAPHanaSR_maintenance_examples.7
    SAPHanaSR_upgrade_to_angi.7
    SAPHanaSR-manageProvider.8
    SAPHanaSR-upgrade-to-angi-demo.8
    SAPHanaSR.py.7

- Version bump to 0.162.3
  * Fix the hexdump log for empty node states
  * catch monitor calls for non-cloned resources and report them as
    unsupported instead of 'command not found'
    (bsc#1218333)
  * fix scope of variable 'site' to be global
    (bsc#1219194)
  * susChkSrv.py - relocate function logTimestamp()
  * update man pages:
    SAPHanaSR.7
    ocf_suse_SAPHana.7
    SAPHanaSR_maintenance_examples.7
    SAPHanaSR.py.7
    SAPHanaSR-showAttr.8
aaa_base
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  to also fix the typo to set JAVA_BINDIR in the csh variant
  of the alljava profile script (bsc#1221361)

- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
  drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
  drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
  make sure the script does not exit with 1 if a file
  with content is found (bsc#1222547)

- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
  home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile

- silence the output in the case of broken symlinks (bsc#1218232)
autofs
- autofs-5.1.6-remove-intr-hosts-map-mount-option.patch
  Don't use the intr option on NFS mounts by default, it's been
  ignored by the kernel for a long time now. (bsc#1225130)

- autofs-5.1.8-dont-use-initgroups-at-spawn.patch
  Don't use initgroups at spawn (bsc#1214710, bsc#1221181)
azure-cli
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.36.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.35.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.34.1
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.33.1
  + For detailed information about changes see the
    HISTORY.rst file provided with this package

- New upstream release
  + Version 2.33.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Add missing python-rpm-macros to BuildRequires
- Update Requires from setup.py

- New upstream release
  + Version 2.32.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.31.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py
bind
- Security Fixes:
  * It is possible to craft excessively large numbers of resource
    record types for a given owner name, which has the effect of
    slowing down database processing. This has been addressed by
    adding a configurable limit to the number of records that can
    be stored per name and type in a cache or zone database. The
    default is 100, which can be tuned with the new
    max-types-per-name option. (CVE-2024-1737)
    [bsc#1228256, bind-9.16-CVE-2024-1737.patch]
  * Validating DNS messages signed using the SIG(0) protocol (RFC
    2931) could cause excessive CPU load, leading to a
    denial-of-service condition. Support for SIG(0) message
    validation was removed from this version of named.
    (CVE-2024-1975)
    [bsc#1228257, bind-9.16-CVE-2024-1975.patch]

- Security Fixes:
  * Validating DNS messages containing a lot of DNSSEC signatures
    could cause excessive CPU load, leading to a denial-of-service
    condition. This has been fixed. (CVE-2023-50387)
    [bsc#1219823, bind-CVE-2023-50387-CVE-2023-50868.patch]
  * Preparing an NSEC3 closest encloser proof could cause excessiv
    CPU load, leading to a denial-of-service condition. This has
    been fixed. (CVE-2023-50868)
    [bsc#1219826, bind-CVE-2023-50387-CVE-2023-50868.patch]
  * Parsing DNS messages with many different names could cause
    excessive CPU load. This has been fixed. (CVE-2023-4408)
    [bsc#1219851, bind-CVE-2023-4408.patch]
  * Specific queries could cause named to crash with an assertion
    failure when nxdomain-redirect was enabled. This has been
    fixed. (CVE-2023-5517)
    [bsc#1219852, bind-CVE-2023-5517.patch]
  * Query patterns that continuously triggered cache database
    maintenance could cause an excessive amount of memory to be
    allocated, exceeding max-cache-size and potentially leading to
    all available memory on the host running named being exhausted
    This has been fixed. (CVE-2023-6516)
    [bsc#1219854, bind-CVE-2023-6516.patch]
binutils
- Update to current 2.43.1 branch [PED-10474]:
  * PR32109 - fuzzing problem
  * PR32083 - LTO vs overridden common symbols
  * PR32067 - crash with LTO-plugin and --oformat=binary
  * PR31956 - LTO vs wrapper symbols
  * riscv - add Zimop and Zcmop extensions
- Adjusted binutils-2.43-branch.diff.gz.

- Update to version 2.43:
  * new .base64 pseudo-op, allowing base64 encoded data as strings
  * Intel APX: add support for CFCMOV, CCMP, CTEST, zero-upper, NF
    (APX_F now fully supported)
  * x86 Intel syntax now warns about more mnemonic suffixes
  * macros and .irp/.irpc/.rept bodies can use \+ to get at number
    of times the macro/body was executed
  * aarch64: support 'armv9.5-a' for -march, add support for LUT
    and LUT2
  * s390: base register operand in D(X,B) and D(L,B) can now be
    omitted (ala 'D(X,)'); warn when register type doesn't match
    operand type (use option
    'warn-regtype-mismatch=[strict|relaxed|no]' to adjust)
  * riscv: support various extensions: Zacas, Zcmp, Zfbfmin,
    Zvfbfmin, Zvfbfwma, Smcsrind/Sscsrind, XCvMem, XCvBi, XCvElw,
    XSfCease, all at version 1.0;
    remove support for assembly of privileged spec 1.9.1 (linking
    support remains)
  * arm: remove support for some old co-processors: Maverick and FPA
  * mips: '--trap' now causes either trap or breakpoint instructions
    to be emitted as per current ISA, instead of always using trap
    insn and failing when current ISA was incompatible with that
  * LoongArch: accept .option pseudo-op for fine-grained control
    of assembly code options; add support for DT_RELR
  * readelf: now displays RELR relocations in full detail;
    add -j/--display-section to show just those section(s) content
    according to their type
  * objdump/readelf now dump also .eh_frame_hdr (when present) when
    dumping .eh_frame
  * gprofng: add event types for AMD Zen3/Zen4 and Intel Ice Lake
    processors; add minimal support for riscv
  * linker:
  - put .got and .got.plt into relro segment
  - add -z isa-level-report=[none|all|needed|used] to the x86 ELF
    linker to report needed and used x86-64 ISA levels
  - add --rosegment option which changes the -z separate-code
    option so that only one read-only segment is created (instead
    of two)
  - add --section-ordering-file <FILE> option to add extra
    mapping of input sections to output sections
  - add -plugin-save-temps to store plugin intermediate files
    permanently
- Removed binutils-2.42.tar.bz2, binutils-2.42-branch.diff.gz.
- Added binutils-2.43.tar.bz2, binutils-2.43-branch.diff.gz.
- Removed upstream patch riscv-no-relax.patch.
- Rebased ld-relro.diff and binutils-revert-rela.diff.

- binutils-pr22868.diff: Remove obsolete patch
- Undefine _FORTIFY_SOURCE when running checks

- Allow to disable profiling

- Use %patch -P N instead of deprecated %patchN.

- riscv-no-relax.patch: RISC-V: Don't generate branch/jump relocation if
  symbol is local when no-relax

- Add binutils-disable-code-arch-error.diff to demote an
  error about swapped .arch/.code directives to a warning.
  It happens in the wild.

- Update to version 2.42:
  * Add support for many aarch64 extensions: SVE2.1, SME2.1, B16B16,
  RASv2, LSE128, GCS, CHK, SPECRES2, LRCPC3, THE, ITE, D128, XS and
  flags to enable them: '+fcma', '+jscvt', '+frintts', '+flagm2',
  '+rcpc2' and '+wfxt'
  * Add experimantal support for GAS to synthesize call-frame-info for
  some hand-written asm (--scfi=experimental) on x86-64.
  * Add support for more x86-64 extensions: APX: 32 GPRs, NDD, PUSH2/POP2,
  PUSHP/POPP; USER_MSR, AVX10.1, PBNDKB, SM4, SM3, SHA512, AVX-VNNI-INT16.
  * Add support for more RISC-V extensions: T-Head v2.3.0, CORE-V v1.0,
  SiFive VCIX v1.0.
  * BPF assembler: ';' separates statements now, and does not introduce
  line comments anymore (use '#' or '//' for this).
  * x86-64 ld: Add '-z mark-plt/-z nomark-plt' to mark PLT entries with
  dynamic tags.
  * risc-v ld: Add '--[no-]check-uleb128'.
  * New linker script directive: REVERSE, to be combined with SORT_BY_NAME
  or SORT_BY_INIT_PRIORITY, reverses the generated order.
  * New linker options --warn-execstack-objects (warn only about execstack
  when input object files request it), and --error-execstack plus
  - -error-rxw-segments to convert the existing warnings into errors.
  * objdump: Add -Z/--decompress to be used with -s/--full-contents to
  decompress section contents before displaying.
  * readelf: Add --extra-sym-info to be used with --symbols (currently
  prints section name of references section index).
  * objcopy: Add --set-section-flags for x86_64 to include
  SHF_X86_64_LARGE.
  * s390 disassembly: add target-specific disasm option 'insndesc',
  as in "objdump -M insndesc" to display an instruction description
  as comment along with the disassembly.
- Add binutils-2.42-branch.diff.gz.
- Rebased s390-biarch.diff.
- Adjusted binutils-revert-hlasm-insns.diff,
  binutils-revert-plt32-in-branches.diff and binutils-revert-rela.diff
  for upstream changes.
- Removed binutils-2.41-branch.diff.gz, binutils-2.41.tar.bz2,
  binutils-2.41-branch.diff.gz.
- Removed binutils-use-less-memory.diff, binutils-old-makeinfo.diff
  and riscv-relro.patch (all upstreamed).
- Removed add-ulp-section.diff, we use a different mechanism
  for live patching since a long time.

- Add binutils-use-less-memory.diff to be a little nicer to 32bit
  userspace and huge links.  [bsc#1216908]

- riscv-relro.patch: RISC-V: Protect .got with relro

- Add libzstd-devel to Requires of binutils-devel. (bsc#1215341)
ca-certificates-mozilla
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
  - Added: FIRMAPROFESIONAL CA ROOT-A WEB
  - Distrust: GLOBALTRUST 2020

- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
  Added:
  - CommScope Public Trust ECC Root-01
  - CommScope Public Trust ECC Root-02
  - CommScope Public Trust RSA Root-01
  - CommScope Public Trust RSA Root-02
  - D-Trust SBR Root CA 1 2022
  - D-Trust SBR Root CA 2 2022
  - Telekom Security SMIME ECC Root 2021
  - Telekom Security SMIME RSA Root 2023
  - Telekom Security TLS ECC Root 2020
  - Telekom Security TLS RSA Root 2023
  - TrustAsia Global Root CA G3
  - TrustAsia Global Root CA G4
  Removed:
  - Autoridad de Certificacion Firmaprofesional CIF A62634068
  - Chambers of Commerce Root - 2008
  - Global Chambersign Root - 2008
  - Security Communication Root CA
  - Symantec Class 1 Public Primary Certification Authority - G6
  - Symantec Class 2 Public Primary Certification Authority - G6
  - TrustCor ECA-1
  - TrustCor RootCert CA-1
  - TrustCor RootCert CA-2
  - VeriSign Class 1 Public Primary Certification Authority - G3
  - VeriSign Class 2 Public Primary Certification Authority - G3
- remove-trustcor.patch: removed, now upstream
- do a versioned obsoletes of "openssl-certs".
ca-certificates
- Update to version 2+git20240416.98ae794 (bsc#1221184):
  * Use flock to serialize calls (boo#1188500)
  * Make certbundle.run container friendly
  * Create /var/lib/ca-certificates if needed
catatonit
- Update to catatonit v0.2.0.
  * Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
  - 99bb9048f.patch
chrony
- Use make quickcheck instead of make check to avoid >1h build
  times and failures due to timeouts. This was the default before
  3.2 but it changed to make tests more reliable. Here a seed is
  already set to get deterministic execution.

- Use shorter NTS-KE retry interval when network is down
  (bsc#1213551, chrony-burst_total_samples_to_go.patch,
  chrony-retry_interval_ke_start.patch).
cloud-init
- Add cloud-init-skip-rename.patch (bsc#1219680)
  + Brute force appraoch to skip renames if the device is already present

- Add cloud-init-usr-sudoers.patch (bsc#1223469)
  + Handle the existence of /usr/etc/sudoers to search for the expected
    include location

- Update cloud-init-no-openstack-guess.patch
  + Do not enable cloud-init on systems where there is no DMI just
    because no data source has been found. No data source means
    cloud-init will not run.

- Add cloud-init-no-nmcfg-needed.patch (bsc#1221726)
  + Do not require a NetworkManager config file in order to detect
    NetworkManager as the renderer

- Add cloud-init-no-openstack-guess.patch (bsc#1222113)
  + Do not guess if we are running on OpenStack or not. Only recognize
    the known markers and enable cloud-init if we know for sure.

- Add  cloud-init-ds-deterministic.patch (bsc#1221132)
  + Do not guess a data source when checking for a CloudStack
    environment

- Hardcode distribution to suse for proper cloud.cfg generation
  (bsc#1220132).

- Prepare for RPM 4.20 switch patch syntax

- Add cloud-init-skip-empty-conf.patch
  + Skip tests with empty config

- Add cloud-init-pckg-reboot.patch (boo#1198533, bsc#1218952,  jsc#SMO-326)
  + Support reboot on package update/upgrade via the cloud-init config

- Switch build dependency to the generic distribution-release package
cloud-netconfig
- Update to version 1.14
  + Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)

- Add version settings to Provides/Obsoletes

- Update to version 1.12 (bsc#1221202)
  + If token access succeeds using IPv4 do not use the IPv6 endpoint
    only use the IPv6 IMDS endpoint if IPv4 access fails.

- Add Provides/Obsoletes for dropped cloud-netconfig-nm
- Install dispatcher script into /etc/NetworkManager/dispatcher.d
  on older distributions
- Add BuildReqires: NetworkManager to avoid owning dispatcher.d
  parent directory

- Update to version 1.11:
  + Revert address metadata lookup in GCE to local lookup (bsc#1219454)
  + Fix hang on warning log messages
  + Check whether getting IPv4 addresses from metadata failed and abort
    if true
  + Only delete policy rules if they exist
  + Skip adding/removing IPv4 ranges if metdata lookup failed
  + Improve error handling and logging in Azure
  + Set SCRIPTDIR when installing netconfig wrapper

- Update to version 1.10:
  + Drop cloud-netconfig-nm sub package and include NM dispatcher
    script in main packages (bsc#1219007)
  + Spec file cleanup

- Update to version 1.9:
  + Drop package dependency on sysconfig-netconfig
  + Improve log level handling
  + Support IPv6 IMDS endpoint in EC2 (bsc#1218069)
cloud-regionsrv-client
- Update to 10.3.4
  + Modify the message when network access over a specific IP version does
    not work. This is an informational message and should not look like
    an error
  + Inform the user that LTSS registration takes a little longer
  + Add fix-for-sles12-no-trans_update.patch
    + SLE 12 family has no products with transactional-update we do not
    need to look for this condition
- From 10.3.3 (bsc#1229472)
  + Handle changes in process structure to properly identify the running
    zypper parent process and only check for 1 PID
- From 10.3.2
  + Remove rgnsrv-clnt-fix-docker-setup.patch included upstream
- From 10.3.1 (jsc#PCT-400)
  + Add support for LTSS registration
  + Add fix-for-sles12-disable-registry.patch
    ~ No container support in SLE 12

- Add rgnsrv-clnt-fix-docker-setup.patch (bsc#1229137)
  + The entry for the update infrastructure registry mirror was written
    incorrectly causing docker daemon startup to fail.

- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
  + Add support for sidecar registry
    Podman and rootless Docker support to set up the necessary
    configuration for the container engines to run as defined
  + Add running command as root through sudoers file

- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
  + In addition to logging, write message to stderr when registration fails
  + Detect transactional-update system with read only setup and use
    the transactional-update command to register
  + Handle operation in a different target root directory for credentials
    checking

- Update to version 10.1.7 (bsc#1220164, bsc#1220165)
  + Fix the failover path to a new target update server. At present a new
    server is not found since credential validation fails. We targeted
    the server detected in down condition to verify the credentials instead
    of the replacement server.
kernel-default
- Update patches.suse/usb-f_fs-Fix-use-after-free-for-epfile.patch
  (git-fixes bsc#1228040 CVE-2022-48822).
- commit 2c8d4da

- ima: Fix use-after-free on a dentry's dname.name (bsc#1227716
  CVE-2024-39494).
- commit f6c5c97

- ASoC: topology: Fix route memory corruption (CVE-2024-41069
  bsc#1228644).
- commit f66560f

- IB/core: Implement a limit on UMAD receive List (bsc#1228743 CVE-2024-42145)
- commit f02f32a

- ASoC: topology: Fix references to freed memory (CVE-2024-41069
  bsc#1228644).
- commit 92df0ca

- hfsplus: fix uninit-value in copy_name (bsc#1228561
  CVE-2024-41059).
- commit 97ed148

- dmaengine: idxd: Fix possible Use-After-Free in
  irq_process_work_list (CVE-2024-40956 bsc#1227810).
- commit 26f1077

- ocfs2: fix DIO failure due to insufficient transaction credits
  (bsc#1216834).
- commit 300f953

- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885
  bsc#1227750).
- commit e97b8a4

- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
  (bsc#1228013 CVE-2022-48792).
- commit e1a6b29

- tap: add missing verification for short frame (CVE-2024-41090
  bsc#1228328).
- commit ebf78ce

- ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
  (CVE-2021-47291 bsc#1224918).
- ipv6: Fix KASAN: slab-out-of-bounds Read in
  fib6_nh_flush_exceptions (bsc#1224918 CVE-2021-47126
  bsc#1221539).
- commit 8e8ce7c

- drm/amdkfd: don't allow mapping the MMIO HDP page with large
  pages (CVE-2024-41011 bsc#1228115).
- commit 71f4e95

- sch_cake: do not call cake_destroy() from cake_init()
  (CVE-2021-47598 bsc#1226574).
- commit bd20b3c

- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
  (bsc#1226550 CVE-2021-47580).
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
  (bsc#1222824 CVE-2021-47219).
- commit 2e165bd

- X.509: Fix the parser of extended key usage for length
  (bsc#1218820 bsc#1226666).
- commit 2d78310

- gve: Clear napi->skb before dev_kfree_skb_any() (CVE-2024-40937
  bsc#1227836).
- commit 2df93fe

- Update References
  patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
  (bsc#1186463 CVE-2021-0129 CVE-2020-26558 bsc#1179610
  CVE-2020-26558).
- commit d06a0d0

- Update
  patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
  (bsc#1186463 CVE-2021-0129 CVE-2020-26558 bsc#1179610
  CVE-2020-26558).
- commit 9cfc088

- misc: fastrpc: avoid double fput() on failed usercopy
  (CVE-2022-48821 bsc#1227976).
- commit 57e770a

- Update
  patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186
  CVE-2024-26800 bsc#1222728).
- commit 72c3b29

- Update
  patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
  (bsc#1065729 CVE-2023-52686 bsc#1224682).
- Update
  patches.suse/scsi-qedf-Ensure-the-copied-buf-is-NUL-terminated.patch
  (bsc#1226758 CVE-2024-38559 bsc#1226785).
- commit 53c517e

- nfsd: fix use-after-free due to delegation race (CVE-2021-47506
  bsc#1225404 bsc#1227497).
- commit b195c7b

- Update
  patches.suse/net-tls-factor-out-tls_-crypt_async_wait.patch.
- fix build warning
- commit 7f81dcf

- Fix spurious WARNING caused by a qxl driver patch (bsc#1227213)
  Refresh patches.suse/drm-qxl-fix-UAF-on-handle-creation.patch
- commit e245863

- Update
  patches.suse/scsi-qedf-Ensure-the-copied-buf-is-NUL-terminated.patch
  (bsc#1226785 CVE-2024-38559).
  Fix incorrect bug reference.
- commit 7bd70b9

- can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431
  CVE-2021-47520).
- commit 0094102

- powerpc/rtas: Prevent Spectre v1 gadget construction in
  sys_rtas() (bsc#1227487).
- commit 74bce38

- blacklist.conf:
- commit cdd4002

- NFS: Don't overfill uncached readdir pages (bsc#1226662).
- commit d0f2933

- tls: fix use-after-free on failed backlog decryption
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: separate no-async decryption request handling from async
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: decrement decrypt_pending if no async completion will be
  called (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- net: tls: handle backlogging of crypto requests (CVE-2024-26584
  bsc#1220186).
- tls: fix race between tx work scheduling and socket close
  (CVE-2024-26585 bsc#1220187).
- tls: fix race between async notify and socket close
  (CVE-2024-26583 bsc#1220185).
- net: tls: factor out tls_*crypt_async_wait() (CVE-2024-26583
  CVE-2024-26584 bsc#1220185 bsc#1220186).
- net: tls: fix async vs NIC crypto offload (CVE-2024-26583
  CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: use async as an in-out argument (CVE-2024-26583
  CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: assume crypto always calls our callback (CVE-2024-26583
  CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: don't track the async count (CVE-2024-26583
  CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: simplify async wait (CVE-2024-26583 CVE-2024-26584
  bsc#1220185 bsc#1220186).
- tls: rx: wrap decryption arguments in a structure
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: don't report text length from the bowels of decrypt
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: drop unnecessary arguments from tls_setup_from_iter()
  (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- net/tls: race causes kernel panic (CVE-2024-26583 CVE-2024-26584
  bsc#1220185 bsc#1220186).
- commit cf4818b

- Delete
  patches.suse/tls-fix-race-between-tx-work-scheduling-and-socket-c.patch.
  Will be replaced with refreshed version once all conflicting patches are in.
- commit e1dd229

- dm btree remove: fix use after free in rebalance_children()
  (CVE-2021-47600, bsc#1226575).
- commit 088e9db

- Update
  patches.suse/0020-dm-btree-remove-fix-use-after-free-in-rebalance_chil.patch
  (git-fixes CVE-2021-47600 bsc#1226575).
- Update
  patches.suse/0022-block-Fix-wrong-offset-in-bio_truncate.patch
  (git-fixes CVE-2022-48747 bsc#1226643).
- Update
  patches.suse/ARM-9170-1-fix-panic-when-kasan-and-kprobe-are-enabled.patch
  (git-fixes CVE-2021-47618 bsc#1226644).
- Update
  patches.suse/ASoC-max9759-fix-underflow-in-speaker_gain_control_p.patch
  (git-fixes CVE-2022-48717 bsc#1226679).
- Update
  patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4cf28e9ae6e2.patch
  (git-fixes CVE-2022-48736 bsc#1226721).
- Update
  patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4f1e50d6a9cf.patch
  (git-fixes CVE-2022-48737 bsc#1226762).
- Update
  patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_.patch
  (git-fixes CVE-2022-48738 bsc#1226674).
- Update
  patches.suse/Bluetooth-refactor-malicious-adv-data-check.patch
  (git-fixes CVE-2021-47620 bsc#1226669).
- Update patches.suse/IB-hfi1-Fix-AIP-early-init-panic.patch
  (jsc#SLE-13208 CVE-2022-48728 bsc#1226691).
- Update
  patches.suse/PCI-pciehp-Fix-infinite-loop-in-IRQ-handler-upon-pow.patch
  (git-fixes CVE-2021-47617 bsc#1226614).
- Update
  patches.suse/RDMA-ucma-Protect-mc-during-concurrent-multicast-lea.patch
  (bsc#1181147 CVE-2022-48726 bsc#1226686).
- Update
  patches.suse/ceph-properly-put-ceph_string-reference-after-async-create-attempt.patch
  (bsc#1195798 CVE-2022-48767 bsc#1226715).
- Update
  patches.suse/dma-buf-heaps-Fix-potential-spectre-v1-gadget.patch
  (git-fixes CVE-2022-48730 bsc#1226713).
- Update
  patches.suse/drm-msm-dpu-invalid-parameter-check-in-dpu_setup_dsp.patch
  (git-fixes CVE-2022-48749 bsc#1226650).
- Update
  patches.suse/drm-msm-dsi-invalid-parameter-check-in-msm_dsi_phy_e.patch
  (git-fixes CVE-2022-48756 bsc#1226698).
- Update
  patches.suse/drm-nouveau-fix-off-by-one-in-BIOS-boundary-checking.patch
  (git-fixes CVE-2022-48732 bsc#1226716).
- Update
  patches.suse/firmware-arm_scpi-Fix-string-overflow-in-SCPI-genpd-.patch
  (git-fixes CVE-2021-47609 bsc#1226562).
- Update patches.suse/i40e-Fix-queues-reservation-for-XDP.patch
  (git-fixes CVE-2021-47619 bsc#1226645).
- Update patches.suse/igbvf-fix-double-free-in-igbvf_probe.patch
  (git-fixes CVE-2021-47589 bsc#1226557).
- Update
  patches.suse/iommu-vt-d-fix-potential-memory-leak-in-intel_setup_irq_remapping
  (git-fixes CVE-2022-48724 bsc#1226624).
- Update
  patches.suse/mac80211-track-only-QoS-data-frames-for-admission-co.patch
  (git-fixes CVE-2021-47602 bsc#1226554).
- Update
  patches.suse/mac80211-validate-extended-element-ID-is-present.patch
  (git-fixes CVE-2021-47611 bsc#1226583).
- Update
  patches.suse/net-bridge-vlan-fix-memory-leak-in-__allowed_ingress.patch
  (bsc#1176447 CVE-2022-48748 bsc#1226647).
- Update
  patches.suse/net-hns3-fix-use-after-free-bug-in-hclgevf_send_mbx_.patch
  (jsc#SLE-14777 CVE-2021-47596 bsc#1226558).
- Update
  patches.suse/net-ieee802154-ca8210-Stop-leaking-skb-s.patch
  (git-fixes CVE-2022-48722 bsc#1226619).
- Update
  patches.suse/net-mlx5e-Fix-handling-of-wrong-devices-during-bond-.patch
  (jsc#SLE-15172 CVE-2022-48746 bsc#1226703).
- Update
  patches.suse/net-sched-sch_ets-don-t-remove-idle-classes-from-the.patch
  (bsc#1176774 CVE-2021-47595 bsc#1226552).
- Update
  patches.suse/nfc-fix-segfault-in-nfc_genl_dump_devices_done.patch
  (git-fixes CVE-2021-47612 bsc#1226585).
- Update patches.suse/phylib-fix-potential-use-after-free.patch
  (git-fixes CVE-2022-48754 bsc#1226692).
- Update
  patches.suse/powerpc-perf-Fix-power_pmu_disable-to-call-clear_pmi.patch
  (bsc#1156395 CVE-2022-48752 bsc#1226709).
- Update
  patches.suse/rpmsg-char-Fix-race-between-the-release-of-rpmsg_ctr.patch
  (git-fixes CVE-2022-48759 bsc#1226711).
- Update
  patches.suse/scsi-bnx2fc-Flush-destroy_work-queue-before-calling-bnx2fc_interface_put
  (git-fixes CVE-2022-48758 bsc#1226708).
- Update patches.suse/scsi-bnx2fc-Make-bnx2fc_recv_frame-mp-safe
  (git-fixes CVE-2022-48715 bsc#1226621).
- Update
  patches.suse/scsi-scsi_debug-Sanity-check-block-descriptor-length-in-resp_mode_select.patch
  (git-fixes CVE-2021-47576 bsc#1226537).
- Update
  patches.suse/smb-client-set-correct-id-uid-and-cruid-for-multiuser-automounts.patch
  (git-fixes CVE-2024-26822 bsc#1223011).
- Update
  patches.suse/tracing-histogram-Fix-a-potential-memory-leak-for-kstrdup.patch
  (git-fixes CVE-2022-48768 bsc#1226720).
- commit 3239c2b

- Update
  patches.suse/drm-vmwgfx-Fix-stale-file-descriptors-on-failed-user.patch
  (CVE-2022-22942 bsc#1195065 CVE-2022-48771 bsc#1226732).
- Update
  patches.suse/isdn-cpai-check-ctr-cnr-to-avoid-array-index-out-of-.patch
  (CVE-2021-43389 CVE-2021-3896 bsc#1191958 git-fixes
  CVE-2021-4439 bsc#1226670).
- Update
  patches.suse/media-mxl111sf-change-mutex_init-location.patch
  (git-fixes CVE-2021-47583 bsc#1226563).
- Update
  patches.suse/of-module-prevent-NULL-pointer-dereference-in-vsnprintf.patch
  (bsc#1226587 CVE-2024-38541 CVE-2024-35878 bsc#1224671).
- Update
  patches.suse/tipc-improve-size-validations-for-received-domain-re.patch
  (bsc#1195254 CVE-2022-0435 CVE-2022-48711 bsc#1226672).
- commit 4e385ef

- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()
  (CVE-2024-36904 bsc#1225732).
- commit 80f0f47

- tcp: do not accept ACK of bytes we never sent (CVE-2023-52881
  bsc#1225611).
- commit 874a2d3

- NFS: Reduce use of uncached readdir (bsc#1226662).
- NFS: Don't re-read the entire page cache to find the next cookie
  (bsc#1226662).
- NFS: Further optimisations for 'ls -l' (bsc#1226662).
- NFS: Reduce number of RPC calls when doing uncached readdir
  (bsc#1226662).
- NFS: More readdir cleanups (bsc#1226662).
- NFS: Support larger readdir buffers (bsc#1226662).
- NFS: Don't discard readdir results (bsc#1226662).
- NFS: Clean up directory array handling (bsc#1226662).
- NFS: Clean up nfs_readdir_page_filler() (bsc#1226662).
- NFS: Clean up readdir struct nfs_cache_array (bsc#1226662).
- NFS: Ensure contents of struct nfs_open_dir_context are
  consistent (bsc#1226662).
- NFS: Use the 64-bit server readdir cookies when possible
  (bsc#1226662).
- NFS: Fix up directory verifier races (bsc#1226662).
- nfs: optimise readdir cache page invalidation (bsc#1226662).
- commit 4f3964b

- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
  (bsc#1222015 bsc#1226962).
- commit c8cabcf

- USB: core: Fix hang in usb_kill_urb by adding memory barriers
  (CVE-2022-48760 bsc#1226712).
- commit da8ec3e

- scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758
  CVE-2024-38559).
- scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786
  CVE-2024-38560).
- commit 0e33f69

- Update References tag
  patches.suse/Bluetooth-Disconnect-if-E0-is-used-for-Level-4.patch
  (bsc#1171988 CVE-2020-10135 bsc#1218148 CVE-2023-24023).
- commit 906dfa6

- net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
  (CVE-2024-36974 bsc#1226519).
- commit b592e79

- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
- commit a875ff3

- RDMA/hns: Fix UAF for cq async event (bsc#1226595 CVE-2024-38545)
- commit d57d06d

- of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1226587 CVE-2024-38541)
- commit c381bb4

- of: module: add buffer overflow check in of_modalias() (bsc#1226587 CVE-2024-38541)
- commit 212b607

- net/mlx5e: Fix use-after-free of encap entry in neigh update
  handler (bsc#1224865 CVE-2021-47247).
- commit 91cae43

- net: qcom/emac: fix UAF in emac_remove (bsc#1225010
  CVE-2021-47311).
- commit 5533443

- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633
  bsc#1226226).
- commit 1b48f4e

- net: macb: fix use after free on rmmod (CVE-2021-47372
  bsc#1225184).
- commit c9f62c2

- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high
  (bsc#1219224).
- commit 124c57b

- smb: client: fix potential UAF in smb2_is_network_name_deleted()
  (bsc#1224764, CVE-2024-35862).
- commit 8a40236

- smb: client: fix potential UAF in smb2_is_valid_lease_break()
  (bsc#1224765, CVE-2024-35864).
- commit 8030dd8

- smb: client: fix potential UAF in
  cifs_signal_cifsd_for_reconnect() (bsc#1224766, CVE-2024-35861).
- commit d1384a0

- smb: client: fix use-after-free bug in
  cifs_debug_data_proc_show() (bsc#1225487, CVE-2023-52752).
- commit c058f4e

- blacklist.conf: bsc#1225047 CVE-2021-47328
  breaks kABI and does not apply
- commit 8d10b79

- blk-cgroup: fix UAF by grabbing blkcg lock before destroying
  blkg pd (CVE-2021-47379 bsc#1225203).
- commit af72a45

- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
  changes (CVE-2024-35789 bsc#1224749).
- commit 7707dc6

- fs/9p: only translate RWX permissions for plain 9P2000
  (bsc#1225866 CVE-2024-36964).
- commit c4d4f4c

- pinctrl: core: delete incorrect free in pinctrl_enable()
  (CVE-2024-36940 bsc#1225840).
- commit 6932105

- staging: rtl8192e: Fix use after free in
  _rtl92e_pci_disconnect() (CVE-2021-47571 bsc#1225518).
- commit b52b9d0

- enetc: Fix illegal access when reading affinity_hint
  (CVE-2021-47368 bsc#1225161).
- commit cde762c

- Bluetooth: Add more enc key size check (bsc#1218148
  CVE-2023-24023).
- commit 529bf5d

- Bluetooth: Normalize HCI_OP_READ_ENC_KEY_SIZE cmdcmplt
  (bsc#1218148 CVE-2023-24023).
- commit 4ac624b

- blacklist.conf: Add 1971d13ffa84a "af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc()."
- commit 1f2871b

- usb: gadget: f_fs: Fix race between aio_cancel() and AIO
  request complete (CVE-2024-36894 bsc#1225749).
- commit 99fc30d

- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 62989dd

- inet: inet_defrag: prevent sk release while still in use
  (CVE-2024-26921 bsc#1223138).
- commit 599b2eb

- drm/client: Fully protect modes with dev->mode_config.mutex (CVE-2024-35950 bsc#1224703).
- commit f5de9d8

- smb: client: set correct id, uid and cruid for multiuser
  automounts (git-fixes).
- commit 548a1f6

- smb: client: fix dfs link mount against w2k8 (git-fixes).
- commit ffabd7c

- cifs: use tcon allocation functions even for dummy tcon
  (bsc#1213476).
- commit 8a18c8c

- cifs: avoid race conditions with parallel reconnects
  (bsc#1213476).
- commit 0156937

- cifs: check only tcon status on tcon related functions
  (bsc#1213476).
- commit 3ee757c

- cifs: return DFS root session id in DebugData (bsc#1213476).
- commit 40d8689

- cifs: fix use-after-free bug in refresh_cache_worker()
  (bsc#1213476).
- Refresh
  patches.suse/cifs-avoid-dup-prefix-path-in-dfs_get_automount_devname-.patch.
- commit efddc92

- cifs: set DFS root session in cifs_get_smb_ses() (bsc#1213476).
- commit 249b33f

- cifs: reuse cifs_match_ipaddr for comparison of dstaddr too
  (bsc#1213476).
- commit c221add

- cifs: match even the scope id for ipv6 addresses (bsc#1213476).
- commit 376b929

- cifs: get rid of dns resolve worker (bsc#1213476).
- commit 36fdff3

- nvme-rdma: destroy cm id before destroy qp to avoid use after
  free (CVE-2021-47378 bsc#1225201).
- commit 132f56c

- net/tls: Fix flipped sign in tls_err_abort() calls
  (CVE-2021-47496 bsc#1225354)
- commit c2b236a

- net: sched: flower: protect fl_walk() with rcu
  (CVE-2021-47402 bsc#1225301)
- commit 5275989

- Update
  patches.suse/0001-x86-ioremap-Map-efi_mem_reserve-memory-as-encrypted-.patch
  (bsc#1186885 bsc#1224826 CVE-2021-47228).
- Update
  patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
  (bsc#1187357 bsc#1185570 bsc#1184631 bsc#1224965
  CVE-2021-47275).
- Update
  patches.suse/0002-ocfs2-fix-race-between-searching-chunks-and-release-.patch
  (bsc#1199304 bsc#1225439 CVE-2021-47493).
- Update
  patches.suse/0003-drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
  (bsc#1152472 bsc#1222838 CVE-2021-47200).
- Update
  patches.suse/0015-dm-btree-remove-assign-new_root-only-when-removal-su.patch
  (git-fixes bsc#1225155 CVE-2021-47343).
- Update
  patches.suse/0019-dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
  (git-fixes bsc#1225247 CVE-2021-47435).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
  (git-fixes bsc#1224984 CVE-2021-47289).
- Update
  patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
  (git-fixes bsc#1225409 CVE-2021-47509).
- Update
  patches.suse/ALSA-seq-Fix-race-of-snd_seq_timer_open.patch
  (git-fixes bsc#1224983 CVE-2021-47281).
- Update
  patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
  (git-fixes bsc#1225091 CVE-2021-47332).
- Update
  patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
  (git-fixes bsc#1225206 CVE-2021-47381).
- Update
  patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
  (git-fixes bsc#1225369 CVE-2021-47502).
- Update
  patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
  (git-fixes bsc#1225303 CVE-2021-47404).
- Update
  patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
  (CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
  patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
  (git-fixes bsc#1225238 CVE-2021-47405).
- Update
  patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
  (git-fixes bsc#1225438 CVE-2021-47523).
- Update
  patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
  (CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
  patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
  (bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
  CVE-2021-47465).
- Update
  patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
  (git-fixes bsc#1224923 CVE-2021-47341).
- Update
  patches.suse/KVM-x86-Immediately-reset-the-MMU-context-when-the-S.patch
  (git-fixes bsc#1224853 CVE-2021-47230).
- Update
  patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
  (git-fixes bsc#1225263 CVE-2021-47442).
- Update
  patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
  (git-fixes bsc#1225262 CVE-2021-47443).
- Update
  patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
  (git-fixes bsc#1224953 CVE-2021-47259).
- Update
  patches.suse/RDMA-Verify-port-when-creating-flow-rule.patch
  (git-fixes bsc#1224957 CVE-2021-47265).
- Update
  patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
  (git-fixes bsc#1210629 CVE-2023-2176 bsc#1225318
  CVE-2021-47391).
- Update
  patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
  (bsc#1181147 bsc#1225320 CVE-2021-47392).
- Update
  patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
  (CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
  patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
  (git-fixes bsc#1225393 CVE-2021-47464).
- Update
  patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
  (bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update
  patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
  (git-fixes bsc#1225370 CVE-2021-47426).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
  (git-fixes bsc#1225256 CVE-2021-47456).
- Update
  patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
  (git-fixes bsc#1225435 CVE-2021-47521).
- Update
  patches.suse/cfg80211-fix-management-registrations-locking.patch
  (git-fixes bsc#1225450 CVE-2021-47494).
- Update
  patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
  (bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
  patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
  (git-fixes bsc#1225316 CVE-2021-47387).
- Update
  patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
  (bsc#1221113 bsc#1225357 CVE-2021-47498).
- Update
  patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
  (git-fixes bsc#1224968 CVE-2021-47305).
- Update
  patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
  (git-fixes bsc#1224982 CVE-2021-47280).
- Update
  patches.suse/drm-amd-display-Avoid-HDCP-over-read-and-corruption.patch
  (git-fixes bsc#1225178 CVE-2021-47348).
- Update
  patches.suse/drm-amd-display-Fix-potential-memory-leak-in-DMUB-hw.patch
  (git-fixes bsc#1224886 CVE-2021-47253).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
  (git-fixes bsc#1225390 CVE-2021-47431).
- Update
  patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
  (git-fixes bsc#1225243 CVE-2021-47444).
- Update
  patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
  (git-fixes bsc#1225261 CVE-2021-47445).
- Update
  patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
  (git-fixes bsc#1225446 CVE-2021-47535).
- Update
  patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
  (bsc#1152472 bsc#1224816 CVE-2020-36788).
- Update
  patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
  (git-fixes bsc#1225366 CVE-2021-47423).
- Update
  patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
  (git-fixes bsc#1225233 CVE-2021-47422).
- Update
  patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
  (git-fixes bsc#1225230 CVE-2022-48710).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
  (git-fixes bsc#1225140 CVE-2021-47354).
- Update
  patches.suse/ethtool-strset-fix-message-length-calculation.patch
  (bsc#1176447 bsc#1224842 CVE-2021-47241).
- Update
  patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
  (git-fixes bsc#1224924 CVE-2021-47338).
- Update
  patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
  (git-fixes bsc#1224966 CVE-2021-47276).
- Update
  patches.suse/gpio-wcd934x-Fix-shift-out-of-bounds-error.patch
  (git-fixes bsc#1224955 CVE-2021-47263).
- Update
  patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
  (git-fixes bsc#1225321 CVE-2021-47393).
- Update
  patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
  (git-fixes bsc#1225223 CVE-2021-47425).
- Update
  patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
  (git-fixes bsc#1225361 CVE-2021-47501).
- Update
  patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
  (git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
  (jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
  (jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
  patches.suse/igb-Fix-use-after-free-error-during-reset.patch
  (git-fixes bsc#1224916 CVE-2021-47301).
- Update
  patches.suse/igc-Fix-use-after-free-error-during-reset.patch
  (git-fixes bsc#1224917 CVE-2021-47302).
- Update
  patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
  (git-fixes bsc#1225358 CVE-2021-47499).
- Update
  patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
  (git-fixes bsc#1225346 CVE-2021-47468).
- Update
  patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
  (git-fixes bsc#1224987 CVE-2021-47284).
- Update
  patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
  (bsc#1194591 bsc#1225198 CVE-2021-47478).
- Update
  patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
  (git-fixes bsc#1225328 CVE-2021-47399).
- Update patches.suse/jfs-fix-GPF-in-diFree.patch (bsc#1203389
  bsc#1225148 CVE-2021-47340).
- Update
  patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
  (git-fixes bsc#1225143 CVE-2021-47356).
- Update
  patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
  (git-fixes bsc#1225214 CVE-2021-47388).
- Update
  patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
  (git-fixes bsc#1225327 CVE-2021-47396).
- Update
  patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
  (git-fixes bsc#1225326 CVE-2021-47395).
- Update
  patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
  (git-fixes bsc#1224922 CVE-2021-47344).
- Update
  patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
  (git-fixes bsc#1225113 CVE-2021-47333).
- Update
  patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
  (git-fixes bsc#1225112 CVE-2021-47334).
- Update
  patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
  (git-fixes bsc#1225224 CVE-2021-47441).
- Update
  patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
  (git-fixes bsc#1225386 CVE-2021-47540).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
  (git-fixes bsc#1224909 CVE-2021-47482).
- Update
  patches.suse/net-ethernet-fix-potential-use-after-free-in-ec_bhf_.patch
  (git-fixes bsc#1224844 CVE-2021-47235).
- Update
  patches.suse/net-hamradio-fix-memory-leak-in-mkiss_close.patch
  (CVE-2022-1195 bsc#1198029 bsc#1224830 CVE-2021-47237).
- Update
  patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
  (git-fixes bsc#1225453 CVE-2021-47541).
- Update
  patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
  (git-fixes bsc#1224981 CVE-2021-47285).
- Update
  patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
  (git-fixes bsc#1225455 CVE-2021-47542).
- Update
  patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
  (jsc#SLE-15172 bsc#1225424 CVE-2021-47512).
- Update
  patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
  (bsc#1176774 bsc#1225468 CVE-2021-47557).
- Update
  patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
  (git-fixes bsc#1225447 CVE-2021-47536).
- Update
  patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
  (bsc#1176447 bsc#1225237 CVE-2021-47451).
- Update
  patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
  (git-fixes bsc#1225372 CVE-2021-47518).
- Update
  patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
  (git-fixes bsc#1225427 CVE-2021-47516).
- Update
  patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
  (git-fixes bsc#1225058 CVE-2021-47320).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
  (git-fixes bsc#1225405 CVE-2021-47507).
- Update
  patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
  (git-fixes bsc#1225404 CVE-2021-47506).
- Update
  patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
  (bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update
  patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
  (bsc#1197760 bsc#1225252 CVE-2021-47458).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
  bsc#1225336 CVE-2021-47416).
- Update
  patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
  (bsc#1156395 bsc#1225387 CVE-2021-47428).
- Update
  patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
  (bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
  patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
  (git-fixes bsc#1224907 CVE-2021-47483).
- Update
  patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
  (bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
  patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
  (git-fixes bsc#1223512 CVE-2022-48636).
- Update
  patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
  (git-fixes bsc#1225164 CVE-2021-47369).
- Update
  patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
  (git-fixes bsc#1225207 CVE-2021-47382).
- Update
  patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
  (git-fixes bsc#1225508 CVE-2021-47549).
- Update
  patches.suse/scsi-core-Fix-bad-pointer-dereference-when-ehandler-kthread-is-invalid.patch
  (git-fixes bsc#1224926 CVE-2021-47337).
- Update
  patches.suse/scsi-core-Fix-error-handling-of-scsi_host_alloc.patch
  (git-fixes bsc#1224899 CVE-2021-47258).
- Update
  patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is-released.patch
  (git-fixes bsc#1225322 CVE-2021-47480).
- Update
  patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs.patch
  (git-fixes bsc#1222867 CVE-2021-47192).
- Update
  patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
  (bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
  patches.suse/scsi-megaraid_sas-Fix-resource-leak-in-case-of-probe-failure.patch
  (git-fixes bsc#1225083 CVE-2021-47329).
- Update
  patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
  (git-fixes bsc#1225384 CVE-2021-47565).
- Update
  patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
  (git-fixes bsc#1225374 CVE-2021-47503).
- Update
  patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
  (git-fixes bsc#1225192 CVE-2021-47473).
- Update
  patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
  (git-fixes bsc#1194288 CVE-2021-47527).
- Update
  patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
  (git-fixes bsc#1224990 CVE-2021-47274).
- Update
  patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
  (bsc#1222619 CVE-2023-52880).
- Update
  patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
  (git-fixes bsc#1225084 CVE-2021-47330).
- Update
  patches.suse/udf-Fix-NULL-pointer-dereference-in-udf_symlink-func.patch
  (bsc#1206646 bsc#1225128 CVE-2021-47353).
- Update
  patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
  (git-fixes bsc#1225333 CVE-2021-47413).
- Update
  patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
  (git-fixes bsc#1225330 CVE-2021-47409).
- Update
  patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
  (git-fixes bsc#1224996 CVE-2021-47269).
- Update
  patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
  (git-fixes bsc#1224993 CVE-2021-47267).
- Update
  patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
  (git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
  (git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
  (git-fixes bsc#1225351 CVE-2021-47495).
- Update
  patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
  (git-fixes bsc#1225060 CVE-2021-47321).
- Update
  patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
  (git-fixes bsc#1225030 CVE-2021-47324).
- Update
  patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
  (git-fixes bsc#1225026 CVE-2021-47323).
- Update
  patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
  (git-fixes bsc#1225177 CVE-2021-47347).
- Update
  patches.suse/x86-fpu-prevent-state-corruption-in-_fpu__restore_sig.patch
  (bsc#1178134 bsc#1224852 CVE-2021-47227).
- Update
  patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
  (git-fixes bsc#1225232 CVE-2021-47434).
- commit 0b290f8

- Update
  patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
  (bsc#1184631 bsc#1224965 CVE-2021-47275).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
  (git-fixes bsc#1224984 CVE-2021-47289).
- Update
  patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
  (git-fixes bsc#1225091 CVE-2021-47332).
- Update
  patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
  (git-fixes bsc#1225206 CVE-2021-47381).
- Update
  patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
  (git-fixes bsc#1225303 CVE-2021-47404).
- Update
  patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
  (CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
  patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
  (git-fixes bsc#1225238 CVE-2021-47405).
- Update
  patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
  (CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
  patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
  (bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
  CVE-2021-47465).
- Update
  patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
  (git-fixes bsc#1224923 CVE-2021-47341).
- Update
  patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
  (git-fixes bsc#1225263 CVE-2021-47442).
- Update
  patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
  (git-fixes bsc#1225262 CVE-2021-47443).
- Update
  patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
  (git-fixes bsc#1224953 CVE-2021-47259).
- Update
  patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
  (bsc#1210629 CVE-2023-2176 bsc#1225318 CVE-2021-47391).
- Update
  patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
  (CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
  patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
  (git-fixes bsc#1225393 CVE-2021-47464).
- Update
  patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
  (bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
  (git-fixes bsc#1225256 CVE-2021-47456).
- Update
  patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
  (bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
  patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
  (git-fixes bsc#1224968 CVE-2021-47305).
- Update
  patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
  (git-fixes bsc#1224982 CVE-2021-47280).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
  (git-fixes bsc#1225390 CVE-2021-47431).
- Update
  patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
  (git-fixes bsc#1225261 CVE-2021-47445).
- Update
  patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
  (git-fixes bsc#1225366 CVE-2021-47423).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
  (git-fixes bsc#1225140 CVE-2021-47354).
- Update
  patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
  (git-fixes bsc#1224924 CVE-2021-47338).
- Update
  patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
  (git-fixes bsc#1224966 CVE-2021-47276).
- Update
  patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
  (git-fixes bsc#1225321 CVE-2021-47393).
- Update
  patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
  (git-fixes bsc#1225223 CVE-2021-47425).
- Update
  patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
  (git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
  (jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
  (jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
  patches.suse/igb-Fix-use-after-free-error-during-reset.patch
  (git-fixes bsc#1224916 CVE-2021-47301).
- Update
  patches.suse/igc-Fix-use-after-free-error-during-reset.patch
  (git-fixes bsc#1224917 CVE-2021-47302).
- Update
  patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
  (git-fixes bsc#1225346 CVE-2021-47468).
- Update
  patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
  (git-fixes bsc#1224987 CVE-2021-47284).
- Update
  patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
  (git-fixes bsc#1225328 CVE-2021-47399).
- Update
  patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
  (git-fixes bsc#1225143 CVE-2021-47356).
- Update
  patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
  (git-fixes bsc#1225214 CVE-2021-47388).
- Update
  patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
  (git-fixes bsc#1225327 CVE-2021-47396).
- Update
  patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
  (git-fixes bsc#1225326 CVE-2021-47395).
- Update
  patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
  (git-fixes bsc#1224922 CVE-2021-47344).
- Update
  patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
  (git-fixes bsc#1225113 CVE-2021-47333).
- Update
  patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
  (git-fixes bsc#1225112 CVE-2021-47334).
- Update
  patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
  (git-fixes bsc#1225224 CVE-2021-47441).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
  (git-fixes bsc#1224909 CVE-2021-47482).
- Update
  patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
  (git-fixes bsc#1225453 CVE-2021-47541).
- Update
  patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
  (git-fixes bsc#1224981 CVE-2021-47285).
- Update
  patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
  (git-fixes bsc#1225455 CVE-2021-47542).
- Update
  patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
  (git-fixes bsc#1225427 CVE-2021-47516).
- Update
  patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
  (git-fixes bsc#1225058 CVE-2021-47320).
- Update
  patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
  (bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
  bsc#1225336 CVE-2021-47416).
- Update
  patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
  (bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
  patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
  (git-fixes bsc#1224907 CVE-2021-47483).
- Update
  patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
  (bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
  patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
  (git-fixes bsc#1225164 CVE-2021-47369).
- Update
  patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
  (git-fixes bsc#1225207 CVE-2021-47382).
- Update
  patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
  (bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
  patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
  (git-fixes bsc#1225384 CVE-2021-47565).
- Update
  patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
  (git-fixes bsc#1225192 CVE-2021-47473).
- Update
  patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
  (git-fixes bsc#1194288 CVE-2021-47527).
- Update
  patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
  (git-fixes bsc#1224990 CVE-2021-47274).
- Update
  patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
  (bsc#1222619 CVE-2023-52880).
- Update
  patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
  (git-fixes bsc#1225084 CVE-2021-47330).
- Update
  patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
  (git-fixes bsc#1224996 CVE-2021-47269).
- Update
  patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
  (git-fixes bsc#1224993 CVE-2021-47267).
- Update
  patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
  (git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
  (git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
  (git-fixes bsc#1225351 CVE-2021-47495).
- Update
  patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
  (git-fixes bsc#1225060 CVE-2021-47321).
- Update
  patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
  (git-fixes bsc#1225030 CVE-2021-47324).
- Update
  patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
  (git-fixes bsc#1225026 CVE-2021-47323).
- Update
  patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
  (git-fixes bsc#1225177 CVE-2021-47347).
- Update
  patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
  (git-fixes bsc#1225232 CVE-2021-47434).
- commit 37dba5a

- net/smc: kABI workarounds for struct smc_link (CVE-2022-48673
  bsc#1223934).
- net/smc: Fix possible access to freed memory in link clear
  (CVE-2022-48673 bsc#1223934).
- commit 0f509bf

- soc: qcom: llcc: Handle a second device without data corruption (bsc#1225534 CVE-2023-52871)
- commit f6adad8

- x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes).
- Refresh
  patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transition.patch.
- Refresh
  patches.suse/x86-xen-add-xenpv_restore_regs_and_return_to_usermode.patch.
- commit fa16bf8

- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
  CVE-2024-26828).
- commit 8a48c12

- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
  (bsc#1225355 CVE-2021-47497).
- commit 33cab00

- Refresh
  patches.suse/firmware-raspberrypi-introduce-vl805-init-routine.patch.
- Refresh
  patches.suse/pci-brcmstb-wait-for-raspberry-pi-s-firmware-when-present.patch.
- Refresh
  patches.suse/usb-pci-quirks-add-raspberry-pi-4-quirk.patch.
- Rename to
  patches.suse/soc-bcm2835-add-notify-xhci-reset-property.patch.
  Add upstream references, sync with upstream and move to the sorted
  section.
  3 of these patches were later reverted, but only because they were
  replaced by a different implementation, not because they were wrong.
  Add the reverts to blacklist.conf.
- commit ebed050

- iio: mma8452: Fix trigger reference couting (bsc#1225360
  CVE-2021-47500).
- commit 8ee9c73

- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
  CVE-2024-27413).
- commit 66f7463

- tty: Fix out-of-bound vmalloc access in imageblit
  (CVE-2021-47383 bsc#1225208).
- commit aa2473d

- ALSA: pcm: oss: Fix negative period/buffer sizes (CVE-2021-47511
  bsc#1225411).
- commit 094796a

- Update tags in
  patches.suse/ext4-Fix-check-for-block-being-out-of-directory-size.patch.
  And move to the sorted section of series.conf.
- commit dc0df73

- Refresh patches.suse/x86-cpu-amd-add-a-zenbleed-fix.patch.
- Refresh
  patches.suse/x86-cpu-amd-move-the-errata-checking-functionality-up.patch.
  Move 2 upstream arch-specific patches to the sorted section.
- commit d5f36cd

- Input: synaptics-rmi4 - fix use after free in
  rmi_unregister_function() (CVE-2023-52840 bsc#1224928).
- commit 3a1b2ed

- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() (CVE-2021-47485 bsc#1224904)
- commit 7e99b42

- af_unix: annote lockless accesses to unix_tot_inflight &
  gc_in_progress (bsc#1223384).
- Refresh
  patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 03fbb54

- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (CVE-2021-47485 bsc#1224904)
- commit c9482fe

- IB/mlx5: Fix initializing CQ fragments buffer (bsc#1224954 CVE-2021-47261)
- commit 77cbada

- Move powerpc patches to their specific section
  They are apparently not going upstream.
- commit eea93a0

- Move upstream patches to the sorted section
- commit 757eb5a

- Update
  patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
  (bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
  patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
  (bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
  patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
  (CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit e0bcd81

- Update
  patches.suse/KVM-PPC-Fix-kvm_arch_vcpu_ioctl-vcpu_load-leak.patch
  (bsc#1156395 CVE-2021-47296 bsc#1224891).
- Update
  patches.suse/NFS-Fix-a-potential-NULL-dereference-in-nfs_get_clie.patch
  (git-fixes CVE-2021-47260 bsc#1224834).
- Update
  patches.suse/PCI-aardvark-Fix-kernel-panic-during-PIO-transfer.patch
  (git-fixes CVE-2021-47229 bsc#1224854).
- Update
  patches.suse/batman-adv-Avoid-WARN_ON-timing-related-checks.patch
  (git-fixes CVE-2021-47252 bsc#1224882).
- Update
  patches.suse/can-mcba_usb-fix-memory-leak-in-mcba_usb.patch
  (git-fixes CVE-2021-47231 bsc#1224849).
- Update
  patches.suse/kvm-lapic-restore-guard-to-prevent-illegal-apic-regi.patch
  (bsc#1188772 CVE-2021-47255 bsc#1224832).
- Update
  patches.suse/media-ngene-Fix-out-of-bounds-bug-in-ngene_command_c.patch
  (git-fixes CVE-2021-47288 bsc#1224889).
- Update
  patches.suse/memory-fsl_ifc-fix-leak-of-IO-mapping-on-probe-failu.patch
  (git-fixes CVE-2021-47315 bsc#1224892).
- Update
  patches.suse/memory-fsl_ifc-fix-leak-of-private-memory-on-probe-f.patch
  (git-fixes CVE-2021-47314 bsc#1224893).
- Update patches.suse/net-cdc_eem-fix-tx-fixup-skb-leak.patch
  (git-fixes CVE-2021-47236 bsc#1224841).
- Update
  patches.suse/net-mlx5e-Fix-page-reclaim-for-dead-peer-hairpin.patch
  (git-fixes CVE-2021-47246 bsc#1224831).
- Update
  patches.suse/net-qrtr-fix-OOB-Read-in-qrtr_endpoint_post.patch
  (CVE-2021-3743 bsc#1189883 CVE-2021-47240 bsc#1224843).
- Update
  patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
  (git-fixes CVE-2021-47239 bsc#1224846).
- Update
  patches.suse/usb-dwc3-core-fix-kernel-panic-when-do-reboot.patch
  (git-fixes CVE-2021-47220 bsc#1224859).
- commit 5376688

- gfs2: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888
  CVE-2021-47254).
- commit bf82ce3

- btrfs: do not start relocation until in progress drops are  done
  (bsc#1222251).
- commit a41ddb4

- btrfs: do not start relocation until in progress drops are  done
  (bsc#1222251).
- commit 0f3d5ec

- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
  (bsc#1224174 CVE-2024-27398).
- commit 2d99726

- af_unix: Fix garbage collector racing against connect()
  (CVE-2024-26923 bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 9a2eeaf

- blacklist.conf: Fix for code not present (CVE-2024-26929)
- commit 3d9e5d9

- Refresh
  patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
  patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
- Refresh
  patches.suse/rpadlpar_io-Add-MODULE_DESCRIPTION-entries-to-kernel.patch.
  Adjust headers to minimize merge conflicts.
- commit 0300a69

- Refresh
  patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
  Swap headers to avoid a conflict when merging into consumer branches.
- commit 1510229

- Refresh
  patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch.
  Update Patch-mainline tag and move to sorted section.
- commit 81abd64

- Refresh patches.suse/Bluetooth-L2CAP-Fix-u8-overflow.patch.
  Add upstream commit ID and move to sorted section.
- commit 5c72346

- Refresh
  patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch.
  Update Patch-mainline tag and move to sorted section.
- commit 684103a

- Refresh
  patches.suse/misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch.
  Update Patch-mainline tag and move to sorted section.
- commit a75fb60

- Refresh
  patches.suse/char-pcmcia-synclink_cs-Fix-use-after-free-in-mgslpc.patch.
  Driver was deleted upstream so this fix will stay out-of-tree
  forever. Move to the appropriate section.
- commit bce6652

- Refresh
  patches.suse/media-dvb-core-Fix-UAF-due-to-refcount-races-at-rele.patch.
  Add upstream commit ID and move to sorted section.
- commit 39ecedd

- Refresh
  patches.suse/netfilter-nf_conntrack_irc-Tighten-matching-on-DCC-m.patch.
  Add upstream commit ID and move to sorted section.
- commit 6754ecb

- Refresh
  patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
  Add upstream commit ID and move to sorted section.
- commit 92fa4c5

- Refresh
  patches.suse/SUNRPC-auth-async-tasks-mustn-t-block-waiting-for-me.patch.
- Refresh
  patches.suse/SUNRPC-call_alloc-async-tasks-mustn-t-block-waiting-.patch.
- Refresh
  patches.suse/SUNRPC-improve-swap-handling-scheduling-and-PF_MEMAL.patch.
- Refresh
  patches.suse/SUNRPC-remove-scheduling-boost-for-SWAPPER-tasks.patch.
- Refresh
  patches.suse/SUNRPC-xprt-async-tasks-mustn-t-block-waiting-for-me.patch.
  Add upstream commit IDs and move to sorted section.
- commit 245a308

- Refresh
  patches.suse/NFS-change-nfs_access_get_cached-to-only-report-the-.patch.
- Refresh
  patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
  patches.suse/NFS-pass-cred-explicitly-for-access-tests.patch.
  Add upstream commit IDs and move to sorted section.
- commit 8f85449

- Refresh
  patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
  Add upstream commit ID and move to sorted section.
- commit 0e0054f

- NFC: nxp: add NXP1002 (bsc#1185589).
  Add upstream commit ID and subject, and move to sorted section.
- commit 01c3222

- series.conf: Move block-genhd-use-atomic_t-for-disk_event-block.patch
  Patch was never accepted upstream and was dropped from later products
  as it had problematic side effects. Move it to the appropriate
  out-of-tree section.
- commit 9199401

- PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
  Add upstream commit ID and subject, and move to sorted section.
- commit 4630de9

- Refresh
  patches.suse/drivers-base-memory.c-cache-blocks-in-radix-tree-to-.patch.
  Document why this commit will never go upstream and move it to its
  specific section.
- commit f30bed3

- Refresh
  patches.suse/x86-boot-Ignore-relocations-in-.notes-sections-in-walk_rel.patch.
  Move to sorted section.
- commit 9bdf9d5

- blacklist.conf: add fix for code not present (CVE-2024-26930)
- commit 19f6175

- Update
  patches.suse/netfilter-nf_tables-mark-set-as-dead-when-unbinding-.patch
  (git-fixes CVE-2024-26643 bsc#1221829).
- Update
  patches.suse/netfilter-nf_tables-release-mutex-after-nft_gc_seq_e.patch
  (git-fixes CVE-2024-26925 bsc#1223390).
- Update
  patches.suse/netfilter-nft_set_rbtree-skip-end-interval-element-f.patch
  (git-fixes CVE-2024-26581 bsc#1220144).
- commit 5b5ef95

- Update
  patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
  (bsc#1220754 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- Update
  patches.suse/netfilter-nf_tables-fix-memleak-when-more-than-255-e.patch
  (git-fixes CVE-2023-52581 bsc#1220877).
- Update
  patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch
  (git-fixes CVE-2023-52433 bsc#1220137).
- commit ab7595e

- blacklist.conf: Add 9474c62ab65f net/sched: Add module alias for sch_fq_pie
- commit 0f0d88e

- usb: aqc111: check packet for fixup for true limit (bsc#1217169
  CVE-2023-52655).
- commit 1678228

- Update
  patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
  (git-fixes CVE-2022-48704 bsc#1223932).
- commit d602686

- netfilter: nf_tables: release mutex after nft_gc_seq_end from
  abort path (git-fixes).
- commit 453d60a

- netfilter: nf_tables: mark set as dead when unbinding anonymous
  set with timeout (git-fixes).
- commit a3b6f2c

- netfilter: nft_set_rbtree: skip end interval element from gc
  (git-fixes).
- commit f941d80

- netfilter: nf_tables: skip dead set elements in netlink dump
  (git-fixes).
- commit 11672cf

- netfilter: nf_tables: mark newset as dead on transaction abort
  (git-fixes).
- commit deeefa0

- blacklist.conf: update blacklist
- commit d111502

- blacklist.conf: update blacklist
- commit c053707

- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion
  failure (git-fixes).
- commit 787a388

- Refresh patches.kabi/netfilter-preserve-nf_tables-kabi.patch.
- commit f69dce7

- netfilter: nf_tables: fix memleak when more than 255 elements
  expired (git-fixes).
- commit 55db444

- blacklist.conf: update blacklist
- commit 3075338

- netfilter: nft_set_hash: try later when GC hits EAGAIN on
  iteration (git-fixes).
- commit bc13e9b

- netfilter: nft_set_rbtree: use read spinlock to avoid datapath
  contention (git-fixes).
- commit 9ed8e71

- netfilter: nft_set_rbtree: skip sync GC for new elements in
  this transaction (git-fixes).
- commit 0d564a0

- netfilter: nf_tables: defer gc run if previous batch is still
  pending (git-fixes).
- commit 1cb21d0

- netfilter: nf_tables: use correct lock to protect gc_list
  (git-fixes).
- commit f315c4c

- netfilter: nf_tables: GC transaction race with abort path
  (git-fixes).
- commit ce0642f

- netfilter: nf_tables: GC transaction race with netns dismantle
  (git-fixes).
- commit d9e442c

- blacklist.conf: update blacklist
- commit 51055c8

- netfilter: nf_tables: fix GC transaction races with netns and
  netlink event exit path (git-fixes).
- commit eacca32

- netfilter: nf_tables: fix kdoc warnings after gc rework
  (git-fixes).
- commit f86c22d

- Update
  patches.suse/scsi-mpt3sas-Fix-use-after-free-warning.patch
  (git-fixes CVE-2022-48695 bsc#1223941).
- commit 033821b

- Update
  patches.suse/ALSA-emu10k1-Fix-out-of-bounds-access-in-snd_emu10k1.patch
  (git-fixes CVE-2022-48702 bsc#1223923).
- commit c521d4a

- Update
  patches.suse/of-fdt-fix-off-by-one-error-in-unflatten_dt_nodes.patch
  (git-fixes CVE-2022-48672 bsc#1223931).
- commit e3fefd5

- cachefiles: fix memory leak in cachefiles_add_cache()
  (bsc#1222976 CVE-2024-26840).
- commit aa1fa99

- netfilter: nf_tables: adapt set backend to use GC transaction
  API (bsc#1215420 CVE-2023-4244).
- commit 2a5fb01

- btrfs: abort in rename_exchange if we fail to insert the second ref (CVE-2021-47113 bsc#1221543)
  Refresh patches.suse/btrfs-prevent-rename2-from-exchanging-a-subvol-with-a-directory-from-different-parents.patch
- commit cc57e15

- Update
  patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
  references (CVE-2024-26739 bsc#1222559, drop incorrect references).
- commit 8b3f599

- net/tls: Remove the context from the list in tls_device_down
  (bsc#1221545).
- commit aca4b2e

- blacklist.conf: add 94ce3b64c62d
  Blacklist commit 94ce3b64c62d ("net/tls: Use RCU API to access
  tls_ctx->netdev"). This is a follow-up to c55dcdd435aa which addresses an
  issue which is rather theoretical and the backport would be quite
  intrusive.
- commit 64bbcaf

- tls: Fix context leak on tls_device_down (bsc#1221545).
- commit 23bab3f

- Update
  patches.suse/nvme-tcp-fix-uaf-when-detecting-digest-errors.patch
  (bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- commit 5e5f9fe

- Update
  patches.suse/ALSA-usb-audio-Fix-an-out-of-bounds-bug-in-__snd_usb.patch
  (git-fixes CVE-2022-48701 bsc#1223921).
- commit 5de225e

- Update
  patches.suse/soc-brcmstb-pm-arm-Fix-refcount-leak-and-__iomem-lea.patch
  (git-fixes CVE-2022-48693 bsc#1223963).
- commit 0e4cd62

- kabi: hide new member of struct tls_context (CVE-2021-47131
  bsc#1221545).
- net/tls: Fix use-after-free after the TLS device goes down
  and up (CVE-2021-47131 bsc#1221545).
- commit c19ff47

- Update
  patches.suse/ipv6-sr-fix-out-of-bounds-read-when-setting-HMAC-dat.patch
  (bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- commit 94a1c44

- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
  (CVE-2024-26852 bsc#1223057).
- commit f51e744

- openvswitch: fix stack OOB read while fragmenting IPv4 packets
  (CVE-2021-46955 bsc#1220513).
- commit 37faff4

- packet: annotate data-races around ignore_outgoing
  (CVE-2024-26862 bsc#1223111).
- commit 9b14c5d

- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
  (CVE-2024-0639 bsc#1218917).
- commit c0f421c

- netfilter: preserve nf_tables kabi (bsc#1215420 CVE-2023-424).
- commit e6ab556

- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
  bsc#1223824).
- commit 1c01fe0

- ext4: fix bug in extents parsing when eh_entries == 0 and
  eh_depth >  0 (bsc#1223475 CVE-2022-48631).
- commit 911e181

- md/raid5: fix atomicity violation in raid5_cache_count
  (bsc#1219169, CVE-2024-23307).
- commit b804891

- Update
  patches.suse/cgroup-cgroup_get_from_id-must-check-the-looked-up-kn-is-a-directory.patch
  (bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 3bd7c2d

- netfilter: nf_tables: GC transaction API to avoid race with
  control plane (bsc#1215420 CVE-2023-4244).
- commit 361e5a0

- netfilter: nf_tables: don't skip expired elements during walk
  (bsc#1215420 CVE-2023-4244).
- commit 47ee234

- Update
  patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
  (bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit c5c2590

- Update
  patches.suse/netfilter-nfnetlink_osf-fix-possible-bogus-match-in-.patch
  (bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit 1221e0a

- netfilter: nft_set_rbtree: fix overlap expiration walk
  (git-fixes).
- commit 90d7112

- netfilter: nft_set_rbtree: fix null deref on element insertion
  (git-fixes).
- commit f25e27c

- netfilter: nft_set_rbtree: skip elements in transaction from
  garbage collection (git-fixes).
- commit 845bbc6

- netfilter: nft_set_rbtree: Switch to node list walk for overlap
  detection (git-fixes).
- commit bd48625

- netfilter: nft_set_rbtree: overlap detection with element
  re-addition after deletion (git-fixes).
- commit d362ed4

- netfilter: nft_set_rbtree: Detect partial overlap with start
  endpoint match (git-fixes).
- commit 4970ce9

- netfilter: nft_set_rbtree: Handle outcomes of tree rotations
  in overlap detection (git-fixes).
- commit bc0387c

- netfilter: nft_set_rbtree: Don't account for expired elements
  on insertion (git-fixes).
- commit c90c848

- netfilter: nft_set_rbtree: Add missing expired checks
  (git-fixes).
- commit 0d65e63

- netfilter: nft_set_rbtree: Drop spurious condition for overlap
  detection on insertion (git-fixes).
- commit a64c352

- netfilter: nft_set_rbtree: Detect partial overlaps on insertion
  (git-fixes).
- commit 39167a3

- netfilter: nft_set_rbtree: Introduce and use
  nft_rbtree_interval_start() (git-fixes).
- commit 9b991e8

- netfilter: nft_set_rbtree: bogus lookup/get on consecutive
  elements in named sets (git-fixes).
- commit 1a2cbfc

- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
  (bsc#1223513 CVE-2022-48651).
- commit 0325bf2

- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (bsc#1223202 CVE-2024-26906).
- commit 4dcafb9

- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (bsc#1223202 CVE-2024-26906).
- commit 4e61cac

- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 8d2e301

- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit b1ed209

- Update
  patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
  (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
  patches.suse/Bluetooth-rfcomm-Fix-null-ptr-deref-in-rfcomm_check_.patch
  (bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- Update
  patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
  (CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit edcb3fa

- Update
  patches.suse/ALSA-gus-fix-null-pointer-dereference-on-pointer-blo.patch
  (git-fixes CVE-2021-47207 bsc#1222790).
- Update
  patches.suse/cfg80211-call-cfg80211_stop_ap-when-switch-from-P2P_.patch
  (git-fixes CVE-2021-47194 bsc#1222829).
- Update
  patches.suse/i40e-Fix-NULL-ptr-dereference-on-VSI-filter-sync.patch
  (git-fixes CVE-2021-47184 bsc#1222666).
- Update
  patches.suse/iavf-free-q_vectors-before-queues-in-iavf_disable_vf.patch
  (git-fixes CVE-2021-47201 bsc#1222792).
- Update
  patches.suse/net-mlx5-Update-error-handler-for-UCTX-and-UMEM.patch
  (git-fixes CVE-2021-47212 bsc#1222709).
- Update
  patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
  (bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
  patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
  (bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
  patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
  (git-fixes CVE-2021-47185 bsc#1222669).
- Update
  patches.suse/usb-host-ohci-tmio-check-return-value-after-calling-.patch
  (git-fixes CVE-2021-47206 bsc#1222894).
- commit 8d3f18a

- Update
  patches.suse/aoe-fix-the-potential-use-after-free-problem-in-aoec.patch
  (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 8d6a724

- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
  (git-fixes CVE-2021-47216 bsc#1222876).
- commit 1856476

- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
  bsc#1221299).
- commit cceba2c

- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit d969104

- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
  bsc#1222503).
- commit c431df1

- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (git-fixes CVE-2021-47202 bsc#1222878)
- commit 94c254a

- nvme-tcp: can't set sk_user_data without write_lock
  (CVE-2021-47041 bsc#1220755).
- commit c3bc01a

- nvme-loop: fix memory leak in nvme_loop_create_ctrl()
  (CVE-2021-47074 bsc#1220854).
- nvme-loop: don't put ctrl on nvme_init_ctrl error
  (CVE-2021-47074 bsc#1220854).
- commit 8101361

- nvmet-tcp: fix incorrect locking in state_change sk callback
  (CVE-2021-47041 bsc#1220755).
- commit ee0c72d

- RDMA/srpt: Support specifying the srpt_service_guid parameter (bsc#1222449 CVE-2024-26744)
- commit 12241af

- Refresh
  patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch.
- commit ea3cbb2

- Update patches.suse/bpf-Fix-integer-overflow-involving-bucket_size.patch
  Fix CVE refence format.
- commit 86e8797

- Update
  patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
  (git-fixes CVE-2021-47189 bsc#1222706).
- commit ed3e4bc

- Update
  patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
  (git-fixes CVE-2021-47185).
- commit 972d0f6

- Update
  patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
  (bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit add99e0

- Update
  patches.suse/usb-musb-tusb6010-check-return-value-after-calling-p.patch
  (git-fixes CVE-2021-47181 bsc#1222660).
- commit 87eb148

- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  (bsc#1222619).
- commit 7db5139

- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
  bsc#1222585).
- commit 0a4c958

- net/sched: act_mirred: don't override retval if we already
  lost the skb (CVE-2024-26733 bsc#1222585).
- commit cc1339b

- ext4: fix double-free of blocks due to wrong extents moved_len
  (bsc#1222422 CVE-2024-26704).
- commit d1a6e8f

- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
  (bsc#1219264).
- commit bc51f7b

- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
  CVE-2023-52591).
- commit 24c2d2e

- Update
  patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
  (bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
  patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
  (git-fixes CVE-2023-52575 bsc#1220871).
- commit 61a8300

- Update
  patches.suse/Bluetooth-avoid-deadlock-between-hci_dev-lock-and-so.patch
  (git-fixes CVE-2021-47038 bsc#1220753).
- Update
  patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
  (git-fixes CVE-2021-47097 bsc#1220982).
- Update
  patches.suse/KEYS-trusted-Fix-TPM-reservation-for-seal-unseal.patch
  (git-fixes CVE-2021-46922 bsc#1220475).
- Update
  patches.suse/KEYS-trusted-Fix-memory-leak-on-object-td.patch
  (git-fixes CVE-2021-47009 bsc#1220733).
- Update
  patches.suse/RDMA-rtrs-clt-destroy-sysfs-after-removing-session-f.patch
  (jsc#SLE-15176 CVE-2021-47026 bsc#1220685).
- Update
  patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
  (git-fixes CVE-2021-47101 bsc#1220987).
- Update
  patches.suse/ath10k-Fix-a-use-after-free-in-ath10k_htc_send_bundl.patch
  (git-fixes CVE-2021-47017 bsc#1220678).
- Update patches.suse/ch_ktls-Fix-kernel-panic.patch
  (jsc#SLE-15131 CVE-2021-46911 bsc#1220400).
- Update
  patches.suse/dmaengine-idxd-Fix-clobbering-of-SWERR-overflow-bit-.patch
  (git-fixes CVE-2021-46920 bsc#1220426).
- Update
  patches.suse/dmaengine-idxd-Fix-potential-null-dereference-on-poi.patch
  (git-fixes CVE-2021-47003 bsc#1220677).
- Update
  patches.suse/dmaengine-idxd-clear-MSIX-permission-entry-on-shutdo.patch
  (git-fixes CVE-2021-46918 bsc#1220429).
- Update
  patches.suse/dmaengine-idxd-fix-wq-cleanup-of-WQCFG-registers.patch
  (git-fixes CVE-2021-46917 bsc#1220432).
- Update
  patches.suse/dmaengine-idxd-fix-wq-size-store-permission-state.patch
  (git-fixes CVE-2021-46919 bsc#1220414).
- Update
  patches.suse/drm-amd-display-Fix-off-by-one-in-hdmi_14_process_tr.patch
  (git-fixes CVE-2021-47046 bsc#1220758).
- Update patches.suse/drm-i915-Fix-crash-in-auto_retire.patch
  (git-fixes CVE-2021-46976 bsc#1220621).
- Update
  patches.suse/iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries
  (bsc#1187346 CVE-2021-47035 bsc#1220688).
- Update
  patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
  (git-fixes CVE-2021-47100 bsc#1220985).
- Update
  patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
  (git-fixes CVE-2021-47095 bsc#1220979).
- Update
  patches.suse/ixgbe-fix-unbalanced-device-enable-disable-in-suspen.patch
  (jsc#SLE-13706 CVE-2021-46914 bsc#1220465).
- Update patches.suse/net-dsa-mt7530-fix-VLAN-traffic-leaks.patch
  (git-fixes CVE-2021-47160 bsc#1221974).
- Update
  patches.suse/net-fec-fix-the-potential-memory-leak-in-fec_enet_in.patch
  (git-fixes CVE-2021-47150 bsc#1221973).
- Update
  patches.suse/net-lantiq-fix-memory-corruption-in-RX-ring.patch
  (git-fixes CVE-2021-47137 bsc#1221932).
- Update
  patches.suse/net-mlx5e-Fix-null-deref-accessing-lag-dev.patch
  (jsc#SLE-15172 CVE-2021-47164 bsc#1221978).
- Update
  patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
  (jsc#SLE-15172 CVE-2021-46931 bsc#1220486).
- Update
  patches.suse/net-sched-act_ct-fix-wild-memory-access-when-clearin.patch
  (bsc#1176447 CVE-2021-47014 bsc#1220630).
- Update
  patches.suse/net-sched-fq_pie-fix-OOB-access-in-the-traffic-path.patch
  (jsc#SLE-15172 CVE-2021-47175 bsc#1222003).
- Update
  patches.suse/netfilter-nft_set_pipapo_avx2-Add-irq_fpu_usable-che.patch
  (bsc#1176447 CVE-2021-47174 bsc#1221990).
- Update patches.suse/nvmet-fix-freeing-unallocated-p2pmem.patch
  (git-fixes CVE-2021-47130 bsc#1221552).
- Update
  patches.suse/nvmet-rdma-Fix-NULL-deref-when-SEND-is-completed-wit.patch
  (git-fixes CVE-2021-46983 bsc#1220639).
- Update patches.suse/s390-dasd-add-missing-discipline-function
  (bsc#1188130 ltc#193581 CVE-2021-47176 bsc331221996
  bsc#1221996).
- Update
  patches.suse/s390-zcrypt-fix-zcard-and-zqueue-hot-unplug-memleak
  (git-fixes CVE-2021-46968 bsc#1220689).
- Update
  patches.suse/sched-fair-Fix-shift-out-of-bounds-in-load_balance.patch
  (git fixes (sched) CVE-2021-47044 bsc#1220759).
- Update
  patches.suse/spi-Fix-use-after-free-with-devm_spi_alloc_.patch
  (git-fixes CVE-2021-46959 bsc#1220734).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
  (git-fixes CVE-2021-47087 bsc#1220954).
- Update
  patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
  (git-fixes CVE-2021-46933 bsc#1220487).
- Update
  patches.suse/usb-typec-ucsi-Retrieve-all-the-PDOs-instead-of-just.patch
  (git-fixes CVE-2021-46980 bsc#1220663).
- Update
  patches.suse/virtiofs-fix-memory-leak-in-virtio_fs_probe.patch
  (bsc#1185558 CVE-2021-46956 bsc#1220516).
- Update patches.suse/xprtrdma-Fix-cwnd-update-ordering.patch
  (git-fixes CVE-2021-47001 bsc#1220670).
- commit d6fc0df

- Update
  patches.suse/i2c-imx-fix-reference-leak-when-pm_runtime_get_sync-.patch
  (git-fixes CVE-2020-36781 bsc#1220557).
- commit c903cb8

- Update
  patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
  (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- Update
  patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
  (bsc#1220883 CVE-2023-52500).
- commit 81ec1ab

- scsi: pm80xx: Avoid leaking tags when processing
  OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
  cve-2023-52500).
- commit a52992b

- Fixup NULL ptr dereference due to mistake in backporting in
  patches.suse/ext2-Avoid-reading-renamed-directory-if-parent-does-.patch.
- commit f07130b

- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
  (bsc#1209657 CVE-2023-0160).
- commit 299921b

- blacklist.conf: omit reverted sockmap deadlock fix
- commit 66facc4

- netfilter: nf_tables: disallow anonymous set with timeout flag
  (CVE-2024-26642 bsc#1221830).
- commit ca89796

- netfilter: ctnetlink: fix possible refcount leak in
  ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit c40a2c4

- README.BRANCH: Remove copy of branch name
- commit 27396e8

- README.BRANCH: Remove copy of branch name
- commit 757f48f

- Update
  patches.suse/net-zero-initialize-tc-skb-extension-on-allocation.patch
  (bsc#1176447 CVE-2021-47136 bsc#1221931).
- commit adea53b

- ipv6: init the accept_queue's spinlocks in inet6_create
  (bsc#1221293 CVE-2024-26614).
- commit 0cf80b2

- tcp: make sure init the accept_queue's spinlocks once
  (bsc#1221293 CVE-2024-26614).
- commit d27abbc

- userfaultfd: release page in error path to avoid BUG_ON
  (CVE-2021-46988 bsc#1220706).
- commit 37b27a1

- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
  (CVE-2023-52607 bsc#1221061).
- commit 37ce65f

- perf/core: Fix unconditional security_locked_down() call
  (bsc#1220697, CVE-2021-46971).
- commit b2c4fe7

- Update
  patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread-.patch
  (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946).
- Update
  patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
  (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
  patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch
  (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088).
- Update
  patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
  (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
  patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
  (git-fixes CVE-2023-52477 bsc#1220790).
- commit 807fa36

- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
  (bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- commit 32e1ae4

- Update
  patches.suse/0005-dm-rq-fix-double-free-of-blk_mq_tag_set-in-dev-remov.patch
  (git-fixes CVE-2021-46938 bsc#1220554).
- Update
  patches.suse/0005-drm-bridge-panel-Cleanup-connector-on-bridge-detach.patch
  (bsc#1152489 CVE-2021-47063 bsc#1220777).
- Update
  patches.suse/0006-nbd-Fix-NULL-pointer-in-flush_workqueue.patch
  (git-fixes CVE-2021-46981 bsc#1220611).
- Update
  patches.suse/ARM-9064-1-hw_breakpoint-Do-not-directly-check-the-event-s-overflow_handler-hook.patch
  (git-fixes CVE-2021-47006 bsc#1220751).
- Update
  patches.suse/ARM-footbridge-fix-PCI-interrupt-mapping.patch
  (git-fixes CVE-2021-46909 bsc#1220442).
- Update
  patches.suse/HID-magicmouse-fix-NULL-deref-on-disconnect.patch
  (git-fixes CVE-2021-47120 bsc#1221606).
- Update
  patches.suse/KVM-Destroy-I-O-bus-devices-on-unregister-failure-_a.patch
  (bsc#git-fixes CVE-2021-47061 bsc#1220745).
- Update
  patches.suse/NFC-nci-fix-memory-leak-in-nci_allocate_device.patch
  (git-fixes CVE-2021-47180 bsc#1221999).
- Update
  patches.suse/NFS-Don-t-corrupt-the-value-of-pg_bytes_written-in-n.patch
  (git-fixes CVE-2021-47166 bsc#1221998).
- Update
  patches.suse/NFS-Fix-an-Oopsable-condition-in-__nfs_pageio_add_re.patch
  (git-fixes CVE-2021-47167 bsc#1221991).
- Update
  patches.suse/NFS-fix-an-incorrect-limit-in-filelayout_decode_layo.patch
  (git-fixes CVE-2021-47168 bsc#1222002).
- Update
  patches.suse/NFSv4-Fix-a-NULL-pointer-dereference-in-pnfs_mark_ma.patch
  (git-fixes CVE-2021-47179 bsc#1222001).
- Update
  patches.suse/USB-usbfs-Don-t-WARN-about-excessively-large-memory-.patch
  (git-fixes CVE-2021-47170 bsc#1222004).
- Update
  patches.suse/bnxt_en-Fix-RX-consumer-index-logic-in-the-error-pat.patch
  (git-fixes CVE-2021-47015 bsc#1220794).
- Update
  patches.suse/btrfs-fix-race-between-transaction-aborts-and-fsyncs.patch
  (bsc#1186441 CVE-2021-46958 bsc#1220521).
- Update
  patches.suse/ceph-fix-inode-leak-on-getattr-error-in-_fh_to_dentry.patch
  (bsc#1186501 CVE-2021-47000 bsc#1220669).
- Update
  patches.suse/cifs-Return-correct-error-code-from-smb2_get_enc_key.patch
  (git-fixes CVE-2021-46960 bsc#1220528).
- Update
  patches.suse/crypto-qat-ADF_STATUS_PF_RUNNING-should-be-set-after.patch
  (git-fixes CVE-2021-47056 bsc#1220769).
- Update
  patches.suse/cxgb4-avoid-accessing-registers-when-clearing-filter.patch
  (git-fixes CVE-2021-47138 bsc#1221934).
- Update patches.suse/drm-amd-amdgpu-fix-refcount-leak.patch
  (git-fixes CVE-2021-47144 bsc#1221989).
- Update patches.suse/drm-amdgpu-Fix-a-use-after-free.patch
  (git-fixes CVE-2021-47142 bsc#1221952).
- Update
  patches.suse/drm-meson-fix-shutdown-crash-when-component-not-prob.patch
  (git-fixes CVE-2021-47165 bsc#1221965).
- Update
  patches.suse/ethernet-enic-Fix-a-use-after-free-bug-in-enic_hard_.patch
  (git-fixes CVE-2021-46998 bsc#1220625).
- Update
  patches.suse/ext4-fix-bug-on-in-ext4_es_cache_extent-as-ext4_spli.patch
  (bsc#1187408 CVE-2021-47117 bsc#1221575).
- Update
  patches.suse/ext4-fix-memory-leak-in-ext4_fill_super.patch
  (bsc#1187409 CVE-2021-47119 bsc#1221608).
- Update
  patches.suse/gve-Add-NULL-pointer-checks-when-freeing-irqs.patch
  (git-fixes CVE-2021-47141 bsc#1221949).
- Update
  patches.suse/i2c-i801-Don-t-generate-an-interrupt-on-bus-reset.patch
  (git-fixes CVE-2021-47153 bsc#1221969).
- Update
  patches.suse/i40e-Fix-use-after-free-in-i40e_client_subtask.patch
  (git-fixes CVE-2021-46991 bsc#1220575).
- Update
  patches.suse/iio-adc-ad7124-Fix-potential-overflow-due-to-non-seq.patch
  (git-fixes CVE-2021-47172 bsc#1221992).
- Update patches.suse/iommu-vt-d-fix-sysfs-leak-in-alloc_iommu
  (bsc#1189218 CVE-2021-47177 bsc#1221997).
- Update
  patches.suse/ipc-mqueue-msg-sem-Avoid-relying-on-a-stack-reference.patch
  (bsc#1185988 bsc1220826 CVE-2021-47069 bsc#1220826).
- Update
  patches.suse/kyber-fix-out-of-bounds-access-when-preempted.patch
  (bsc#1187403 CVE-2021-46984 bsc#1220631).
- Update
  patches.suse/locking-qrwlock-Fix-ordering-in-queued_write_lock_sl.patch
  (bsc#1185041 CVE-2021-46921 bsc#1220468).
- Update
  patches.suse/md-raid1-properly-indicate-failure-when-ending-a-fai.patch
  (bsc#1185680 CVE-2021-46950 bsc#1220662).
- Update
  patches.suse/media-staging-intel-ipu3-Fix-memory-leak-in-imu_fmt.patch
  (git-fixes CVE-2021-46944 bsc#1220566).
- Update
  patches.suse/media-staging-intel-ipu3-Fix-set_fmt-error-handling.patch
  (git-fixes CVE-2021-46943 bsc#1220583).
- Update
  patches.suse/misc-uss720-fix-memory-leak-in-uss720_probe.patch
  (git-fixes CVE-2021-47173 bsc#1221993).
- Update
  patches.suse/mmc-uniphier-sd-Fix-a-resource-leak-in-the-remove-fu.patch
  (git-fixes CVE-2021-46962 bsc#1220532).
- Update
  patches.suse/msft-hv-2305-Drivers-hv-vmbus-Use-after-free-in-__vmbus_open.patch
  (git-fixes CVE-2021-47049 bsc#1220692).
- Update
  patches.suse/msft-hv-2316-uio_hv_generic-Fix-a-memory-leak-in-error-handling-p.patch
  (git-fixes CVE-2021-47071 bsc#1220846).
- Update
  patches.suse/msft-hv-2317-uio_hv_generic-Fix-another-memory-leak-in-error-hand.patch
  (git-fixes CVE-2021-47070 bsc#1220829).
- Update
  patches.suse/mtd-require-write-permissions-for-locking-and-badblo.patch
  (git-fixes CVE-2021-47055 bsc#1220768).
- Update
  patches.suse/net-hns3-put-off-calling-register_netdev-until-clien.patch
  (bsc#1154353 CVE-2021-47139 bsc#1221935).
- Update
  patches.suse/net-nfc-fix-use-after-free-llcp_sock_bind-connect.patch
  (CVE-2021-23134 bsc#1186060 CVE-2021-47068 bsc#1220739).
- Update
  patches.suse/net-usb-fix-memory-leak-in-smsc75xx_bind.patch
  (git-fixes CVE-2021-47171 bsc#1221994).
- Update
  patches.suse/netfilter-nftables-avoid-overflows-in-nft_hash_bucke.patch
  (CVE-2021-47013 bsc#1220641 CVE-2021-46992 bsc#1220638).
- Update patches.suse/ocfs2-fix-data-corruption-by-fallocate.patch
  (bsc#1187412 CVE-2021-47114 bsc#1221548).
- Update
  patches.suse/pid-take-a-reference-when-initializing-cad_pid.patch
  (bsc#1152489 CVE-2021-47118 bsc#1221605).
- Update
  patches.suse/platform-x86-dell-smbios-wmi-Fix-oops-on-rmmod-dell_.patch
  (git-fixes CVE-2021-47073 bsc#1220850).
- Update
  patches.suse/powerpc-64s-Fix-crashes-when-toggling-entry-flush-ba.patch
  (bsc#1177666 git-fixes bsc#1186460 ltc#192531 CVE-2021-46990
  bsc#1220743).
- Update
  patches.suse/powerpc-64s-Fix-pte-update-for-kernel-memory-on-radi.patch
  (bsc#1055117 git-fixes CVE-2021-47034 bsc#1220687).
- Update
  patches.suse/regmap-set-debugfs_name-to-NULL-after-it-is-freed.patch
  (git-fixes CVE-2021-47058 bsc#1220779).
- Update
  patches.suse/rtw88-Fix-array-overrun-in-rtw_get_tx_power_params.patch
  (git-fixes CVE-2021-47065 bsc#1220749).
- Update
  patches.suse/scsi-lpfc-Fix-null-pointer-dereference-in-lpfc_prep_.patch
  (bsc#1182574 CVE-2021-47045 bsc#1220640).
- Update
  patches.suse/scsi-qedf-Add-pointer-checks-in-qedf_update_link_speed
  (git-fixes CVE-2021-47077 bsc#1220861).
- Update
  patches.suse/scsi-qla2xxx-Fix-crash-in-qla2xxx_mqueuecommand.patch
  (bsc#1185491 CVE-2021-46963 bsc#1220536).
- Update
  patches.suse/serial-rp2-use-request_firmware-instead-of-request_f.patch
  (git-fixes CVE-2021-47169 bsc#1222000).
- Update
  patches.suse/soundwire-stream-fix-memory-leak-in-stream-config-er.patch
  (git-fixes CVE-2021-47020 bsc#1220785).
- Update
  patches.suse/spi-fsl-lpspi-Fix-PM-reference-leak-in-lpspi_prepare.patch
  (git-fixes CVE-2021-47051 bsc#1220764).
- Update
  patches.suse/spi-spi-fsl-dspi-Fix-a-resource-leak-in-an-error-han.patch
  (git-fixes CVE-2021-47161 bsc#1221966).
- Update
  patches.suse/tpm-efi-Use-local-variable-for-calculating-final-log.patch
  (git-fixes CVE-2021-46951 bsc#1220615).
- Update
  patches.suse/tracing-Restructure-trace_clock_global-to-never-block.patch
  (git-fixes CVE-2021-46939 bsc#1220580).
- Update
  patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
  (bsc#1209635 CVE-2022-4744 CVE-2021-47082 bsc#1220969).
- Update
  patches.suse/x86-kvm-Disable-kvmclock-on-all-CPUs-on-shutdown.patch
  (bsc#1185308 CVE-2021-47110 bsc#1221532).
- Update
  patches.suse/x86-kvm-Teardown-PV-features-on-boot-CPU-as-well.patch
  (bsc#1185308 CVE-2021-47112 bsc#1221541).
- commit 563b877

- Update
  patches.suse/i2c-img-scb-fix-reference-leak-when-pm_runtime_get_s.patch
  (git-fixes CVE-2020-36783 bsc#1220561).
- Update
  patches.suse/i2c-imx-lpi2c-fix-reference-leak-when-pm_runtime_get.patch
  (git-fixes CVE-2020-36782 bsc#1220560).
- Update
  patches.suse/i2c-sprd-fix-reference-leak-when-pm_runtime_get_sync.patch
  (git-fixes CVE-2020-36780 bsc#1220556).
- commit 33b0d9d

- IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445 CVE-2023-52474)
- commit bdb2e0c

- Update patches.suse/s390-dasd-add-missing-discipline-function
  (bsc#1188130 ltc#193581 CVE-2021-47176 bsc331221996).
- commit d918596

- wifi: ath10k: fix NULL pointer dereference in
  ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
  CVE-2023-7042).
- commit 22d99d7

- dmaengine: fix NULL pointer in channel unregistration function (bsc#1221276 CVE-2023-52492)
- commit b24663f

- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
  (bsc#1219170 CVE-2024-22099).
- commit b8c2f38

- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  (bsc#1218562 CVE-2023-6270).
- commit 0e87477

- fs: no need to check source (bsc#1221044 CVE-2023-52591).
- commit df2f811

- rename(): avoid a deadlock in the case of parents having no
  common ancestor (bsc#1221044 CVE-2023-52591).
- commit faa6432

- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit d6f6371

- rename(): fix the locking of subdirectories (bsc#1221044
  CVE-2023-52591).
- commit 063df0d

- f2fs: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 4dfa62d

- ext4: don't access the source subdirectory content on
  same-directory rename (bsc#1221044 CVE-2023-52591).
- commit 80ff66b

- ext2: Avoid reading renamed directory if parent does not change
  (bsc#1221044 CVE-2023-52591).
- commit 03d3930

- udf_rename(): only access the child content on cross-directory
  rename (bsc#1221044 CVE-2023-52591).
- commit 4bff17c

- ocfs2: Avoid touching renamed directory if parent does not
  change (bsc#1221044 CVE-2023-52591).
- commit 74fc5ec

- reiserfs: Avoid touching renamed directory if parent does not
  change (git-fixes bsc#1221044 CVE-2023-52591).
  Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
  Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit f392df9

- fs: don't assume arguments are non-NULL (bsc#1221044
  CVE-2023-52591).
- commit a11eadd

- fs: Restrict lock_two_nondirectories() to non-directory inodes
  (bsc#1221044 CVE-2023-52591).
- commit 6ad8632

- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 696c231

- fs: Lock moved directories (bsc#1221044 CVE-2023-52591).
- commit c14fbaa

- fs: Establish locking order for unrelated directories
  (bsc#1221044 CVE-2023-52591).
- commit b424ded

- fs: introduce lock_rename_child() helper (bsc#1221044
  CVE-2023-52591).
- commit 02e4cc0

- dm: rearrange core declarations for extended use from dm-zone.c
  (bsc#1221113).
- Refresh
  patches.kabi/kABI-dm-fix-deadlock-when-swapping-to-encrypted-device.patch.
- commit 741eac7

- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
  CVE-2023-52476).
- commit c46d003

- dm rq: don't queue request to blk-mq during DM suspend
  (bsc#1221113).
- commit b77fc22

- neighbour: allow NUD_NOARP entries to be forced GCed
  (bsc#1221534 CVE-2021-47109).
- commit d36f6ec

- net/sched: Add module alias for sch_fq_pie (bsc#1210335 CVE-2023-1829).
- commit d985f7c

- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
  (bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
  (bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- commit 6a5afc3

- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
- commit 15a7f43

- Sort already upstream patches
- Refresh
  patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
  patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigation.patch.
- Refresh
  patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME-vs.-V.patch.
- Refresh
  patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
  patches.suse/x86-bugs-Add-asm-helpers-for-executing-VERW.patch.
- Refresh
  patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-static-.patch.
- Refresh
  patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transition.patch.
- Refresh
  patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transition.patch.
- Refresh
  patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit 851bcbe

- perf/core: Fix unconditional security_locked_down() call
  (bsc#1220697, CVE-2021-46971).
- commit 0b7f805

- io_uring/af_unix: disable sending io_uring over sockets
  (bsc#1220754 CVE-2023-6531).
- commit a0d28a2

- usb: mtu3: fix list_head check warning (bsc#1220484
  CVE-2021-46930).
- commit b548734

- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
  Fix for kABI workaround.
- commit ff68767

- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
  CVE-2023-52583).
- commit 5c7a950

- usb: hub: Guard against accesses to uninitialized BOS
  descriptors (git-fixes).
  Altered because 5.3 does not do SSP
- commit 6d423f3

- Update
  patches.suse/scsi-qla2xxx-Fix-SRB-leak-on-switch-command-timeout.patch
  added CVE reference to: (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334
  bnc#1151927 5.3.17 cve-2021-46963).
- commit bac1eb3

- Update reference of bpf-Use-correct-permission-flag-for-mixed-signed-bou.patch
  (bsc#1184942 bsc#1220425 CVE-2021-29155 CVE-2021-46908).
- commit 787c408

- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit d61356a

- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit 10972e5

- irqchip/gic-v3: Do not enable irqs when handling spurious interrups (bsc#1220529,CVE-2021-46961)
- commit 83fe0b1

- group-source-files.pl: Quote filenames (boo#1221077).
  The kernel source now contains a file with a space in the name.
  Add quotes in group-source-files.pl to avoid splitting the filename.
  Also use -print0 / -0 when updating timestamps.
- commit a005e42

- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit c4890bf

- mm: fix gup_pud_range (bsc#1220824).
- commit d0caaa5

- RDMA/rxe: Clear all QP fields if creation failed (bsc#1220863 CVE-2021-47078)
- commit 23bba26

- RDMA/rxe: Return CQE error if invalid lkey was supplied (bsc#1220860 CVE-2021-47076)
- commit 1171085

- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
  CVE-2023-52605).
- commit a37794c

- Update
  patches.suse/net-hso-fix-NULL-deref-on-disconnect-regression.patch
  (bsc#1220416 bsc#1220418 CVE-2021-46904 CVE-2021-46905).
  Added second CVE reference
- commit 6b7d257

- Update
  patches.suse/net-hso-fix-NULL-deref-on-disconnect-regression.patch
  (bsc#1220416 CVE-2021-46904).
- Update
  patches.suse/net-hso-fix-null-ptr-deref-during-tty-device-unregis.patch
  (bsc#1220416 CVE-2021-46904).
  Added CVE references
- commit ce2a61e

- kernel-binary: Fix i386 build
  Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351

- KVM: x86: Export RFDS_NO and RFDS_CLEAR to guests (bsc#1213456 CVE-2023-28746).
- commit d0c95ff

- x86/rfds: Mitigate Register File Data Sampling (RFDS) (bsc#1213456 CVE-2023-28746).
- commit 7725a96

- net: nfc: fix races in nfc_llcp_sock_get() and
  nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 3983469

- btrfs: remove BUG() after failure to insert delayed dir index
  item (bsc#1220918 CVE-2023-52569).
- commit ff844fd

- btrfs: improve error message after failure to add delayed dir
  index item (bsc#1220918 CVE-2023-52569).
- commit f310611

- Documentation/hw-vuln: Add documentation for RFDS (bsc#1213456 CVE-2023-28746).
- commit bff3e02

- x86/srso: Add SRSO mitigation for Hygon processors (bsc#1220735
  CVE-2023-52482).
- commit 1f25b34

- KVM: s390: fix setting of fpc register (bsc#1221040
  CVE-2023-52597).
- commit 8155006

- vt: fix memory overlapping when deleting chars in the buffer
  (bsc#1220845 CVE-2022-48627).
- commit b8e8505

- kernel-binary: vdso: fix filelist for non-usrmerged kernel
  Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221

- kabi: team: Hide new member header_ops (bsc#1220870
  CVE-2023-52574).
- commit 04e32d4

- i2c: validate user data in compat ioctl (git-fixes bsc#1220469
  CVE-2021-46934).
- commit 554cd35

- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
  (bsc#1212514 CVE-2023-35827).
- net: mana: Fix TX CQE error handling (bsc#1220932
  CVE-2023-52532).
- team: fix null-ptr-deref when team device type is changed
  (bsc#1220870 CVE-2023-52574).
- commit 5631a0c

- Update reference of bpf-Fix-masking-negation-logic-upon-negative-dst-reg.patch
  (bsc#1155518 bsc#1220700 CVE-2021-46974).
- commit 5f6c988

- wifi: mac80211: fix potential key use-after-free (CVE-2023-52530
  bsc#1220930).
- wifi: iwlwifi: mvm: Fix a memory corruption issue
  (CVE-2023-52531 bsc#1220931).
- commit 7072ac0

- pinctrl: mediatek: fix global-out-of-bounds issue
  (CVE-2021-47083 bsc#1220917).
- commit f54296c

- drm/bridge: sii902x: Fix probing race issue (bsc#1220736 CVE-2024-26607).
- commit 470c611

- KVM: Destroy target device if coalesced MMIO unregistration
  fails (git-fixes).
- commit c99d976

- KVM: mmio: Fix use-after-free Read in
  kvm_vm_ioctl_unregister_coalesced_mmio (git-fixes).
- commit f7f8d3b

- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255
  CVE-2024-26589).
- commit 84782c1

- PCI: endpoint: Fix NULL pointer dereference for ->get_features()
  (bsc#1220660 CVE-2021-47005).
- commit 4cda383

- tls: fix race between tx work scheduling and socket close
  (CVE-2024-26585 bsc#1220187).
- commit 7207999

- kabi: restore return type of dst_ops::gc() callback
  (CVE-2023-52340 bsc#1219295).
- ipv6: remove max_size check inline with ipv4 (CVE-2023-52340
  bsc#1219295).
- commit 077e12d

- netfilter: nf_tables: fix 64-bit load issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit b02bdeb

- netfilter: nf_tables: fix 64-bit load issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
  nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit 67cfeec

- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
  (CVE-2022-20154 CVE-2021-46929 bsc#1200599 bsc#1220482).
- commit 8d1b35f

- Update patches.suse/scsi-qla2xxx-Reserve-extra-IRQ-vectors.patch
  (bsc#1184436 bsc#1186286 bsc#1220538 CVE-2021-46964).
- commit e5c6db2

- KVM: Stop looking for coalesced MMIO zones if the bus is
  destroyed (bsc#1220742 CVE-2021-47060).
- commit 7287801

- netfilter: nft_set_pipapo: skip inactive elements during set
  walk (CVE-2023-6817 bsc#1218195).
- commit ba8530f

- tomoyo: fix UAF write bug in tomoyo_write_control() (bsc#1220825
  CVE-2024-26622).
- commit 6d24f8e

- Update
  patches.suse/s390-zcrypt-fix-zcard-and-zqueue-hot-unplug-memleak
  (git-fixes CVE-2021-46968).
- commit a63feba

- doc/README.SUSE: Update information about module support status
  (jsc#PED-5759)
  Following the code change in SLE15-SP6 to have externally supported
  modules no longer taint the kernel, update the respective documentation
  in README.SUSE:
  * Describe that support status can be obtained at runtime for each
  module from /sys/module/$MODULE/supported and for the entire system
  from /sys/kernel/supported. This provides a way how to now check that
  the kernel has any externally supported modules loaded.
  * Remove a mention that externally supported modules taint the kernel,
  but keep the information about bit 16 (X) and add a note that it is
  still tracked per module and can be read from
  /sys/module/$MODULE/taint. This per-module information also appears in
  Oopses.
- commit 9ed8107

- powerpc/pseries/memhp: Fix access beyond end of drmem array
  (bsc#1220250,CVE-2023-52451).
- commit 9865154

- Input: appletouch - initialize work before device registration
  (CVE-2021-46932 bsc#1220444).
- commit 8f106a8

- Update
  patches.suse/ipc-mqueue-msg-sem-Avoid-relying-on-a-stack-reference.patch
  (bsc#1185988, bsc1220826, CVE-2021-47069).
- commit f01183e

- Update References
  patches.suse/ACPI-GTDT-Don-t-corrupt-interrupt-mappings-on-watchd.patch
  (git-fixes bsc#1220599 CVE-2021-46953).
- commit 5b10499

- Update References
  patches.suse/ACPI-custom_method-fix-potential-use-after-free-issu.patch
  (git-fixes bsc#1220572 CVE-2021-46966).
- commit 8eecec3

- efivarfs: force RO when remounting if SetVariable is not
  supported (bsc#1220328 CVE-2023-52463).
- commit 0c76724

- RDMA/siw: Fix a use after free in siw_alloc_mr (bsc#1220627
  CVE-2021-47012).
- commit 96f4478

- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
  (bsc#1220238 CVE-2023-52449).
- commit d23e49b

- Input: powermate - fix use-after-free in
  powermate_config_complete (CVE-2023-52475 bsc#1220649).
- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
  (CVE-2023-52478 bsc#1220796).
- commit 92ea315

- hfsplus: prevent corruption in shrinking truncate (bsc#1220737
  CVE-2021-46989).
- commit cc37c78

- Update patch reference for qcom bus fix (CVE-2021-47054 bsc#1220767)
- commit 024411a

- netfilter: nft_limit: avoid possible divide error in
  nft_limit_init (bsc#1220436 CVE-2021-46915).
- commit 291b0ff

- NFC: st21nfca: Fix memory leak in device probe and remove
  (CVE-2021-46924 bsc#1220459).
- commit 2b46faa

- Update patch reference for HID fix (CVE-2021-46906 bsc#1220421)
- commit 89e5504

- i2c: Fix a potential use after free (bsc#1220409
  CVE-2019-25162).
- commit 6421697

- i2c: cadence: fix reference leak when pm_runtime_get_sync fails
  (bsc#1220570 CVE-2020-36784).
- commit 5fa02fa

- KVM: Destroy I/O bus devices on unregister failure _after_
  sync'ing SRCU (bsc#git-fixes, CVE-2021-47061).
- commit b2a896d

- Update patch reference for media usb fix (CVE-2020-36777 bsc#1220526)
- commit f0fcd0d

- media: pvrusb2: fix use after free on context disconnection
  (CVE-2023-52445 bsc#1220241).
- commit 3f02f88

- nfc: nci: fix possible NULL pointer dereference in
  send_acknowledge() (bsc#1219125 CVE-2023-46343).
- commit 9371a32

- uio: Fix use-after-free in uio_open (bsc#1220140
  CVE-2023-52439).
- commit 758615f

- apparmor: avoid crash when parsed profile name is empty
  (CVE-2023-52443 bsc#1220240).
- commit 9d07817

- sched/membarrier: reduce the ability to hammer on sys_membarrier
  (git-fixes, bsc#1220398, CVE-2024-26602).
- commit b645222

- i2c: i801: Fix block process call transactions (bsc#1220009
  CVE-2024-26593).
- commit c348c97

- netfilter: nftables: avoid overflows in nft_hash_buckets()
  (CVE-2021-47013 bsc#1220641).
- commit f0d286e

- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
  (CVE-2021-47013 bsc#1220641).
- commit 378bb67

- mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243
  CVE-2024-26586).
- mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in
  error path (bsc#1220344 CVE-2024-26595).
- commit 76ed3a3

- EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330)
- commit 5f2e003

- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
  (bsc#1220253 CVE-2023-52448).
- commit a731316

- rpm templates: Always define usrmerged
  usrmerged is now defined in kernel-spec-macros and not the distribution.
  Only check if it's defined in kernel-spec-macros, not everywhere where
  it's used.
- commit a6ad8af

- KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes).
- commit fda6073

- blacklist.conf: Blacklist a clang fix
- commit 6540830

- rpm templates: Move macro definitions below buildrequires
  Many of the rpm macros defined in the kernel packages depend directly or
  indirectly on script execution. OBS cannot execute scripts which means
  values of these macros cannot be used in tags that are required for OBS
  to see such as package name, buildrequires or buildarch.
  Accumulate macro definitions that are not directly expanded by mkspec
  below buildrequires and buildarch to make this distinction clear.
- commit 89eaf4c

- net: openvswitch: limit the number of recursions from action
  sets (bsc#1219835 CVE-2024-1151).
- commit 5a5045f

- rpm/check-for-config-changes: add GCC_ASM_GOTO_OUTPUT_WORKAROUND to IGNORED_CONFIGS_RE
  Introduced by commit 68fb3ca0e408 ("update workarounds for gcc "asm
  goto" issue").
- commit be1bdab

- compute-PATCHVERSION: Do not produce output when awk fails
  compute-PATCHVERSION uses awk to produce a shell script that is
  subsequently executed to update shell variables which are then printed
  as the patchversion.
  Some versions of awk, most notably bysybox-gawk do not understand the
  awk program and fail to run. This results in no script generated as
  output, and printing the initial values of the shell variables as
  the patchversion.
  When the awk program fails to run produce 'exit 1' as the shell script
  to run instead. That prevents printing the stale values, generates no
  output, and generates invalid rpm spec file down the line. Then the
  problem is flagged early and should be easier to diagnose.
- commit 8ef8383

- x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes).
- commit 6d2e676

- KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation  code (git-fixes).
- commit 1f3dbeb

- KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes).
- commit 2581a0e

- KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes).
- commit 79ab1f6

- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- commit 26d80bf

- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
  Also add the removed mds_user_clear symbol to kABI severities as it is
  exposed just for KVM module and is generally a core kernel component so
  removing it is low risk.
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- commit 8f33ff8

- mbcache: Fixup kABI of mb_cache_entry (bsc#1207653 bsc#1219915).
- commit 52b181f

- ext4: fix deadlock due to mbcache entry corruption
  (bsc#1207653 bsc#1219915).
- commit 14e0a9c

- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
  (bsc#1219127 CVE-2024-23849).
- commit 75b4a5b

- cifs: fix missing unload_nls() in smb2_reconnect()
  (bsc#1213476).
- commit 7236d05

- cifs: fix status checks in cifs_tree_connect (bsc#1213476).
- commit a4a76da

- smb: client: fix null auth (bsc#1213476).
- commit 08d9d59

- kernel-binary: Move build script to the end
  All other spec templates have the build script at the end, only
  kernel-binary has it in the middle. Align with the other templates.
- commit 98cbdd0

- rpm templates: Aggregate subpackage descriptions
  While in some cases the package tags, description, scriptlets and
  filelist are located together in other cases they are all across the
  spec file. Aggregate the information related to a subpackage in one
  place.
- commit 8eeb08c

- rpm templates: sort rpm tags
  The rpm tags in kernel spec files are sorted at random.
  Make the order of rpm tags somewhat more consistent across rpm spec
  templates.
- commit 8875c35

- Update to add CVE-2024-23851 tag,
  patches.suse/dm-limit-the-number-of-targets-and-parameter-size-ar.patch
  (bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851).
- commit ef15d5e

- dm: limit the number of targets and parameter size area
  (bsc#1219827, bsc#1219146, CVE-2023-52429).
- commit 2431307

- vhost: use kzalloc() instead of kmalloc() followed by memset()
  (CVE-2024-0340, bsc#1218689).
- commit aa86ef0

- kernel-binary: certs: Avoid trailing space
- commit bc7dc31

- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config
  (bsc#1219653)
  They are put into -devel subpackage. And a proper link to
  /usr/share/gdb/auto-load/ is created.
- commit 1dccf2a

- Refresh
  patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread-.patch.
  Add the upstream commit ID.
- commit d9857fd

- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  (CVE-2024-1086 bsc#1219434).
- commit 33a2cdd

- drm/amdgpu: Fix potential fence use-after-free v2 (bsc#1219128
  CVE-2023-51042).
- commit 2e8464f

- rpm/mkspec: sort entries in _multibuild
  Otherwise it creates unnecessary diffs when tar-up-ing. It's of course
  due to readdir() using "random" order as served by the underlying
  filesystem.
  See for example:
  https://build.opensuse.org/request/show/1144457/changes
- commit d1155de

- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780
  bsc#1218730).
- commit 6405c59

- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838,
  XSA-448, bsc#1218836).
- commit 7d3a106

- ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
  (CVE-2021-33631 bsc#1219412).
- commit 792d624

- kernel-source: Fix description typo
- commit 8abff35

- nvmet-tcp: Fix the H2C expected PDU len calculation
  (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356).
- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988
  bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356).
- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987
  bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
  CVE-2023-6356).
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C
  PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535
  CVE-2023-6536 CVE-2023-6356).
- commit e2033e6

- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  (CVE-2023-47233 bsc#1216702).
- commit 6452010

- rpm/constraints.in: set jobs for riscv to 8
  The same workers are used for x86 and riscv and the riscv builds take
  ages. So align the riscv jobs count to x86.
- commit b2c82b9

- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- commit 8395685

- net: sched: sch_qfq: Use non-work-conserving warning handler
  (CVE-2023-4921 bsc#1215275).
- commit aabd893

- mkspec: Use variant in constraints template
  Constraints are not applied consistently with kernel package variants.
  Add variant to the constraints template as appropriate, and expand it
  in mkspec.
- commit cc68ab9

- rpm/constraints.in: add static multibuild packages
  Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
  constraints on multibuild) added "kernel-source:" prefix to the
  dynamically generated kernels. But there are also static ones like
  kernel-docs. Those fail to build as the constraints are still not
  applied.
  So add the prefix also to the static ones.
  Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
  will ever be multibuilt...
- commit c2e0681

- drm/atomic: Fix potential use-after-free in nonblocking commits
  (bsc#1219120 CVE-2023-51043).
- commit 1f381b4

- Revert "Limit kernel-source build to architectures for which the kernel binary"
  This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
  The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a

- mkspec: Include constraints for both multibuild and plain package always
  There is no need to check for multibuild flag, the constraints can be
  always generated for both cases.
- commit 308ea09

- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
  Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b

- rpm/kernel-source.rpmlintrc: add action-ebpf
  Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
  plugin) added this precompiled binary blob. Adapt rpmlintrc for
  kernel-source.
- commit b5ccb33

- ext4: improve error recovery code paths in __ext4_remount()
  (bsc#1219053 CVE-2024-0775).
- commit f053871

- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
  The previous change added the manual entry from kernel-sources.change.old
  to old_changelog.txt unnecessarily.  Let's fix it.
- commit fb033e8

- rpm/kernel-docs.spec.in: fix build with 6.8
  Since upstream commit f061c9f7d058 (Documentation: Document each netlink
  family), the build needs python yaml.
- commit 6a7ece3

- smb: client: fix OOB in receive_encrypted_standard()
  (bsc#1218832 CVE-2024-0565).
- commit 59d97af

- ida: Fix crash in ida_free when the bitmap is empty (bsc#1218804
  CVE-2023-6915).
- commit e0cf5bf

- netfilter: nf_tables: Reject tables of unsupported family
  (bsc#1218752 CVE-2023-6040).
- commit 9fd7b64

- net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782
  bsc#1218757).
- commit 1ba2d82

- powerpc/powernv: Add a null pointer check in opal_event_init()
  (bsc#1065729 CVE-2023-52686).
- commit 0f57a9b

- Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
  The old entries are found in kernel-docs/old_changelog.txt in docdir.
  rpm/old_changelog.txt can be an optional file that stores the similar
  info like rpm/kernel-sources.changes.old.  It can specify the commit
  range that have been truncated.  scripts/tar-up.sh expands from the
  git log accordingly.
- commit c9a2566
containerd
- Update to containerd v1.7.21. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.21>
  Fixes CVE-2023-47108. bsc#1217070
  Fixes CVE-2023-45142. bsc#1228553
- Rebase patches:
  * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch

- Revert noarch for devel subpackage for SLE 15
  Switching to noarch causes issues on SLES maintenance updates, reverting it
  fixes our image builds

- Update to containerd v1.7.17. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
  and storage than a locally-compressed tar.xz, it seems there's some weird
  issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
  * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.16>
  CVE-2023-45288 bsc#1221400

- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
  (merged upstream at
  <https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.11>
  GHSA-jq35-85cj-fj4p bsc#1224323

- Use %patch -P N instead of deprecated %patchN.

- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
coreutils
- coreutils-ls-avoid-triggering-automounts.patch
  ls: avoid triggering automounts (bsc#1221632)
cpio
- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
  * fix-bsc1219238.patch

- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
  * fix-CVE-2023-7207.patch
cups
- cups-branch-2.2-commit-b643d6ba92f00752aa5e74ff86ad3974334914c1.diff
  is https://github.com/OpenPrinting/cups/commit/b643d6ba92f00752aa5e74ff86ad3974334914c1
  which was added in CUPS 2.2.8 that
  fixed a parsing bug in cups_auth_find() in cups/auth.c
  which lead to cupsd failing to authenticate users
  when group membership is required by cupsd configuration
  like 'Require user @GROUP' which lead to CUPS related commands
  requesting password from group users even if it is not needed
  (bsc#1226227)
- In cups.changes replaced one place where UTF-8 characters
  were used in the entry dated "Sat Sep 30 08:52:42 UTC 2017"
  for what should be ' - ' by ASCII to avoid RPMLINT warning
  about 'non-break-space' which "can lead to obscure errors".

- Require the exact matching version-release of all libcups*
  sub-packages (bsc#1226192)

- cups-2.2.7-CVE-2024-35235.patch is derived
  from the upstream patch against master (CUPS 2.5)
  to behave backward compatible for CUPS 2.2.7
  in SLE15 and openSUSE Leap 15 to fix CVE-2024-35235
  "cupsd Listen port arbitrary chmod 0140777"
  without the more secure but backward-incompatible behaviour
  of the upstream patch for CUPS 2.5
  that ignores domain sockets specified in 'Listen' entries
  in /etc/cups/cupsd.conf when cupsd is lauched via systemd
  (in particular when launched on-demand by systemd)
  https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
  bsc#1225365

- cups-2.2.7-web-ui-kerberos-authentication.patch, update
  patch to handle local 'Negotiate' authentication response
  for cli clients. (bsc#1223179).

- Remove '--enable-debug-printfs' from configure options, see
  https://github.com/OpenPrinting/cups/issues/875
  (bsc#1217119).
curl
- Security fix: [bsc#1230093, CVE-2024-8096]
  * curl: OCSP stapling bypass with GnuTLS
  * Add curl-CVE-2024-8096.patch

- Security fix: [bsc#1228535, CVE-2024-7264]
  * curl: ASN.1 date parser overread
  * Add curl-CVE-2024-7264.patch

- regression fix [bsc#1219273]
  https://github.com/curl/curl/commit/91b53efa4b6854dc3688f55bfb329b0cafcf5325
- added patches
  + curl-CVE-2023-27534-tilde-back.patch

- Security fix: [bsc#1221667, CVE-2024-2398]
  * curl: HTTP/2 push headers memory-leak
  * Add curl-CVE-2024-2398.patch
deltarpm
- update to deltarpm-3.6.4
  * support for threaded zstd
  * use a tmp file instead of memory to hold the incore data
    [bsc#1228948]
- dropped patches:
  * deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch

- deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch: fixed
  some C bugs ( incorrect sized memset() , memcpy instead of strcpy,
  unsigned int)

- update to deltarpm-3.6.3
  * support for threaded zstd compression

- Actually enable zstd compression

- update to deltarpm-3.6.2
  * support for zstd compression
desktop-data-SLE
- Fix typo in the desktop files for some of the wallpapers
  (bsc#1222146).
docker
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.6-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/25.0/#2506>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
  * 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch

- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
  symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
  <https://github.com/moby/buildkit/pull/5060>. bsc#1221916
  + 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- Write volume options atomically so sudden system crashes won't result in
  future Docker starts failing due to empty files. Backport of
  <https://github.com/moby/moby/pull/48034>. bsc#1214855
  + 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch

[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.5-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
  - 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- Update --add-runtime to point to correct binary path.

[NOTE: This update was only ever released in SLES and Leap.]
- Add patch to fix bsc#1220339
  * 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch

- Allow to disable apparmor support (ALP supports only SELinux)

- Update to Docker 25.0.3-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/25.0/#2503>
- Fixes:
  * bsc#1219267 - CVE-2024-23651
  * bsc#1219268 - CVE-2024-23652
  * bsc#1219438 - CVE-2024-23653
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
  - 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch

- Vendor latest buildkit v0.11:
  Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that
  vendors in the latest v0.11 buildkit branch including bugfixes for the following:
  * bsc#1219438: CVE-2024-23653
  * bsc#1219268: CVE-2024-23652
  * bsc#1219267: CVE-2024-23651
- rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- switch from %patchN to %patch -PN syntax
- remove unused rpmlint filters and add filters to silence pointless bash & zsh
  completion warnings
fence-agents
- L3: fence_vmware_rest : monitoring is not detecting problems accessing the fence device
  (bsc#1218718)
  o Add upstream patch:
    0001-fence_vmware_rest-monitoring-action-is-not-detecting.patch
gdk-pixbuf
- Add CVE-2022-48622.patch: ANI: Reject files with multiple anih
  chunks(bsc#1219276, CVE-2022-48622, glgo#GNOME/gdk-pixbuf#202).
glib2
- Add glib2-gdbusmessage-cache-arg0.patch: cache the arg0 value in
  a dbus message. Fixes a possible use after free (boo#1224044).

- Add patches to fix CVE-2024-34397 (boo#1224044):
  glib2-allocate-SignalSubscriber-structs-individually.patch
  glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
  glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
glibc
- s390x-wcsncmp.patch: s390x: Fix segfault in wcsncmp (bsc#1228043, BZ
  [#31934])

- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
  addgetnetgrentX (CVE-2024-33602, bsc#1223425)

- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
  for _start routine (bsc#1221940)

- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch:
  nscd: Stack-based buffer overflow in netgroup cache
  (CVE-2024-33599, bsc#1223423, BZ #31677)
- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch:
  nscd: Avoid null pointer crashes after notfound response
  (CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch:
  nscd: Do not send missing not-found response in addgetnetgrentX
  (CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch:
  netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601,
  CVE-2024-33602, bsc#1223425, BZ #31680)

- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
  writes when writing escape sequence (CVE-2024-2961, bsc#1222992)

- duplocale-global-locale.patch: duplocale: protect use of global locale
  (bsc#1220441, BZ #23970)

- qsort-invalid-cmp.patch: qsort: handle degenerated compare function
  (bsc#1218866)

- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
  EAI_MEMORY (bsc#1217589, BZ #31163)

- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr
  (bsc#1217445, BZ #31113)
gnutls
- Security fix: [bsc#1218865, CVE-2024-0553]
  * Incomplete fix for CVE-2023-5981.
  * The response times to malformed ciphertexts in RSA-PSK
    ClientKeyExchange differ from response times of ciphertexts
    with correct PKCS#1 v1.5 padding.
  * Add gnutls-CVE-2024-0553.patch
grub2
- Fix btrfs subvolume for platform modules not mounting at runtime when the
  default subvolume is the topmost root tree (bsc#1228124)
  * grub2-btrfs-06-subvol-mount.patch
- Rediff
  * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch
gtk2
- Add CVE-2024-6655.patch: CVE-2024-6655 Stop looking for modules
  in cwd (bsc#1228120).
hawk2
- Update to version 2.6.4+git.1708604510.dc8c081f:
  * Enable ACL (bsc#1214396,bsc#1219548)
krb5
- Fix vulnerabilities in GSS message token handling, add patch
  0013-Fix-vulnerabilities-in-GSS-message-token-handling.patch
  * CVE-2024-37370, bsc#1227186
  * CVE-2024-37371, bsc#1227187

- Fix memory leaks, add patch 0012-Fix-two-unlikely-memory-leaks.patch
  * CVE-2024-26458, bsc#1220770
  * CVE-2024-26461, bsc#1220771
resource-agents
- Azure-lb fails if IPv6 disabled (bsc#1223554)
  Add upstream patch:
    Add a new parameter: listen
    This parameter can have following walues:
    default: Neither -4 nor -6 will be used. The default behavior of socat and nc will be used.
    socat: Listen only on IPv4 addresses
    nc: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses
    If net.ipv6.bindv6only = 1 => Listen only on IPv4 addresses
    ipv4only: Listen only on IPv4 addresses.
    ipv6enable: Enable TCP6 support.
    nc: Listen only on IPv6 adresses independent of net.ipv6.bindv6only
    socat: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses.
    If net.ipv6.bindv6only = 1 => Listen only on IPv6 adresses.
  Add patch:
    0001-Azure-lb-fails-if-IPv6-disabled.patch

- resource-agents:azure-lb IPv6 support (bsc#1220997)
  Add patch:
    0001-Support-IPv6-with-Azure-load-balncer.patch
less
- Fix CVE-2024-32487, mishandling of \n character in paths when
  LESSOPEN is set leads to OS command execution
  (CVE-2024-32487, bsc#1222849)
  * CVE-2024-32487.patch

- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
  metacharacters, bsc#1219901
  * CVE-2022-48624.patch
libqt5-qtbase
- Added a patch from upstream to prepare the code so that the
  following patch can be applied (which fixes QTBUG-95277):
  * 0001-H2-emit-encrypted-for-at-least-the-first-reply_-similar-to.patch
- Add rebased upstream patch to delay any HTTP2 communication until
  encrypted() can be responded to (bsc#1227426, CVE-2024-39936).
  * 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch
- Add upstream patch to fix a NULL pointer dereference via the
  function QXcbConnection::initializeAllAtoms() when there is
  anomalous behavior from the X server (bsc#1222120,
  CVE-2023-45935):
  * 0001-xcb-guard-a-pointer-before-usage.patch

- Add patch from upstream to fix a regression in the ODBC driver
  (bsc#1227513, QTBUG-112375):
  * 0001-QSQL-ODBC-fix-regression-trailing-NUL.patch
  * 0002-SQL-ODBC-Pass-correct-length-to-SQLColAttribute.patch

- Add upstream patches to fix an incorrect integer overflow check
  (boo#1218413, CVE-2023-51714):
  * 0001-HPack-fix-a-Yoda-Condition.patch
  * 0002-HPack-fix-incorrect-integer-overflow-check.patch
- Add upstream patch to fix a potential overflow in
  assemble_hpack_block():
  * 0001-Http2-fix-potential-overflow-in-assemble_hpack_block.patch

- use pkgconfig(icu-18n) to select current icu

- Add patches from upstream that fixes a buffer overflow in
  QXmlStreamReader (bsc#1214327, CVE-2023-37369, QTBUG-91889):
  * 0001-Dont-parse-XML-symbols-longer-than-4096-characters.patch
  * CVE-2023-37369-qtbase-5.15.diff
gcc13
- Update to GCC 13.3 release

- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream

- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
  the GCN offload compiler as that is requiring Code Object version 3
  which is no longer supported by llvm18.

- Add gcc13-pr101523.patch to avoid combine spending too much
  compile-time and memory doing nothing on s390x.  [boo#1188441]

- Make requirement to lld version specific to avoid requiring the
  meta-package.

- Add gcc13-pr111731.patch to fix unwinding for JIT code.
  [bsc#1221239]

- Revert libgccjit dependency change.  [boo#1220724]

- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.

- Use %patch -P N instead of %patchN.

- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
  crypt and crypt_r interceptors.  The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]

- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
  - fmin-function-alignment.  [bsc#1214934]

- Use %{_target_cpu} to determine host and build.

- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
  * Includes fix for building TVM.  [boo#1218492]

- Add cross-X-newlib-devel requires to newlib cross compilers.
  [boo#1219031]

- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
  in gcc13-devel.  [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
  are linked against libstdc++6.

- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205

- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
  * Includes fix for building mariadb on i686.  [bsc#1217667]
  * Remove pr111411.patch contained in the update.

- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]
avahi
- Add avahi-CVE-2023-38472.patch: Fix reachable assertion in
  avahi_rdata_parse (bsc#1216853, CVE-2023-38472).

- Add avahi-CVE-2023-38471.patch: Extract host name using
  avahi_unescape_label (bsc#1216594, CVE-2023-38471).
- Add avahi-CVE-2023-38469.patch: Reject overly long TXT resource
  records (bsc#1216598, CVE-2023-38469).
util-linux
- agetty: Prevent login cursor escape (bsc#1194818,
  util-linux-agetty-prevent-cursor-escape.patch).

- fix Xen virtualization type misidentification bsc#1215918
  lscpu-fix-parameter-order-for-ul_prefix_fopen.patch

- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,
  util-linux-wall-migrate-to-memstream.patch
  util-linux-fputs_careful2.patch).
c-ares
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
  (bsc#1220279, CVE-2024-25629)
libfastjson
- fix CVE-2020-12762 integer overflow and out-of-bounds write via a
  large JSON file (bsc#1171479)
  add 0001-Fix-CVE-2020-12762.patch
mozilla-nss
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
  approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).

- Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh
  depends on it and will create a broken, empty config, if sed is
  missing (bsc#1227918)

- update to NSS 3.101.2
  * bmo#1905691 - ChaChaXor to return after the function

- Added nss-fips-safe-memset.patch, fixing bsc#1222811.
- Removed some dead code from nss-fips-constructor-self-tests.patch.
- Rebased nss-fips-approved-crypto-non-ec.patch on above changes.
- Added nss-fips-aes-gcm-restrict.patch, fixing bsc#1222830.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222813,
  bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118.
- Updated nss-fips-approved-crypto-non-ec.patch and
  nss-fips-constructor-self-tests.patch, fixing bsc#1222807,
  bsc#1222828, bsc#1222834.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222804,
  bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116.

- update to NSS 3.101.1
  * bmo#1901932 - missing sqlite header.
  * bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- update to NSS 3.101
  * bmo#1900413 - add diagnostic assertions for SFTKObject refcount.
  * bmo#1899759 - freeing the slot in DeleteCertAndKey if authentication failed
  * bmo#1899883 - fix formatting issues.
  * bmo#1889671 - Add Firmaprofesional CA Root-A Web to NSS.
  * bmo#1899593 - remove invalid acvp fuzz test vectors.
  * bmo#1898830 - pad short P-384 and P-521 signatures gtests.
  * bmo#1898627 - remove unused FreeBL ECC code.
  * bmo#1898830 - pad short P-384 and P-521 signatures.
  * bmo#1898825 - be less strict about ECDSA private key length.
  * bmo#1854439 - Integrate HACL* P-521.
  * bmo#1854438 - Integrate HACL* P-384.
  * bmo#1898074 - memory leak in create_objects_from_handles.
  * bmo#1898858 - ensure all input is consumed in a few places in mozilla::pkix
  * bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
  * bmo#1748105 - clean up escape handling
  * bmo#1896353 - Use lib::pkix as default validator instead of the old-one
  * bmo#1827444 - Need to add high level support for PQ signing.
  * bmo#1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
  * bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
  * bmo#1893404 - Allow for non-full length ecdsa signature when using softoken
  * bmo#1830415 - Modification of .taskcluster.yml due to mozlint indent defects
  * bmo#1793811 - Implement support for PBMAC1 in PKCS#12
  * bmo#1897487 - disable VLA warnings for fuzz builds.
  * bmo#1895032 - remove redundant AllocItem implementation.
  * bmo#1893334 - add PK11_ReadDistrustAfterAttribute.
  * bmo#215997  - Clang-formatting of SEC_GetMgfTypeByOidTag update
  * bmo#1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
  * bmo#1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile.
  * bmo#1830415 - Switch to the mozillareleases/image_builder image
- Follow upstream changes in nss-fips-constructor-self-tests.patch (switch from ec_field_GFp to ec_field_plain)
- Remove part of nss-fips-zeroization.patch that got removed upstream
- update to NSS 3.100
  - bmo#1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for
    faster Xyber operations.
  - bmo#1893752 - remove ckcapi.
  - bmo#1893162 - avoid a potential PK11GenericObject memory leak.
  - bmo#671060  - Remove incomplete ESDH code.
  - bmo#215997  - Decrypt RSA OAEP encrypted messages.
  - bmo#1887996 - Fix certutil CRLDP URI code.
  - bmo#1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
  - bmo#676118  - Add ability to encrypt and decrypt CMS messages using ECDH.
  - bmo#676100  - Correct Templates for key agreement in smime/cmsasn.c.
  - bmo#1548723 - Moving the decodedCert allocation to NSS.
  - bmo#1885404 - Allow developers to speed up repeated local execution
    of NSS tests that depend on certificates.
- update to NSS 3.99
  * Removing check for message len in ed25519 (bmo#1325335)
  * add ed25519 to SECU_ecName2params. (bmo#1884276)
  * add EdDSA wycheproof tests. (bmo#1325335)
  * nss/lib layer code for EDDSA. (bmo#1325335)
  * Adding EdDSA implementation. (bmo#1325335)
  * Exporting Certificate Compression types (bmo#1881027)
  * Updating ACVP docker to rust 1.74 (bmo#1880857)
  * Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335)
  * Add NSS_CMSRecipient_IsSupported. (bmo#1877730)
- update to NSS 3.98
  * bmo#1780432 - (CVE-2023-5388) Timing attack against RSA decryption
    in TLS
  * bmo#1879513 - Certificate Compression: enabling the check that
    the compression was advertised
  * bmo#1831552 - Move Windows workers to nss-1/b-win2022-alpha
  * bmo#1879945 - Remove Email trust bit from OISTE WISeKey
    Global Root GC CA
  * bmo#1877344 - Replace `distutils.spawn.find_executable` with
    `shutil.which` within `mach` in `nss`
  * bmo#1548723 - Certificate Compression: Updating nss_bogo_shim to
    support Certificate compression
  * bmo#1548723 - TLS Certificate Compression (RFC 8879) Implementation
  * bmo#1875356 - Add valgrind annotations to freebl kyber operations
    for constant-time execution tests
  * bmo#1870673 - Set nssckbi version number to 2.66
  * bmo#1874017 - Add Telekom Security roots
  * bmo#1873095 - Add D-Trust 2022 S/MIME roots
  * bmo#1865450 - Remove expired Security Communication RootCA1 root
  * bmo#1876179 - move keys to a slot that supports concatenation in
    PK11_ConcatSymKeys
  * bmo#1876800 - remove unmaintained tls-interop tests
  * bmo#1874937 - bogo: add support for the -ipv6 and -shim-id shim
    flags
  * bmo#1874937 - bogo: add support for the -curves shim flag and
    update Kyber expectations
  * bmo#1874937 - bogo: adjust expectation for a key usage bit test
  * bmo#1757758 - mozpkix: add option to ignore invalid subject
    alternative names
  * bmo#1841029 - Fix selfserv not stripping `publicname:` from -X value
  * bmo#1876390 - take ownership of ecckilla shims
  * bmo#1874458 - add valgrind annotations to freebl/ec.c
  * bmo#864039  - PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
  * bmo#1875965 - Update zlib to 1.3.1
- Use %patch -P N instead of deprecated %patchN.
- update to NSS 3.97
  * bmo#1875506 - make Xyber768d00 opt-in by policy
  * bmo#1871631 - add libssl support for xyber768d00
  * bmo#1871630 - add PK11_ConcatSymKeys
  * bmo#1775046 - add Kyber and a PKCS#11 KEM interface to softoken
  * bmo#1871152 - add a FreeBL API for Kyber
  * bmo#1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
  * bmo#1826451 - part 1: add a script for vendoring kyber from pq-crystals repo
  * bmo#1835828 - Removing the calls to RSA Blind from loader.*
  * bmo#1874111 - fix worker type for level3 mac tasks
  * bmo#1835828 - RSA Blind implementation
  * bmo#1869642 - Remove DSA selftests
  * bmo#1873296 - read KWP testvectors from JSON
  * bmo#1822450 - Backed out changeset dcb174139e4f
  * bmo#1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
  * bmo#1871219 - Wrap CC shell commands in gyp expansions
- update to NSS 3.96.1
  * bmo#1869408 - Use pypi dependencies for MacOS worker in ./build_gyp.sh
  * bmo#1830978 - p7sign: add -a hash and -u certusage (also p7verify cleanups)
  * bmo#1867408 - add a defensive check for large ssl_DefSend return values
  * bmo#1869378 - Add dependency to the taskcluster script for Darwin
  * bmo#1869378 - Upgrade version of the MacOS worker for the CI
- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
  explicit default trust flags" test needs longer than the allowed
  6 seconds on s390x
- update to NSS 3.95
  * bmo#1842932 - Bump builtins version number.
  * bmo#1851044 - Remove Email trust bit from Autoridad de Certificacion
    Firmaprofesional CIF A62634068 root cert.
  * bmo#1855318 - Remove 4 DigiCert (Symantec/Verisign) Root Certificates
  * bmo#1851049 - Remove 3 TrustCor Root Certificates from NSS.
  * bmo#1850982 - Remove Camerfirma root certificates from NSS.
  * bmo#1842935 - Remove old Autoridad de Certificacion Firmaprofesional
    Certificate.
  * bmo#1860670 - Add four Commscope root certificates to NSS.
  * bmo#1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
  * bmo#1863605 - Include P-384 and P-521 Scalar Validation from HACL*
  * bmo#1861728 - Include P-256 Scalar Validation from HACL*.
  * bmo#1861265 - After the HACL 256 ECC patch, NSS incorrectly encodes
    256 ECC without DER wrapping at the softoken level
  * bmo#1837987 - Add means to provide library parameters to C_Initialize
  * bmo#1573097 - clang format
  * bmo#1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
  * bmo#1858241 - Typo in ssl3_AppendHandshakeNumber
  * bmo#1858241 - Introducing input check of ssl3_AppendHandshakeNumber
  * bmo#1573097 - Fix Invalid casts in instance.c
- update to NSS 3.94
  * bmo#1853737 - Updated code and commit ID for HACL*
  * bmo#1840510 - update ACVP fuzzed test vector: refuzzed with
    current NSS
  * bmo#1827303 - Softoken C_ calls should use system FIPS setting
    to select NSC_ or FC_ variants
  * bmo#1774659 - NSS needs a database tool that can dump the low level
    representation of the database
  * bmo#1852179 - declare string literals using char in pkixnames_tests.cpp
  * bmo#1852179 - avoid implicit conversion for ByteString
  * bmo#1818766 - update rust version for acvp docker
  * bmo#1852011 - Moving the init function of the mpi_ints before
    clean-up in ec.c
  * bmo#1615555 - P-256 ECDH and ECDSA from HACL*
  * bmo#1840510 - Add ACVP test vectors to the repository
  * bmo#1849077 - Stop relying on std::basic_string<uint8_t>
  * bmo#1847845 - Transpose the PPC_ABI check from Makefile to gyp
- rebased patches
- added nss-fips-test.patch to fix broken test
- Update to NSS 3.93:
  * bmo#1849471 - Update zlib in NSS to 1.3.
  * bmo#1848183 - softoken: iterate hashUpdate calls for long inputs.
  * bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980).
- Rebase nss-fips-pct-pubkeys.patch.
- update to NSS 3.92
  * bmo#1822935 - Set nssckbi version number to 2.62
  * bmo#1833270 - Add 4 Atos TrustedRoot Root CA certificates to NSS
  * bmo#1839992 - Add 4 SSL.com Root CA certificates
  * bmo#1840429 - Add Sectigo E46 and R46 Root CA certificates
  * bmo#1840437 - Add LAWtrust Root CA2 (4096)
  * bmo#1822936 - Remove E-Tugra Certification Authority root
  * bmo#1827224 - Remove Camerfirma Chambers of Commerce Root.
  * bmo#1840505 - Remove Hongkong Post Root CA 1
  * bmo#1842928 - Remove E-Tugra Global Root CA ECC v3 and RSA v3
  * bmo#1842937 - Avoid redefining BYTE_ORDER on hppa Linux
- update to NSS 3.91
  * bmo#1837431 - Implementation of the HW support check for ADX instruction
  * bmo#1836925 - Removing the support of Curve25519
  * bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
  * bmo#1839327 - Adding args to enable-legacy-db build
  * bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
    default trust flags"
  * bmo#1837617 - Initialize flags in slot structures
  * bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
  * bmo#1829112 - Followup Fixes
  * bmo#1784253 - avoid processing unexpected inputs by checking for
    m_exptmod base sign
  * bmo#1826652 - add a limit check on order_k to avoid infinite loop
  * bmo#1834851 - Update HACL* to commit 5f6051d2
  * bmo#1753026 - add SHA3 to cryptohi and softoken
  * bmo#1753026 - HACL SHA3
  * bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch

- update to NSS 3.90.3
  * bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
  * bmo#1748105 - clean up escape handling.
  * bmo#1895032 - remove redundant AllocItem implementation.
  * bmo#1836925 - Disable ASM support for Curve25519.
  * bmo#1836781 - Disable ASM support for Curve25519 for all but X86_64.
- remove upstreamed nss-fix-bmo1836925.patch

- Adding nss-fips-bsc1223724.patch to fix startup crash of Firefox
  when using FIPS-mode (bsc#1223724).

- Added "Provides: nss" so other RPMs that require 'nss' can
  be installed (jira PED-6358).

- update to NSS 3.90.2
  * bmo#1780432 - (CVE-2023-5388) Timing attack against RSA
    decryption in TLS. (bsc#1216198)
  * bmo#1867408 - add a defensive check for large ssl_DefSend
    return values.
libgudev
- Update to version 237:
  + Fix reading double precision floats from sysfs attributes in
    locales that use comma as a separator
  + Fix compilation warning
  + Fix headers to help with build reproducibility
  + Clarify licensing information
- Changes from version 236:
  + Fix meson project name to match autotools.
- Changes from version 235:
  + Port build system to meson and remove autotools
  + Fix conversion of sysfs attributes to boolean.
- Add meson BuildRequires and macros following upstreams port.
- Enable pkgconfig(umockdev-1.0) BuildRequires and test macro.
- Update Licence tag to LGPL-2.1-or-later.

- update to 234:
  * Clarify that _get_sysfs_attr() functions are cached
  * Add functions to get uncached sysfs attributes

- Update to version 233:
  + Require glib 2.38.
  + Small documentation updates.
  + Remove gnome-common build dependency.
- Use modern macros.

- Modernize spec-file by calling spec-cleaner
ncurses
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
  * Backport from ncurses-6.4-20230615.patch
    improve checks in convert_string() for corrupt terminfo entry
nghttp2
- security update
- added patches
  fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-1.patch
  fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
  + nghttp2-CVE-2024-28182-2.patch
openssl-1_1
- Security fix: [bsc#1227138, CVE-2024-5535]
  * SSL_select_next_proto buffer overread
  * Add openssl-CVE-2024-5535.patch

- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
  security vulnerability. Calling the function SSL_free_buffers()
  potentially caused memory to be accessed that was previously
  freed in some situations and a malicious attacker could attempt
  to engineer a stituation where this occurs to facilitate a
  denial-of-service attack. [CVE-2024-4741, bsc#1225551]

- Security fix: [bsc#1222548, CVE-2024-2511]
  * Fix unconstrained session cache growth in TLSv1.3
  * Add openssl-CVE-2024-2511.patch

- Security fix: [bsc#1219243, CVE-2024-0727]
  * Add NULL checks where ContentInfo data can be NULL
  * Add openssl-CVE-2024-0727.patch
pacemaker
- tools: CIB clients retry signon upon an EAGAIN error (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
  * bsc#1224183-0002-Fix-tools-CIB-clients-retry-signon-upon-an-EAGAIN-er.patch
- libcib: new function cib__signon_attempts() (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
  * bsc#1224183-0001-Refactor-libcib-new-function-cib__signon_attempts.patch

- libcrmcommon: reject ISO 8601 duration without any values (gh#ClusterLabs/pacemaker#3517)
  * pacemaker#3517-0002-Low-libcrmcommon-reject-ISO-8601-duration-without-an.patch
- libstonithd: prevent to free 'op_reply' repeatedly in 'stonith_send_command' (gh#ClusterLabs/pacemaker#3517)
  * pacemaker#3517-0001-prevent-to-free-op_reply-repeatedly-in-stonith_send_.patch

- tools: make crm_mon exit upon loss of the attached pseudo-terminal (bsc#1220229, gh#ClusterLabs/pacemaker#3430)
  * bsc#1220229-0001-Fix-tools-make-crm_mon-exit-upon-loss-of-the-attache.patch

- libcib: Don't incorrectly expand "++" and "+=" in XML attr values (gh#ClusterLabs/pacemaker#3413)
  * pacemaker#3413-0003-Fix-libcib-Don-t-incorrectly-expand-and-in-XML-attr-.patch
- libpacemaker: pcmk__inject_failcount should set an integer value (gh#ClusterLabs/pacemaker#3413)
  * pacemaker#3413-0001-Low-libpacemaker-pcmk__inject_failcount-should-set-a.patch
- scheduler: log unknown nodes in location constraints (gh#ClusterLabs/pacemaker#3409, CLBZ#5415)
  * pacemaker#3409-0007-Log-scheduler-log-unknown-nodes-in-location-constrai.patch
- scheduler: correct lifetime deprecation warning (gh#ClusterLabs/pacemaker#3409)
  * pacemaker#3409-0006-Log-scheduler-correct-lifetime-deprecation-warning.patch
- tools: honor rules when getting utilization attributes with crm_resource (gh#ClusterLabs/pacemaker#3409)
  * pacemaker#3409-0005-Fix-tools-honor-rules-when-getting-utilization-attri.patch
- scheduler: deprecate support for default instance attributes (gh#ClusterLabs/pacemaker#3409)
  * pacemaker#3409-0004-Low-scheduler-deprecate-support-for-default-instance.patch
- scheduler: use default timeout (20s) if user configures 0 (gh#ClusterLabs/pacemaker#3409)
  * pacemaker#3409-0003-Fix-scheduler-use-default-timeout-20s-if-user-config.patch
- tools: crm_resource should ignore resource meta-attribute node expressions (gh#ClusterLabs/pacemaker#3409)
  * pacemaker#3409-0001-Fix-tools-crm_resource-should-ignore-resource-meta-a.patch

- fencer: always format time_t values as long long (gh#ClusterLabs/pacemaker#3407)
  * pacemaker#3407-0001-Log-fencer-always-format-time_t-values-as-long-long.patch

- libcrmcommon: NULL-check strdup() in pcmk__register_message() (gh#ClusterLabs/pacemaker#3394)
  * pacemaker#3394-0004-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libcrmcommon: NULL-check strdup() in pcmk__register_format() (gh#ClusterLabs/pacemaker#3394)
  * pacemaker#3394-0003-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libpacemaker: Correctly free graphs and synapses (gh#ClusterLabs/pacemaker#3394)
  * pacemaker#3394-0002-Low-libpacemaker-Correctly-free-graphs-and-synapses.patch
- libcrmcommon: Initialize some variables (gh#ClusterLabs/pacemaker#3394)
  * pacemaker#3394-0001-Low-libcrmcommon-Initialize-some-variables.patch
- HealthSMART:fix the description of temp_lower_limit (gh#ClusterLabs/pacemaker#3392)
  * pacemaker#3392-0001-Doc-HealthSMART-fix-the-description-of-temp_lower_li.patch

- cibsecret: Use 'ps axww' to avoid truncating issue (gh#ClusterLabs/pacemaker#3384)
  * pacemaker#3384-0001-Fix-cibsecret-Use-ps-axww-to-avoid-truncating-issue.patch

- libcrmcommon: Don't try to parse XML from bad .bz2 file (gh#ClusterLabs/pacemaker#3361)
  * pacemaker#3361-0001-Low-libcrmcommon-Don-t-try-to-parse-XML-from-bad-.bz.patch

- libcrmcommon: use uint32_t for 32-bit magic numbers (gh#ClusterLabs/pacemaker#3381)
  * pacemaker#3381-0001-Fix-libcrmcommon-use-uint32_t-for-32-bit-magic-numbe.patch

- libcrmcommon: Use free_xml in html_free_priv. (gh#ClusterLabs/pacemaker#3380)
  * pacemaker#3380-0003-Low-libcrmcommon-Use-free_xml-in-html_free_priv.patch
- libcrmcommon:  Free error strings in html/xml outputters. (gh#ClusterLabs/pacemaker#3380)
  * pacemaker#3380-0002-Low-libcrmcommon-Free-error-strings-in-html-xml-outp.patch
- libcrmcommon: Free text/curses private list data. (gh#ClusterLabs/pacemaker#3380)
  * pacemaker#3380-0001-Low-libcrmcommon-Free-text-curses-private-list-data.patch
- tools: Fix argument validation for crm_attribute update. (gh#ClusterLabs/pacemaker#3379)
  * pacemaker#3379-0001-Low-tools-Fix-argument-validation-for-crm_attribute-.patch

- libcrmcommon: Always output request= in XML output. (gh#ClusterLabs/pacemaker#3362)
  * pacemaker#3362-0001-Low-libcrmcommon-Always-output-request-in-XML-output.patch

- tools: Fix memory leak in crm_mon with HTML output (gh#ClusterLabs/pacemaker#3332)
  * pacemaker#3332-0001-Low-tools-Fix-memory-leak-in-crm_mon-with-HTML-outpu.patch

- attrd: write Pacemaker Remote node attributes even if not in cache (gh#ClusterLabs/pacemaker#3304)
  * pacemaker#3304-0001-Fix-attrd-write-Pacemaker-Remote-node-attributes-eve.patch
- agents: Use attrd_updater dampen delay in SysInfo (gh#ClusterLabs/pacemaker#3286)
  * pacemaker#3286-0002-Fix-agents-Use-attrd_updater-dampen-delay-in-SysInfo.patch
- libcrmcommon: Check correct env vars in pcmk__node_attr_target() (gh#ClusterLabs/pacemaker#3286)
  * pacemaker#3286-0001-Low-libcrmcommon-Check-correct-env-vars-in-pcmk__nod.patch

- scheduler: restore nvpair behavior without id-ref (gh#ClusterLabs/pacemaker#3292)
  * pacemaker#3292-0004-Low-scheduler-restore-nvpair-behavior-without-id-ref.patch
- libcrmcommon: fix NULL dereference in expand_idref() (gh#ClusterLabs/pacemaker#3292)
  * pacemaker#3292-0002-Low-libcrmcommon-fix-NULL-dereference-in-expand_idre.patch
- scheduler: improve logs for invalid id-ref's (gh#ClusterLabs/pacemaker#3292)
  * pacemaker#3292-0001-Log-scheduler-improve-logs-for-invalid-id-ref-s.patch
- pacemaker-attrd,libcrmcluster: avoid use-after-free when remote node in cluster node cache (gh#ClusterLabs/pacemaker#3293)
  * pacemaker#3293-0002-Fix-pacemaker-attrd-libcrmcluster-avoid-use-after-fr.patch
- libcrmcluster: avoid use-after-free in trace log (gh#ClusterLabs/pacemaker#3293)
  * pacemaker#3293-0001-Low-libcrmcluster-avoid-use-after-free-in-trace-log.patch
- HealthSmart: Check the parameter values of check_temperature to avoid error output (gh#ClusterLabs/pacemaker#3289)
  * pacemaker#3289-0001-Fix-HealthSmart-Check-the-parameter-values-of-check_.patch

- agents: handle dampening parameter consistently and correctly
  * 0001-Fix-agents-handle-dampening-parameter-consistently-a.patch

- crm_resource: make --wait wait for pending actions in CIB
  * 0001-Refactor-crm_resource-make-wait-wait-for-pending-act.patch

- agents: HealthCPU - fix the validation of input
  * 0001-fix-the-validation-of-input.patch
python3
- Add CVE-2024-4032-private-IP-addrs.patch to fix bsc#1226448
  (CVE-2024-4032) rearranging definition of private v global IP
  addresses.

- Add CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
  fixing bsc#1226447 (CVE-2024-0397) by removing memory race
  condition in ssl.SSLContext certificate store methods.

- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
  gh#python/cpython!16557) fixes syslog making default "ident"
  from sys.argv[0].
- Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that
  it uses features sniffing, not just comparing version number
  (bsc#1220664, bsc#1219559, bsc#1221563, bsc#1222075).
- Remove support-expat-CVE-2022-25236-patched.patch, which was
  the previous name of this patch.
- Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping
  failing tests.
- Refresh patches:
  - CVE-2023-27043-email-parsing-errors.patch
  - fix_configure_rst.patch
  - skip_if_buildbot-extend.patch

- bsc#1221854 (CVE-2024-0450) Add
  CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
  detecting the vulnerability of the "quoted-overlap" zipbomb
  (from gh#python/cpython!110016).
- Add bh42369-thread-safety-zipfile-SharedFile.patch (from
  gh#python/cpython!26974) required by the previous patch.
- Add expat-260-test_xml_etree-reparse-deferral.patch to make the
  interpreter work with patched libexpat in our distros.
- Move all patches from locally sourced to the branch
  opensuse-3.6 branch at GitHub repo, and move all metadata to
  commits themselves (readable in the headers of each patch).
- Add bpo-41675-modernize-siginterrupt.patch to make Python build
  cleanly even on more recent SPs of SLE-15
  (gh#python/cpython#85841).
- Remove patches:
  - bpo36263-Fix_hashlib_scrypt.patch - fix against bug in
    OpenSSL fixed in 1.1.1c (gh#openssl/openssl!8483), so this
    patch is redundant on all SUSE-supported distros
  - python-3.3.0b1-test-posix_fadvise.patch - protection
    against the kernel issues which has been fixed in
    gh#torvalds/linux@3d3727cdb07f, which has been included in
    all our kernels more recent than SLE-11.
  - python-3.3.3-skip-distutils-test_sysconfig_module.patch -
    skips a test, which should be relevant only for testing on
    Mac OS X systems with universal builds. I have no valid
    record, that this test would be ever problematic on Linux.
  - bpo-36576-skip_tests_for_OpenSSL-111.patch, which was
    included already in Python 3.5.

- (bsc#1219666, CVE-2023-6597) Add
  CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
  gh#python/cpython!99930) fixing symlink bug in cleanup of
  tempfile.TemporaryDirectory.
- Merge together bpo-36576-skip_tests_for_OpenSSL-111.patch into
  skip_SSL_tests.patch, and make them include all conditionals.

- Refresh CVE-2023-27043-email-parsing-errors.patch to
  gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
libqb
- ipc: Retry receiving credentials if the the message is short (gh#ClusterLabs/libqb#476, rh#2111711, bsc#1224183)
  * bsc#1224183-0001-ipc-Retry-receiving-credentials-if-the-the-message-i.patch
qrencode
- update to 4.1.1 (jsc#PED-7296):
  * Some minor bugs in Micro QR Code generation have been fixed.
  * The data capacity calculations are now correct. These bugs probably did not
    affect the Micro QR Code generation.

- update to 4.1.0:
  * Command line tool "qrencode" has been improved:
  * New option "--inline" has been added. (Thanks to @jp-bennett)
  * New option "--strict-version" has been added.
  * UTF8 mode now supports ANSI256 color. (Thanks to András Veres-
    Szentkirályi)
  * Micro QR Code no longer requires to specify the version number.
  * 'make check' allows to run the test programs. (Thanks to Jan Tojnar)
  * Some compile time warnings have been fixed.
  * Various CMake support improvements. (Thanks to @mgorny and @sdf5)
  * Some minor bug fixes. (Thanks to Lonnie Abelbeck and Frédéric Wang)
  * Some documentation/manpage improvements. (Thanks to Dan Jacobson)
  * Some performance improvements. (Thanks to @4061N and Mika Lindqvist)
- remove qrencode-fix-installation.patch (upstream)

- Update to version 4.0.2
  * Build script fixes. (Thanks to @mgorny)
  version 4.0.1
  * CMake support improved.
  * New test scripts have been added.
  * Some compile time warnings have been fixed.
- Refreshed qrencode-fix-installation.patch
libsolv
- removed dependency on external find program in the repo2solv tool
- bindings: fix return value of repodata.add_solv()
- new SOLVER_FLAG_FOCUS_NEW flag
- bump version to 0.7.30

- add a conflict to older libsolv-tools to libsolv-tools-base
- report unsupported compression in solv_xfopen() with errno
- fix return value of repodata.add_solv() in the bindings
- fix SHA-224 oid in solv_pgpvrfy

- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
  cases
- added experimental lua bindings
- bump version to 0.7.29

- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]

- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28
libssh
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1227396)
  - added libssh-fix-ipv6-hostname-regression.patch

- Update to 0.9.8: [jsc#PED-7719, bsc#1218126, CVE-2023-48795]
  * Rebase 0001-disable-timeout-test-on-slow-buildsystems.patch
  * Remove patches fixed in the update:
  - CVE-2019-14889.patch
  - 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch

- Update to version 0.9.8
  * Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209)
  * Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126)
  * Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186)
  * Allow @ in usernames when parsing from URI composes
- Update to version 0.9.7
  * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm
    guessing (bsc#1211188)
  * Fix CVE-2023-2283: a possible authorization bypass in
    pki_verify_data_signature under low-memory conditions (bsc#1211190)
  * Fix several memory leaks in GSSAPI handling code

- Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
  * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6

- Add missing BR for openssh needed for tests

- update to 0.9.5 (bsc#1174713, CVE-2020-16135):
  * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
  * Improve handling of library initialization (T222)
  * Fix parsing of subsecond times in SFTP (T219)
  * Make the documentation reproducible
  * Remove deprecated API usage in OpenSSL
  * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
  * Define version in one place (T226)
  * Prevent invalid free when using different C runtimes than OpenSSL (T229)
  * Compatibility improvements to testsuite

- Update to version 0.9.4
  * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
  * Fix possible Denial of Service attack when using AES-CTR-ciphers
    CVE-2020-1730 (bsc#1168699)
libssh2_org
- Fix an issue with Encrypt-then-MAC family. [bsc#1221622]
  * Test the ETM feature in the remote end's configuration when
    receiving data. Upstream issue: #1331.
  * Add libssh2_org-ETM-remote.patch

- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com"
  when configuring custom method list. [bsc#1218971, CVE-2023-48795]
  * The strict-kex extension is announced in the list of available
    KEX methods. However, when the default KEX method list is modified
    or replaced, the extension is not added back automatically.
  * Add libssh2_org-CVE-2023-48795-ext.patch
suseconnect-ng
- Update version to 1.11
  - Added uname as collector
  - Added SAP workload detection
  - Added detection of container runtimes
  - Multiple fixes on ARM64 detection
  - Use `read_values` for the CPU collector on Z
  - Fixed data collection for ppc64le
  - Grab the home directory from /etc/passwd if needed (bsc#1226128)

- Update version to 1.10.0
  * Build zypper-migration and zypper-packages-search as standalone
    binaries rather then one single binary
  * Add --gpg-auto-import-keys flag before action in zypper command (bsc#1219004)
  * Include /etc/products.d in directories whose content are backed
    up and restored if a zypper-migration rollback happens. (bsc#1219004)
  * Add the ability to upload the system uptime logs, produced by the
    suse-uptime-tracker daemon, to SCC/RMT as part of keepalive report.
    (jsc#PED-7982) (jsc#PED-8018)
  * Add support for third party packages in SUSEConnect
  * Refactor existing system information collection implementation

- Update to version 1.9.0
  * Fix certificate import for Yast when using a registration proxy with
    self-signed SSL certificate (bsc#1223107)

- Update to version 1.8.0
  * Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)

- Update to version 1.7.0
  * Allow SUSEConnect on read write transactional systems (bsc#1219425)
tiff
- security update:
  * CVE-2024-7006 [bsc#1228924]
    Fix pointer deref in tif_dirinfo.c
    + tiff-CVE-2024-7006.patch

- security update:
  * CVE-2023-3164 [bsc#1212233]
    Fix heap buffer overflow in tiffcrop
    + tiff-CVE-2023-3164.patch

- security update:
  * CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
    CVE-2023-38288[bsc#1213590]
    Fix potential int overflow in raw2tiff.c and tiffcp.c
    Rename tiff-CVE-2023-38288.patch into
    tiff-CVE-2023-38288,CVE-2023-40745,CVE-2023-41175.patch

- security update:
  * CVE-2023-52356 [bsc#1219213]
    Fix segfault in TIFFReadRGBATileExt()
    + tiff-CVE-2023-52356.patch
libvirt
- CVE-2024-2494: remote: check for negative array lengths before
  allocation
  8a3f8d95-CVE-2024-2494.patch, 1b8c1ce7-adapt-libssh2-api.patch
  bsc#1221815
libxml2
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
  xmlHTMLPrintFileContext in xmllint.c
  * Added libxml2-CVE-2024-34459.patch

- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader
  * Added libxml2-CVE-2024-25062.patch
libzypp
- Make sure not to statically linked installed tools (bsc#1228787)
- version 17.35.8 (35)

- MediaPluginType must be resolved to a valid MediaHandler
  (bsc#1228208)
- version 17.35.7 (35)

- Export CredentialManager for legacy YAST versions (bsc#1228420)
- version 17.35.6 (35)

- Export asSolvable for YAST (bsc#1228420)
- Fix 4 typos in zypp.conf.
- version 17.35.5 (35)

- Fix typo in the geoip update pipeline (bsc#1228206)
- Export RepoVariablesStringReplacer for yast2 (bsc#1228138)
- version 17.35.4 (35)

- Translation: updated .pot file.
- Conflict with python zypp-plugin < 0.6.4 (bsc#1227793)
  Older zypp-plugins reject stomp headers including a '-'. Like the
  'content-length' header we may send.
- Fix int overflow in Provider (fixes #559)
  This patch fixes an issue in safe_strtonum which caused
  timestamps to overflow in the Provider message parser.
- Fix error reporting on repoindex.xml parse error (bsc#1227625)
- version 17.35.3 (35)

- Keep UrlResolverPlugin API public (fixes #560)
- Blacklist /snap executables for 'zypper ps' (bsc#1226014)
- Fix handling of buddies when applying locks (bsc#1225267)
  Buddy pairs (like -release package and product) internally share
  the same status object. When applying locks from query results
  the locked bit must be set if either item is locked.
- version 17.35.2 (35)

- Install zypp/APIConfig.h legacy include (fixes #557)
- version 17.35.1 (35)

- Update soname due to RepoManager refactoring and cleanup.
- version 17.35.0 (35)

- Workaround broken libsolv-tools-base requirements (fixes
  openSUSE/zypper#551)
- Strip ssl_clientkey from repo urls (bsc#1226030)
- Remove protobuf build dependency.
- Lazily attach medium during refresh workflows (bsc#1223094)
- Refactor RepoManager and add Service workflows.
- version 17.34.2 (34)

- zypp-tui: Make sure translated texts use the correct textdomain
  (fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)

- don't require libproxy1 on tumbleweed, it is optional now

- version 17.34.0 (34)
- Fix versioning scheme

- version 17.33.4 (35)

- add one more missing export for libyui-qt-pkg

- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)

- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2

- version 17.33.1 (33)

- switch to reduced size libsolv-tools-base (jsc#PED-8153)

- Fixed check for outdated repo metadata as non-root user
  (bsc#1222086)
- Add ZYPP_API for exported functions and switch to
  visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)

- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)

- Don't try to refresh volatile media as long as raw metadata are
  present (bsc#1223094)
- version 17.32.5 (32)

- Fix creation of sibling cache dirs with too restrictive mode
  (bsc#1222398)
  Some install workflows in YAST may lead to too restrictive (0700)
  raw cache directories in case of newly created repos. Later
  commands running with user privileges may not be able to access
  these repos.
- version 17.32.4 (32)

- Update RepoStatus fromCookieFile according to the files mtime
  (bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)

- Fixup New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
  Fixed the name of the keyword to "support_superseded" as it was
  agreed on in jsc#OBS-301.
- version 17.32.2 (32)

- Add resolver option 'removeUnneeded' to file weak remove jobs
  for unneeded packages (bsc#1175678)
- version 17.32.1 (32)

- Add resolver option 'removeOrphaned' for distupgrade
  (bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
  (jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
  defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)

- ProblemSolution::skipsPatchesOnly overload to handout the
  patches.
- Remove https->http redirection exceptions for
  download.opensuse.org.
- version 17.31.32 (22)

- tui: allow to access the underlying ostream of out::Info.
- Add MLSep: Helper to produce not-NL-terminated multi line
  output.
- version 17.31.31 (22)

- applydeltaprm: Create target directory if it does not exist
  (bsc#1219442)
- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514)
- Fix problems with EINTR in ExternalDataSource::getline (fixes
  bsc#1215698)
- version 17.31.30 (22)

- CheckAccessDeleted: fix running_in_container detection
  (bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime
  (bsc#1218831)
- Make Wakeup class EINTR safe.
- Add a way to cancel media operations on shutdown
  (openSUSE/zypper#522)
  This patch adds a mechanism to signal libzypp that a shutdown was
  requested, usually when CTRL+C was pressed by the user. Currently
  only the media backend will utilize this, but can be extended to
  all code paths that use g_poll() to wait for events.
- Manually poll fds for curl in MediaCurl.
  Using curl_easy_perform does not give us the required control on
  when we want to cancel a download. Switching to the MultiCurl
  implementation with a external poll() event loop will give us
  much more freedom and helps us to improve our Ctrl+C handling.
- Move reusable curl poll code to curlhelper.h.
- version 17.31.29 (22)

- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)
lifecycle-data-sle-module-live-patching
- Added data for 5_14_21-150400_24_119,
  5_14_21-150400_24_122, 5_14_21-150500_55_62,
  5_14_21-150500_55_65, 5_14_21-150500_55_68,
  5_3_18-150200_24_191, 5_3_18-150200_24_194,
  5_3_18-150300_59_161, 5_3_18-150300_59_164,
  6_4_0-150600_21, 6_4_0-150600_23_7,
  +kernel-livepatch-5_14_21-150500_13_52-rt,*,+kernel-livepatch-5_14_21-150500_13_55-rt,*,+kernel-livepatch-5_14_21-150500_13_58-rt,*. (bsc#1020320)

- Added data for 5_14_21-150400_24_111, 5_14_21-150400_24_116,
  5_14_21-150500_55_52, 5_14_21-150500_55_59,
  5_3_18-150200_24_183, 5_3_18-150200_24_188,
  5_3_18-150300_59_153, 5_3_18-150300_59_158,
  +kernel-livepatch-5_14_21-150400_15_71-rt,*,+kernel-livepatch-5_14_21-150500_13_38-rt,*,+kernel-livepatch-5_14_21-150500_13_43-rt,*,+kernel-livepatch-5_14_21-150500_13_47-rt,*. (bsc#1020320)

- Added data for 4_12_14-150100_197_168,
  5_14_21-150400_24_103, 5_14_21-150400_24_108,
  5_14_21-150500_55_44, 5_14_21-150500_55_49,
  5_3_18-150200_24_175, 5_3_18-150200_24_178,
  5_3_18-150300_59_147, 5_3_18-150300_59_150,
  +kernel-livepatch-5_14_21-150400_15_65-rt,*,+kernel-livepatch-5_14_21-150400_15_68-rt,*,+kernel-livepatch-5_14_21-150500_13_30-rt,*,+kernel-livepatch-5_14_21-150500_13_35-rt,*. (bsc#1020320)

- Added data for 4_12_14-150100_197_160,
  4_12_14-150100_197_165, 5_14_21-150400_24_100,
  5_14_21-150400_24_66, 5_14_21-150400_24_88,
  5_14_21-150400_24_92, 5_14_21-150400_24_97,
  5_14_21-150500_55_28, 5_14_21-150500_55_31,
  5_14_21-150500_55_36, 5_14_21-150500_55_39,
  5_3_18-150200_24_166, 5_3_18-150200_24_169,
  5_3_18-150200_24_172, 5_3_18-150300_59_138,
  5_3_18-150300_59_141, 5_3_18-150300_59_144,
  +kernel-livepatch-5_14_21-150400_15_53-rt,*,+kernel-livepatch-5_14_21-150400_15_56-rt,*,+kernel-livepatch-5_14_21-150400_15_59-rt,*,+kernel-livepatch-5_14_21-150400_15_62-rt,*,+kernel-livepatch-5_14_21-150500_13_18-rt,*,+kernel-livepatch-5_14_21-150500_13_21-rt,*,+kernel-livepatch-5_14_21-150500_13_24-rt,*,+kernel-livepatch-5_14_21-150500_13_27-rt,*. (bsc#1020320)
shadow
- bsc#1228770: Fix not copying of skel files
  Update shadow-CVE-2013-4235.patch

- bsc#916845 (CVE-2013-4235): Fix TOCTOU race condition
  Add shadow-CVE-2013-4235.patch
netcfg
- Add krb-prop entry, fix for bsc#1211886.
ocfs2-tools
- OCFS2 writes delay on large volumes - slow la window lookup from global_bitmap (bsc#1219224)
  * bsc1219224-debugfs.ocfs2-support-recording-gd-bg_contig_free_bi.patch

- fsck.ocfs2: add the ability to clear jbd2 errno (bsc#1216834)
  + mounted.ocfs2-use-sys-sysmacros.h-include-for-makede.patch
  + Fix-build-failure-with-glibc-2.28.patch
  + bsc1216834-fsck.ocfs2-add-the-ability-to-clear-jbd2-errno.patch
openssh
- Add patches from upstream to change the default value of
  UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
  This makes ssh update the known_hosts stored keys with all
  published versions by the server (after it's authenticated
  with an existing key), which will allow to identify the
  server with a different key if the existing key is considered
  insecure at some point in the future (bsc#1222831).
  * 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
  * 0002-upstream-disable-UpdateHostkeys-by-default-if.patch

- Add patches openssh-7.7p1-seccomp_getuid.patch and
  openssh-bsc1216474-s390-leave-fds-open.patch
  (bsc#1216474, bsc#1218871)

- Fix hostbased ssh login failing occasionally with "signature
  unverified: incorrect signature" by fixing a typo in patch
  (bsc#1221123):
  * openssh-7.8p1-role-mls.patch

- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385).
  This limits the use of shell metacharacters in host- and
  user names.
pam-config
- Fix pam_gnome_keyring module for AUTH.
  [pam-config-fix-pam_gnome_keyring.patch, bsc#1219767]
pam
- Prevent cursor escape from the login prompt [bsc#1194818]
  * Added: pam-bsc1194818-cursor-escape.patch
perl
- fix space calculation issues in pp_pack.c [bnc#1082216]
  [CVE-2018-6913]
  * new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
  [CVE-2018-6798]
  new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
  new patch: perl-net-ftp-tls13.diff
python-azure-agent
- Restart the agent (bsc#1227600)
  + The agent service gets restarted in post but may fail due to a missing
    config file. config files were split into their own package previously.
    When we detect that we have to restore a config file we also need
    to restart the agent again.

- Add agent-btrfs-use-f.patch (bsc#1227711)
  + Use the proper option to force btrfs to overwrite a file system on the
    resource disk if one already exists.

- Set Provisioning.Agent parameter to 'cloud-init' in SLE Micro >= 5.5
  (bsc#1227106).
- Do not package waagent2.0 in Python 3 builds.
- Drop obsolete otherproviders keyword from Conflicts statements

- Do not require wicked in non-SUSE build environments.

- Apply python3 interpreter patch in non SLE build environments
  (bcs#1227067)
- Simplify %suse_version conditionals

- Use the -Z option for mv and cp in the posttrans to properly handle
  SELinux context (bsc#1225946)

- Keep the existing config file (bsc#1222620)
  + During separation of the config file into subpackages it was forgotten
    that on update of the main package the previously provided config file
    would be removed. SInce we do not know which flavor of our images the
    package is being upgraded on, preserve the previously existing config
    file. This will orphan the file if non of the -config-* packages gets
    installed.

- Do not force wicked dependency for networking, allow NM in SLE Micro 5.5
  and for ALP based products
- Change patch syntax in preparetion for RPM 4.20

- Recognise SLE-Micro as a SLE based distro
  + Add agent-micro-is-sles.patch

- Create sub-packages for the config (jsc#PED-7869)
  + Remove config manipulation from image building
  + Set up a config for SLE-Micro
  + Makes deafult upstream config available
- Update to 2.9.1.1 (bsc#1217301, bsc#1217302)
  + Update remove-mock.patch
  + Download certificates when goal state source is fast track #2761
  + Increase the max number of extension events by 20% #2785
  + Remove version suffix from extension slice #2782
  + Support int type for eventPid and eventTid fields #2786
  + Improve log for swap counter not found #2789
  + Remove cgroup files during deprovisioning #2790
  + Log VM architecture in heartbeat telemetry for arm64 adoption
    monitoring #2818
  + Enforce memory usage for agent #2671
  + Use common download logic for agent downloads #2682
  + Implement Fedora distro #2642
  + Report message in handler heartbeat #2688
  + Remove dependency on pathlib from makepkg #2717
  + Do not fetch extensions goal state in log collector #2713
  + Update log collector unit file to remove memory limit #2757
  + Fix bug in get_dhcp_pid (CoreOS) #2784
  + Fetch full distro version for mariner #2773
  From 2.9.04
  + Resource Governance on extensions (CPU monitoring and enforcing & Memory
    monitoring) #2632 #2581 #2555
  + Agent resource governance #2597 #2591 #2546
  + monitor system-wide memory metrics (#2610)
  + Additional telemetry for goal state (#2675)
  + HostGAPlugin usage improvements #2662 #2673 #2655 #2651
  + Add logging statements for mrseq migration during update (#2667)
  + Logcollector memory usage #2658 #2637
  + Update Log Collector default in Comments and Readme (#2608)
  + Improve telemetry success and failure markers (#2605) #2604 #2599
  + Fix formatting of exceptions on Python 3.10
    (traceback.format's etype argument) (#2663)
  + Fix UNKNOWN(Zombie) Process in unexpected processes check (#2644)
  + SUSE: Fix valid values for DHCLIENT_HOSTNAME_OPTION (#2643)
  + Debian - string conversion for systemd service (#2574)
  + Do not set a CPU quota on the agent for RHEL and Centos (#2685) #2689 #2693
  + support rhel distro (#2620) #2598
  + Added support for devuan linux distribution (#2553)
  No incremental updates between 2.8.011 and 2.9.0.4

- Clean up conditions in spec file:
  + There is no maintained distro > 1315 (SLE12) AND < 1500
    (SLE15). Only openSUSE 13.2 and 13.3 lived in that space, but
    they are clearly not the target of this spec file.
  + if 0%{?Suse_version} && 0{?suse_version} > 1315: no need to
    first validate suse_version being defined: whenever it
    is > 1315, must be defined.

- Add patch remove-mock.patch:
  * Use unittest.mock first, falling back to mock if required.
- Tighten Requires against python3-mock.
python-Jinja2
- Add CVE-2024-34064.patch upstream patch
  (CVE-2024-34064, bsc#1223980, gh#pallets/jinja@0668239dc6b4)
  Also fixes (CVE-2024-22195, bsc#1218722)
python-PyYAML
- reenable the cython yaml loader (bsc#1225641)
python-adal
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.2.7
  + For detailed information about changes see the
    HISTORY.txt file provided with this package

- New upstream release
  + Version 1.2.6
  + For detailed information about changes see the
    HISTORY.txt file provided with this package
python-applicationinsights
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.11.10
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-argcomplete
- Fix update-alternatives, bsc#1224109

- Use update-alternatives for package binaries to avoid conflict with
  python311 stack. bsc#1219305
python-azure-ai-anomalydetector
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 3.0.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-ai-metricsadvisor
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b4

- New upstream release
  + Version 1.0.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-ai-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-ai-textanalytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 5.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 5.1.0.0 to ensure
  proper upgrade from previous version 5.1.0b7
- Update Requires from setup.py

- New upstream release
  + Version 5.1.0b7
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.1.0b6
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.1.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-appconfiguration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.2.0.0 to ensure
  proper upgrade from previous version 1.2.0b2

- New upstream release
  + Version 1.2.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.2.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-applicationinsights
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.1.1
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-batch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 12.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-cognitiveservices-anomalydetector
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-formrecognizer
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-inkrecognizer
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-knowledge-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-cognitiveservices-knowledge-qnamaker
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-language-luis
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-language-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-cognitiveservices-language-spellcheck
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-language-textanalytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.2.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-cognitiveservices-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-cognitiveservices-personalizer
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-autosuggest
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-customimagesearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-customsearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-entitysearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-imagesearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-newssearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-cognitiveservices-search-videosearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-visualsearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-search-websearch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-vision-computervision
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.9.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.8.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-cognitiveservices-vision-contentmoderator
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-vision-customvision
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cognitiveservices-vision-face
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-cognitiveservices-vision-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-common
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.28
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.1.27
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-communication-administration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-communication-chat
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Temporarily override package version to 1.0.0.0 to allow
  upgrades from the previous 1.0.0b5 version
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b5
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-communication-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-communication-sms
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Temporarily override package version to 1.0.0.0 to allow
  upgrades from the previous 1.0.0b6 version
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b6
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-core
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-cosmos
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-data-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-datalake-store
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.0.52
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
python-azure-devops
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Revert previous change use to %pyunittest to invoke testsuite

- %check: use %pyunittest rpm macro
python-azure-eventgrid
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.7.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.7.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.1.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-eventhub-checkpointstoreblob
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.1.3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update BuildRequires and Requires from setup.py

- New upstream release
  + Version 1.1.2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-eventhub
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 5.7.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.6.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.3.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 5.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-functions-devops-build
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-graphrbac
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-identity
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.10.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Drop patches for issues fixed upstream
  + ai_relax-python-depends.patch
- Override upstream version with 1.10.0.0 to ensure
  proper upgrade from previous version 1.10.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.10.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Add patch to relax Python dependencies in setup.py
  + ai_relax-python-depends.patch
- Update Requires from setup.py

- New upstream release
  + Version 1.9.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.8.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.7.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.7.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.6.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.6.0.0 to ensure
  proper upgrade from previous version 1.6.0b3

- New upstream release
  + Version 1.6.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.6.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-keyvault-administration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 4.0.0.0 to ensure
  proper upgrade from previous version 4.0.0b3
- Update Requires from setup.py

- New upstream release
  + Version 4.0.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-keyvault-certificates
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-keyvault-keys
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.5.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 4.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 4.5.0.0 to ensure
  proper upgrade from previous version 4.5.0b6

- New upstream release
  + Version 4.5.0b6
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.5.0b5
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.5.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 4.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 4.4.0.0 to ensure
  proper upgrade from previous version 4.4.0b4

- New upstream release
  + Version 4.4.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.4.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.3.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-keyvault-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Switch to explicit namespace packages on Python 3 (PEP 420)
python-azure-keyvault-secrets
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-keyvault
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Only build Python3 flavors for distributions 15 and greater
python-azure-loganalytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.1.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-advisor
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-alertsmanagement
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-apimanagement
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-appconfiguration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.1.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-applicationinsights
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-appplatform
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 6.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 6.0.0.0 to ensure
  proper upgrade from previous version 6.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 6.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-attestation
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-authorization
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-automanage
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-automation
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-azurestackhci
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0rc1
python-azure-mgmt-azurestack
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-batchai
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-batch
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 16.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 16.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 15.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 14.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-billing
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-botservice
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
python-azure-mgmt-cdn
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 12.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-cognitiveservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 13.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 13.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 12.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 11.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-commerce
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-communication
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b4
python-azure-mgmt-compute
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 26.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 26.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 25.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 24.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 24.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-consumption
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-containerinstance
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- Downgrade to previous upstream release
  + Version 2.0.0
  + Required to unbreak Azure CLI packages (bsc#1183865)
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-containerregistry
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-containerservice
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 19.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 19.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 18.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 17.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 16.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 16.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 16.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 16.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 16.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 15.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 15.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 14.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-core
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.3.0.0 to ensure
  proper upgrade from previous version 1.3.0b3

- New upstream release
  + Version 1.3.0b3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.3.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-cosmosdb
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 6.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-costmanagement
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-databoxedge
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-databricks
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-datafactory
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.2.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py

- New upstream release
  + Version 0.15.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-datalake-analytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-datalake-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-mgmt-datalake-store
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-datamigration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 10.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 9.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-datashare
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-deploymentmanager
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-devspaces
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-devtestlabs
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-dns
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 8.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-documentdb
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-edgegateway
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-eventgrid
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 10.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 10.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-eventhub
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 10.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-frontdoor
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    HISTORY.txt file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-hanaonazure
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-hdinsight
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-healthcareapis
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-hybridcompute
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 7.0.0.0 to ensure
  proper upgrade from previous version 7.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 7.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-imagebuilder
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-iotcentral
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 9.0.0.0 to ensure
  proper upgrade from previous version 9.0.0b1

- New upstream release
  + Version 9.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 4.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-iothubprovisioningservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-iothub
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-keyvault
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-kubernetesconfiguration
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-kusto
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-labservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-loganalytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 13.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 12.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 11.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 10.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-logic
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-machinelearningcompute
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-machinelearningservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-managedservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 6.0.0.0 to ensure
  proper upgrade from previous version 6.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 6.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-managementgroups
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-managementpartner
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-maps
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-marketplaceordering
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-media
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 7.0.0.0 to ensure
  proper upgrade from previous version 7.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 7.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-mixedreality
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-monitor
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 3.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-msi
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 6.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Updates Requires from setup.py
python-azure-mgmt-netapp
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 5.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-network
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 19.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 19.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-notificationhubs
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-mgmt-peering
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-policyinsights
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-powerbiembedded
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-privatedns
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-rdbms
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 10.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 10.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 9.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 9.1.0.0 to ensure
  proper upgrade from previous version 9.1.0b1

- New upstream release
  + Version 9.1.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 9.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 8.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 8.1.0.0 to ensure
  proper upgrade from previous version 8.1.0b4

- New upstream release
  + Version 8.1.0b4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 8.1.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-recoveryservicesbackup
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 5.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.1.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 4.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 0.11.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.10.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-recoveryservices
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-redhatopenshift
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-redis
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 13.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 13.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 12.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-regionmove
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-relay
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-reservations
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-resourcegraph
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-resourcemover
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.1.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-scheduler
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-search
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 8.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-security
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-serialconsole
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-servermanager
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-servicebus
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 7.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-servicefabric
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-signalr
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b2

- New upstream release
  + Version 1.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-sqlvirtualmachine
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-sql
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 4.0.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 3.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 3.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-storagecache
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 0.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Summary and %description from setup.py
python-azure-mgmt-storageimportexport
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-storagesync
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0b1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-storage
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 20.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 19.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 19.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 18.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 17.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 17.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-streamanalytics
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
  proper upgrade from previous version 1.0.0rc1
- Update Requires from setup.py
python-azure-mgmt-subscription
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt-synapse
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 2.1.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-mgmt-trafficmanager
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
python-azure-mgmt-vmwarecloudsimple
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-mgmt-web
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 6.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 6.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 5.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-mgmt
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Add additional packages from the Azure SDK to Requires
  + python-azure-mgmt-app

- Add additional packages from the Azure SDK to Requires
  + python-azure-mgmt-agfood
  + python-azure-mgmt-agrifood
  + python-azure-mgmt-avs
  + python-azure-mgmt-chaos
  + python-azure-mgmt-connectedvmware
  + python-azure-mgmt-dataprotection
  + python-azure-mgmt-deviceupdate
  + python-azure-mgmt-digitaltwins
  + python-azure-mgmt-edgeorder
  + python-azure-mgmt-elastic
  + python-azure-mgmt-extendedlocation
  + python-azure-mgmt-fluidrelay
  + python-azure-mgmt-guestconfig
  + python-azure-mgmt-hybridnetwork
  + python-azure-mgmt-loadtestservice
  + python-azure-mgmt-logz
  + python-azure-mgmt-mobilenetwork
  + python-azure-mgmt-oep
  + python-azure-mgmt-orbital
  + python-azure-mgmt-purview
  + python-azure-mgmt-quantum
  + python-azure-mgmt-quota
  + python-azure-mgmt-recoveryservicessiterecovery
  + python-azure-mgmt-resourceconnector
  + python-azure-mgmt-resourcehealth
  + python-azure-mgmt-servicefabricmanagedclusters
  + python-azure-mgmt-servicelinker
  + python-azure-mgmt-storagepool
  + python-azure-mgmt-testbase
  + python-azure-mgmt-videoanalyzer
  + python-azure-mgmt-webpubsub
python-azure-monitor
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-multiapi-storage
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.9.0
  + For detailed information about changes see the
    README.rst file provided with this package

- New upstream release
  + Version 0.8.0
  + For detailed information about changes see the
    README.rst file provided with this package

- New upstream release
  + Version 0.7.0
  + For detailed information about changes see the
    README.rst file provided with this package

- New upstream release
  + Version 0.6.2
  + For detailed information about changes see the
    README.rst file provided with this package
- Update Requires from setup.py
python-azure-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-sdk
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Add additional packages from the Azure SDK to Requires
  + python-azure-agrifood-farming
  + python-azure-agrifood-nspkg
  + python-azure-ai-formrecognizer
  + python-azure-ai-language-nspkg
  + python-azure-ai-language-questionanswering
  + python-azure-ai-translation-document
  + python-azure-ai-translation-nspkg
  + python-azure-communication-identity
  + python-azure-communication-networktraversal
  + python-azure-communication-phonenumbers
  + python-azure-confidentialledger
  + python-azure-containerregistry
  + python-azure-core-tracing-opencensus
  + python-azure-core-tracing-opentelemetry
  + python-azure-data-tables
  + python-azure-digitaltwins-core
  + python-azure-digitaltwins-nspkg
  + python-azure-eventhub-checkpointstoreblob-aio
  + python-azure-media-nspkg
  + python-azure-media-videoanalyzer-edge
  + python-azure-messaging-nspkg
  + python-azure-messaging-webpubsubservice
  + python-azure-mixedreality-authentication
  + python-azure-mixedreality-nspkg
  + python-azure-monitor-nspkg
  + python-azure-monitor-query
  + python-azure-purview-account
  + python-azure-purview-administration
  + python-azure-purview-catalog
  + python-azure-purview-nspkg
  + python-azure-purview-scanning
  + python-azure-schemaregistry
  + python-azure-schemaregistry-avroserializer
  + python-azure-security-attestation
  + python-azure-security-nspkg
  + python-azure-storage-file-datalake
  + python-azure-storage-file-share
  + python-azure-storage-queue
  + python-azure-synapse-managedprivateendpoints
  + python-azure-synapse-monitoring
  + python-azure-template
- Remove packages that are included via python-azure-mgmt from Requires
  + python-azure-mgmt-commerce
  + python-azure-mgmt-documentdb
  + python-azure-mgmt-iothubprovisioningservices
  + python-azure-mgmt-servermanager
  + python-azure-mgmt-web
python-azure-search-documents
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 11.2.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Remove temporary version override

- New upstream release
  + Version 11.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Override upstream version with 11.2.0.0 to ensure
  proper upgrade from previous version 11.2.0b2
- Update Requires from setup.py

- New upstream release
  + Version 11.2.0b2
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 11.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-search-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Fix issues with Python multi-flavor builds
  + Create directories using %pythond_expand in %install section
  + Use canonical %{python_sitelib} path in %files section
python-azure-servicebus
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 7.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 7.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 7.3.4
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.3.3
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 7.3.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.3.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.1.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.1.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 7.0.1
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-servicefabric
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 8.2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 8.0.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py
python-azure-servicemanagement-legacy
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-storage-common
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-storage-file
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-storage-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-synapse-accesscontrol
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.7.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-synapse-artifacts
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.12.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 0.11.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 0.10.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 0.9.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.8.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python-azure-synapse-nspkg
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-azure-synapse-spark
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- New upstream release
  + Version 0.7.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.6.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

- New upstream release
  + Version 0.4.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
python3-azuremetadata
- Version 5.1.6
  Fix empty list attributes (bsc#1218760)
python-dnspython
- Add new patches to solve DoS:
  - CVE-2023-29483-pre1.patch
  - CVE-2023-29483.patch
  (bsc#1222693, CVE-2023-29483, gh#rthalley/dnspython#1044)
python-idna
- Add CVE-2024-3651.patch, backported from upstream commit
  gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
  (bsc#1222842, CVE-2024-3651)
python-msal-extensions
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Update to version 1.0.0
  + New: Add a new platform-independent build_encrypted_persistence() API. (#87, #110)
  + Remove: Old TokenCache API which has been deprecated for 2 years. (#110)
  + Enhancement: Make all platform-dependent parameters optional (#103)
  + Enhancement: Provide PersistenceEncryptError and PersistenceDecryptError,
    currently raised when encryption on Windows fails. (#108)
  + Enhancement: The data file will be created with 600 permission when
    running in Unix-like systems. (#107)

- Update to version 0.3.1
  + Enhancement: Better concurrency (#61, #63, #100)
  + Bugfix: Now supports user home dir in drive root on Windows (#83, #84)
  + Enhancement: This package can now be run inside container
  + Enhancement: Improvement compatibility with PyInstaller 3.5 on Python 2.7 (#85, #91)
  + Enhancement: Catchable exception when persistence is unavailable (#92, #93)
  + Enhancement: Support dependency portalocker 2.0+ (#94, #97)
  + Enhancement: Improve documentation (#77, #102)
  + Including license in release package (#76)
python-msal
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Update to version 1.17.0
  + New: Define some Cloud Instance constants and the usage
    pattern of using them (#221, #433)
  + Enhancement: Lazy-load dependencies so that the start-up
    and run time will usually be faster. (#423, #454)
  + Enhancement: Bubble up token refresh exceptions (#431, #434)
  + Enhancement: Documents a simpler http_cache usage pattern (#439)
  + Enhancement: Expose authority discovery error for troubleshooting (#443)
  + Enhancement: Actionable exception message when local machine
    time error is detected (#446, #449, #453)
  + Enhancement: Actionable exception message when username
    password flow encounters errors with ADFS (#456, #458)

- Update to version 1.16.0
  + New feature: Introducing a new http_cache parameter, whose documentation
    is available by searching http_cache (dict) from our API Reference Doc
    (Implementation #407). If an app utilizes this feature, it will also
    address #80 & #334.
  + Improvement: Prevent concurrent interactive flows listening on same port
    when running on Windows (#427)
  + Improvement: Detecting Regional Endpoint from env var. Also ensure the
    entire regional endpoint behavior needs to opt in. (#425)
- from version 1.15.0
  + New feature: Now both initiate_auth_code_flow() and acquire_token_interactive()
    accept a new optional parameter max_age which is the allowable elapsed time
    in seconds since the last time the End-User was actively authenticated. If
    the elapsed time is greater than this value, Microsoft identity platform
    will actively re-authenticate the End-User. (#381, #389)
  + Improvement: MSAL will now automatically utilize a backup authentication
    system, to provide better resiliency. (#376, #395, #409)
  + Improvement: Previously, acquire_token_interactive() was not able to be aborted
    by CTRL+C when running on Windows. It is now fixed. (#393, #404)
  + Bugfix: The http cache feature shipped in #379 came with an unexpected side
    effect to slow down the Device Code Flow. Now fixed. (#408, #410)
  + Change: Adopting cryptography 35.0.0 (#414)
- from version 1.14.0
  UPDATE: There was a bug in this version, being fixed in subsequent
    1.15.0. We recommend everyone to upgrade to msal>=1.15.0,<2.
  There is no API-level change in this MSAL release. So, all existing
  apps do not need any code changes. Just upgrade, and your app will
  gain the following behaviors.
  + Behavior Change: By default, MSAL Python will launch Edge browser when
    running on Linux, when Edge is installed on current desktop. (#388)
  + Behavior Change: MSAL Python will use an in-memory http-level cache.
    This would improve the latency in normal cases, and improve responsiveness
    for invalid requests and outage. (#159, #379)
  + Behavior Change: MSAL Python will no longer use env var REGION_NAME as
    the Azure region name. (#394, #382)
  + Bugfix: MSAL Python will no longer throw exception when your app
    excludes the profile scope. (#387, #390)
- from version 1.13.0
  + New feature: MSAL supports a confidential client being authenticated
    by a pre-signed assertion. Usage:
    cca = ConfidentialClientApplication(
    ...,
    client_credential={"client_assertion": "...a JWT with claims aud, exp, iss, jti, nbf, and sub..."},
    ...)
    This can be useful for where the signing takes place externally for
    example using Azure Key Vault (AKV). AKV sample included (#161, #271).
  + Improvement: Skip unnecessary and repetitive region detection. (#372, #373)

- Update to version 1.12.0
  + New feature: MSAL Python supports ConfidentialClientApplication(..., azure_region=...).
    If your app is deployed in Azure, you can use this new feature to pin a region.
    (#295, #358)
  + New feature: Historically MSAL Python attempts to acquire a Refresh Token (RT) by
    default. Since this version, MSAL Python supports ConfidentialClientApplication(...,
    excluse_scopes=["offline_access"]) to opt out of RT (#207, #361)
  + Improvement: acquire_token_interactive(...) can also trigger browser when
    running inside WSL (8d86917)
  + Adjustment: get_accounts(...) would automatically combine equivalent accounts,
    so that your account selector widget could be easier to use (#349)
  + Document: MSAL Python has long been accepting acquire_token_interactive(..., prompt="create"),
    now we officially documented it. (#356, #360)
- from version 1.11.0
  + Enhancement: ConfidentialClientApplication also supports
    acquire_token_by_username_password() now. (#294, #344)
  + Enhancement: PublicClientApplication's acquire_token_interactive() also supports WSL Ubuntu
    18.04 (#332, #333)
  + Enhancement: Enable a retry once behavior on connection error. (But this is only available
    from the default http client. If your app supplies your customized http_client via MSAL
    constructors, it is your http_client's job to decide whether retry.) (#326)
  + Enhancement: MSAL improves the internal telemetry mechanism. (#137, #175, #329, #345)
  + Bugfix: Better compatibility on handling SAML token when using
    acquire_token_by_username_password() with ADFS. (#336)

- Update to version 1.10.0
  + Enhancement: Proactive access token (AT) refreshing. Previously, an AT is
    either valid or expired. If an AT expires and your network happens to have
    a glitch, your app wouldn't be able to auth. Now, MSAL Python attempts to
    refresh some AT (typically long-lived AT) half way towards their expiration,
    and silently ignores the error and retries next time, so that your app would
    be more resilient. All these happen automatically, without any code change
    to your app. (#176, #312, #320)
  + Adjustment: MSAL Python will keep RT in token cache even when its usage
    encounters an "invalid_grant" error, so that the RT would likely still
    be used by other requests. (#314, #315)
- from version 1.9.0
  + Enhancement: Starting from this version, MSAL will be compatible with both
    PyJWT 1.x and PyJWT 2.x (#293, #296)
  + Enhancement: Better support for upcoming Azure CLI's SSH extension (#300, #298)
  + Enhancement: Better deprecation message for get_authorization_request_url()
    and acquire_token_by_authorization_code(). (#301, #303)
  + Enhancement: Better exception message when using incorrect case in client_id.
    (#304, #307)
  + Other improvements.

- Update to version 1.8.0
  + New feature: A new extra_scopes_to_consent parameter is introduced
    to the acquire_token_interactive(...) API (#212, #286)
  + Adjustment to previous version 1.7.0: Lazy import webbrowser module
    only when necessary (#287, #288)
- from version 1.7.0
  + New feature: A new initiate_auth_code_flow() & acquire_token_by_auth_code_flow()
    API, which automatically provides PKCE protection for you (#276, #255).
    (You are recommended to use these 2 new APIs to replace the previous
    get_authorization_request_url() and acquire_token_by_authorization_code().)
  + New feature: A new acquire_token_interactive() (#138, #260, #282), comes with
    a sample (#283)
  + Bugfix: Now MSAL Python can properly access those Refresh Tokens which were
    keyed slightly differently by different apps. (#279, #280)
python-msrestazure
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-msrest
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-pydocumentdb
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-requests
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
  as a directory, bsc#1225912

- Add CVE-2024-35195.patch (CVE-2024-35195, bsc#1224788)
- Add httpbin.patch to fix a test failure caused by the previous patch.
python-setuptools
- Add patch CVE-2024-6345-code-execution-via-download-funcs.patch:
  * Sanitize any VCS URL we download. (CVE-2024-6345, bsc#1228105)
python-uamqp
- Add patch to fix potential double-free in link_frame_received()
  + CVE-2024-27099.patch (CVE-2024-27099, bsc#1220535)
- Add patch to fix compatibility with OpenSSL 3.x
  + u_OpenSSL3.0-support.patch (bsc#1217782)

- Add patch to fix use-after-free issue in open_get_offered_capabilities()
  + CVE-2024-25110.patch (CVE-2024-25110, bsc#1219867)
python-urllib3
- Add CVE-2024-37891.patch (bsc#1226469, CVE-2024-37891)
zypp-plugin
- Fix stomp header regex to include '-' (bsc#1227793)
- version 0.6.4

- singlespec in Tumbleweed must support multiple python3 flavors
  in the future gh#openSUSE/python-rpm-macros#66

- Provide python3-zypp-plugin down to SLE12 (bsc#1081596)

- Provide python3-zypp-plugin in SLE12-SP3 (bsc#1081596)
regionServiceClientConfigAzure
- Update to version 2.2.0 (jsc#PCT-360)
  + Add IPv6 certs to enable IPv6 access of the update infrastructure
  + Add noipv6.patch to patch out IPv6 on SLE 12, no IPv6 support in SLE 12
    in the Public Cloud

- Update to version 2.1.0 (bsc#1217537)
  + Replace certs 23.100.36.229.pem and 40.121.202.140.pem (4096 length):
    rgnsrv-azure-westus -> 23.100.36.229.pem expires 9 years
    rgnsrv-azure-eastus  -> 40.121.202.140.pem expires 10 years
rubygem-rack
- security update
- added patches
  fix CVE-2024-25126 [bsc#1220239], Denial of Service Vulnerability in Rack Content-Type Parsing
  + rubygem-rack-CVE-2024-25126.patch
  fix CVE-2024-26141 [bsc#1220242], Denial of Service Vulnerability in Range request header parsing
  + rubygem-rack-CVE-2024-26141.patch
  fix CVE-2024-26146 [bsc#1220248], Denial of Service vulnerability in Rack headers parsing routine
  + rubygem-rack-CVE-2024-26146.patch
rubygem-sass
- updated to version 3.7.4
  no changelog found

- updated to version 3.7.3
  no changelog found

- updated to version 3.7.2
  no changelog found

- updated to version 3.6.0
  no changelog found

- updated to version 3.5.7
  no changelog found

- updated to version 3.5.6
  no changelog found

- updated to version 3.5.5
  no changelog found
runc
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.14. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.14>.
  Includes the patch for CVE-2024-45310. bsc#1230092
- Rebase patches:
  * 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  * 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  * 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
  * 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch

[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.13. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.13>.
- Rebase patches:
  * 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  * 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  * 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Backport <https://github.com/opencontainers/runc/pull/3931> to fix a
  performance issue when running lots of containers, caused by systemd getting
  too many mount notifications. bsc#1214960
  + 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch

- Add upstream patch <https://github.com/opencontainers/runc/pull/4219> to
  properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
  + 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  + 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  + 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch

- Update to runc v1.1.12. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.12>. bsc#1218894
  * This release fixes a container breakout vulnerability (CVE-2024-21626). For
    more details, see the upstream security advisory:
    <https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
  * Remove upstreamed patches:
  - CVE-2024-21626.patch
  * Update runc.keyring to match upstream changes.
sapconf
- version update from 5.0.6 to 5.0.7
- add require of package sysctl-logger
  (jsc#PED-5025)
- suppress error message regarding missing systemd service file
  during posttrans script
saptune
- update package version of saptune to 3.1.3
  * remove note 1868829 from solution S4HANA-APPSERVER as it is a
    HANA DB note and was added by accident
    (bsc#1226093)
  * for verify and simulate output table - wrap content of the
    columns 'actual', 'expected' and 'override', if they exceed a
    width of 30 characters (e.g. net.ipv4.ip_local_reserved_ports)
  * support inline comments in /etc/sysconfig/saptune
  * change handling of the performance options.
    Check, if the settings are supported in the get-Functions too.
    This should fix the problem with some special Azure VMs
    (E20d_v5) on newer SLES SPs
    (jsc#SAPSOL-110)
  * SAP Note 2578899 updated to Version 48
    setting kernel.pid_max to 4194304 and
    start sysctl-logger service

- add require of package sysctl-logger for 15SP4 and 15SP5 too
  (jsc#PED-6220)

- update package version of saptune to 3.1.2
  * to support setups with saptune monitoring and heavy automation
    we limited the setting of our saptune lock to commands having
    the potential to change anything in the system.
    (bsc#1219500)
  * fix timestamp in log messages of saptune
  * remove redundant version information in header comment of
    note definition files
  * SAP Note 1656250 updated to Version 63
    SAP Note 1771258 updated to Version 8
    SAP Note 2382421 updated to Version 45
    SAP Note 3024346 updated to Version 10
    but without parameter value changes, only house keeping of the
    version section and comment updates
  * SAP Note 1984787 updated to Version 42
    SAP Note 2578899 updated to Version 47
- add require of package sysctl-logger for 15SP6
  (jsc#PED-5025)
sed
- 0001-sed-set-correct-umask-on-temporary-files.patch
  Fix for bsc#1221218
000release-packages:sle-ha-release
n/a
000release-packages:sle-module-basesystem-release
n/a
000release-packages:sle-module-cap-tools-release
n/a
000release-packages:sle-module-desktop-applications-release
n/a
000release-packages:sle-module-development-tools-release
n/a
000release-packages:sle-module-live-patching-release
n/a
000release-packages:sle-module-public-cloud-release
n/a
000release-packages:sle-module-sap-applications-release
n/a
000release-packages:sle-module-server-applications-release
n/a
000release-packages:sle-module-web-scripting-release
n/a
strace
- Change the license to the correct LGPL-2.1-or-later
  (bsc#1228216).
sudo
- Fix NOPASSWD issue introduced by patches for CVE-2023-42465
  [bsc#1221151, bsc#1221134]
  * Update sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
  * Enable running regression selftests during build time.

- Security fix: [bsc#1219026, bsc#1220389, CVE-2023-42465]
  * Try to make sudo less vulnerable to ROWHAMMER attacks.
  * Add sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
supportutils-plugin-ha-sap
- Update to version 0.0.5+git.1709295499.1c8e8cd
  * adapt documentation links
  * add support for SAP systemd services regarding SID retrieval
  * add information about SAP related systemd services
  * add information about sapcontrol function GetStartProfile
  * add information from daemon.ini
  * collect hook script logs (suschksrv and saphanasr_multitarget_hook)
  * collect logs of sap_suse_cluster_connector and sapstartsrv
  * Add python version
  * Check sudoers for srhook configuration
supportutils-plugin-suse-public-cloud
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
  + Remove duplicate data collection for the plugin itself
  + Collect archive metering data when available
  + Query billing flavor status
supportutils
- Changes to version 3.2.8
  + Avoid getting duplicate kernel verifications in boot.text (pr#190)
  + lvm: suppress file descriptor leak warnings from lvm commands (pr#191)
  + docker_info: Add timestamps to container logs (pr#196)
  + Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198)
  + Update supportconfig get pam.d sorted (pr#199)
  + yast_files: Exclude .zcat (pr#201)
  + Sanitize grub bootloader (bsc#1227127, pr#203)
  + Sanitize regcodes (pr#204)
  + Improve product detection (pr#205)
  + Add read_values for s390x (bsc#1228265, pr#206)
  + hardware_info: Remove old alsa ver check (pr#209)
  + drbd_info: Fix incorrect escape of quotes (pr#210)

- Changes in version 3.1.30
  + Added -V key:value pair option (bsc#1222021, PED-8211)
  + Avoid getting duplicate kernel verifications in boot.text (pr#193)
  + Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
  + Includes container log timestamps (pr#197)

- Changes to version 3.1.29
  + Extended scaling for performance (bsc#1214713)
  + Fixed kdumptool output error (bsc#1218632)
  + Corrected podman ID errors (bsc#1218812)
  + Duplicate non root podman entries removed (bsc#1218814)
  + Corrected get_sles_ver for SLE Micro (bsc#1219241)
  + Check nvidida-persistenced state (bsc#1219639)

- Additional changes in version 3.1.28
  + ipset - List entries for all sets
  + ipvsadm - Inspect the virtual server table (pr#185)
  + Correctly detects Xen Dom0 (bsc#1218201)
  + Fixed smart disk error (bsc#1218282)

- Changes in version 3.1.28
  + Inhibit the conversion of port numbers to port names for network files (cherry picked from commit 55f5f716638fb15e3eb1315443949ed98723d250)
  + powerpc: collect rtas_errd.log and lp_diag.log files (pr#175)
  + Get list of pam.d file (cherry picked from commit eaf35c77fd4bc039fd7e3d779ec1c2c6521283e2)
  + Remove supportutils requires for util-linux-systemd and kmod (bsc#1193173)
  + Added missing klp information to kernel-livepatch.txt (bsc#1216390)
  + Fixed plugins creating empty files when using supportconfig.rc (bsc#1216388)
  + Provides long listing for /etc/sssd/sssd.conf (bsc#1211547)
  + Optimize lsof usage (bsc#1183663)
  + Added mokutil commands for secureboot (pr#179)
  + Collects chrony or ntp as needed (bsc#1196293)

- Changes in version 3.1.27
  + Fixed podman display issue (bsc#1217287)
  + Added nvme-stas configuration to nvme.txt (bsc#1216049)
  + Added timed command to fs-files.txt (bsc#1216827)
  + Collects zypp history file issue#166 (bsc#1216522)
  + Changed -x OPTION to really be exclude only (issue#146)
  + Collect HA related rpm package versions in ha.txt (pr#169)
suse-build-key
- extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)
  - gpg-pubkey-39db7c82-5f68629b.asc
  + gpg-pubkey-39db7c82-66c5d91a.asc

- added missing ; in shell script (bsc#1227681)

- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
  them. (bsc#1227429)
  gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
  gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.

- Switch container key to be default RSA 4096bit. (jsc#PED-2777)

- run rpm commands in import script only when libzypp is not
  active. bsc#1219189 bsc#1219123

- run import script also in %posttrans section, but only when
  libzypp is not active. bsc#1219189 bsc#1219123
systemd-default-settings
- Import 0.10
  5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)

- Import 0.9
  bb859bf user@.service: Disable controllers by default (jsc#PED-2276)

- The usage of drop-ins is now the official way for configuring systemd and its
  various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
  "feature" has been abandoned.

- Import 0.8
  f34372f User priority '26' for SLE-Micro
  c8b6f0a Revert "Convert more drop-ins into early ones"

- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
  6b8dde1 Convert more drop-ins into early ones
systemd-presets-branding-SLE
- Enable sysctl-logger (jsc#PED-5024)
systemd-presets-common-SUSE
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked
  (bsc#1200731 ltc#198485 https://github.com/ibm-power-utilities/powerpc-utils/pull/84)
  Support both the old and new service to avoid complex version interdependency.
timezone
- update to 2024a:
  * Kazakhstan unifies on UTC+5.  This affects Asia/Almaty and
    Asia/Qostanay which together represent the eastern portion of the
    country that will transition from UTC+6 on 2024-03-01 at 00:00 to
    join the western portion.  (Thanks to Zhanbolat Raimbekov.)
  * Palestine springs forward a week later than previously predicted
    in 2024 and 2025.  (Thanks to Heba Hamad.)  Change spring-forward
    predictions to the second Saturday after Ramadan, not the first;
    this also affects other predictions starting in 2039.
  * Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
    not 00:00.  (Thanks to Đoàn Trần Công Danh.)
  * From 1947 through 1949, Toronto's transitions occurred at 02:00
    not 00:00.  (Thanks to Chris Walton.)
  * In 1911 Miquelon adopted standard time on June 15, not May 15.
  * The FROM and TO columns of Rule lines can no longer be "minimum"
    or an abbreviation of "minimum", because TZif files do not support
    DST rules that extend into the indefinite past - although these
    rules were supported when TZif files had only 32-bit data, this
    stopped working when 64-bit TZif files were introduced in 1995.
    This should not be a problem for realistic data, since DST was
    first used in the 20th century.  As a transition aid, FROM columns
    like "minimum" are now diagnosed and then treated as if they were
    the year 1900; this should suffice for TZif files on old systems
    with only 32-bit time_t, and it is more compatible with bugs in
    2023c-and-earlier localtime.c.  (Problem reported by Yoshito
    Umaoka.)
  * localtime and related functions no longer mishandle some
    timestamps that occur about 400 years after a switch to a time
    zone with a DST schedule.  In 2023d data this problem was visible
    for some timestamps in November 2422, November 2822, etc. in
    America/Ciudad_Juarez.  (Problem reported by Gilmore Davidson.)
  * strftime %s now uses tm_gmtoff if available.  (Problem and draft
    patch reported by Dag-Erling Smørgrav.)
  * The strftime man page documents which struct tm members affect
    which conversion specs, and that tzset is called.  (Problems
    reported by Robert Elz and Steve Summit.)

- update to 2023d:
  * Ittoqqortoormiit, Greenland changes time zones on
    2024-03-31.
  * Vostok, Antarctica changed time zones on 2023-12-18.
  * Casey, Antarctica changed time zones five times since
    2020.
  * Code and data fixes for Palestine timestamps starting in
    2072.
  * A new data file zonenow.tab for timestamps starting now.
  * Fix predictions for DST transitions in Palestine in
    2072-2075, correcting a typo introduced in 2023a.
  * Vostok, Antarctica changed to +05 on 2023-12-18.  It had
    been at +07 (not +06) for years.
  * Change data for Casey, Antarctica to agree with
    timeanddate.com, by adding five time zone changes since 2020.
    Casey is now at +08 instead of +11.
  * Much of Greenland, represented by America/Nuuk, changed
    its standard time from -03 to -02 on 2023-03-25, not on
    2023-10-28.
  * localtime.c no longer mishandles TZif files that contain
    a single transition into a DST regime.  Previously,
    it incorrectly assumed DST was in effect before the transition
    too.
  * tzselect no longer creates temporary files.
  * tzselect no longer mishandles the following:
  * Spaces and most other special characters in BUGEMAIL,
    PACKAGE, TZDIR, and VERSION.
  * TZ strings when using mawk 1.4.3, which mishandles
    regular expressions of the form /X{2,}/.
  * ISO 6709 coordinates when using an awk that lacks the
    GNU extension of newlines in -v option-arguments.
  * Non UTF-8 locales when using an iconv command that
    lacks the GNU //TRANSLIT extension.
  * zic no longer mishandles data for Palestine after the
    year 2075.
- Refresh tzdata-china.diff
unzip
- Use %patch -P N instead of deprecated %patchN.

- Build unzip-rcc using multibuild and update unzip-rcc.spec file
util-linux-systemd
- agetty: Prevent login cursor escape (bsc#1194818,
  util-linux-agetty-prevent-cursor-escape.patch).

- fix Xen virtualization type misidentification bsc#1215918
  lscpu-fix-parameter-order-for-ul_prefix_fopen.patch

- Properly neutralize escape sequences in wall
  (util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
  and its prerequisites: util-linux-fputs_careful1.patch,
  util-linux-wall-migrate-to-memstream.patch
  util-linux-fputs_careful2.patch).

- Add upstream patch
  util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
  bsc#1207987 gh#util-linux/util-linux@1d98827edde4
vim
- Updated to version 9.1 with patch level 0330, fixes the following problems
  * Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330

- Updated to version 9.1 with patch level 0111, fixes the following security problems
  * Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
  * Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
  * Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
  * Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
  * Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
  * Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
  * Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
  * Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
  * Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
  * Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
wget
- Fix mishandled semicolons in the userinfo subcomponent could lead to an
  insecure behavior in which data that was supposed to be in the userinfo
  subcomponent is misinterpreted to be part of the host subcomponent.
  [bsc#1226419, CVE-2024-38428, properly-re-implement-userinfo-parsing.patch]
wicked
- Update to version 0.6.76
  - compat-suse: warn user and create missing parent config of
    infiniband children (gh#openSUSE/wicked#1027)
  - client: fix origin in loaded xml-config with obsolete port
    references but missing port interface config, causing a
    no-carrier of master (bsc#1226125)
  - ipv6: fix setup on ipv6.disable=1 kernel cmdline (bsc#1225976)
  - wireless: add frequency-list in station mode (jsc#PED-8715)
  - client: fix crash while hierarchy traversing due to loop in
    e.g. systemd-nspawn containers (bsc#1226664)
  - man: add supported bonding options to ifcfg-bonding(5) man page
    (gh#openSUSE/wicked#1021)
  - arputil: Document minimal interval for getopts (gh#openSUSE/wicked#1019)
  - man: (re)generate man pages from md sources (gh#openSUSE/wicked#1018)
  - client: warn on interface wait time reached (gh#openSUSE/wicked#1017)
  - compat-suse: fix dummy type detection from ifname to not cause
    conflicts with e.g. correct vlan config on dummy0.42 interfaces
    (gh#openSUSE/wicked#1016)
  - compat-suse: fix infiniband and infiniband child type detection
    from ifname (gh#openSUSE/wicked#1015)
- Removed patches included in the source archive:
  [- 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
  [- 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]

- arp: increase arp-send retry value to avoid address configuration
  failure due to ENOBUF reported by kernel while duplicate address
  detection with underlying bonding in 802.3ad mode reporting link
  "up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
  gh#openSUSE/wicked#1020).
  [+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]

- client: fix ifreload to pull UP ports/links again when the config
  of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
  [+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]

- Update to version 0.6.75:
  - cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
  - cleanup: fix overflow warnings in a socket testcase on i586
  - ifcheck: report new and deleted configs as changed (bsc#1218926)
  - man: improve ARP configuration options in the wicked-config.5
  - bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
  - cleanup: fix interface dependencies and shutdown order (bsc#1205604)
  - Remove port arrays from bond,team,bridge,ovs-bridge (redundant)
    and consistently use config and state info attached to the port
    interface as in rtnetlink(7).
  - Cleanup ifcfg parsing, schema configuration and service properties
  - Migrate ports in xml config and policies already applied in nanny
  - Remove "missed config" generation from finite state machine, which
    is completed while parsing the config or while xml config migration.
  - Issue a warning when "lower" interface (e.g. eth0) config is missed
    while parsing config depending on it (e.g. eth0.42 vlan).
  - Resolve ovs master to the effective bridge in config and wickedd
  - Implement netif-check-state require checks using system relations
    from wickedd/kernel instead of config relations for ifdown and add
    linkDown and deleteDevice checks to all master and lower references.
  - Add a `wicked <ifup|ifdown|ifreload> --dry-run …` option to show the
    system/config interface hierarchies as notice with +/- marked
    interfaces to setup and/or shutdown.
- Removed patches included in the source archive:
  [- 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
  [- 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
  [- 0003-move-all-attribute-definitions-to-compiler-h.patch]
  [- 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
  [- 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]

- client: do not convert sec to msec twice (bsc#1222105)
  [+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]

- addrconf: fix fallback-lease drop (bsc#1220996)
  [+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
  [+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
  [+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
  [+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]

- update to version 0.6.74
  + team: add new options like link_watch_policy (jsc#PED-7183)
  + Fix memory leaks in dbus variant destroy and fsm free (gh#openSUSE/wicked#1001)
  + xpath: allow underscore in node identifier (gh#openSUSE/wicked#999)
  + vxlan: don't format unknown rtnl attrs (bsc#1219751)
- removed patches included in the source archive:
  [- 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
  [- 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
  [- 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
  [- 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
  [- 0005-duid-fix-comment-for-v6time.patch]
  [- 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
  [- 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
  [- 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
  [- 0001-fix_arp_notify_loop_and_burst_sending.patch]

- ifreload: VLAN changes require device deletion (bsc#1218927)
  [+ 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
- ifcheck: fix config changed check (bsc#1218926)
  [+ 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
- client: fix exit code for no-carrier status (bsc#1219265)
  [+ 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
- dhcp6: omit the SO_REUSEPORT option (bsc#1215692)
  [+ 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
- duid: fix comment for v6time
  (https://github.com/openSUSE/wicked/pull/989)
  [+ 0005-duid-fix-comment-for-v6time.patch]
- rtnl: fix peer address parsing for non ptp-interfaces
  (https://github.com/openSUSE/wicked/pull/987,
  https://github.com/openSUSE/wicked/pull/988)
  [+ 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
  [+ 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
- system-updater: Parse updater format from XML configuration to
  ensure install calls can run.
  (https://github.com/openSUSE/wicked/pull/985)
  [+ 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
xen
- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86
  IOMMU identity mapping (XSA-460)
  xsa460.patch
- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through
  with shared resources (XSA-461)
  xsa461.patch

- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
  guest IRQ handling (XSA-458)
  xsa458.patch

- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
  History Injection (XSA-456)
  Corrections to the following patches
  xsa456-5.patch
  xsa456-6.patch

- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
  History Injection (XSA-456)
  xsa456-0a.patch
  xsa456-0b.patch
  xsa456-0c.patch
  xsa456-0d.patch
  xsa456-0e.patch
  xsa456-0f.patch
  xsa456-0g.patch
  xsa456-0h.patch
  xsa456-0i.patch
  xsa456-0j.patch
  xsa456-0k.patch
  xsa456-0l.patch
  xsa456-0m.patch
  xsa456-0n.patch
  xsa456-0o.patch
  xsa456-0p.patch
  xsa456-1.patch
  xsa456-2.patch
  xsa456-3.patch
  xsa456-4.patch
  xsa456-5.patch
  xsa456-6.patch
  xsa456-7.patch

- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
  trigger Xen bug check (XSA-454)
  xsa454-1.patch
  xsa454-2.patch
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
  for BTC/SRSO mitigations (XSA-455)
  xsa455.patch

- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
  Sampling (XSA-452)
  xsa452-1.patch
  xsa452-2.patch
  xsa452-3.patch
  xsa452-4.patch
  xsa452-5.patch
  xsa452-6.patch
  xsa452-7.patch
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
  Race Conditions (XSA-453)
  xsa453-1.patch
  xsa453-2.patch
  xsa453-3.patch
  xsa453-4.patch
  xsa453-5.patch
  xsa453-6.patch
  xsa453-7.patch
  xsa453-8.patch
- Modified xsa451.patch (bsc#1219885)

- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
  exceptions from emulation stubs (XSA-451)
  xsa451.patch
xkbcomp
- U_Ignore-xkb_keycodes.maximum-of-255.patch
  * fix keyboard layouts in XWayland applications when having
    several keyboard layouts enabled (boo#1219505)
xterm
- xterm-reset-parsing-state.patch: A bug in the parser for several
  escape sequences causes the first character following the
  sequence to be ignored (bsc#1220585). Patch backported from
  version 335n.
yast2
- Reimplemented the hardcoded product mapping to support also the
  migration from SLE_HPC to SLES SP6+ (with the HPC module)
  (bsc#1220567)
- 4.3.70
yast2-network
- Guard secret attributes against leaking to the log (bsc#1221194)
- 4.3.89
yast2-packager
- Reimplemented the hardcoded product mapping to support also the
  migration from SLE_HPC to SLES SP6+ (with the HPC module)
  (bsc#1220567)
- 4.3.27
yast2-registration
- Set the new product mapping when upgrading SLE_HPC to SLES SP6+
  (with the HPC module), use the old product mapping when upgrading
  from SLE_HPC-SP3 to SLE_HPC-SP4 (bsc#1220567)
- 4.3.29
zypper
- Show rpm install size before installing (bsc#1224771)
  If filesystem snapshots are taken before the installation (e.g.
  by snapper) no disk space is freed by removing old packages. In
  this case the install size of all packages is a hint how much
  additional disk space is needed by the new packages static
  content.
- version 1.14.76

- Fix readline setup to handle Ctrl-C and Ctrl-D corrrectly
  (bsc#1227205)
- version 1.14.75

- Let_readline_abort_on_Ctrl-C (bsc#1226493)
- packages: add '--system' to show @System packages (bsc#222971)
- version 1.14.74

- Fixed check for outdated repo metadata as non-root user
  (bsc#1222086)
- BuildRequires:  libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73

- Unify message format(fixes #485)
- version 1.14.72

- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
  remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
  * PIC is not needed as no shared lib is built
  * fstack-protector-strong is default on modern dists and would
    be downgraded by fstack-protector
  * default visibility hidden allows better optimisation
  * O2 is reducing inlining bloat
  - > 18% reduced binary size

- remove procps requires (was only for ZMD which is dropped)
  (jsc#PED-8153)

- Do not try to refresh repo metadata as non-root user
  (bsc#1222086)
  Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
  them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
  list them.
- Don't print 'reboot required' message if download-only or
  dry-run (fixes #529)
  Instead point out that a reboot would be required if the option
  was not used.
- Resepect zypper.conf option `showAlias` search commands
  (bsc#1221963)
  Repository::asUserString (or Repository::label) respects the
  zypper.conf option, while name/alias return the property.
- version 1.14.71

- dup: New option --remove-orphaned to remove all orphaned
  packages in dup (bsc#1221525)
- version 1.14.70

- info,summary: Support VendorSupportOption flag
  VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires:  libzypp-devel >= 17.32.0.
  API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
  The problem description() is one rule out possibly many in
  completeProblemInfo() the solver has chosen to represent the
  problem. So either description or completeProblemInfo should be
  printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
  1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
  first one (bsc#1218171)
- version 1.14.69