Removed rpms ============ - WebKitGTK-4.1-lang - libQtAV1 - libQtAVWidgets1 - libdigikamcore7_9_0 - libvirt-daemon - qemu-sgabios Added rpms ========== - ghostscript-fonts-grops - lftp - libb64-0 - libcairomm-1_16-1 - libdeflate0 - libdigikamcore8_1_0 - libgiomm-2_68-1 - libglibmm-2_68-1 - libgtkmm-4_0-0 - libpangomm-2_48-1 - libsigc-3_0-0 - libvirt-daemon-common - libvirt-daemon-lock - libvirt-daemon-log - libvirt-daemon-plugin-lockd - libvirt-daemon-proxy - lightdm-bash-completion - qemu-img - qemu-pr-helper - system-user-brltty - vhba-kmp-default - virtiofsd - virtualbox-guest-tools - virtualbox-kmp-default Package Source Changes ====================== MozillaFirefox +- Firefox Extended Support Release 115.2.1 ESR + * Fixed: Security fix + MFSA 2023-40 (bsc#1215245) + * CVE-2023-4863 (bmo#https://bugs.chromium.org/p/chromium/issue + s/detail?id=1479274, + bmo#https://bugzilla.mozilla.org/show_bug.cgi?id=1852649) + Heap buffer overflow in libwebp + +- Fix i586 build by reducing debug info to -g1. (boo#1210168) + MozillaThunderbird +- Mozilla Thunderbird 115.2.2 + * fixed: Security fixes + MFSA 2023-40 (bsc#1215245) + * CVE-2023-4863 + (https://bugs.chromium.org/p/chromium/issues/detail?id=1479274, + bmo#1852649) + Heap buffer overflow in libwebp +- Mozilla Thunderbird 115.2.1 + * new: Column separators are now shown between all columns in + tree view (bmo#1847441) + * fixed: Crash reporter did not work in Thunderbird Flatpak + (bmo#1843102) + * fixed: New mail notification always opened message in message + pane, even if pane was disabled (bmo#1840092) + * fixed: After moving an IMAP message to another folder, the + incorrect message was selected in the message list + (bmo#1845376) + * fixed: Adding a tag to an IMAP message opened in a tab failed + (bmo#1844452) + * fixed: Junk/Spam folders were not always shown in Unified + Folders mode (bmo#1838672) + * fixed: Middle-clicking a folder or message did not open it in + a background tab, as in previous versions (bmo#1842482) + * fixed: Settings tab visual improvements: Advanced Fonts + dialog, Section headers hidden behind search box + (bmo#1717382,bmo#1846751) + * fixed: Various visual and style fixes + (bmo#1843707,bmo#1849823) +- Mozilla Thunderbird 115.2 + * new: Thunderbird MSIX packages are now published on + archive.mozilla.org (bmo#1817657) + * changed: Size, Unread, and Total columns are now right- + aligned (bmo#1848604) + * changed: Newsgroup names in message list header are now + abbreviated (bmo#1833298) + * fixed: Message compose window did not apply theme colors to + menus (bmo#1845699) + * fixed: Reading the second new message in a folder cleared the + unread indicator of all other new messages (bmo#1839805) + * fixed: Displayed counts of unread or flagged messages could + become out-of-sync (bmo#1846860) + * fixed: Deleting a message from the context menu with messages + sorted in chronological order and smooth scroll enabled + caused message list to scroll to top (bmo#1843462) + * fixed: Repeatedly switching accounts in Subscribe dialog + caused tree view to stop updating (bmo#1845593) + * fixed: "Ignore thread" caused message cards to display + incorrectly in message list (bmo#1847966) + * fixed: Creating tags from unified toolbar failed + (bmo#1846336) + * fixed: Cross-folder navigation using F and N did not work + (bmo#1845011) + * fixed: Account Manager did not resize to fit content, causing + "Close" button to become hidden outside bounds of dialog when + too many accounts were listed (bmo#1847555) + * fixed: Remote content exceptions could not be added in + Settings (bmo#1847576) + * fixed: Newsgroup list file did not get updated after adding a + new NNTP server (bmo#1845464) + * fixed: "Download all headers" option in NNTP "Download + Headers" dialog was incorrectly selected by default + (bmo#1845457) + * fixed: "Convert to event/task" was missing from mail context + menu (bmo#1817705) + * fixed: Events and tasks were not shown in some cases despite + being present on remote server (bmo#1827100) + * fixed: Various visual and UX improvements + (bmo#1844244,bmo#1845645) + * fixed: Security fixes + MFSA 2023-38 (bsc#1214606) + * CVE-2023-4573 (bmo#1846687) + Memory corruption in IPC CanvasTranslator + * CVE-2023-4574 (bmo#1846688) + Memory corruption in IPC ColorPickerShownCallback + * CVE-2023-4575 (bmo#1846689) + Memory corruption in IPC FilePickerShownCallback + * CVE-2023-4576 (bmo#1846694) + Integer Overflow in RecordedSourceSurfaceCreation + * CVE-2023-4577 (bmo#1847397) + Memory corruption in JIT UpdateRegExpStatics + * CVE-2023-4051 (bmo#1821884) + Full screen notification obscured by file open dialog + * CVE-2023-4578 (bmo#1839007) + Error reporting methods in SpiderMonkey could have triggered + an Out of Memory Exception + * CVE-2023-4053 (bmo#1839079) + Full screen notification obscured by external program + * CVE-2023-4580 (bmo#1843046) + Push notifications saved to disk unencrypted + * CVE-2023-4581 (bmo#1843758) + XLL file extensions were downloadable without warnings + * CVE-2023-4582 (bmo#1773874) + Buffer Overflow in WebGL glGetProgramiv + * CVE-2023-4583 (bmo#1842030) + Browsing Context potentially not cleared when closing Private + Window + * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080, + bmo#1846526, bmo#1847529) + Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, + Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 + * CVE-2023-4585 (bmo#1751583, bmo#1833504, bmo#1841082, + bmo#1847904, bmo#1848999) + Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, + and Thunderbird 115.2 + +- Mozilla Thunderbird 115.1.1 + * fixed: Some HTML emails printed headers on first page and + message on subsequent pages (bmo#1843628) + * fixed: Deleting messages from message list sometimes scrolled + list to bottom, selecting bottommost message (bmo#1835173) + * fixed: Width of icon columns (like Junk or Starred) in + message list did not adjust when UI density was changed + (bmo#1843014) + * fixed: Old OpenPGP secret keys could not be used to decrypt + messages under certain circumstances (bmo#1835786) + * fixed: When multiple folder modes were active, tab focus + navigated through all folder mode options before reaching + message list (bmo#1842060) + * fixed: Unread message count badge was not displayed on parent + folders of subfolder containing unread messages (bmo#1844534) + * fixed: "Undo archive" (via Ctrl-Z) did not un-archive + previously archived messages (bmo#1829340) + * fixed: "New" button dropdown menu in "Message Filters" dialog + could not be opened via keyboard navigation (bmo#1843511) + * fixed: "Show New Mail Alert for" input field in "Customize + New Mail Alert" dialog had zero width when using certain + language packs (bmo#1845832) + * fixed: "Account Wizard" dialog was too narrow when adding a + news server, partially hiding confirmation buttons + (bmo#1846588) + * fixed: Link Properties and Image Properties dialogs in the + composer were too wide (bmo#1816850) + * fixed: Thunderbird version number and details in "About" + dialog were not automatically read by screen readers when + first opening dialog (bmo#1847078) + * fixed: Flatpak improvements and bug fixes + (bmo#1825399,bmo#1843094,bmo#1843097) + * fixed: Various visual and UX improvements (bmo#1846262) + apparmor +- update to AppArmor 3.1.6 (jsc#PED-5600) + - fix regression in mount rules (boo#1211989) + - some additions to the base and authentification abstractions + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.6 + for the full upstream changelog + +- update to AppArmor 3.1.5 + - fix handling of mount rules in apparmor_parser + - minor additions to abstractions/base and snap_browsers + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.5 + for the full upstream changelog +- remove upstreamed aa-status-fix-json-mr1046.patch +- split off apparmor-enable-precompiled-cache.diff from + apparmor-enable-profile-cache.diff so that the precompiled cache + path doesn't get added in parser.conf for Tumbleweed builds. + This prevents a warning about the non-existing directory when + loading profiles. + +- fix aa-status --json output (aa-status-fix-json-mr1046.patch, + boo#1211980#c12) + +- update to AppArmor 3.1.4 + - parser: fix mount rules encoding (CVE-2016-1585) + - aa-logprof: fix error when choosing named exec with plain profile names + - aa-status: fix json output + - several fixes for profiles and abstractions + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.4 + for the full upstream changelog + +- Add _multibuild to define additional spec files as additional + flavors. + Eliminates the need for source package links in OBS. + +- update to AppArmor 3.1.3 + - add support for more audit.log formats in libapparmor + - add abstractions/groff (boo#1065388) + - various additions in abstractions and profiles + - several bug fixes in parser and utils + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.3 + for the detailed upstream changelog +- drop upstreamed patches: + - abstractions-openssl-1_1.diff + - dnsmasq-cpu-possible.diff + - nscd-systemd-userdb.diff + +- add abstractions-openssl-1_1.diff: allow to read + /etc/ssl/openssl-1_1.cnf in abstractions/openssl (boo#1207911) + +- add nscd-systemd-userdb.diff: allow nscd to read systemd-userdb + (boo#1207698) + +- Replace transitional %usrmerged macro with regular version check (boo#1206798) + + - samba-4-17.patch superseded by upstream merge: + https://gitlab.com/apparmor/apparmor/-/merge_requests/926 + +- update to AppArmor 3.1.2 + - lots of cleanups, improvements and bugfixes in all areas + - rework internal profile storage and handling in the aa-* tools + - support boolean variable definitions in the aa-* tools + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.1 + and https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.2 + for the detailed upstream changelog +- remove upstream(ed) patches: + - apparmor-3.0.7-egrep.patch + - dnsmasq.diff + - profiles-permit-php-fpm-pid-files-directly-under-run.patch + - zgrep-profile-mr870.diff +- no longer ship precompiled profile cache for Tumbleweed (boo#1205659) +- BuildRequire iproute2 (needed for aa-unconfined tests) + +- aa-decode: use grep -E instead of deprecated egrep (boo#1203092) + add apparmor-3.0.7-egrep.patch + +- update to AppArmor 3.0.7 + - fix setuptools version detection in buildpath.py + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.7 + for the detailed upstream changelog +- add dnsmasq-cpu-possible.diff: allow reading /sys/devices/system/cpu/possible + in dnsmasc//libvirt-leaseshelper profile (boo#1202849) +- skip code linting for packaging + * removes pyflakes from the build requirements and thus Ring1 + * see also https://gitlab.com/apparmor/apparmor/-/issues/121 + +- add dnsmasq.diff: missing r permissions for dnsmasq//libvirt-leaseshelper + (boo#1202161) + +- update to AppArmor 3.0.6 + - fix LTO build in the parser + - remove dbus deny rule in abstractions/exo-open + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.6 + for the detailed upstream changelog +- drop upstream patch dirtest-sort-mr900.diff + +- update to AppArmor 3.0.5 + - several additions to profiles and abstractions + - bugfixes in parser and utils + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.5 + for the detailed upstream changelog +- remove upstream(ed) patchs: + - apparmor-setuptools61-mr897.patch + - dovecot-profiles-boo1199535-mr881.diff + - php8-fpm-mr876.patch + - python310-help-mr848.patch + - samba-new-dcerpcd.patch + - samba_deny_net_admin.patch + - update-samba-bgqd.diff + - update-usr-sbin-smbd.diff +- apparmor-samba-include-permissions-for-shares.diff: remove + upstreamed part +- add dirtest-sort-mr900.diff to fix random test failures +- change apache-extra-profile-include-if-exists.diff to the post-mv + path (new quilt executes mv) +- stop disabling lto (fixed upstream) (boo#1133091) +- package profile-load script in -parser + +- Add apparmor-setuptools61-mr897.patch + https://gitlab.com/apparmor/apparmor/-/merge_requests/897 +- Add buildtime dependencies on python-rpm-macros and setuptools + +- update zgrep-profile-mr870.diff: allow zgrep to execute egrep and fgrep + (poo#113108) + +- add dovecot-profiles-boo1199535-mr881.diff: update dovecot profiles + for latest dovecot (boo#1199535) + +- Update samba-new-dcerpcd.patch for aarch64 which needs some + additional rules; (bnc#1198309). + +- Add python310-help-mr848.patch so that Tumbleweed can switch + python3 to Python 3.10 + (https://gitlab.com/apparmor/apparmor/-/merge_requests/848) + brltty +- Use tmpfiles_create_package +- Use sysuser-tools unconditionally (bsc#1205161) + chromium +- Chromium 117.0.5938.88 (boo#1215279) + * CVE-2023-4900: Inappropriate implementation in Custom Tabs + * CVE-2023-4901: Inappropriate implementation in Prompts + * CVE-2023-4902: Inappropriate implementation in Input + * CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs + * CVE-2023-4904: Insufficient policy enforcement in Downloads + * CVE-2023-4905: Inappropriate implementation in Prompts + * CVE-2023-4906: Insufficient policy enforcement in Autofill + * CVE-2023-4907: Inappropriate implementation in Intents + * CVE-2023-4908: Inappropriate implementation in Picture in Picture + * CVE-2023-4909: Inappropriate implementation in Interstitials +- drop patches: + * chromium-100-InMilliseconds-constexpr.patch + * chromium-115-Qt-moc-version.patch + * chromium-116-profile-view-utils-vector-include.patch + * chromium-116-blink-variant-include.patch + * chromium-116-abseil-limits-include.patch + * chromium-116-lp155-constuctors.patch + * chromium-115-workaround_clang_bug-structured_binding.patch + * chromium-115-emplace_back_on_vector-c++20.patch +- add patches: + * chromium-117-blink-BUILD-mnemonic.patch + * chromium-117-includes.patch + * chromium-117-lp155-constructors.patch + * chromium-117-string-convert.patch + * chromium-117-lp155-typename.patch + * chromium-117-workaround_clang_bug-structured_binding.patch + * chromium-117-emplace_back_on_vector-c++20.patch + +- CVE-2023-4863: build with the bundled library on Leap (boo#1215231) + +- Chromium 116.0.5845.187 (boo#1215231): + * CVE-2023-4863: Heap buffer overflow in WebP + +- Chromium 116.0.5845.179 (boo#1215023): + * CVE-2023-4761: Out of bounds memory access in FedCM + * CVE-2023-4762: Type Confusion in V8 + * CVE-2023-4763: Use after free in Networks + * CVE-2023-4764: Incorrect security UI in BFCache + cups +- cups-2.2.7-CVE-2023-4504.patch fixes CVE-2023-4504 + "CUPS PostScript Parsing Heap Overflow" + https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h + bsc#1215204 + +- cups-2.2.7-CVE-2023-32360.patch fixes CVE-2023-32360 + "Information leak through Cups-Get-Document operation" + by requiring authentication for CUPS-Get-Document in cupsd.conf + https://github.com/OpenPrinting/cups/commit/a0c8b9c9556882f00c68b9727a95a1b6d1452913 + https://github.com/OpenPrinting/cups/security/advisories/GHSA-7pv4-hx8c-gr4g + bsc#1214254 +- cups-2.2.7-additional_policies.patch is an updated version + of cups-2.0.3-additional_policies.patch that replaces it + to add the 'allowallforanybody' policy to cupsd.conf + after cups-2.2.7-CVE-2023-32360.patch was applied + digikam +- Update to 8.1.0: + https://www.digikam.org/news/2023-07-09-8.1.0_release_announcement/ +- Drop patch, merged upstream: + * 0001-fix-broken-compilation-with-Exiv2-0.28-missing-heade.patch + +- Add patch: + * 0001-fix-broken-compilation-with-Exiv2-0.28-missing-heade.patch + +- Add the sonnet build dependency (boo#1210689) + +- Explicitly disable buildtime detected CPU features as a workaround + for kde#465548 (boo#1210569) + +- Update to 8.0.0: + https://www.digikam.org/news/2023-04-16-8.0.0_release_announcement/ +- Drop patch, merged upstream: + * 0001-fix-compile-DNG-SDK-with-GCC13.patch + +- Add upstream change: + * 0001-fix-compile-DNG-SDK-with-GCC13.patch + +- Update to 7.10.0: + * https://www.digikam.org/news/2023-03-13-7.10.0_release_announcement/ +- Drop patch, no longer needed: + * 0001-Revert-Exiv2-is-now-released-with-exported-targets-u.patch + flac +- Fix Buffer Overflow vulnerability in function bitwriter_grow_ + (CVE-2020-22219, bsc#1214615): + 0001-fix-potential-memleak.patch + 0002-Add-and-use-_nofree-variants-of-safe_realloc-functio.patch + 0003-Leave-metadata-items-untouched-if-resize-function-fa.patch + 0004-Do-not-memset-when-allocation-fails.patch + 0005-Move-entropy-partitioning-result-allocation-so-it-ca.patch + 0006-Don-t-overwrite-bad-state-with-seek-error.patch + -- Update to final upstream release 1.3.0 - * No user-visible changes -- More robust make install call - gcc12 +- Add gcc12-aarch64-bsc1214052.patch to fix -fstack-protector issues + with variable length stack allocations on aarch64. + Fixes CVE-2023-4039. [bsc#1214052] + gcc7 +- Add gcc7-aarch64-bsc1214052.patch to fix -fstack-protector issues + with variable length stack allocations on aarch64. + Fixes CVE-2023-4039. [bsc#1214052] +- Add gcc7-aarch64-untyped_call.patch to fix issue with __builtin_apply +- Add gcc7-lra-elim.patch to fix internal compiler error when forming + paired loads and stores on aarch64. + +- Disable multilib and go on riscv64 +- libgcc-riscv-div.patch: Backport of r12-5799-g45116f342057b7 to fix + build with current binutils + +- Backport _multibuild auto-generation. Remove redundant + .changes files. + +- Add _multibuild to define 2nd spec file as additional flavor. + Eliminates the need for source package links in OBS. + +- Add gcc7-pr89124.patch to fix KASAN kernel compile. [bsc#1205145] + +- Add gcc7-pr72764.patch to fix ICE with C++17 code as reported + in [bsc#1204505] + +- Add gcc7-libsanitizer-cherry-pick-9cf13067cb5088626ba7-from-u.patch + and gcc7-libgo-don-t-include-linux-fs.h-when-building-gen-sys.patch + in order to support glibc 2.36. +- Enable format_spec_file otherwise one gets huge diff after + running change_spec. +- Remove fixed sys/mount.h. + +- Add patch from upstream to fix altivec.h redefining bool in C++ + which makes bool unusable (boo#1195517): + * gcc7-pr78263.patch + +- Add gcc7-ada-Target_Name.patch to adjust gnats idea of the + target, fixing the build of gprbuild. [bsc#1196861] + +- Remove include-fixed/sys/rseq.h to fix build on openSUSE:Factory. +- Avoid duplicate license in cross packages. + -- - Add gcc7-pfe-0001-Backport-Add-entry-for-patchable_function_entry.patch - gcc7-pfe-0002-Backport-Skip-fpatchable-function-entry-tests-for-nv.patch - gcc7-pfe-0003-Backport-Error-out-on-nvptx-for-fpatchable-function-.patch - gcc7-pfe-0004-Backport-Adapt-scan-assembler-times-for-alpha.patch - gcc7-pfe-0005-Backport-patchable_function_entry-decl.c-Use-3-NOPs-.patch - gcc7-pfe-0006-Backport-IBM-Z-Use-the-dedicated-NOP-instructions-fo.patch - gcc7-pfe-0007-Backport-Add-regex-to-search-for-uppercase-NOP-instr.patch - gcc7-pfe-0008-Backport-ICE-segmentation-fault-with-patchable_funct.patch - gcc7-pfe-0009-Backport-patchable_function_entry-decl.c-Pass-mcpu-g.patch - gcc7-pfe-0010-Backport-patchable_function_entry-decl.c-Do-not-run-.patch - gcc7-pfe-0011-Backport-patchable_function_entry-decl.c-Add-fno-pie.patch - gcc7-pfe-0012-Backport-PR-c-89946-ICE-in-assemble_start_function-a.patch - gcc7-pfe-0013-Backport-targhooks.c-default_print_patchable_functio.patch - gcc7-pfe-0014-Backport-Align-__patchable_function_entries-to-POINT.patch - gcc7-pfe-0015-Backport-Fix-PR-93242-patchable-function-entry-broke.patch - gcc7-pfe-0016-Backport-AArch64-PR92424-Fix-fpatchable-function-ent.patch - gcc7-pfe-0017-Backport-Fix-patchable-function-entry-on-arc.patch - gcc7-pfe-0018-Backport-Add-patch_area_size-and-patch_area_entry-to.patch - gcc7-pfe-0019-Backport-testsuite-Adjust-patchable_function-tests-f.patch - gcc7-pfe-0020-Backport-Use-the-section-flag-o-for-__patchable_func.patch - gcc7-pfe-0021-Backport-varasm-Fix-up-__patchable_function_entries-.patch - gcc7-pfe-0022-Backport-rs6000-Avoid-fpatchable-function-entry-regr.patch - gcc7-pfe-0023-Fix-unwinding-issues-when-pfe-is-enabled.patch +- Add gcc7-pfe-0001-Backport-Add-entry-for-patchable_function_entry.patch, + gcc7-pfe-0002-Backport-Skip-fpatchable-function-entry-tests-for-nv.patch, + gcc7-pfe-0003-Backport-Error-out-on-nvptx-for-fpatchable-function-.patch, + gcc7-pfe-0004-Backport-Adapt-scan-assembler-times-for-alpha.patch, + gcc7-pfe-0005-Backport-patchable_function_entry-decl.c-Use-3-NOPs-.patch, + gcc7-pfe-0006-Backport-IBM-Z-Use-the-dedicated-NOP-instructions-fo.patch, + gcc7-pfe-0007-Backport-Add-regex-to-search-for-uppercase-NOP-instr.patch, + gcc7-pfe-0008-Backport-ICE-segmentation-fault-with-patchable_funct.patch, + gcc7-pfe-0009-Backport-patchable_function_entry-decl.c-Pass-mcpu-g.patch, + gcc7-pfe-0010-Backport-patchable_function_entry-decl.c-Do-not-run-.patch, + gcc7-pfe-0011-Backport-patchable_function_entry-decl.c-Add-fno-pie.patch, + gcc7-pfe-0012-Backport-PR-c-89946-ICE-in-assemble_start_function-a.patch, + gcc7-pfe-0013-Backport-targhooks.c-default_print_patchable_functio.patch, + gcc7-pfe-0014-Backport-Align-__patchable_function_entries-to-POINT.patch, + gcc7-pfe-0015-Backport-Fix-PR-93242-patchable-function-entry-broke.patch, + gcc7-pfe-0016-Backport-Fix-patchable-function-entry-on-arc.patch, + gcc7-pfe-0017-Backport-Add-patch_area_size-and-patch_area_entry-to.patch, + gcc7-pfe-0018-Backport-testsuite-Adjust-patchable_function-tests-f.patch, + gcc7-pfe-0019-Backport-Use-the-section-flag-o-for-__patchable_func.patch, + gcc7-pfe-0020-Backport-varasm-Fix-up-__patchable_function_entries-.patch, + gcc7-pfe-0021-Backport-rs6000-Avoid-fpatchable-function-entry-regr.patch, + and gcc7-pfe-0022-Fix-unwinding-issues-when-pfe-is-enabled.patch gettext-runtime +- Add _multibuild to define additional spec files as additional + flavors. + Eliminates the need for source package links in OBS. + +- update keyring for the last version update + +- Update to Version 0.21.1 + * Runtime behaviour: + - On AIX, locale names with a script or with an uppercase language are now + supported. + For example, sr_Cyrl_RS.UTF-8 is treated like sr_RS.UTF-8@cyrillic, and + EN_US.UTF-8 is treated like en_US.UTF-8. + * The base Unicode standard is now updated to 14.0.0. + * Portability: + - Building on macOS 11/arm64 is now supported. + - Building on Linux/powerpc64le with glibc ≥ 2.35 is now supported. + +- Added patch: + * gettext-0.21-jdk17.patch + + Build with java source and target levels 1.8 + + Allows building with JDK17 + + Fixes build in Factory + +- Remove libcroco from BuildRequires: it is now bundled internally. + +- fixup libtextstyle autofoo with adding + use-acinit-for-libtextstyle.patch + +- Add multiple new features (bsc#1165138) +- Add patches: + * 0001-msgcat-Add-feature-to-use-the-newest-po-file.patch + * 0002-msgcat-Merge-headers-when-use-first.patch +- Reintroduce autoreconf call + +- Update to 0.21: + * Programming languages support: + - Shell: + o xgettext now recognizes and ignores 'env' invocations and environment + variable assignments in front of commands. + - Java: + o xgettext now recognizes format strings in the Formatter syntax. They + are marked as 'java-printf-format' in POT and PO files. + o xgettext now recognizes text blocks as string literals. + - JavaScript: + xgettext parses JSX expressions more reliably. + - Ruby: + o xgettext now supports Ruby. + o 'msgfmt -c' now verifies the syntax of translations of Ruby format + strings. + * Improvements for translators: + - When msgfmt writes a MO file, it now does so in such a way that processes + that are currently using an older copy of the MO file will not crash. + * Libtextstyle: + - Added support for emitting hyperlinks. + - New API for doing formatted output. + - The example programs support the NO_COLOR environment variable. + gstreamer-plugins-bad +- Add patch from upstream to fix a heap overwrite in PGS subtitle + overlay decoder which might trigger a crash or remote code + execution (bsc#1213126, CVE-2023-37329): + * 0001-dvdspu-Make-sure-enough-data-is-allocated-for-the.patch + java-11-openjdk +- Update to upstream tag jdk-11.0.20.1+1 (August 2023 emergency + release fixing a regression in July 2023 CPU) + * Changes: + + JDK-8313765: Invalid CEN header (invalid zip64 extra data + field size) + + JDK-8314678: Bump update version for OpenJDK: jdk-11.0.20.1 + +- Added patch: + * reproducible-javadoc-timestamp.patch + + use SOURCE_DATE_EPOCH in javadoc and make the javadoc + generation more reproducible + kdump +- update calibrate values, newly added SLE15-SP6 values + +- upgrade to version 1.9.6 + * use newer /sys/kernel/fadump/ instead of /sys/kernel/fadump_ + * use kexec -a which falls back to kexec_load(2) automatically + * update s390 udev rules + * drop systemd device timeout generator + +- upgrade to version 1.9.5 + * SELinux: temporary hack for bsc#1213721 + +- upgrade to version 1.9.4 + * fix FADUMP initramfs when not created by mkdumprd + * FADUMP: let dracut de-duplicate initrd by preserving modification times + * mkdumprd: only regenerate FADUMP initrds when needed + * mkdumprd: exit when destination not writable (transactional updates) + * mkdumprd: don't call update-bootloader + +- upgrade to version 1.9.3 + * fix calibrate + * update kdump(7) manpage + * turn missing ssh, lftp or host key into a fatal error + * depend on openssh-clients not openssh +- refreshed calibrate values + +- upgrade to version 1.9.2 + * adapt kdumptool to work with YaST + * wait for SMTP server to become reachable + +- upgrade to version 1.9.1 + * reimplement e-mail notifications + +- upgrade to version 1.9 + * complete rewrite of kdump-save and parts of initrd generation + * mounts are now entirely handled by dracut + * deprecated: split dumps (saving to more than one targets at once) + * deprecated: KDUMPTOOL_FLAGS option removed; original XENALLDOMAINS is now + the default, disable with MAKEDUMPFILE_OPTIONS=-X + * deprecated: notification e-mails + * deprecated: copying of the kernel image (KDUMP_COPY_KERNEL) + * FTP and SFTP are now handled by lftp, added to the spec file as Recommends: + * SSH and SFTP now support passwords provided in the URL + * fixed KDUMP_SSH_HOST_KEY, now needs to include the key type + * new KDUMP_DUMPFORMAT=raw, will save an unmodified /proc/vmcore + * the output directory name is now YYYY-MM-DD-HH-MM, i.e. the separator between + HH and MM changed + * unified default KDUMP_SAVEDIR across config, code and man to /var/crash + * ping is now used to detect network is up; disable with KDUMP_NET_TIMEOUT=0 + * all the yes/no options changed to true/false; yes/no/1/0 still accepted + * put the kdump initrd in /var/lib/kdump/initrd + * use default kernel symlink (/boot/vmlinuz) instead of kernel autodetection + * KDUMP_KERNELVER can specify an absolute path to a kernel image + * improved mkdumprd detection of changed settings + * removed all of kdumptool except the calibrate subcommand + * cleaned up dependencies (ssh now only Recommended) + +- bumped version update to v1.0.3 + +- Honor the KDUMP_VERBOSE setting in kdump-save +- fix distro prefix for ALP +- add calibrate values for ALP (copied from TW) + +- add calibrate values for Leap 15.5 + -- run kdump.service only after kdump-early.service (bsc#1196335) +- Run kdump.service only after kdump-early.service is done + (boo#1196335) +- fixed calibrate build on s390 +- minor fixes + + * print the qemu messages and trackrss log during calibrate - -- maintain the spec file in git -- print the qemu messages and trackrss log during calibrate -- calibrate: properly kill the tail process +- remove build dependency for wicked +- fix package summary in the spec file + +- maintain the spec file in git - -- fix broken URL in manpage (bsc#1187312) -- pull from new upstream SLE-15-SP5 branch -- copy SLE-15-SP4 calibration data for SLE-15-SP5 +- update to kdump-1.0.2+git20: + * Use inst_binary to install kdump-save + +- disable build on arm 32bit (bsc#1203888) + +- mkdumprd: replace mkinitrd with native dracut (bsc#1202443) + +- fix network-related dracut options handling for fadump case +- drop the elevator=deadline kernel option (bsc#1193211) +- fix broken URL in manpage (bsc#1187312) -- remount target filesystem r/w for fadump (bsc1197125) -- stop reloading FADump on CPU hot-add event (jsc#IBM-768) -- mkdumprd: add option to run dracut in debug mode + +- remount filesystem r/w for fadump (bsc#1197125) +- stop reloading FADump on CPU hot-add event +- add support for Zstandard compression algorithm kernel-default +- Update References + patches.suse/Bluetooth-L2CAP-Fix-use-after-free-in-l2cap_sock_rea.patch + (git-fixes bsc#1214233 CVE-2023-40283). +- commit 63a801c + +- powerpc/rtas: mandate RTAS syscall filtering (bsc#1023051). +- commit ac82be8 + +- Refresh sorted section +- commit a6fbcee + +- netfilter: nf_tables: use correct lock to protect gc_list + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: GC transaction race with abort path + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: GC transaction race with netns dismantle + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: fix GC transaction races with netns and + netlink event exit path (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: fix kdoc warnings after gc rework + (CVE-2023-4563 bsc#1214727). +- refresh + - patches.kabi/kabi-hide-changes-in-struct-nft_set.patch +- kabi: hide changes in struct nft_set (CVE-2023-4563 + bsc#1214727). +- netfilter: nf_tables: GC transaction API to avoid race with + control plane (CVE-2023-4563 bsc#1214727). +- commit cfed41c + +- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (git-fixes). +- commit 47ff352 + +- "drm/vmwgfx: Remove rcu locks from user resources" (bsc#1203329 CVE-2022-40133 bsc#1203330 CVE-2022-38457) + This patch also fixes two CVEs. Update the References tag accordingly. +- commit 552e790 + +- s390/ipl: add missing secure/has_secure file to ipl type + 'unknown' (bsc#1214976). +- commit 33974e8 + +- cpufreq: Fix the race condition while updating the + transition_task of policy (git-fixes). +- rpmsg: glink: Add check for kstrdup (git-fixes). +- leds: turris-omnia: Drop unnecessary mutex locking (git-fixes). +- leds: trigger: tty: Do not use LED_ON/OFF constants, use + led_blink_set_oneshot instead (git-fixes). +- leds: Fix BUG_ON check for LED_COLOR_ID_MULTI that is always + false (git-fixes). +- leds: multicolor: Use rounded division when calculating color + components (git-fixes). +- leds: pwm: Fix error code in led_pwm_create_fwnode() + (git-fixes). +- docs: printk-formats: Fix hex printing of signed values + (git-fixes). +- commit 1c98d58 + +- sched/fair: Use recent_used_cpu to test p->cpus_ptr (git fixes). +- sched/fair: Fix inaccurate tally of ttwu_move_affine (git + fixes). +- commit 4be7d48 + +- USB: core: Fix oversight in SuperSpeed initialization + (bsc#1213123 CVE-2023-37453). +- commit 6b6c148 + +- blacklist.conf: Not a fix, relatively high risk of performance regression +- commit fd04425 + +- USB: core: Fix race by not overwriting udev->descriptor in + hub_port_init() (bsc#1213123 CVE-2023-37453). +- commit a1f446d + +- USB: core: Unite old scheme and new scheme descriptor reads + (bsc#1213123 CVE-2023-37453). +- commit 9f60ef1 + +- Refresh + patches.suse/0002-nvme-tcp-fix-potential-unbalanced-freeze-unfreeze.patch. +- Refresh + patches.suse/0003-nvme-rdma-fix-potential-unbalanced-freeze-unfreeze.patch. +- commit 452e63f + +- scsi: RDMA/srp: Fix residual handling (git-fixes) +- commit 429e77b + +- RDMA/efa: Fix wrong resources deallocation order (git-fixes) +- commit c7f667b + +- RDMA/siw: Correct wrong debug message (git-fixes) +- commit 3732fc1 + +- RDMA/siw: Balance the reference of cep->kref in the error path (git-fixes) +- commit 9281d22 + +- Revert "IB/isert: Fix incorrect release of isert connection" (git-fixes) +- commit 1b277c9 + +- RDMA/irdma: Prevent zero-length STAG registration (git-fixes) +- commit e55bab1 + +- IB/uverbs: Fix an potential error pointer dereference (git-fixes) +- commit 0e5f5fb + +- RDMA/hns: Fix CQ and QP cache affinity (git-fixes) +- commit fee7fe7 + +- RDMA/hns: Fix incorrect post-send with direct wqe of wr-list (git-fixes) +- commit 988bb43 + +- RDMA/hns: Fix port active speed (git-fixes) +- commit f1ca0f2 + +- RDMA/bnxt_re: Fix max_qp count for virtual functions (git-fixes) +- commit dd0f3ab + +- RDMA/irdma: Replace one-element array with flexible-array member (git-fixes) +- commit e8addea + +- RDMA/qedr: Remove a duplicate assignment in irdma_query_ah() (git-fixes) +- commit c2623e0 + +- RDMA/bnxt_re: Fix error handling in probe failure path (git-fixes) +- commit c6f50a4 + +- IB/hfi1: Fix possible panic during hotplug remove (git-fixes) +- commit 632a598 + +- RDMA/umem: Set iova in ODP flow (git-fixes) +- commit ec8b3f4 + +- RDMA/mlx5: Return the firmware result upon destroying QP/RQ (git-fixes) +- commit 1ff5e5f + +- bus: mhi: host: Skip MHI reset if device is in RDDM (git-fixes). +- fsi: master-ast-cf: Add MODULE_FIRMWARE macro (git-fixes). +- fsi: aspeed: Reset master errors after CFAM reset (git-fixes). +- commit 643257d + +- dmaengine: ste_dma40: Add missing IRQ check in d40_probe + (git-fixes). +- dmaengine: idxd: Modify the dependence of attribute + pasid_enabled (git-fixes). +- phy/rockchip: inno-hdmi: do not power on rk3328 post pll on + reg write (git-fixes). +- phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 + recalc_rate (git-fixes). +- phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328 + (git-fixes). +- mtd: rawnand: fsmc: handle clk prepare error in + fsmc_nand_resume() (git-fixes). +- mtd: rawnand: brcmnand: Fix mtd oobsize (git-fixes). +- mtd: rawnand: brcmnand: Fix potential out-of-bounds access in + oob write (git-fixes). +- mtd: rawnand: brcmnand: Fix crash during the panic_write + (git-fixes). +- mtd: rawnand: brcmnand: Fix potential false time out warning + (git-fixes). +- mtd: spi-nor: Check bus width while setting QE bit (git-fixes). +- HID: wacom: remove the battery when the EKR is off (git-fixes). +- HID: logitech-dj: Fix error handling in + logi_dj_recv_switch_to_dj_mode() (git-fixes). +- HID: multitouch: Correct devm device reference for hidinput + input_dev name (git-fixes). +- media: i2c: rdacm21: Fix uninitialized value (git-fixes). +- media: i2c: ccs: Check rules is non-NULL (git-fixes). +- media: ov2680: Fix regulators being left enabled on + ov2680_power_on() errors (git-fixes). +- media: ov2680: Fix ov2680_set_fmt() which == + V4L2_SUBDEV_FORMAT_TRY not working (git-fixes). +- media: ov2680: Add ov2680_fill_format() helper function + (git-fixes). +- media: ov2680: Don't take the lock for try_fmt calls + (git-fixes). +- media: ov2680: Remove VIDEO_V4L2_SUBDEV_API ifdef-s (git-fixes). +- media: ov2680: Fix vflip / hflip set functions (git-fixes). +- media: ov2680: Fix ov2680_bayer_order() (git-fixes). +- media: ov5640: Enable MIPI interface in ov5640_set_power_mipi() + (git-fixes). +- media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking + interrupts (git-fixes). +- media: venus: hfi_venus: Only consider sys_idle_indicator on V1 + (git-fixes). +- media: go7007: Remove redundant if statement (git-fixes). +- media: rkvdec: increase max supported height for H.264 + (git-fixes). +- media: cx24120: Add retval check for cx24120_message_send() + (git-fixes). +- media: dvb-usb: m920x: Fix a potential memory leak in + m920x_i2c_xfer() (git-fixes). +- media: dib7000p: Fix potential division by zero (git-fixes). +- drivers: usb: smsusb: fix error handling code in + smsusb_init_device (git-fixes). +- media: v4l2-core: Fix a potential resource leak in + v4l2_fwnode_parse_link() (git-fixes). +- media: i2c: tvp5150: check return value of devm_kasprintf() + (git-fixes). +- media: ad5820: Drop unsupported ad5823 from i2c_ and + of_device_id tables (git-fixes). +- fbdev: Update fbdev source file paths (git-fixes). +- amba: bus: fix refcount leak (git-fixes). +- dma-buf/sync_file: Fix docs syntax (git-fixes). +- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe + (git-fixes). +- driver core: test_async: fix an error code (git-fixes). +- Documentation: devices.txt: Fix minors for ttyCPM* (git-fixes). +- Documentation: devices.txt: Remove ttySIOC* (git-fixes). +- Documentation: devices.txt: Remove ttyIOC* (git-fixes). +- serial: sc16is7xx: fix bug when first setting GPIO direction + (git-fixes). +- serial: sc16is7xx: fix broken port 0 uart init (git-fixes). +- serial: tegra: handle clk prepare error in tegra_uart_hw_init() + (git-fixes). +- serial: sprd: Fix DMA buffer leak issue (git-fixes). +- serial: sprd: Assign sprd_port after initialized to avoid + wrong access (git-fixes). +- usb: typec: tcpm: set initial svdm version based on pd revision + (git-fixes). +- usb: dwc3: meson-g12a: do post init to fix broken usb after + resumption (git-fixes). +- USB: gadget: f_mass_storage: Fix unused variable warning + (git-fixes). +- usb: phy: mxs: fix getting wrong state with + mxs_phy_is_otg_host() (git-fixes). +- usb: chipidea: imx: improve logic if samsung,picophy-* parameter + is 0 (git-fixes). +- platform/x86: dell-sysman: Fix reference leak (git-fixes). +- commit 729e789 + +- target: compare and write backend driver sense handling + (bsc#1177719 bsc#1213026). +- Refresh patches.suse/target-rbd-support-COMPARE_AND_WRITE.patch. +- commit a2ae103 + +- clocksource/drivers/hyper-v: Rework clocksource and sched clock setup (bsc#1206453). +- Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (bsc#1206453). +- PCI: hv: Replace retarget_msi_interrupt_params with (bsc#1206453). +- Drivers: hv: vmbus: Remove the per-CPU post_msg_page (bsc#1206453). +- clocksource: hyper-v: make sure Invariant-TSC is used if it is (bsc#1206453). +- PCI: hv: Enable PCI pass-thru devices in Confidential VMs (bsc#1206453). +- Drivers: hv: Don't remap addresses that are above shared_gpa_boundary (bsc#1206453). +- hv_netvsc: Remove second mapping of send and recv buffers (bsc#1206453). +- Drivers: hv: vmbus: Remove second way of mapping ring buffers (bsc#1206453). +- Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages (bsc#1206453). +- swiotlb: Remove bounce buffer remapping for Hyper-V (bsc#1206453). +- x86/hyperv: Change vTOM handling to use standard coco mechanisms (bsc#1206453). +- x86/mm: Handle decryption/re-encryption of bss_decrypted consistently (bsc#1206453). +- Drivers: hv: Explicitly request decrypted in vmap_pfn() calls (bsc#1206453). +- x86/hyperv: Reorder code to facilitate future work (bsc#1206453). +- x86/ioremap: Add hypervisor callback for private MMIO mapping in coco (bsc#1206453). +- x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall() (bsc#1206453). +- x86/tdx: Expand __tdx_hypercall() to handle more arguments (bsc#1206453). +- x86/tdx: Refactor __tdx_hypercall() to allow pass down more arguments (bsc#1206453). +- x86/tdx: Add more registers to struct tdx_hypercall_args (bsc#1206453). +- x86/tdx: Fix typo in comment in __tdx_hypercall() (bsc#1206453). +- Drivers: hv: Enable vmbus driver for nested root partition (bsc#1206453). +- x86/hyperv: Add an interface to do nested hypercalls (bsc#1206453). +- Drivers: hv: Setup synic registers in case of nested root partition (bsc#1206453). +- x86/hyperv: Add support for detecting nested hypervisor (bsc#1206453). +- clocksource: hyper-v: Add TSC page support for root partition (bsc#1206453). +- clocksource: hyper-v: Use TSC PFN getter to map vvar page (bsc#1206453). +- clocksource: hyper-v: Introduce TSC PFN getter (bsc#1206453). +- clocksource: hyper-v: Introduce a pointer to TSC page (bsc#1206453). +- x86/hyperv: Remove BUG_ON() for kmap_local_page() (bsc#1206453). +- x86/hyperv: Replace kmap() with kmap_local_page() (bsc#1206453). +- define more Hyper-V related constants (bsc#1206453). +- commit 7dd2c1c + +- libbpf: Fix btf_dump's packed struct determination (bsc#1211220 + jsc#PED-3924). +- libbpf: Fix single-line struct definition output in btf_dump + (bsc#1211220 jsc#PED-3924). +- commit 7a046db + +- blacklist.conf: add git-fix to skip +- commit 47580cb + +- scsi: snic: Fix double free in snic_tgt_create() (git-fixes). +- commit d711707 + +- libbpf: Fix BTF-to-C converter's padding logic (bsc#1211220 + jsc#PED-3924). +- selftests/bpf: Test btf dump for struct with padding only fields + (bsc#1211220 jsc#PED-3924). +- bpftool: Print newline before '}' for struct with padding only + fields (bsc#1211220 jsc#PED-3924). +- commit 93aeeb8 + +- drm/msm/dpu: fix the irq index in + dpu_encoder_phys_wb_wait_for_commit_done (git-fixes). +- drm/mediatek: Remove freeing not dynamic allocated memory + (git-fixes). +- drm/repaper: Reduce temporary buffer size in repaper_fb_dirty() + (git-fixes). +- drm/amd/display: Do not set drr on pipe commit (git-fixes). +- drm/bridge: anx7625: Use common macros for HDCP capabilities + (git-fixes). +- drm/bridge: anx7625: Use common macros for DP power sequencing + commands (git-fixes). +- drm/mxsfb: Disable overlay plane in + mxsfb_plane_overlay_atomic_disable() (git-fixes). +- drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers + (git-fixes). +- commit cc8e0cf + +- bus: ti-sysc: Fix cast to enum warning (git-fixes). +- commit 586e58b + +- Add cherry-picked if to fbdev patch +- commit 32815f6 + +- ALSA: hda/realtek: Add quirk for mute LEDs on HP ENVY x360 + 15-eu0xxx (git-fixes). +- ALSA: hda/realtek: Add quirk for HP Victus 16-d1xxx to enable + mute LED (git-fixes). +- commit 2c05a9a + +- ALSA: usb-audio: Fix init call orders for UAC1 (git-fixes). +- commit 3ba2db1 + +- PCI: microchip: Remove cast between incompatible function type + (git-fixes). +- PCI: meson: Remove cast between incompatible function type + (git-fixes). +- PCI: microchip: Correct the DED and SEC interrupt bit offsets + (git-fixes). +- PCI: Mark NVIDIA T4 GPUs to avoid bus reset (git-fixes). +- wifi: ath10k: Use RMW accessors for changing LNKCTL (git-fixes). +- wifi: ath11k: Use RMW accessors for changing LNKCTL (git-fixes). +- PCI: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). +- pinctrl: cherryview: fix address_space_handler() argument + (git-fixes). +- pinctrl: mcp23s08: check return value of devm_kasprintf() + (git-fixes). +- ipmi_si: fix a memleak in try_smi_init() (git-fixes). +- ipmi:ssif: Fix a memory leak when scanning for an adapter + (git-fixes). +- ipmi:ssif: Add check for kstrdup (git-fixes). +- firmware: meson_sm: fix to avoid potential NULL pointer + dereference (git-fixes). +- firmware: cs_dsp: Fix new control name check (git-fixes). +- fbdev/ep93xx-fb: Do not assign to struct fb_info.dev + (git-fixes). +- PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() + only for non-root bus (git-fixes). +- PCI: acpiphp: Reassign resources on bridge if necessary + (git-fixes). +- commit 10e5d93 + +- drm/radeon: Use RMW accessors for changing LNKCTL (git-fixes). +- drm/amdgpu: Use RMW accessors for changing LNKCTL (git-fixes). +- dt-bindings: clocks: imx8mp: make sai4 a dummy clock + (git-fixes). +- dt-bindings: clock: xlnx,versal-clk: drop select:false + (git-fixes). +- dt-bindings: crypto: ti,sa2ul: make power-domains conditional + (git-fixes). +- drm/msm/a2xx: Call adreno_gpu_init() earlier (git-fixes). +- drm/msm/mdp5: Don't leak some plane state (git-fixes). +- drm/msm: Update dev core dump to not print backwards + (git-fixes). +- drm/etnaviv: fix dumping of active MMU context (git-fixes). +- drm/amd/pm: fix variable dereferenced issue in + amdgpu_device_attr_create() (git-fixes). +- drm/mediatek: Fix potential memory leak if vmap() fail + (git-fixes). +- drm/mediatek: Fix dereference before null check (git-fixes). +- drm/panel: simple: Add missing connector type and pixel format + for AUO T215HVN01 (git-fixes). +- drm/bridge: fix -Wunused-const-variable= warning (git-fixes). +- drm/armada: Fix off-by-one error in + armada_overlay_get_property() (git-fixes). +- drm/atomic-helper: Update reference to + drm_crtc_force_disable_all() (git-fixes). +- drm/tegra: dpaux: Fix incorrect return value of platform_get_irq + (git-fixes). +- fbdev: fix potential OOB read in fast_imageblit() (git-fixes). +- fbdev: Fix sys_imageblit() for arbitrary image widths + (git-fixes). +- fbdev: Improve performance of sys_imageblit() (git-fixes). +- commit a3652b5 + +- docs: kernel-parameters: Refer to the correct bitmap function + (git-fixes). +- clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src (git-fixes). +- clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src + (git-fixes). +- clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock + (git-fixes). +- clk: qcom: camcc-sc7180: fix async resume during probe + (git-fixes). +- clk: imx: pll14xx: dynamically configure PLL for + 393216000/361267200Hz (git-fixes). +- clk: imx: composite-8m: fix clock pauses when set_rate would + be a no-op (git-fixes). +- clk: imx8mp: fix sai4 clock (git-fixes). +- clk: sunxi-ng: Modify mismatched function name (git-fixes). +- drivers: clk: keystone: Fix parameter judgment in + _of_pll_clk_init() (git-fixes). +- bus: ti-sysc: Fix build warning for 64-bit build (git-fixes). +- ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl + (git-fixes). +- ASoC: tegra: Fix SFC conversion for few rates (git-fixes). +- ALSA: ac97: Fix possible error value of *rac97 (git-fixes). +- ASoC: stac9766: fix build errors with REGMAP_AC97 (git-fixes). +- drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask + (git-fixes). +- drm/amdgpu: avoid integer overflow warning in + amdgpu_device_resize_fb_bar() (git-fixes). +- drm/bridge: anx7625: Drop device lock before + drm_helper_hpd_irq_event() (git-fixes). +- drm: adv7511: Fix low refresh rate register for ADV7533/5 + (git-fixes). +- drm/ast: Fix DRAM init on AST2200 (git-fixes). +- backlight/lv5207lp: Compare against struct fb_info.device + (git-fixes). +- backlight/gpio_backlight: Compare against struct fb_info.device + (git-fixes). +- backlight/bd6107: Compare against struct fb_info.device + (git-fixes). +- drm/bridge: tc358764: Fix debug print parameter order + (git-fixes). +- audit: fix possible soft lockup in __audit_inode_child() + (git-fixes). +- ALSA: ymfpci: Fix the missing snd_card_free() call at probe + error (git-fixes). +- drm/amd/display: check TG is non-null before checking if enabled + (git-fixes). +- drm/amd/display: do not wait for mpc idle if tg is disabled + (git-fixes). +- commit 08c4f7b + +- Kbuild: add -Wno-shift-negative-value where -Wextra is used + (bsc#1214756). +- commit 8140064 + +- rpm/mkspec-dtb: support for nested subdirs + Commit 724ba6751532 ("ARM: dts: Move .dts files to vendor + sub-directories") moved the dts to nested subdirs, add a support for + that. That is, generate a %dir entry in %files for them. +- commit 6484eda + +- Update patches.kabi/lockdown-kABI-workaround-for-lockdown_reason-changes.patch + Apply following fixup from Michal Suchánek: + Don't reorder lockdown reason. +- commit 9382b89 + +- wifi: mt76: mt7921: fix non-PSC channel scan fail (git-fixes). +- commit 616c360 + +- wifi: mwifiex: Fix missed return in oob checks failed path + (git-fixes). +- commit 9baf357 + +- nilfs2: fix WARNING in mark_buffer_dirty due to discarded + buffer reuse (git-fixes). +- lib/test_meminit: allocate pages up to order MAX_ORDER + (git-fixes). +- HWPOISON: offline support: fix spelling in Documentation/ABI/ + (git-fixes). +- wifi: ath9k: use IS_ERR() with debugfs_create_dir() (git-fixes). +- wifi: ath9k: protect WMI command response buffer replacement + with a lock (git-fixes). +- wifi: ath9k: fix races between ath9k_wmi_cmd and + ath9k_wmi_ctrl_rx (git-fixes). +- wifi: mwifiex: avoid possible NULL skb pointer dereference + (git-fixes). +- wifi: radiotap: fix kernel-doc notation warnings (git-fixes). +- wifi: nl80211/cfg80211: add forgotten nla_policy for BSS color + attribute (git-fixes). +- wifi: mwifiex: fix memory leak in mwifiex_histogram_read() + (git-fixes). +- Bluetooth: btusb: Do not call kfree_skb() under + spin_lock_irqsave() (git-fixes). +- Bluetooth: Fix potential use-after-free when clear keys + (git-fixes). +- Bluetooth: Remove unused declaration amp_read_loc_info() + (git-fixes). +- Bluetooth: nokia: fix value check in + nokia_bluetooth_serdev_probe() (git-fixes). +- wifi: mwifiex: fix error recovery in PCIE buffer descriptor + management (git-fixes). +- wifi: mt76: mt7915: fix power-limits while chan_switch + (git-fixes). +- wifi: mt76: testmode: add nla_policy for MT76_TM_ATTR_TX_LENGTH + (git-fixes). +- wifi: mt76: mt7921: do not support one stream on secondary + antenna only (git-fixes). +- wifi: mwifiex: Fix OOB and integer underflow when rx packets + (git-fixes). +- wifi: rtw89: debug: Fix error handling in + rtw89_debug_priv_btc_manual_set() (git-fixes). +- can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow + errors also in case of OOM (git-fixes). +- hwrng: iproc-rng200 - Implement suspend and resume calls + (git-fixes). +- crypto: caam - fix unchecked return value error (git-fixes). +- crypto: stm32 - Properly handle pm_runtime_get failing + (git-fixes). +- hwrng: pic32 - use devm_clk_get_enabled (git-fixes). +- hwrng: nomadik - keep clock enabled while hwrng is registered + (git-fixes). +- hwmon: (tmp513) Fix the channel number in tmp51x_is_visible() + (git-fixes). +- spi: tegra20-sflash: fix to check return value of + platform_get_irq() in tegra_sflash_probe() (git-fixes). +- regmap: rbtree: Use alloc_flags for memory allocations + (git-fixes). +- commit 243ba95 + +- blacklist.conf: add git-fix that breaks kabi +- commit 29743c2 + +- scsi: qedf: Fix firmware halt over suspend and resume + (git-fixes). +- scsi: qedi: Fix firmware halt over suspend and resume + (git-fixes). +- scsi: snic: Fix possible memory leak if device_add() fails + (git-fixes). +- scsi: core: Fix possible memory leak if device_add() fails + (git-fixes). +- scsi: core: Fix legacy /proc parsing buffer overflow + (git-fixes). +- scsi: 53c700: Check that command slot is not NULL (git-fixes). +- scsi: fnic: Replace return codes in fnic_clean_pending_aborts() + (git-fixes). +- scsi: scsi_debug: Remove dead code (git-fixes). +- scsi: 3w-xxxx: Add error handling for initialization failure + in tw_probe() (git-fixes). +- scsi: qedf: Fix NULL dereference in error handling (git-fixes). +- commit f37057a + +- docs/process/howto: Replace C89 with C11 (bsc#1214756). +- commit 8393e27 + +- Kbuild: move to -std=gnu11 (bsc#1214756). +- commit ef844c1 + +- blacklist.conf: kABI +- commit 382e160 + +- netfilter: nf_tables: deactivate catchall elements in next + generation (bsc#1214729 CVE-2023-4569). +- commit 6289fe5 + +- netfilter: nf_tables: deactivate catchall elements in next + generation (bsc#1214729 CVE-2023-4569). +- commit ab071f2 + +- Update metadata +- commit afac039 + +- netfs: fix parameter of cleanup() (bsc#1214743). +- netfs: Fix lockdep warning from taking sb_writers whilst + holding mmap_lock (bsc#1214742). +- commit bb32ecc + +- selftests/futex: Order calls to futex_lock_pi (git-fixes). +- selftests/resctrl: Close perf value read fd on errors + (git-fixes). +- selftests/resctrl: Unmount resctrl FS if child fails to run + benchmark (git-fixes). +- selftests/resctrl: Don't leak buffer in fill_cache() + (git-fixes). +- PM / devfreq: Fix leak in devfreq_dev_release() (git-fixes). +- ACPI: x86: s2idle: Fix a logic error parsing AMD constraints + table (git-fixes). +- selftests/harness: Actually report SKIP for signal tests + (git-fixes). +- pstore/ram: Check start of empty przs during init (git-fixes). +- commit ad35b22 + +- Move upstreamed powerpc patches into sorted section +- commit 3a27181 + +- Move upstreamed HID patch into sorted section +- commit 85ada69 + +- e1000: Remove unnecessary use of kmap_atomic() (jsc#PED-5738). +- commit 411ade7 + +- intel/e1000:fix repeated words in comments (jsc#PED-5738). +- commit 36d3f87 + +- intel: remove unused macros (jsc#PED-5738). +- commit 8c0592a + +- e1000: Fix typos in comments (jsc#PED-5738). +- commit b74464e + +- e1000: switch to napi_build_skb() (jsc#PED-5738). +- commit 8f3d353 + +- e1000: switch to napi_consume_skb() (jsc#PED-5738). +- commit b269f24 + +- tracing: Fix memleak due to race between current_tracer and + trace (git-fixes). +- commit cd1e0a8 + +- tracing: Fix cpu buffers unavailable due to 'record_disabled' + missed (git-fixes). +- commit 8e87d30 + +- ring-buffer: Do not swap cpu_buffer during resize process + (git-fixes). +- commit e5ec19f + +- xfs: fix sb write verify for lazysbcount (bsc#1214661). +- commit 29e65a8 + +- cpufreq: intel_pstate: Adjust balance_performance EPP for + Sapphire Rapids (bsc#1214659). +- commit c3cfee9 + +- cpufreq: intel_pstate: Enable HWP IO boost for all servers + (bsc#1208949 jsc#PED-6003 jsc#PED-6004). +- commit bd6042f + +- cpufreq: intel_pstate: Fix scaling for hybrid-capable systems + with disabled E-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 + jsc#PED-4929). +- commit 0340dfe + +- cpufreq: intel_pstate: hybrid: Use known scaling factor for + P-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 91615ae + +- cpufreq: intel_pstate: Read all MSRs on the target CPU + (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 639f9f6 + +- cpufreq: intel_pstate: hybrid: Rework HWP calibration + (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- Update + patches.suse/cpufreq-intel_pstate-Fix-cpu-pstate.turbo_freq-initi.patch + (git-fixes bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 689587b + +- Use the cherry-picked id for an AMDGPU patch and resort +- commit 07365e7 + +- tty: serial: fsl_lpuart: Add i.MXRT1050 support (git-fixes). +- Refresh + patches.suse/tty-serial-fsl_lpuart-add-earlycon-for-imx8ulp-platf.patch. +- commit f34a3a2 + +- selftests: forwarding: tc_actions: Use ncat instead of nc + (git-fixes). +- watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller + Hub) (git-fixes). +- thunderbolt: Read retimer NVM authentication status prior + tb_retimer_set_inbound_sbtx() (git-fixes). +- usb: chipidea: imx: add missing USB PHY DPDM wakeup setting + (git-fixes). +- usb: chipidea: imx: don't request QoS for imx8ulp (git-fixes). +- usb: gadget: u_serial: Avoid spinlock recursion in + __gs_console_push (git-fixes). +- pcmcia: rsrc_nonstatic: Fix memory leak in + nonstatic_release_resource_db() (git-fixes). +- PCI: tegra194: Fix possible array out of bounds access + (git-fixes). +- tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A + (git-fixes). +- tty: serial: fsl_lpuart: make rx_watermark configurable for + different platforms (git-fixes). +- selftests: forwarding: tc_actions: cleanup temporary files + when test is aborted (git-fixes). +- usb: dwc3: Fix typos in gadget.c (git-fixes). +- commit 5394953 + +- drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). +- commit d60a005 + +- i2c: designware: Handle invalid SMBus block data response + length value (git-fixes). +- drm/qxl: fix UAF on handle creation (git-fixes). +- drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). +- Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally + (git-fixes). +- Bluetooth: L2CAP: Fix use-after-free (git-fixes). +- media: v4l2-mem2mem: add lock to protect parameter num_rdy + (git-fixes). +- ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB + related warnings (git-fixes). +- drm/amdgpu: install stub fence into potential unused fence + pointers (git-fixes). +- drm/amd/display: fix access hdcp_workqueue assert (git-fixes). +- ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion + (git-fixes). +- HID: add quirk for 03f0:464a HP Elite Presenter Mouse + (git-fixes). +- HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech + G915 TKL Keyboard (git-fixes). +- PCI: s390: Fix use-after-free of PCI resources with per-function + hotplug (git-fixes). +- drm/amd/display: phase3 mst hdcp for multiple displays + (git-fixes). +- drm/amd/display: save restore hdcp state when display is + unplugged from mst hub (git-fixes). +- iio: adc: stx104: Implement and utilize register structures + (git-fixes). +- iio: adc: stx104: Utilize iomap interface (git-fixes). +- ARM: dts: imx6sll: fixup of operating points (git-fixes). +- commit e2faa35 + +- pinctrl: amd: Mask wake bits on probe again (git-fixes). +- pinctrl: amd: Revert "pinctrl: amd: disable and mask interrupts + on probe" (git-fixes). +- commit 15b9551 + +- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ + (git-fixes). +- commit 5e59635 + +- clk: Fix slab-out-of-bounds error in devm_clk_release() + (git-fixes). +- clk: Fix undefined reference to `clk_rate_exclusive_{get,put}' + (git-fixes). +- pinctrl: renesas: rza2: Add lock around + pinctrl_generic{{add,remove}_group,{add,remove}_function} + (git-fixes). +- drm/vmwgfx: Fix shader stage validation (git-fixes). +- dma-buf/sw_sync: Avoid recursive lock during fence signal + (git-fixes). +- commit 7c5f1b7 + +- batman-adv: Hold rtnl lock during MTU update via netlink + (git-fixes). +- commit 8468886 + +- batman-adv: Fix batadv_v_ogm_aggr_send memory leak (git-fixes). +- batman-adv: Fix TT global entry leak when client roamed back + (git-fixes). +- batman-adv: Do not get eth header before + batadv_check_management_packet (git-fixes). +- batman-adv: Don't increase MTU when set by user (git-fixes). +- batman-adv: Trigger events for auto adjusted MTU (git-fixes). +- commit d59057e + +- drm/amd/display: disable RCO for DCN314 (git-fixes). +- commit 5dc74f0 + +- drm/qxl: fix UAF on handle creation (git-fixes). +- drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). +- drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix + (git-fixes). +- drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 + (git-fixes). +- drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU + v13.0.4/11 (git-fixes). +- drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). +- drm/amd/display: Enable dcn314 DPP RCO (git-fixes). +- drm/amd/display: Skip DPP DTO update if root clock is gated + (git-fixes). +- drm/amdgpu: keep irq count in amdgpu_irq_disable_all + (git-fixes). +- drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz + (git-fixes). +- drm/amdgpu: install stub fence into potential unused fence + pointers (git-fixes). +- drm/amdgpu: fix memory leak in mes self test (git-fixes). +- drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (git-fixes). +- drm/amdgpu: fix calltrace warning in amddrm_buddy_fini + (git-fixes). +- drm: rcar-du: remove R-Car H3 ES1.* workarounds (git-fixes). +- drm/stm: ltdc: fix late dereference check (git-fixes). +- drm/amd/display: Implement workaround for writing to + OTG_PIXEL_RATE_DIV register (git-fixes). +- commit 162942a + +- Move sorted nouveau patch into sorted section +- commit 5cfebfc + +- smb: client: fix null auth (git-fixes). +- commit f89a725 + +- Update tags in + patches.suse/md-raid5-Improve-performance-for-sequential-IO.patch. +- commit 5c3390a + +- powerpc/rtas: block error injection when locked down + (bsc#1023051). + Refresh patches.kabi/lockdown-kABI-workaround-for-lockdown_reason-changes.patch +- powerpc/rtas: enture rtas_call is called with MMU enabled + (bsc#1023051). +- commit e7f7145 + +- Input: cyttsp4_core - change del_timer_sync() to + timer_shutdown_sync() (bsc#1213971 CVE-2023-4134). +- commit 2dfd188 + +- Refresh patches.suse/powerpc-rtas-Keep-MSR-RI-set-when-calling-RTAS.patch. +- commit 0cbb740 + +- Drop rtsx patch that caused a regression (bsc#1214397,bsc#1214428) + It caused mysterious problem wrt NVMe. + Better to drop and blacklist for now. +- commit 2257ff2 + +- powerpc: Move DMA64_PROPNAME define to a header (bsc#1214297 ltc#197503). +- commit af67897 + +- x86/CPU/AMD: Fix the DIV(0) initial fix attempt (bsc#1213927, CVE-2023-20588). +- commit eb5704d + +- x86/CPU/AMD: Do not leak quotient data after a division by 0 (bsc#1213927, CVE-2023-20588). +- commit 8b5290e + +- scsi: storvsc: Fix handling of virtual Fibre Channel timeouts + (git-fixes). +- scsi: storvsc: Limit max_sectors for virtual Fibre Channel + devices (git-fixes). +- scsi: storvsc: Handle SRB status value 0x30 (git-fixes). +- scsi: storvsc: Always set no_report_opcodes (git-fixes). +- commit aace9fd + +- old-flavors: Drop 2.6 kernels. + 2.6 based kernels are EOL, upgrading from them is no longer suported. +- commit 7bb5087 + +- kunit: make kunit_test_timeout compatible with comment + (git-fixes). +- commit e060c5b + +- blacklist.conf: kABI +- commit 2db68b2 + +- blacklist.conf: kABI +- commit b9b490f + +- blacklist.conf: specific to Clang +- commit 0d88df7 + +- blacklist.conf: not used in our build process +- commit 5705a43 + +- blacklist.conf: designed to break kABI but relevant only on big endian +- commit 3477f1d + +- lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() + test (git-fixes). +- commit 0595e9f + +- blacklist.conf: cleanup +- commit 8d51620 + +- blacklist.conf: We do not use that tool +- commit f8ec126 + +- docs: networking: replace skb_hwtstamp_tx with skb_tstamp_tx + (git-fixes). +- commit d96f965 + +- kabi: Allow extra bugsints (bsc#1213927). +- commit fc75ce0 + +- Refresh patches.suse/x86-srso-add-ibpb.patch. + CPU_IBPB_ENTRY is always on so adjust code accordingly. +- commit 0ed13bd + +- Update + patches.suse/net-vmxnet3-fix-possible-NULL-pointer-dereference-in.patch + (bsc#1200431 bsc#1214451 CVE-2023-4459). + Added CVE reference. +- commit 13a12f4 + +- net: nfc: Fix use-after-free caused by nfc_llcp_find_local + (bsc#1213601 CVE-2023-3863). +- nfc: llcp: simplify llcp_sock_connect() error paths (bsc#1213601 + CVE-2023-3863). +- nfc: llcp: nullify llcp_sock->dev on connect() error paths + (bsc#1213601 CVE-2023-3863). +- commit 0932a11 + +- kabi/severities: Ignore newly added SRSO mitigation functions +- commit 4452f05 + +- s390/zcrypt: fix reply buffer calculations for CCA replies + (bsc#1213949). +- commit 26e242b + +- tty: fix hang on tty device with no_room set (git-fixes). +- n_tty: Rename tail to old_tail in n_tty_read() (git-fixes). +- commit 22b52a9 + +- tty: n_gsm: fix the UAF caused by race condition in + gsm_cleanup_mux (git-fixes). +- tty: serial: fsl_lpuart: Clear the error flags by writing 1 + for lpuart32 platforms (git-fixes). +- commit 2bc2940 + +- x86/static_call: Fix __static_call_fixup() (git-fixes). +- commit 57d4f01 + +- x86/srso: Correct the mitigation status when SMT is disabled (git-fixes). +- commit c2d3421 + +- x86/srso: Explain the untraining sequences a bit more (git-fixes). +- commit f62146e + +- x86/cpu/kvm: Provide UNTRAIN_RET_VM (git-fixes). +- commit 7f39f56 + +- x86/cpu: Cleanup the untrain mess (git-fixes). +- commit 13632c3 + +- objtool/x86: Fixup frame-pointer vs rethunk (git-fixes). +- commit 522332f + +- objtool: Union instruction::{call_dest,jump_table} (git-fixes). +- commit d5ea86a + +- x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (git-fixes). +- commit 847a96f + +- xfrm: add NULL check in xfrm_update_ae_params (bsc#1213666 + CVE-2023-3772). +- commit 9e44d01 + +- x86/cpu: Rename original retbleed methods (git-fixes). +- commit 81c5e75 + +- x86/cpu: Clean up SRSO return thunk mess (git-fixes). +- commit fa0b815 + +- objtool/x86: Fix SRSO mess (git-fixes). +- commit 8bf5635 + +- x86/alternative: Make custom return thunk unconditional (git-fixes). +- commit a446ea5 + +- x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (git-fixes). +- commit 06974c4 + +- x86/cpu: Fix __x86_return_thunk symbol type (git-fixes). +- commit 086adb4 + +- x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT (git-fixes). +- commit 9392b3c + +- x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (git-fixes). +- commit 99556d6 + +- x86/srso: Disable the mitigation on unaffected configurations (git-fixes). +- commit af52734 + +- x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (git-fixes). +- commit 43e1da9 + +- x86/srso: Fix build breakage with the LLVM linker (git-fixes). +- commit 7af6810 + +- powerpc/rtas_flash: allow user copy to flash block cache objects + (bsc#1194869). +- commit 0fccbf5 + +- i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue + (git-fixes). +- i2c: hisi: Only handle the interrupt of the driver's transfer + (git-fixes). +- i2c: designware: Correct length byte validation logic + (git-fixes). +- fbdev: mmp: fix value check in mmphw_probe() (git-fixes). +- commit 5738f62 + +- supported.conf: fix typos for -!optional markers +- commit a15b83f + +- drm/i915/sdvo: fix panel_type initialization (git-fixes). +- commit af00eea + +- ALSA: hda/realtek - Remodified 3k pull low procedure + (git-fixes). +- ASoC: meson: axg-tdm-formatter: fix channel slot allocation + (git-fixes). +- ASoC: lower "no backend DAIs enabled for ... Port" log severity + (git-fixes). +- ASoC: rt5665: add missed regulator_bulk_disable (git-fixes). +- ALSA: hda/cs8409: Support new Dell Dolphin Variants (git-fixes). +- ALSA: hda/realtek: Switch Dell Oasis models to use SPI + (git-fixes). +- ALSA: hda/realtek: Add quirks for HP G11 Laptops (git-fixes). +- ALSA: usb-audio: Add support for Mythware XA001AU capture and + playback interfaces (git-fixes). +- mmc: wbsd: fix double mmc_free_host() in wbsd_init() + (git-fixes). +- mmc: block: Fix in_flight[issue_type] value error (git-fixes). +- arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict + (git-fixes). +- bus: ti-sysc: Flush posted write on enable before reset + (git-fixes). +- arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 + (git-fixes). +- soc: aspeed: socinfo: Add kfree for kstrdup (git-fixes). +- net: phy: broadcom: stub c45 read/write for 54810 (git-fixes). +- selftests: mirror_gre_changes: Tighten up the TTL test match + (git-fixes). +- net: phy: fix IRQ-based wake-on-lan over hibernate / power off + (git-fixes). +- drm/panel: simple: Fix AUO G121EAN01 panel timings according + to the docs (git-fixes). +- commit a48515a + +- Update config files. Drop the dpt_i2o kernel module. + For: jsc#PED-4579, CVE-2023-2007 +- commit f332a85 + +- mkspec: Allow unsupported KMPs (bsc#1214386) +- commit 55d8b82 + +- libceph: fix potential hang in ceph_osdc_notify() (bsc#1214393). +- ceph: defer stopping mdsc delayed_work (bsc#1214392). +- commit 722c601 + +- check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). + gcc7 on SLE 15 does not support this while later gcc does. +- commit 5b41c27 + +- s390/purgatory: disable branch profiling (git-fixes + bsc#1214372). +- commit 28f91ce + +- scsi: zfcp: Defer fc_rport blocking until after ADISC response + (git-fixes bsc#1214371). +- commit 5ac3747 + +- KVM: s390: fix sthyi error handling (git-fixes bsc#1214370). +- commit 3711e45 + +- module: avoid allocation if module is already present and ready + (bsc#1213921). +- commit d1f96fc + +- module: move check_modinfo() early to early_mod_check() + (bsc#1213921). +- commit f1bebb1 + +- module: move early sanity checks into a helper (bsc#1213921). +- commit 77019ff + +- module: extract patient module check into helper (bsc#1213921). +- commit 8edb1c8 + +- powerpc/kexec: Fix build failure from uninitialised variable + (bsc#1212091 ltc#199106). +- powerpc/64e: Fix kexec build error (bsc#1212091 ltc#199106). +- Refresh patches.suse/powerpc-Take-in-account-addition-CPU-node-when-build.patch +- Refresh patches.suse/powerpc-kexec_file-fix-implicit-decl-error.patch +- commit c8f4ed0 + +- Update + patches.suse/net-vmxnet3-fix-possible-use-after-free-bugs-in-vmxn.patch + (bsc#1200431 bsc#1214350 CVE-2023-4387). + Added CVE reference. +- commit 8897012 + +- module: avoid allocation if module is already present and ready + (bsc#1213921). +- commit a42ca12 + +- module: move check_modinfo() early to early_mod_check() + (bsc#1213921). +- commit b97680b + +- module: move early sanity checks into a helper (bsc#1213921). +- commit d4f0452 + +- Update config files. + run_oldconfig.sh +- CONFIG_NVME_VERBOSE_ERRORS=y gone with a82baa8083b +- CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 gone with 7e152d55123 +- commit 7a11d4b + +- module: extract patient module check into helper (bsc#1213921). +- commit de545b1 + +- Enable Analog Devices Industrial Ethernet PHY driver (jsc#PED-4759) +- commit 63c2b4e + +- net: mana: Fix MANA VF unload when hardware is unresponsive + (git-fixes). +- iavf: fix potential races for FDIR filters (git-fixes). +- ice: Fix RDMA VSI removal during queue rebuild (git-fixes). +- qed: Fix scheduling in a tasklet while getting stats + (git-fixes). +- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() + (git-fixes). +- ice: Fix memory management in ice_ethtool_fdir.c (git-fixes). +- net: hns3: fix wrong bw weight of disabled tc issue (git-fixes). +- ice: Fix max_rate check while configuring TX rate limits + (git-fixes). +- commit 66cd4bc + +- powerpc/iommu: Fix iommu_table_in_use for a small default DMA + window case (bsc#1212091 ltc#199106). +- powerpc/kernel/iommu: Add new iommu_table_in_use() helper + (bsc#1212091 ltc#199106). +- powerpc/iommu: don't set failed sg dma_address to + DMA_MAPPING_ERROR (bsc#1212091 ltc#199106). +- powerpc/iommu: return error code from .map_sg() ops (bsc#1212091 + ltc#199106). +- commit 63fd00c + +- drm/amd/display: trigger timing sync only if TG is running + (git-fixes). +- commit efc7084 + +- drm/amd/display: Retain phantom plane/stream if validation fails + (git-fixes). +- Refresh + patches.suse/drm-amd-display-filter-out-invalid-bits-in-pipe_fuse.patch. +- commit 7b85ac2 + +- drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (git-fixes). +- drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues + (git-fixes). +- drm/amd/pm: avoid unintentional shutdown due to temperature + momentary fluctuation (git-fixes). +- drm/amd/pm: expose swctf threshold setting for legacy powerplay + (git-fixes). +- drm/amd/display: limit DPIA link rate to HBR3 (git-fixes). +- drm/amd/pm/smu7: move variables to where they are used + (git-fixes). +- drm/amd/pm: fulfill powerplay peak profiling mode shader/memory + clock settings (git-fixes). +- drm/amd/pm: fulfill swsmu peak profiling mode shader/memory + clock settings (git-fixes). +- drm/amd/display: trigger timing sync only if TG is running + (git-fixes). +- drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set + (git-fixes). +- drm/amd/display: Disable phantom OTG after enable for plane + disable (git-fixes). +- drm/amd/display: Use update plane and stream routine for DCN32x + (git-fixes). +- commit d699896 + +- misc: rtsx: judge ASPM Mode to set PETXCFG Reg (git-fixes). +- drm/nouveau/gr: enable memory loads on helper invocation on + all channels (git-fixes). +- commit 8a7a168 + +- kernel-binary: Common dependencies cleanup + Common dependencies are copied to a subpackage, there is no need for + copying defines or build dependencies there. +- commit 254b03c + +- kernel-binary: Drop code for kerntypes support + Kerntypes was a SUSE-specific feature dropped before SLE 12. +- commit 2c37773 + +- ACPI/IORT: Update SMMUv3 DeviceID support (bsc#1214305). +- commit 4628976 + +- net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + (git-fixes). +- commit 9c04620 + +- powerpc/iommu: TCEs are incorrectly manipulated with DLPAR + add/remove of memory (bsc#1212091 ltc#199106). +- powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV + device (bsc#1212091 ltc#199106). +- pseries/iommu/ddw: Fix kdump to work in absence of + ibm,dma-window (bsc#1214297 ltc#197503). +- powerpc/pseries/iommu: Print ibm,query-pe-dma-windows parameters + (bsc#1212091 ltc#199106). +- powerpc: fix typos in comments (bsc#1212091 ltc#199106). +- powerpc/pseries: Add __init attribute to eligible functions + (bsc#1212091 ltc#199106). +- powerpc/pseries/ddw: Do not try direct mapping with persistent + memory and one window (bsc#1212091 ltc#199106). +- powerpc/pseries/ddw: simplify enable_ddw() (bsc#1212091 + ltc#199106). +- powerpc/pseries/iommu: Add of_node_put() before break + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Create huge DMA window if no MMIO32 is + present (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Check if the default window in use + before removing it (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Use correct vfree for it_map (bsc#1212091 + ltc#199106). +- powerpc/pseries/iommu: Rename "direct window" to "dma window" + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Make use of DDW for indirect mapping + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Find existing DDW with given property + name (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Update remove_dma_window() to accept + property name (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Reorganize iommu_table_setparms*() + with new helper (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add ddw_property_create() and refactor + enable_ddw() (bsc#1212091 ltc#199106). + Refresh patches.suse/powerps-pseries-dma-Add-support-for-2M-IOMMU-page-si.patch +- powerpc/pseries/iommu: Allow DDW windows starting at 0x00 + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add ddw_list_new_entry() helper + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add iommu_pseries_alloc_table() helper + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Replace hard-coded page shift + (bsc#1212091 ltc#199106). + Refresh patches.suse/powerpc-iommu-Limit-number-of-TCEs-to-512-for-H_STUF.patch +- commit 4f11eef + +- powerpc/mm/altmap: Fix altmap boundary check (bsc#1120059 + git-fixes). +- commit f722e3b + +- bnx2x: fix page fault following EEH recovery (bsc#1214299). +- commit f8a9432 + +- target_core_rbd: fix leak and reduce kmalloc calls + (bsc#1212873). +- target_core_rbd: fix rbd_img_request.snap_id assignment + (bsc#1212857). +- target_core_rbd: remove snapshot existence validation code + (bsc#1212857). +- file: reinstate f_pos locking optimization for regular files + (bsc#1213759). +- commit 0469dd9 + +- net: ieee802154: at86rf230: Stop leaking skb's (git-fixes). +- commit 3d175df + +- mlxsw: pci: Add shutdown method in PCI driver (git-fixes). +- commit d9c79ec + +- blacklist.conf: add drivers/net/ethernet/renesas/ drivers +- commit 0c8d3f5 + +- sfc: fix crash when reading stats while NIC is resetting + (git-fixes). +- commit 61c7a4c + +- ice: Fix crash by keep old cfg when update TCs more than queues + (git-fixes). +- commit 4e80ce2 + +- powerpc/pseries: Honour current SMT state when DLPAR onlining + CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 + ltc#200161 ltc#200588). + Update config files. +- powerpc/pseries: Initialise CPU hotplug callbacks earlier + (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Allow enabling partial SMT states via sysfs + (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Remove topology_smt_supported() (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Store the current/max number of threads (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- commit 8bd8972 + +- sched/psi: use kernfs polling functions for PSI trigger polling + (bsc#1209799). +- commit 4477665 + +- md/raid0: Fix performance regression for large sequential writes + (bsc#1213916). +- md/raid0: Factor out helper for mapping and submitting a bio + (bsc#1213916). +- commit d85264e + +- drm/nouveau/disp: fix use-after-free in error handling of + nouveau_connector_create (bsc#1214073). +- commit 4e5fad7 + +- ceph: don't check for quotas on MDS stray dirs (bsc#1214238). +- commit dcb3418 + +- iommu/dma: Fix incorrect error return on iommu deferred attach + (git-fixes). +- Refresh patches.suse/iommu-dma-Fix-arch_sync_dma-for-map.patch. +- Refresh + patches.suse/iommu-dma-check-config_swiotlb-more-broadly. +- commit c7a880f + +- iommu/dma: return error code from iommu_dma_map_sg() + (git-fixes). +- Refresh patches.suse/iommu-dma-Fix-arch_sync_dma-for-map.patch. +- Refresh + patches.suse/iommu-dma-check-config_swiotlb-more-broadly. +- commit 5d989c6 + +- iommu/amd: Fix pci device refcount leak in ppr_notifier() + (git-fixes). +- iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and + ivrs_acpihid options (git-fixes). +- iommu/amd: Fix ivrs_acpihid cmdline parsing code (git-fixes). +- iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() + (git-fixes). +- iommu/rockchip: fix permission bits in page table entries v2 + (git-fixes). +- iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (git-fixes). +- iommu/sun50i: Implement .iotlb_sync_map (git-fixes). +- iommu/sun50i: Fix flush size (git-fixes). +- iommu/sun50i: Fix R/W permission check (git-fixes). +- iommu/sun50i: Consider all fault sources for reset (git-fixes). +- iommu/sun50i: Fix reset release (git-fixes). +- iommu/vt-d: Fix PCI device refcount leak in + dmar_dev_scope_init() (git-fixes). +- iommu/vt-d: Fix PCI device refcount leak in has_external_pci() + (git-fixes). +- iommu/vt-d: Set SRE bit only when hardware has SRS cap + (git-fixes). +- iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging + entries (git-fixes). +- iommu/vt-d: Clean up si_domain in the init_dmars() error path + (git-fixes). +- iommu/iova: Fix module config properly (git-fixes). +- iommu/omap: Fix buffer overflow in debugfs (git-fixes). +- iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT + device to identity (git-fixes). +- iommu/vt-d: Check correct capability for sagaw determination + (git-fixes). +- iommu/vt-d: Correctly calculate sagaw value of IOMMU + (git-fixes). +- iommu/vt-d: Fix kdump kernels boot failure with scalable mode + (git-fixes). +- iommu/amd: use full 64-bit value in build_completion_wait() + (git-fixes). +- iommu/amd: Fix compile warning in init code (git-fixes). +- iommu/amd: Add PCI segment support for ivrs_ commands + (git-fixes). +- iommu/io-pgtable-arm-v7s: Add a quirk to allow pgtable PA up + to 35bit (git-fixes). +- iommu/dma: Fix iova map result check bug (git-fixes). +- iommu/arm-smmu-v3: check return value after calling + platform_get_resource() (git-fixes). +- iommu/arm-smmu: fix possible null-ptr-deref in + arm_smmu_device_probe() (git-fixes). +- iommu/vt-d: Add RPLS to quirk list to skip TE disabling + (git-fixes). +- iommu/arm-smmu-v3: fix event handling soft lockup (git-fixes). +- iommu/dart: Initialize DART_STREAMS_ENABLE (git-fixes). +- commit b73aa3b + +- iommu/mediatek: Set dma_mask for PGTABLE_PA_35_EN (git-fixes). +- iommu/amd: Do not identity map v2 capable device when snp is + enabled (git-fixes). +- iommu/s390: Fix duplicate domain attachments (git-fixes). +- iommu/mediatek: Validate number of phandles associated with + "mediatek,larbs" (git-fixes). +- iommu/mediatek: Add error path for loop of mm_dts_parse + (git-fixes). +- iommu/mediatek: Use component_match_add (git-fixes). +- iommu/mediatek: Add platform_device_put for recovering the + device refcnt (git-fixes). +- iommu/mediatek: Check return value after calling + platform_get_resource() (git-fixes). +- commit 7224acf + +- iommu/amd: Add map/unmap_pages() iommu_domain_ops callback + support (bsc#1212423). +- iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops + callback (bsc#1212423). +- iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops + callback (bsc#1212423). +- commit c0cd652 + +- nvme-rdma: fix potential unbalanced freeze & unfreeze + (bsc#1208902). +- nvme-tcp: fix potential unbalanced freeze & unfreeze + (bsc#1208902). +- commit 2d8bf94 + +- x86/mce: Make sure logged MCEs are processed after sysfs update (git-fixes). +- commit 64aa9ec + +- x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (git-fixes). +- commit b1259cb + +- blacklist.conf: Blacklist useless doc patch +- commit be8f79d + +- x86/speculation: Add cpu_show_gds() prototype (git-fixes). +- commit edd5557 + +- fs/sysv: Null check to prevent null-ptr-deref bug (git-fixes). +- commit ae6500e + +- iio: cros_ec: Fix the allocation size for cros_ec_command + (git-fixes). +- iio: adc: ina2xx: avoid NULL pointer dereference on OF device + match (git-fixes). +- usb: dwc3: Properly handle processing of pending events + (git-fixes). +- usb-storage: alauda: Fix uninit-value in alauda_check_media() + (git-fixes). +- usb: common: usb-conn-gpio: Prevent bailing out if initial + role is none (git-fixes). +- usb: typec: altmodes/displayport: Signal hpd when configuring + pin assignment (git-fixes). +- usb: typec: tcpm: Fix response to vsafe0V event (git-fixes). +- commit d86b205 + +- netfilter: KABI workaround for CVE-2023-3610 bsc#1213580 + (git-fixes). +- commit b3532ef + +- netfilter: nf_tables: fix chain binding transaction logic + (bsc#1213580 CVE-2023-3610). +- commit e6eb926 + +- Refresh + patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch. +- commit 60482d4 + +- netfilter: KABI workaround for CVE-2023-3610 bsc#1213580 + (git-fixes). +- commit ecae123 + +- netfilter: nf_tables: fix chain binding transaction logic + (bsc#1213580 CVE-2023-3610). +- commit 12da4f7 + +- drm/amd: Disable S/G for APUs when 64GB or more host memory + (git-fixes). +- drm/amdgpu: add S/G display parameter (git-fixes). +- commit 5f61fab + +- drm/amdgpu: Remove unnecessary domain argument (git-fixes). +- commit d154fc5 + +- drm/amd/display: Ensure that planes are in the same order + (git-fixes). +- drm/amdgpu: add vram reservation based on + vram_usagebyfirmware_v2_2 (git-fixes). +- commit f3e97e4 + +- hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for + pfe1100 (git-fixes). +- nilfs2: fix use-after-free of nilfs_root in dirtying inodes + via iput (git-fixes). +- drm/amd/display: check attr flag before set cursor degamma on + DCN3+ (git-fixes). +- drm/shmem-helper: Reset vma->vm_ops before calling + dma_buf_mmap() (git-fixes). +- drm/rockchip: Don't spam logs in atomic check (git-fixes). +- drm/nouveau/disp: Revert a NULL check inside + nouveau_connector_get_modes (git-fixes). +- arm64: dts: imx8mn-var-som: add missing pull-up for onboard + PHY reset pinmux (git-fixes). +- soundwire: fix enumeration completion (git-fixes). +- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb + (git-fixes). +- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb + (git-fixes). +- selftests/rseq: check if libc rseq support is registered + (git-fixes). +- soundwire: bus: pm_runtime_request_resume on peripheral + attachment (git-fixes). +- commit 1f8ce0d + +- net/sched: cls_route: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- net/sched: cls_fw: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- net/sched: cls_u32: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- commit 9904c3b + +- ceph: never send metrics if disable_send_metrics is set + (bsc#1214180). +- commit 32f3ae7 + +- wifi: cfg80211: fix sband iftype data lookup for AP_VLAN + (git-fixes). +- selftests: forwarding: tc_flower: Relax success criterion + (git-fixes). +- selftests: forwarding: ethtool_extended_state: Skip when using + veth pairs (git-fixes). +- selftests: forwarding: ethtool: Skip when using veth pairs + (git-fixes). +- selftests: forwarding: Add a helper to skip test when using + veth pairs (git-fixes). +- selftests: forwarding: Switch off timeout (git-fixes). +- selftests: forwarding: Skip test when no interfaces are + specified (git-fixes). +- net: phy: at803x: remove set/get wol callbacks for AR8032 + (git-fixes). +- dmaengine: pl330: Return DMA_PAUSED when transaction is paused + (git-fixes). +- dmaengine: mcf-edma: Fix a potential un-allocated memory access + (git-fixes). +- commit b70a6bf + +- blacklist.conf: Blacklist useless doc fix +- commit 685dbed + +- exfat: check if filename entries exceeds max filename length + (bsc#1214120 CVE-2023-4273). +- commit b7e68de + +- x86/srso: Fix return thunks in generated code (git-fixes). +- commit b4d125e + +- Refresh patches.suse/kvm-add-gds_no-support-to-kvm.patch. +- Refresh + patches.suse/x86-speculation-add-force-option-to-gds-mitigation.patch. +- Refresh + patches.suse/x86-speculation-add-gather-data-sampling-mitigation.patch. +- Refresh + patches.suse/x86-speculation-add-kconfig-option-for-gds.patch. +- Refresh + patches.suse/x86-srso-add-a-speculative-ras-overflow-mitigation.patch. +- Refresh patches.suse/x86-srso-add-srso_no-support.patch. + Sort latest set of security vulnerabilities according to upstream order. +- commit 4a12398 + +- tracing/histograms: Return an error if we fail to add histogram + to hist_vars list (git-fixes). +- commit d08da8a + +- Drop cfg80211 lock fix patches that caused a regression (bsc#1213757) + Deleted: + patches.suse/wifi-cfg80211-fix-locking-in-regulatory-disconnect.patch + patches.suse/wifi-cfg80211-fix-locking-in-sched-scan-stop-work.patch +- commit f824698 + +- netfilter: nf_tables: disallow rule addition to bound chain + via NFTA_RULE_CHAIN_ID (CVE-2023-4147 bsc#1213968). +- commit c0bb265 + +- cxgb4: fix use after free bugs caused by circular dependency + problem (bsc#1213970 CVE-2023-4133). +- timers: Provide timer_shutdown[_sync]() (bsc#1213970). +- timers: Add shutdown mechanism to the internal functions + (bsc#1213970). +- timers: Split [try_to_]del_timer[_sync]() to prepare for + shutdown mode (bsc#1213970). +- timers: Silently ignore timers with a NULL function + (bsc#1213970). +- timers: Rename del_timer() to timer_delete() (bsc#1213970). +- timers: Rename del_timer_sync() to timer_delete_sync() + (bsc#1213970). +- timers: Use del_timer_sync() even on UP (bsc#1213970). +- timers: Update kernel-doc for various functions (bsc#1213970). +- timers: Replace BUG_ON()s (bsc#1213970). +- clocksource/drivers/sp804: Do not use timer namespace for + timer_shutdown() function (bsc#1213970). +- clocksource/drivers/arm_arch_timer: Do not use timer namespace + for timer_shutdown() function (bsc#1213970). +- ARM: spear: Do not use timer namespace for timer_shutdown() + function (bsc#1213970). +- commit 0322b50 + +- xen/netback: Fix buffer overrun triggered by unusual packet + (CVE-2023-34319, XSA-432, bsc#1213546). +- commit 6591b03 + +- ubifs: Fix memleak when insert_old_idx() failed (git-fixes). +- commit 2837d15 + +- jffs2: correct logic when creating a hole in jffs2_write_begin + (git-fixes). +- commit f413344 + +- mmc: moxart: read scr register without changing byte order + (git-fixes). +- commit 12e8704 + +- cifs: update internal module version number for cifs.ko + (bsc#1193629). +- commit ade2a6e + +- smb: client: fix dfs link mount against w2k8 (bsc#1212142). +- commit 2f90082 + +- cifs: add missing return value check for cifs_sb_tlink + (bsc#1193629). +- commit a08c7b4 + +- smb3: do not set NTLMSSP_VERSION flag for negotiate not auth + request (bsc#1193629). +- commit 1b17674 + +- cifs: allow dumping keys for directories too (bsc#1193629). +- commit e7fda39 + +- cifs: fix mid leak during reconnection after timeout threshold + (git-fixes). +- commit 30d4c82 + +- cifs: is_network_name_deleted should return a bool + (bsc#1193629). +- commit 85c6bb9 + +- smb: client: Fix -Wstringop-overflow issues (bsc#1193629). +- commit 37f3408 + +- cifs: if deferred close is disabled then close files immediately + (git-fixes). +- commit 1cd51c4 + +- SMB3: Do not send lease break acknowledgment if all file + handles have been closed (git-fixes). +- commit 68ee604 + +- fprobe: add unlock to match a succeeded + ftrace_test_recursion_trylock (git-fixes). +- commit adbdcc7 + +- fprobe: Release rethook after the ftrace_ops is unregistered + (git-fixes). +- commit 3548d7c + +- net: tun_chr_open(): set sk_uid from current_fsuid() + (CVE-2023-4194 bsc#1214019). +- commit b6c8070 + +- net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194 + bsc#1214019). +- commit d59e993 + +- tracing/probes: Fix to avoid double count of the string length + on the array (git-fixes). +- commit 24b5022 + +- blacklist.conf: add tracing patches implementing new functionality +- commit 1e7f3cf + +- tracing/probes: Fix to record 0-length data_loc in + fetch_store_string*() if fails (git-fixes). +- commit c96ae0e + +- Revert "tracing: Add "(fault)" name injection to kernel probes" + (git-fixes). +- commit 658fc31 + +- bpf: Disable preemption in bpf_event_output (git-fixes). +- commit 21194b8 + +- tracing: Fix warning in trace_buffered_event_disable() + (git-fixes). +- commit 9a84de4 + +- ring-buffer: Fix wrong stat of cpu_buffer->read (git-fixes). +- commit 9c2f42a + +- tracing/probes: Fix to update dynamic data counter if fetcharg + uses it (git-fixes). +- commit a5e8186 + +- tracing/probes: Fix not to count error code to total length + (git-fixes). +- commit 1fa72f4 + +- tracing: Fix memory leak of iter->temp when reading trace_pipe + (git-fixes). +- commit 6f343ba + +- tracing/histograms: Add histograms to hist_vars if they have + referenced variables (git-fixes). +- commit 17940e8 + +- ftrace: Fix possible warning on checking all pages used in + ftrace_process_locs() (git-fixes). +- commit 825cbd9 + +- ring-buffer: Fix deadloop issue on reading trace_pipe + (git-fixes). +- commit fc2b8fe + +- tracing: Fix null pointer dereference in tracing_err_log_open() + (git-fixes). +- commit 498fa96 + +- README.BRANCH: Add Miroslav Franc as a SLE15-SP4 co-maintainer. +- commit 3b7c83a + +- nfsd: Remove incorrect check in nfsd4_validate_stateid + (git-fixes). +- commit 2cc1911 + +- blacklist.conf: add a cleanup +- commit 976e622 + +- drm/i915: Fix premature release of request's reusable memory + (git-fixes). +- commit a19a4b2 + +- mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() + (git-fixes). +- mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts + (git-fixes). +- mtd: rawnand: rockchip: fix oobfree offset and description + (git-fixes). +- mtd: rawnand: omap_elm: Fix incorrect type in assignment + (git-fixes). +- mtd: spinand: toshiba: Fix ecc_get_status (git-fixes). +- drm/ttm: check null pointer before accessing when swapping + (git-fixes). +- commit 6d64757 + +- exfat: release s_lock before calling dir_emit() (bsc#1214000). +- exfat: fix unexpected EOF while reading dir (bsc#1214000). +- exfat_iterate(): don't open-code file_inode(file) (bsc#1214000). +- commit 00dff49 + +- blacklist.conf: Add 3b8abb323953 mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() +- commit 3ae175c + +- blacklist.conf: Add 9ec272c586b0 watchdog/hardlockup: keep kernel.nmi_watchdog sysctl as 0444 if probe fails +- commit ff37424 + +- net: stmmac: tegra: Properly allocate clock bulk data (bsc#1213733) +- commit f38b73b + +- netfs: Fix missing xas_retry() calls in xarray iteration + (bsc#1213946 bsc#1214404). +- netfs: Fix missing xas_retry() calls in xarray iteration + (bsc#1213946). +- commit e7bc55c + +- wifi: cfg80211: Fix return value in scan logic (git-fixes). +- wifi: mt76: mt7615: do not advertise 5 GHz on first phy of + MT7615D (DBDC) (git-fixes). +- USB: zaurus: Add ID for A-300/B-500/C-700 (git-fixes). +- firmware: arm_scmi: Drop OF node reference in the transport + channel setup (git-fixes). +- USB: gadget: Fix the memory leak in raw_gadget driver + (git-fixes). +- USB: quirks: add quirk for Focusrite Scarlett (git-fixes). +- usb: ohci-at91: Fix the unhandle interrupt when resume + (git-fixes). +- USB: serial: simple: sort driver entries (git-fixes). +- USB: serial: simple: add Kaufmann RKS+CAN VCP (git-fixes). +- USB: serial: option: add Quectel EC200A module support + (git-fixes). +- USB: serial: option: support Quectel EM060K_128 (git-fixes). +- phy: qcom-snps-femto-v2: properly enable ref clock (git-fixes). +- phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during + runtime suspend (git-fixes). +- gpio: mvebu: fix irq domain leak (git-fixes). +- gpio: mvebu: Make use of devm_pwmchip_add (git-fixes). +- gpio: tps68470: Make tps68470_gpio_output() always set the + initial value (git-fixes). +- drm/ttm: never consider pinned BOs for eviction&swap + (git-fixes). +- i2c: nomadik: Remove a useless call in the remove function + (git-fixes). +- pwm: meson: fix handling of period/duty if greater than UINT_MAX + (git-fixes). +- i2c: nomadik: Use devm_clk_get_enabled() (git-fixes). +- i2c: nomadik: Remove unnecessary goto label (git-fixes). +- i2c: Improve size determinations (git-fixes). +- i2c: Delete error messages for failed memory allocations + (git-fixes). +- PCI: rockchip: Remove writes to unused registers (git-fixes). +- PCI/ASPM: Avoid link retraining race (git-fixes). +- PCI/ASPM: Factor out pcie_wait_for_retrain() (git-fixes). +- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() + (git-fixes). +- phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc + (git-fixes). +- ACPI: processor: perflib: Avoid updating frequency QoS + unnecessarily (git-fixes). +- ACPI: processor: perflib: Use the "no limit" frequency QoS + (git-fixes). +- pwm: Add a stub for devm_pwmchip_add() (git-fixes). +- phy: qcom-snps: Use dev_err_probe() to simplify code + (git-fixes). +- pwm: meson: Simplify duplicated per-channel tracking + (git-fixes). +- commit f6445d7 + +- Input: exc3000 - properly stop timer on shutdown (git-fixes). +- commit 0eb1518 + +- powerpc/security: Fix Speculation_Store_Bypass reporting on + Power10 (bsc#1188885 ltc#193722 git-fixes). +- commit 298c13e + +- blacklist.conf: Add 3d2af77e31ad blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() +- commit 84acea1 + +- blacklist.conf: Add 6f363f5aa845 cgroup: Do not corrupt task iteration when rebinding subsystem +- commit 71728c0 + +- scsi: core: Improve warning message in scsi_device_block() + (bsc#1209284). +- scsi: core: Don't wait for quiesce in scsi_device_block() + (bsc#1209284). +- scsi: core: Don't wait for quiesce in scsi_stop_queue() + (bsc#1209284). +- scsi: core: Merge scsi_internal_device_block() and + device_block() (bsc#1209284). +- scsi: sg: Increase number of devices (bsc#1210048). +- scsi: bsg: Increase number of devices (bsc#1210048). +- commit 8f3e780 + +- Created new preempt kernel flavor + Configs are cloned from the respective $arch/default configs. All + changed configs appart from CONFIG_PREEMPT->y are a result of + dependencies, namely many lock/unlock primitives are no longer + inlined in the preempt kernel. TREE_RCU has been also changed to + PREEMPT_RCU which is the default implementation for PREEMPT kernel. -- commit f994874 +- commit ba6a3b0 kernel-kvmsmall +- Update References + patches.suse/Bluetooth-L2CAP-Fix-use-after-free-in-l2cap_sock_rea.patch + (git-fixes bsc#1214233 CVE-2023-40283). +- commit 63a801c + +- powerpc/rtas: mandate RTAS syscall filtering (bsc#1023051). +- commit ac82be8 + +- Refresh sorted section +- commit a6fbcee + +- netfilter: nf_tables: use correct lock to protect gc_list + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: GC transaction race with abort path + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: GC transaction race with netns dismantle + (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: fix GC transaction races with netns and + netlink event exit path (CVE-2023-4563 bsc#1214727). +- netfilter: nf_tables: fix kdoc warnings after gc rework + (CVE-2023-4563 bsc#1214727). +- refresh + - patches.kabi/kabi-hide-changes-in-struct-nft_set.patch +- kabi: hide changes in struct nft_set (CVE-2023-4563 + bsc#1214727). +- netfilter: nf_tables: GC transaction API to avoid race with + control plane (CVE-2023-4563 bsc#1214727). +- commit cfed41c + +- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (git-fixes). +- commit 47ff352 + +- "drm/vmwgfx: Remove rcu locks from user resources" (bsc#1203329 CVE-2022-40133 bsc#1203330 CVE-2022-38457) + This patch also fixes two CVEs. Update the References tag accordingly. +- commit 552e790 + +- s390/ipl: add missing secure/has_secure file to ipl type + 'unknown' (bsc#1214976). +- commit 33974e8 + +- cpufreq: Fix the race condition while updating the + transition_task of policy (git-fixes). +- rpmsg: glink: Add check for kstrdup (git-fixes). +- leds: turris-omnia: Drop unnecessary mutex locking (git-fixes). +- leds: trigger: tty: Do not use LED_ON/OFF constants, use + led_blink_set_oneshot instead (git-fixes). +- leds: Fix BUG_ON check for LED_COLOR_ID_MULTI that is always + false (git-fixes). +- leds: multicolor: Use rounded division when calculating color + components (git-fixes). +- leds: pwm: Fix error code in led_pwm_create_fwnode() + (git-fixes). +- docs: printk-formats: Fix hex printing of signed values + (git-fixes). +- commit 1c98d58 + +- sched/fair: Use recent_used_cpu to test p->cpus_ptr (git fixes). +- sched/fair: Fix inaccurate tally of ttwu_move_affine (git + fixes). +- commit 4be7d48 + +- USB: core: Fix oversight in SuperSpeed initialization + (bsc#1213123 CVE-2023-37453). +- commit 6b6c148 + +- blacklist.conf: Not a fix, relatively high risk of performance regression +- commit fd04425 + +- USB: core: Fix race by not overwriting udev->descriptor in + hub_port_init() (bsc#1213123 CVE-2023-37453). +- commit a1f446d + +- USB: core: Unite old scheme and new scheme descriptor reads + (bsc#1213123 CVE-2023-37453). +- commit 9f60ef1 + +- Refresh + patches.suse/0002-nvme-tcp-fix-potential-unbalanced-freeze-unfreeze.patch. +- Refresh + patches.suse/0003-nvme-rdma-fix-potential-unbalanced-freeze-unfreeze.patch. +- commit 452e63f + +- scsi: RDMA/srp: Fix residual handling (git-fixes) +- commit 429e77b + +- RDMA/efa: Fix wrong resources deallocation order (git-fixes) +- commit c7f667b + +- RDMA/siw: Correct wrong debug message (git-fixes) +- commit 3732fc1 + +- RDMA/siw: Balance the reference of cep->kref in the error path (git-fixes) +- commit 9281d22 + +- Revert "IB/isert: Fix incorrect release of isert connection" (git-fixes) +- commit 1b277c9 + +- RDMA/irdma: Prevent zero-length STAG registration (git-fixes) +- commit e55bab1 + +- IB/uverbs: Fix an potential error pointer dereference (git-fixes) +- commit 0e5f5fb + +- RDMA/hns: Fix CQ and QP cache affinity (git-fixes) +- commit fee7fe7 + +- RDMA/hns: Fix incorrect post-send with direct wqe of wr-list (git-fixes) +- commit 988bb43 + +- RDMA/hns: Fix port active speed (git-fixes) +- commit f1ca0f2 + +- RDMA/bnxt_re: Fix max_qp count for virtual functions (git-fixes) +- commit dd0f3ab + +- RDMA/irdma: Replace one-element array with flexible-array member (git-fixes) +- commit e8addea + +- RDMA/qedr: Remove a duplicate assignment in irdma_query_ah() (git-fixes) +- commit c2623e0 + +- RDMA/bnxt_re: Fix error handling in probe failure path (git-fixes) +- commit c6f50a4 + +- IB/hfi1: Fix possible panic during hotplug remove (git-fixes) +- commit 632a598 + +- RDMA/umem: Set iova in ODP flow (git-fixes) +- commit ec8b3f4 + +- RDMA/mlx5: Return the firmware result upon destroying QP/RQ (git-fixes) +- commit 1ff5e5f + +- bus: mhi: host: Skip MHI reset if device is in RDDM (git-fixes). +- fsi: master-ast-cf: Add MODULE_FIRMWARE macro (git-fixes). +- fsi: aspeed: Reset master errors after CFAM reset (git-fixes). +- commit 643257d + +- dmaengine: ste_dma40: Add missing IRQ check in d40_probe + (git-fixes). +- dmaengine: idxd: Modify the dependence of attribute + pasid_enabled (git-fixes). +- phy/rockchip: inno-hdmi: do not power on rk3328 post pll on + reg write (git-fixes). +- phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 + recalc_rate (git-fixes). +- phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328 + (git-fixes). +- mtd: rawnand: fsmc: handle clk prepare error in + fsmc_nand_resume() (git-fixes). +- mtd: rawnand: brcmnand: Fix mtd oobsize (git-fixes). +- mtd: rawnand: brcmnand: Fix potential out-of-bounds access in + oob write (git-fixes). +- mtd: rawnand: brcmnand: Fix crash during the panic_write + (git-fixes). +- mtd: rawnand: brcmnand: Fix potential false time out warning + (git-fixes). +- mtd: spi-nor: Check bus width while setting QE bit (git-fixes). +- HID: wacom: remove the battery when the EKR is off (git-fixes). +- HID: logitech-dj: Fix error handling in + logi_dj_recv_switch_to_dj_mode() (git-fixes). +- HID: multitouch: Correct devm device reference for hidinput + input_dev name (git-fixes). +- media: i2c: rdacm21: Fix uninitialized value (git-fixes). +- media: i2c: ccs: Check rules is non-NULL (git-fixes). +- media: ov2680: Fix regulators being left enabled on + ov2680_power_on() errors (git-fixes). +- media: ov2680: Fix ov2680_set_fmt() which == + V4L2_SUBDEV_FORMAT_TRY not working (git-fixes). +- media: ov2680: Add ov2680_fill_format() helper function + (git-fixes). +- media: ov2680: Don't take the lock for try_fmt calls + (git-fixes). +- media: ov2680: Remove VIDEO_V4L2_SUBDEV_API ifdef-s (git-fixes). +- media: ov2680: Fix vflip / hflip set functions (git-fixes). +- media: ov2680: Fix ov2680_bayer_order() (git-fixes). +- media: ov5640: Enable MIPI interface in ov5640_set_power_mipi() + (git-fixes). +- media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking + interrupts (git-fixes). +- media: venus: hfi_venus: Only consider sys_idle_indicator on V1 + (git-fixes). +- media: go7007: Remove redundant if statement (git-fixes). +- media: rkvdec: increase max supported height for H.264 + (git-fixes). +- media: cx24120: Add retval check for cx24120_message_send() + (git-fixes). +- media: dvb-usb: m920x: Fix a potential memory leak in + m920x_i2c_xfer() (git-fixes). +- media: dib7000p: Fix potential division by zero (git-fixes). +- drivers: usb: smsusb: fix error handling code in + smsusb_init_device (git-fixes). +- media: v4l2-core: Fix a potential resource leak in + v4l2_fwnode_parse_link() (git-fixes). +- media: i2c: tvp5150: check return value of devm_kasprintf() + (git-fixes). +- media: ad5820: Drop unsupported ad5823 from i2c_ and + of_device_id tables (git-fixes). +- fbdev: Update fbdev source file paths (git-fixes). +- amba: bus: fix refcount leak (git-fixes). +- dma-buf/sync_file: Fix docs syntax (git-fixes). +- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe + (git-fixes). +- driver core: test_async: fix an error code (git-fixes). +- Documentation: devices.txt: Fix minors for ttyCPM* (git-fixes). +- Documentation: devices.txt: Remove ttySIOC* (git-fixes). +- Documentation: devices.txt: Remove ttyIOC* (git-fixes). +- serial: sc16is7xx: fix bug when first setting GPIO direction + (git-fixes). +- serial: sc16is7xx: fix broken port 0 uart init (git-fixes). +- serial: tegra: handle clk prepare error in tegra_uart_hw_init() + (git-fixes). +- serial: sprd: Fix DMA buffer leak issue (git-fixes). +- serial: sprd: Assign sprd_port after initialized to avoid + wrong access (git-fixes). +- usb: typec: tcpm: set initial svdm version based on pd revision + (git-fixes). +- usb: dwc3: meson-g12a: do post init to fix broken usb after + resumption (git-fixes). +- USB: gadget: f_mass_storage: Fix unused variable warning + (git-fixes). +- usb: phy: mxs: fix getting wrong state with + mxs_phy_is_otg_host() (git-fixes). +- usb: chipidea: imx: improve logic if samsung,picophy-* parameter + is 0 (git-fixes). +- platform/x86: dell-sysman: Fix reference leak (git-fixes). +- commit 729e789 + +- target: compare and write backend driver sense handling + (bsc#1177719 bsc#1213026). +- Refresh patches.suse/target-rbd-support-COMPARE_AND_WRITE.patch. +- commit a2ae103 + +- clocksource/drivers/hyper-v: Rework clocksource and sched clock setup (bsc#1206453). +- Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (bsc#1206453). +- PCI: hv: Replace retarget_msi_interrupt_params with (bsc#1206453). +- Drivers: hv: vmbus: Remove the per-CPU post_msg_page (bsc#1206453). +- clocksource: hyper-v: make sure Invariant-TSC is used if it is (bsc#1206453). +- PCI: hv: Enable PCI pass-thru devices in Confidential VMs (bsc#1206453). +- Drivers: hv: Don't remap addresses that are above shared_gpa_boundary (bsc#1206453). +- hv_netvsc: Remove second mapping of send and recv buffers (bsc#1206453). +- Drivers: hv: vmbus: Remove second way of mapping ring buffers (bsc#1206453). +- Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages (bsc#1206453). +- swiotlb: Remove bounce buffer remapping for Hyper-V (bsc#1206453). +- x86/hyperv: Change vTOM handling to use standard coco mechanisms (bsc#1206453). +- x86/mm: Handle decryption/re-encryption of bss_decrypted consistently (bsc#1206453). +- Drivers: hv: Explicitly request decrypted in vmap_pfn() calls (bsc#1206453). +- x86/hyperv: Reorder code to facilitate future work (bsc#1206453). +- x86/ioremap: Add hypervisor callback for private MMIO mapping in coco (bsc#1206453). +- x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall() (bsc#1206453). +- x86/tdx: Expand __tdx_hypercall() to handle more arguments (bsc#1206453). +- x86/tdx: Refactor __tdx_hypercall() to allow pass down more arguments (bsc#1206453). +- x86/tdx: Add more registers to struct tdx_hypercall_args (bsc#1206453). +- x86/tdx: Fix typo in comment in __tdx_hypercall() (bsc#1206453). +- Drivers: hv: Enable vmbus driver for nested root partition (bsc#1206453). +- x86/hyperv: Add an interface to do nested hypercalls (bsc#1206453). +- Drivers: hv: Setup synic registers in case of nested root partition (bsc#1206453). +- x86/hyperv: Add support for detecting nested hypervisor (bsc#1206453). +- clocksource: hyper-v: Add TSC page support for root partition (bsc#1206453). +- clocksource: hyper-v: Use TSC PFN getter to map vvar page (bsc#1206453). +- clocksource: hyper-v: Introduce TSC PFN getter (bsc#1206453). +- clocksource: hyper-v: Introduce a pointer to TSC page (bsc#1206453). +- x86/hyperv: Remove BUG_ON() for kmap_local_page() (bsc#1206453). +- x86/hyperv: Replace kmap() with kmap_local_page() (bsc#1206453). +- define more Hyper-V related constants (bsc#1206453). +- commit 7dd2c1c + +- libbpf: Fix btf_dump's packed struct determination (bsc#1211220 + jsc#PED-3924). +- libbpf: Fix single-line struct definition output in btf_dump + (bsc#1211220 jsc#PED-3924). +- commit 7a046db + +- blacklist.conf: add git-fix to skip +- commit 47580cb + +- scsi: snic: Fix double free in snic_tgt_create() (git-fixes). +- commit d711707 + +- libbpf: Fix BTF-to-C converter's padding logic (bsc#1211220 + jsc#PED-3924). +- selftests/bpf: Test btf dump for struct with padding only fields + (bsc#1211220 jsc#PED-3924). +- bpftool: Print newline before '}' for struct with padding only + fields (bsc#1211220 jsc#PED-3924). +- commit 93aeeb8 + +- drm/msm/dpu: fix the irq index in + dpu_encoder_phys_wb_wait_for_commit_done (git-fixes). +- drm/mediatek: Remove freeing not dynamic allocated memory + (git-fixes). +- drm/repaper: Reduce temporary buffer size in repaper_fb_dirty() + (git-fixes). +- drm/amd/display: Do not set drr on pipe commit (git-fixes). +- drm/bridge: anx7625: Use common macros for HDCP capabilities + (git-fixes). +- drm/bridge: anx7625: Use common macros for DP power sequencing + commands (git-fixes). +- drm/mxsfb: Disable overlay plane in + mxsfb_plane_overlay_atomic_disable() (git-fixes). +- drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers + (git-fixes). +- commit cc8e0cf + +- bus: ti-sysc: Fix cast to enum warning (git-fixes). +- commit 586e58b + +- Add cherry-picked if to fbdev patch +- commit 32815f6 + +- ALSA: hda/realtek: Add quirk for mute LEDs on HP ENVY x360 + 15-eu0xxx (git-fixes). +- ALSA: hda/realtek: Add quirk for HP Victus 16-d1xxx to enable + mute LED (git-fixes). +- commit 2c05a9a + +- ALSA: usb-audio: Fix init call orders for UAC1 (git-fixes). +- commit 3ba2db1 + +- PCI: microchip: Remove cast between incompatible function type + (git-fixes). +- PCI: meson: Remove cast between incompatible function type + (git-fixes). +- PCI: microchip: Correct the DED and SEC interrupt bit offsets + (git-fixes). +- PCI: Mark NVIDIA T4 GPUs to avoid bus reset (git-fixes). +- wifi: ath10k: Use RMW accessors for changing LNKCTL (git-fixes). +- wifi: ath11k: Use RMW accessors for changing LNKCTL (git-fixes). +- PCI: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). +- pinctrl: cherryview: fix address_space_handler() argument + (git-fixes). +- pinctrl: mcp23s08: check return value of devm_kasprintf() + (git-fixes). +- ipmi_si: fix a memleak in try_smi_init() (git-fixes). +- ipmi:ssif: Fix a memory leak when scanning for an adapter + (git-fixes). +- ipmi:ssif: Add check for kstrdup (git-fixes). +- firmware: meson_sm: fix to avoid potential NULL pointer + dereference (git-fixes). +- firmware: cs_dsp: Fix new control name check (git-fixes). +- fbdev/ep93xx-fb: Do not assign to struct fb_info.dev + (git-fixes). +- PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() + only for non-root bus (git-fixes). +- PCI: acpiphp: Reassign resources on bridge if necessary + (git-fixes). +- commit 10e5d93 + +- drm/radeon: Use RMW accessors for changing LNKCTL (git-fixes). +- drm/amdgpu: Use RMW accessors for changing LNKCTL (git-fixes). +- dt-bindings: clocks: imx8mp: make sai4 a dummy clock + (git-fixes). +- dt-bindings: clock: xlnx,versal-clk: drop select:false + (git-fixes). +- dt-bindings: crypto: ti,sa2ul: make power-domains conditional + (git-fixes). +- drm/msm/a2xx: Call adreno_gpu_init() earlier (git-fixes). +- drm/msm/mdp5: Don't leak some plane state (git-fixes). +- drm/msm: Update dev core dump to not print backwards + (git-fixes). +- drm/etnaviv: fix dumping of active MMU context (git-fixes). +- drm/amd/pm: fix variable dereferenced issue in + amdgpu_device_attr_create() (git-fixes). +- drm/mediatek: Fix potential memory leak if vmap() fail + (git-fixes). +- drm/mediatek: Fix dereference before null check (git-fixes). +- drm/panel: simple: Add missing connector type and pixel format + for AUO T215HVN01 (git-fixes). +- drm/bridge: fix -Wunused-const-variable= warning (git-fixes). +- drm/armada: Fix off-by-one error in + armada_overlay_get_property() (git-fixes). +- drm/atomic-helper: Update reference to + drm_crtc_force_disable_all() (git-fixes). +- drm/tegra: dpaux: Fix incorrect return value of platform_get_irq + (git-fixes). +- fbdev: fix potential OOB read in fast_imageblit() (git-fixes). +- fbdev: Fix sys_imageblit() for arbitrary image widths + (git-fixes). +- fbdev: Improve performance of sys_imageblit() (git-fixes). +- commit a3652b5 + +- docs: kernel-parameters: Refer to the correct bitmap function + (git-fixes). +- clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src (git-fixes). +- clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src + (git-fixes). +- clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock + (git-fixes). +- clk: qcom: camcc-sc7180: fix async resume during probe + (git-fixes). +- clk: imx: pll14xx: dynamically configure PLL for + 393216000/361267200Hz (git-fixes). +- clk: imx: composite-8m: fix clock pauses when set_rate would + be a no-op (git-fixes). +- clk: imx8mp: fix sai4 clock (git-fixes). +- clk: sunxi-ng: Modify mismatched function name (git-fixes). +- drivers: clk: keystone: Fix parameter judgment in + _of_pll_clk_init() (git-fixes). +- bus: ti-sysc: Fix build warning for 64-bit build (git-fixes). +- ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl + (git-fixes). +- ASoC: tegra: Fix SFC conversion for few rates (git-fixes). +- ALSA: ac97: Fix possible error value of *rac97 (git-fixes). +- ASoC: stac9766: fix build errors with REGMAP_AC97 (git-fixes). +- drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask + (git-fixes). +- drm/amdgpu: avoid integer overflow warning in + amdgpu_device_resize_fb_bar() (git-fixes). +- drm/bridge: anx7625: Drop device lock before + drm_helper_hpd_irq_event() (git-fixes). +- drm: adv7511: Fix low refresh rate register for ADV7533/5 + (git-fixes). +- drm/ast: Fix DRAM init on AST2200 (git-fixes). +- backlight/lv5207lp: Compare against struct fb_info.device + (git-fixes). +- backlight/gpio_backlight: Compare against struct fb_info.device + (git-fixes). +- backlight/bd6107: Compare against struct fb_info.device + (git-fixes). +- drm/bridge: tc358764: Fix debug print parameter order + (git-fixes). +- audit: fix possible soft lockup in __audit_inode_child() + (git-fixes). +- ALSA: ymfpci: Fix the missing snd_card_free() call at probe + error (git-fixes). +- drm/amd/display: check TG is non-null before checking if enabled + (git-fixes). +- drm/amd/display: do not wait for mpc idle if tg is disabled + (git-fixes). +- commit 08c4f7b + +- Kbuild: add -Wno-shift-negative-value where -Wextra is used + (bsc#1214756). +- commit 8140064 + +- rpm/mkspec-dtb: support for nested subdirs + Commit 724ba6751532 ("ARM: dts: Move .dts files to vendor + sub-directories") moved the dts to nested subdirs, add a support for + that. That is, generate a %dir entry in %files for them. +- commit 6484eda + +- Update patches.kabi/lockdown-kABI-workaround-for-lockdown_reason-changes.patch + Apply following fixup from Michal Suchánek: + Don't reorder lockdown reason. +- commit 9382b89 + +- wifi: mt76: mt7921: fix non-PSC channel scan fail (git-fixes). +- commit 616c360 + +- wifi: mwifiex: Fix missed return in oob checks failed path + (git-fixes). +- commit 9baf357 + +- nilfs2: fix WARNING in mark_buffer_dirty due to discarded + buffer reuse (git-fixes). +- lib/test_meminit: allocate pages up to order MAX_ORDER + (git-fixes). +- HWPOISON: offline support: fix spelling in Documentation/ABI/ + (git-fixes). +- wifi: ath9k: use IS_ERR() with debugfs_create_dir() (git-fixes). +- wifi: ath9k: protect WMI command response buffer replacement + with a lock (git-fixes). +- wifi: ath9k: fix races between ath9k_wmi_cmd and + ath9k_wmi_ctrl_rx (git-fixes). +- wifi: mwifiex: avoid possible NULL skb pointer dereference + (git-fixes). +- wifi: radiotap: fix kernel-doc notation warnings (git-fixes). +- wifi: nl80211/cfg80211: add forgotten nla_policy for BSS color + attribute (git-fixes). +- wifi: mwifiex: fix memory leak in mwifiex_histogram_read() + (git-fixes). +- Bluetooth: btusb: Do not call kfree_skb() under + spin_lock_irqsave() (git-fixes). +- Bluetooth: Fix potential use-after-free when clear keys + (git-fixes). +- Bluetooth: Remove unused declaration amp_read_loc_info() + (git-fixes). +- Bluetooth: nokia: fix value check in + nokia_bluetooth_serdev_probe() (git-fixes). +- wifi: mwifiex: fix error recovery in PCIE buffer descriptor + management (git-fixes). +- wifi: mt76: mt7915: fix power-limits while chan_switch + (git-fixes). +- wifi: mt76: testmode: add nla_policy for MT76_TM_ATTR_TX_LENGTH + (git-fixes). +- wifi: mt76: mt7921: do not support one stream on secondary + antenna only (git-fixes). +- wifi: mwifiex: Fix OOB and integer underflow when rx packets + (git-fixes). +- wifi: rtw89: debug: Fix error handling in + rtw89_debug_priv_btc_manual_set() (git-fixes). +- can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow + errors also in case of OOM (git-fixes). +- hwrng: iproc-rng200 - Implement suspend and resume calls + (git-fixes). +- crypto: caam - fix unchecked return value error (git-fixes). +- crypto: stm32 - Properly handle pm_runtime_get failing + (git-fixes). +- hwrng: pic32 - use devm_clk_get_enabled (git-fixes). +- hwrng: nomadik - keep clock enabled while hwrng is registered + (git-fixes). +- hwmon: (tmp513) Fix the channel number in tmp51x_is_visible() + (git-fixes). +- spi: tegra20-sflash: fix to check return value of + platform_get_irq() in tegra_sflash_probe() (git-fixes). +- regmap: rbtree: Use alloc_flags for memory allocations + (git-fixes). +- commit 243ba95 + +- blacklist.conf: add git-fix that breaks kabi +- commit 29743c2 + +- scsi: qedf: Fix firmware halt over suspend and resume + (git-fixes). +- scsi: qedi: Fix firmware halt over suspend and resume + (git-fixes). +- scsi: snic: Fix possible memory leak if device_add() fails + (git-fixes). +- scsi: core: Fix possible memory leak if device_add() fails + (git-fixes). +- scsi: core: Fix legacy /proc parsing buffer overflow + (git-fixes). +- scsi: 53c700: Check that command slot is not NULL (git-fixes). +- scsi: fnic: Replace return codes in fnic_clean_pending_aborts() + (git-fixes). +- scsi: scsi_debug: Remove dead code (git-fixes). +- scsi: 3w-xxxx: Add error handling for initialization failure + in tw_probe() (git-fixes). +- scsi: qedf: Fix NULL dereference in error handling (git-fixes). +- commit f37057a + +- docs/process/howto: Replace C89 with C11 (bsc#1214756). +- commit 8393e27 + +- Kbuild: move to -std=gnu11 (bsc#1214756). +- commit ef844c1 + +- blacklist.conf: kABI +- commit 382e160 + +- netfilter: nf_tables: deactivate catchall elements in next + generation (bsc#1214729 CVE-2023-4569). +- commit 6289fe5 + +- netfilter: nf_tables: deactivate catchall elements in next + generation (bsc#1214729 CVE-2023-4569). +- commit ab071f2 + +- Update metadata +- commit afac039 + +- netfs: fix parameter of cleanup() (bsc#1214743). +- netfs: Fix lockdep warning from taking sb_writers whilst + holding mmap_lock (bsc#1214742). +- commit bb32ecc + +- selftests/futex: Order calls to futex_lock_pi (git-fixes). +- selftests/resctrl: Close perf value read fd on errors + (git-fixes). +- selftests/resctrl: Unmount resctrl FS if child fails to run + benchmark (git-fixes). +- selftests/resctrl: Don't leak buffer in fill_cache() + (git-fixes). +- PM / devfreq: Fix leak in devfreq_dev_release() (git-fixes). +- ACPI: x86: s2idle: Fix a logic error parsing AMD constraints + table (git-fixes). +- selftests/harness: Actually report SKIP for signal tests + (git-fixes). +- pstore/ram: Check start of empty przs during init (git-fixes). +- commit ad35b22 + +- Move upstreamed powerpc patches into sorted section +- commit 3a27181 + +- Move upstreamed HID patch into sorted section +- commit 85ada69 + +- e1000: Remove unnecessary use of kmap_atomic() (jsc#PED-5738). +- commit 411ade7 + +- intel/e1000:fix repeated words in comments (jsc#PED-5738). +- commit 36d3f87 + +- intel: remove unused macros (jsc#PED-5738). +- commit 8c0592a + +- e1000: Fix typos in comments (jsc#PED-5738). +- commit b74464e + +- e1000: switch to napi_build_skb() (jsc#PED-5738). +- commit 8f3d353 + +- e1000: switch to napi_consume_skb() (jsc#PED-5738). +- commit b269f24 + +- tracing: Fix memleak due to race between current_tracer and + trace (git-fixes). +- commit cd1e0a8 + +- tracing: Fix cpu buffers unavailable due to 'record_disabled' + missed (git-fixes). +- commit 8e87d30 + +- ring-buffer: Do not swap cpu_buffer during resize process + (git-fixes). +- commit e5ec19f + +- xfs: fix sb write verify for lazysbcount (bsc#1214661). +- commit 29e65a8 + +- cpufreq: intel_pstate: Adjust balance_performance EPP for + Sapphire Rapids (bsc#1214659). +- commit c3cfee9 + +- cpufreq: intel_pstate: Enable HWP IO boost for all servers + (bsc#1208949 jsc#PED-6003 jsc#PED-6004). +- commit bd6042f + +- cpufreq: intel_pstate: Fix scaling for hybrid-capable systems + with disabled E-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 + jsc#PED-4929). +- commit 0340dfe + +- cpufreq: intel_pstate: hybrid: Use known scaling factor for + P-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 91615ae + +- cpufreq: intel_pstate: Read all MSRs on the target CPU + (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 639f9f6 + +- cpufreq: intel_pstate: hybrid: Rework HWP calibration + (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- Update + patches.suse/cpufreq-intel_pstate-Fix-cpu-pstate.turbo_freq-initi.patch + (git-fixes bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). +- commit 689587b + +- Use the cherry-picked id for an AMDGPU patch and resort +- commit 07365e7 + +- tty: serial: fsl_lpuart: Add i.MXRT1050 support (git-fixes). +- Refresh + patches.suse/tty-serial-fsl_lpuart-add-earlycon-for-imx8ulp-platf.patch. +- commit f34a3a2 + +- selftests: forwarding: tc_actions: Use ncat instead of nc + (git-fixes). +- watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller + Hub) (git-fixes). +- thunderbolt: Read retimer NVM authentication status prior + tb_retimer_set_inbound_sbtx() (git-fixes). +- usb: chipidea: imx: add missing USB PHY DPDM wakeup setting + (git-fixes). +- usb: chipidea: imx: don't request QoS for imx8ulp (git-fixes). +- usb: gadget: u_serial: Avoid spinlock recursion in + __gs_console_push (git-fixes). +- pcmcia: rsrc_nonstatic: Fix memory leak in + nonstatic_release_resource_db() (git-fixes). +- PCI: tegra194: Fix possible array out of bounds access + (git-fixes). +- tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A + (git-fixes). +- tty: serial: fsl_lpuart: make rx_watermark configurable for + different platforms (git-fixes). +- selftests: forwarding: tc_actions: cleanup temporary files + when test is aborted (git-fixes). +- usb: dwc3: Fix typos in gadget.c (git-fixes). +- commit 5394953 + +- drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). +- commit d60a005 + +- i2c: designware: Handle invalid SMBus block data response + length value (git-fixes). +- drm/qxl: fix UAF on handle creation (git-fixes). +- drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). +- Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally + (git-fixes). +- Bluetooth: L2CAP: Fix use-after-free (git-fixes). +- media: v4l2-mem2mem: add lock to protect parameter num_rdy + (git-fixes). +- ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB + related warnings (git-fixes). +- drm/amdgpu: install stub fence into potential unused fence + pointers (git-fixes). +- drm/amd/display: fix access hdcp_workqueue assert (git-fixes). +- ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion + (git-fixes). +- HID: add quirk for 03f0:464a HP Elite Presenter Mouse + (git-fixes). +- HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech + G915 TKL Keyboard (git-fixes). +- PCI: s390: Fix use-after-free of PCI resources with per-function + hotplug (git-fixes). +- drm/amd/display: phase3 mst hdcp for multiple displays + (git-fixes). +- drm/amd/display: save restore hdcp state when display is + unplugged from mst hub (git-fixes). +- iio: adc: stx104: Implement and utilize register structures + (git-fixes). +- iio: adc: stx104: Utilize iomap interface (git-fixes). +- ARM: dts: imx6sll: fixup of operating points (git-fixes). +- commit e2faa35 + +- pinctrl: amd: Mask wake bits on probe again (git-fixes). +- pinctrl: amd: Revert "pinctrl: amd: disable and mask interrupts + on probe" (git-fixes). +- commit 15b9551 + +- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ + (git-fixes). +- commit 5e59635 + +- clk: Fix slab-out-of-bounds error in devm_clk_release() + (git-fixes). +- clk: Fix undefined reference to `clk_rate_exclusive_{get,put}' + (git-fixes). +- pinctrl: renesas: rza2: Add lock around + pinctrl_generic{{add,remove}_group,{add,remove}_function} + (git-fixes). +- drm/vmwgfx: Fix shader stage validation (git-fixes). +- dma-buf/sw_sync: Avoid recursive lock during fence signal + (git-fixes). +- commit 7c5f1b7 + +- batman-adv: Hold rtnl lock during MTU update via netlink + (git-fixes). +- commit 8468886 + +- batman-adv: Fix batadv_v_ogm_aggr_send memory leak (git-fixes). +- batman-adv: Fix TT global entry leak when client roamed back + (git-fixes). +- batman-adv: Do not get eth header before + batadv_check_management_packet (git-fixes). +- batman-adv: Don't increase MTU when set by user (git-fixes). +- batman-adv: Trigger events for auto adjusted MTU (git-fixes). +- commit d59057e + +- drm/amd/display: disable RCO for DCN314 (git-fixes). +- commit 5dc74f0 + +- drm/qxl: fix UAF on handle creation (git-fixes). +- drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). +- drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix + (git-fixes). +- drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 + (git-fixes). +- drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU + v13.0.4/11 (git-fixes). +- drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). +- drm/amd/display: Enable dcn314 DPP RCO (git-fixes). +- drm/amd/display: Skip DPP DTO update if root clock is gated + (git-fixes). +- drm/amdgpu: keep irq count in amdgpu_irq_disable_all + (git-fixes). +- drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz + (git-fixes). +- drm/amdgpu: install stub fence into potential unused fence + pointers (git-fixes). +- drm/amdgpu: fix memory leak in mes self test (git-fixes). +- drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (git-fixes). +- drm/amdgpu: fix calltrace warning in amddrm_buddy_fini + (git-fixes). +- drm: rcar-du: remove R-Car H3 ES1.* workarounds (git-fixes). +- drm/stm: ltdc: fix late dereference check (git-fixes). +- drm/amd/display: Implement workaround for writing to + OTG_PIXEL_RATE_DIV register (git-fixes). +- commit 162942a + +- Move sorted nouveau patch into sorted section +- commit 5cfebfc + +- smb: client: fix null auth (git-fixes). +- commit f89a725 + +- Update tags in + patches.suse/md-raid5-Improve-performance-for-sequential-IO.patch. +- commit 5c3390a + +- powerpc/rtas: block error injection when locked down + (bsc#1023051). + Refresh patches.kabi/lockdown-kABI-workaround-for-lockdown_reason-changes.patch +- powerpc/rtas: enture rtas_call is called with MMU enabled + (bsc#1023051). +- commit e7f7145 + +- Input: cyttsp4_core - change del_timer_sync() to + timer_shutdown_sync() (bsc#1213971 CVE-2023-4134). +- commit 2dfd188 + +- Refresh patches.suse/powerpc-rtas-Keep-MSR-RI-set-when-calling-RTAS.patch. +- commit 0cbb740 + +- Drop rtsx patch that caused a regression (bsc#1214397,bsc#1214428) + It caused mysterious problem wrt NVMe. + Better to drop and blacklist for now. +- commit 2257ff2 + +- powerpc: Move DMA64_PROPNAME define to a header (bsc#1214297 ltc#197503). +- commit af67897 + +- x86/CPU/AMD: Fix the DIV(0) initial fix attempt (bsc#1213927, CVE-2023-20588). +- commit eb5704d + +- x86/CPU/AMD: Do not leak quotient data after a division by 0 (bsc#1213927, CVE-2023-20588). +- commit 8b5290e + +- scsi: storvsc: Fix handling of virtual Fibre Channel timeouts + (git-fixes). +- scsi: storvsc: Limit max_sectors for virtual Fibre Channel + devices (git-fixes). +- scsi: storvsc: Handle SRB status value 0x30 (git-fixes). +- scsi: storvsc: Always set no_report_opcodes (git-fixes). +- commit aace9fd + +- old-flavors: Drop 2.6 kernels. + 2.6 based kernels are EOL, upgrading from them is no longer suported. +- commit 7bb5087 + +- kunit: make kunit_test_timeout compatible with comment + (git-fixes). +- commit e060c5b + +- blacklist.conf: kABI +- commit 2db68b2 + +- blacklist.conf: kABI +- commit b9b490f + +- blacklist.conf: specific to Clang +- commit 0d88df7 + +- blacklist.conf: not used in our build process +- commit 5705a43 + +- blacklist.conf: designed to break kABI but relevant only on big endian +- commit 3477f1d + +- lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() + test (git-fixes). +- commit 0595e9f + +- blacklist.conf: cleanup +- commit 8d51620 + +- blacklist.conf: We do not use that tool +- commit f8ec126 + +- docs: networking: replace skb_hwtstamp_tx with skb_tstamp_tx + (git-fixes). +- commit d96f965 + +- kabi: Allow extra bugsints (bsc#1213927). +- commit fc75ce0 + +- Refresh patches.suse/x86-srso-add-ibpb.patch. + CPU_IBPB_ENTRY is always on so adjust code accordingly. +- commit 0ed13bd + +- Update + patches.suse/net-vmxnet3-fix-possible-NULL-pointer-dereference-in.patch + (bsc#1200431 bsc#1214451 CVE-2023-4459). + Added CVE reference. +- commit 13a12f4 + +- net: nfc: Fix use-after-free caused by nfc_llcp_find_local + (bsc#1213601 CVE-2023-3863). +- nfc: llcp: simplify llcp_sock_connect() error paths (bsc#1213601 + CVE-2023-3863). +- nfc: llcp: nullify llcp_sock->dev on connect() error paths + (bsc#1213601 CVE-2023-3863). +- commit 0932a11 + +- kabi/severities: Ignore newly added SRSO mitigation functions +- commit 4452f05 + +- s390/zcrypt: fix reply buffer calculations for CCA replies + (bsc#1213949). +- commit 26e242b + +- tty: fix hang on tty device with no_room set (git-fixes). +- n_tty: Rename tail to old_tail in n_tty_read() (git-fixes). +- commit 22b52a9 + +- tty: n_gsm: fix the UAF caused by race condition in + gsm_cleanup_mux (git-fixes). +- tty: serial: fsl_lpuart: Clear the error flags by writing 1 + for lpuart32 platforms (git-fixes). +- commit 2bc2940 + +- x86/static_call: Fix __static_call_fixup() (git-fixes). +- commit 57d4f01 + +- x86/srso: Correct the mitigation status when SMT is disabled (git-fixes). +- commit c2d3421 + +- x86/srso: Explain the untraining sequences a bit more (git-fixes). +- commit f62146e + +- x86/cpu/kvm: Provide UNTRAIN_RET_VM (git-fixes). +- commit 7f39f56 + +- x86/cpu: Cleanup the untrain mess (git-fixes). +- commit 13632c3 + +- objtool/x86: Fixup frame-pointer vs rethunk (git-fixes). +- commit 522332f + +- objtool: Union instruction::{call_dest,jump_table} (git-fixes). +- commit d5ea86a + +- x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (git-fixes). +- commit 847a96f + +- xfrm: add NULL check in xfrm_update_ae_params (bsc#1213666 + CVE-2023-3772). +- commit 9e44d01 + +- x86/cpu: Rename original retbleed methods (git-fixes). +- commit 81c5e75 + +- x86/cpu: Clean up SRSO return thunk mess (git-fixes). +- commit fa0b815 + +- objtool/x86: Fix SRSO mess (git-fixes). +- commit 8bf5635 + +- x86/alternative: Make custom return thunk unconditional (git-fixes). +- commit a446ea5 + +- x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (git-fixes). +- commit 06974c4 + +- x86/cpu: Fix __x86_return_thunk symbol type (git-fixes). +- commit 086adb4 + +- x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT (git-fixes). +- commit 9392b3c + +- x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (git-fixes). +- commit 99556d6 + +- x86/srso: Disable the mitigation on unaffected configurations (git-fixes). +- commit af52734 + +- x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (git-fixes). +- commit 43e1da9 + +- x86/srso: Fix build breakage with the LLVM linker (git-fixes). +- commit 7af6810 + +- powerpc/rtas_flash: allow user copy to flash block cache objects + (bsc#1194869). +- commit 0fccbf5 + +- i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue + (git-fixes). +- i2c: hisi: Only handle the interrupt of the driver's transfer + (git-fixes). +- i2c: designware: Correct length byte validation logic + (git-fixes). +- fbdev: mmp: fix value check in mmphw_probe() (git-fixes). +- commit 5738f62 + +- supported.conf: fix typos for -!optional markers +- commit a15b83f + +- drm/i915/sdvo: fix panel_type initialization (git-fixes). +- commit af00eea + +- ALSA: hda/realtek - Remodified 3k pull low procedure + (git-fixes). +- ASoC: meson: axg-tdm-formatter: fix channel slot allocation + (git-fixes). +- ASoC: lower "no backend DAIs enabled for ... Port" log severity + (git-fixes). +- ASoC: rt5665: add missed regulator_bulk_disable (git-fixes). +- ALSA: hda/cs8409: Support new Dell Dolphin Variants (git-fixes). +- ALSA: hda/realtek: Switch Dell Oasis models to use SPI + (git-fixes). +- ALSA: hda/realtek: Add quirks for HP G11 Laptops (git-fixes). +- ALSA: usb-audio: Add support for Mythware XA001AU capture and + playback interfaces (git-fixes). +- mmc: wbsd: fix double mmc_free_host() in wbsd_init() + (git-fixes). +- mmc: block: Fix in_flight[issue_type] value error (git-fixes). +- arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict + (git-fixes). +- bus: ti-sysc: Flush posted write on enable before reset + (git-fixes). +- arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 + (git-fixes). +- soc: aspeed: socinfo: Add kfree for kstrdup (git-fixes). +- net: phy: broadcom: stub c45 read/write for 54810 (git-fixes). +- selftests: mirror_gre_changes: Tighten up the TTL test match + (git-fixes). +- net: phy: fix IRQ-based wake-on-lan over hibernate / power off + (git-fixes). +- drm/panel: simple: Fix AUO G121EAN01 panel timings according + to the docs (git-fixes). +- commit a48515a + +- Update config files. Drop the dpt_i2o kernel module. + For: jsc#PED-4579, CVE-2023-2007 +- commit f332a85 + +- mkspec: Allow unsupported KMPs (bsc#1214386) +- commit 55d8b82 + +- libceph: fix potential hang in ceph_osdc_notify() (bsc#1214393). +- ceph: defer stopping mdsc delayed_work (bsc#1214392). +- commit 722c601 + +- check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). + gcc7 on SLE 15 does not support this while later gcc does. +- commit 5b41c27 + +- s390/purgatory: disable branch profiling (git-fixes + bsc#1214372). +- commit 28f91ce + +- scsi: zfcp: Defer fc_rport blocking until after ADISC response + (git-fixes bsc#1214371). +- commit 5ac3747 + +- KVM: s390: fix sthyi error handling (git-fixes bsc#1214370). +- commit 3711e45 + +- module: avoid allocation if module is already present and ready + (bsc#1213921). +- commit d1f96fc + +- module: move check_modinfo() early to early_mod_check() + (bsc#1213921). +- commit f1bebb1 + +- module: move early sanity checks into a helper (bsc#1213921). +- commit 77019ff + +- module: extract patient module check into helper (bsc#1213921). +- commit 8edb1c8 + +- powerpc/kexec: Fix build failure from uninitialised variable + (bsc#1212091 ltc#199106). +- powerpc/64e: Fix kexec build error (bsc#1212091 ltc#199106). +- Refresh patches.suse/powerpc-Take-in-account-addition-CPU-node-when-build.patch +- Refresh patches.suse/powerpc-kexec_file-fix-implicit-decl-error.patch +- commit c8f4ed0 + +- Update + patches.suse/net-vmxnet3-fix-possible-use-after-free-bugs-in-vmxn.patch + (bsc#1200431 bsc#1214350 CVE-2023-4387). + Added CVE reference. +- commit 8897012 + +- module: avoid allocation if module is already present and ready + (bsc#1213921). +- commit a42ca12 + +- module: move check_modinfo() early to early_mod_check() + (bsc#1213921). +- commit b97680b + +- module: move early sanity checks into a helper (bsc#1213921). +- commit d4f0452 + +- Update config files. + run_oldconfig.sh +- CONFIG_NVME_VERBOSE_ERRORS=y gone with a82baa8083b +- CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 gone with 7e152d55123 +- commit 7a11d4b + +- module: extract patient module check into helper (bsc#1213921). +- commit de545b1 + +- Enable Analog Devices Industrial Ethernet PHY driver (jsc#PED-4759) +- commit 63c2b4e + +- net: mana: Fix MANA VF unload when hardware is unresponsive + (git-fixes). +- iavf: fix potential races for FDIR filters (git-fixes). +- ice: Fix RDMA VSI removal during queue rebuild (git-fixes). +- qed: Fix scheduling in a tasklet while getting stats + (git-fixes). +- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() + (git-fixes). +- ice: Fix memory management in ice_ethtool_fdir.c (git-fixes). +- net: hns3: fix wrong bw weight of disabled tc issue (git-fixes). +- ice: Fix max_rate check while configuring TX rate limits + (git-fixes). +- commit 66cd4bc + +- powerpc/iommu: Fix iommu_table_in_use for a small default DMA + window case (bsc#1212091 ltc#199106). +- powerpc/kernel/iommu: Add new iommu_table_in_use() helper + (bsc#1212091 ltc#199106). +- powerpc/iommu: don't set failed sg dma_address to + DMA_MAPPING_ERROR (bsc#1212091 ltc#199106). +- powerpc/iommu: return error code from .map_sg() ops (bsc#1212091 + ltc#199106). +- commit 63fd00c + +- drm/amd/display: trigger timing sync only if TG is running + (git-fixes). +- commit efc7084 + +- drm/amd/display: Retain phantom plane/stream if validation fails + (git-fixes). +- Refresh + patches.suse/drm-amd-display-filter-out-invalid-bits-in-pipe_fuse.patch. +- commit 7b85ac2 + +- drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (git-fixes). +- drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues + (git-fixes). +- drm/amd/pm: avoid unintentional shutdown due to temperature + momentary fluctuation (git-fixes). +- drm/amd/pm: expose swctf threshold setting for legacy powerplay + (git-fixes). +- drm/amd/display: limit DPIA link rate to HBR3 (git-fixes). +- drm/amd/pm/smu7: move variables to where they are used + (git-fixes). +- drm/amd/pm: fulfill powerplay peak profiling mode shader/memory + clock settings (git-fixes). +- drm/amd/pm: fulfill swsmu peak profiling mode shader/memory + clock settings (git-fixes). +- drm/amd/display: trigger timing sync only if TG is running + (git-fixes). +- drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set + (git-fixes). +- drm/amd/display: Disable phantom OTG after enable for plane + disable (git-fixes). +- drm/amd/display: Use update plane and stream routine for DCN32x + (git-fixes). +- commit d699896 + +- misc: rtsx: judge ASPM Mode to set PETXCFG Reg (git-fixes). +- drm/nouveau/gr: enable memory loads on helper invocation on + all channels (git-fixes). +- commit 8a7a168 + +- kernel-binary: Common dependencies cleanup + Common dependencies are copied to a subpackage, there is no need for + copying defines or build dependencies there. +- commit 254b03c + +- kernel-binary: Drop code for kerntypes support + Kerntypes was a SUSE-specific feature dropped before SLE 12. +- commit 2c37773 + +- ACPI/IORT: Update SMMUv3 DeviceID support (bsc#1214305). +- commit 4628976 + +- net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + (git-fixes). +- commit 9c04620 + +- powerpc/iommu: TCEs are incorrectly manipulated with DLPAR + add/remove of memory (bsc#1212091 ltc#199106). +- powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV + device (bsc#1212091 ltc#199106). +- pseries/iommu/ddw: Fix kdump to work in absence of + ibm,dma-window (bsc#1214297 ltc#197503). +- powerpc/pseries/iommu: Print ibm,query-pe-dma-windows parameters + (bsc#1212091 ltc#199106). +- powerpc: fix typos in comments (bsc#1212091 ltc#199106). +- powerpc/pseries: Add __init attribute to eligible functions + (bsc#1212091 ltc#199106). +- powerpc/pseries/ddw: Do not try direct mapping with persistent + memory and one window (bsc#1212091 ltc#199106). +- powerpc/pseries/ddw: simplify enable_ddw() (bsc#1212091 + ltc#199106). +- powerpc/pseries/iommu: Add of_node_put() before break + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Create huge DMA window if no MMIO32 is + present (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Check if the default window in use + before removing it (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Use correct vfree for it_map (bsc#1212091 + ltc#199106). +- powerpc/pseries/iommu: Rename "direct window" to "dma window" + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Make use of DDW for indirect mapping + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Find existing DDW with given property + name (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Update remove_dma_window() to accept + property name (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Reorganize iommu_table_setparms*() + with new helper (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add ddw_property_create() and refactor + enable_ddw() (bsc#1212091 ltc#199106). + Refresh patches.suse/powerps-pseries-dma-Add-support-for-2M-IOMMU-page-si.patch +- powerpc/pseries/iommu: Allow DDW windows starting at 0x00 + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add ddw_list_new_entry() helper + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Add iommu_pseries_alloc_table() helper + (bsc#1212091 ltc#199106). +- powerpc/pseries/iommu: Replace hard-coded page shift + (bsc#1212091 ltc#199106). + Refresh patches.suse/powerpc-iommu-Limit-number-of-TCEs-to-512-for-H_STUF.patch +- commit 4f11eef + +- powerpc/mm/altmap: Fix altmap boundary check (bsc#1120059 + git-fixes). +- commit f722e3b + +- bnx2x: fix page fault following EEH recovery (bsc#1214299). +- commit f8a9432 + +- target_core_rbd: fix leak and reduce kmalloc calls + (bsc#1212873). +- target_core_rbd: fix rbd_img_request.snap_id assignment + (bsc#1212857). +- target_core_rbd: remove snapshot existence validation code + (bsc#1212857). +- file: reinstate f_pos locking optimization for regular files + (bsc#1213759). +- commit 0469dd9 + +- net: ieee802154: at86rf230: Stop leaking skb's (git-fixes). +- commit 3d175df + +- mlxsw: pci: Add shutdown method in PCI driver (git-fixes). +- commit d9c79ec + +- blacklist.conf: add drivers/net/ethernet/renesas/ drivers +- commit 0c8d3f5 + +- sfc: fix crash when reading stats while NIC is resetting + (git-fixes). +- commit 61c7a4c + +- ice: Fix crash by keep old cfg when update TCs more than queues + (git-fixes). +- commit 4e80ce2 + +- powerpc/pseries: Honour current SMT state when DLPAR onlining + CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 + ltc#200161 ltc#200588). + Update config files. +- powerpc/pseries: Initialise CPU hotplug callbacks earlier + (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Allow enabling partial SMT states via sysfs + (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Remove topology_smt_supported() (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Store the current/max number of threads (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214285 + bsc#1205462 ltc#200161 ltc#200588). +- commit 8bd8972 + +- sched/psi: use kernfs polling functions for PSI trigger polling + (bsc#1209799). +- commit 4477665 + +- md/raid0: Fix performance regression for large sequential writes + (bsc#1213916). +- md/raid0: Factor out helper for mapping and submitting a bio + (bsc#1213916). +- commit d85264e + +- drm/nouveau/disp: fix use-after-free in error handling of + nouveau_connector_create (bsc#1214073). +- commit 4e5fad7 + +- ceph: don't check for quotas on MDS stray dirs (bsc#1214238). +- commit dcb3418 + +- iommu/dma: Fix incorrect error return on iommu deferred attach + (git-fixes). +- Refresh patches.suse/iommu-dma-Fix-arch_sync_dma-for-map.patch. +- Refresh + patches.suse/iommu-dma-check-config_swiotlb-more-broadly. +- commit c7a880f + +- iommu/dma: return error code from iommu_dma_map_sg() + (git-fixes). +- Refresh patches.suse/iommu-dma-Fix-arch_sync_dma-for-map.patch. +- Refresh + patches.suse/iommu-dma-check-config_swiotlb-more-broadly. +- commit 5d989c6 + +- iommu/amd: Fix pci device refcount leak in ppr_notifier() + (git-fixes). +- iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and + ivrs_acpihid options (git-fixes). +- iommu/amd: Fix ivrs_acpihid cmdline parsing code (git-fixes). +- iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() + (git-fixes). +- iommu/rockchip: fix permission bits in page table entries v2 + (git-fixes). +- iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (git-fixes). +- iommu/sun50i: Implement .iotlb_sync_map (git-fixes). +- iommu/sun50i: Fix flush size (git-fixes). +- iommu/sun50i: Fix R/W permission check (git-fixes). +- iommu/sun50i: Consider all fault sources for reset (git-fixes). +- iommu/sun50i: Fix reset release (git-fixes). +- iommu/vt-d: Fix PCI device refcount leak in + dmar_dev_scope_init() (git-fixes). +- iommu/vt-d: Fix PCI device refcount leak in has_external_pci() + (git-fixes). +- iommu/vt-d: Set SRE bit only when hardware has SRS cap + (git-fixes). +- iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging + entries (git-fixes). +- iommu/vt-d: Clean up si_domain in the init_dmars() error path + (git-fixes). +- iommu/iova: Fix module config properly (git-fixes). +- iommu/omap: Fix buffer overflow in debugfs (git-fixes). +- iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT + device to identity (git-fixes). +- iommu/vt-d: Check correct capability for sagaw determination + (git-fixes). +- iommu/vt-d: Correctly calculate sagaw value of IOMMU + (git-fixes). +- iommu/vt-d: Fix kdump kernels boot failure with scalable mode + (git-fixes). +- iommu/amd: use full 64-bit value in build_completion_wait() + (git-fixes). +- iommu/amd: Fix compile warning in init code (git-fixes). +- iommu/amd: Add PCI segment support for ivrs_ commands + (git-fixes). +- iommu/io-pgtable-arm-v7s: Add a quirk to allow pgtable PA up + to 35bit (git-fixes). +- iommu/dma: Fix iova map result check bug (git-fixes). +- iommu/arm-smmu-v3: check return value after calling + platform_get_resource() (git-fixes). +- iommu/arm-smmu: fix possible null-ptr-deref in + arm_smmu_device_probe() (git-fixes). +- iommu/vt-d: Add RPLS to quirk list to skip TE disabling + (git-fixes). +- iommu/arm-smmu-v3: fix event handling soft lockup (git-fixes). +- iommu/dart: Initialize DART_STREAMS_ENABLE (git-fixes). +- commit b73aa3b + +- iommu/mediatek: Set dma_mask for PGTABLE_PA_35_EN (git-fixes). +- iommu/amd: Do not identity map v2 capable device when snp is + enabled (git-fixes). +- iommu/s390: Fix duplicate domain attachments (git-fixes). +- iommu/mediatek: Validate number of phandles associated with + "mediatek,larbs" (git-fixes). +- iommu/mediatek: Add error path for loop of mm_dts_parse + (git-fixes). +- iommu/mediatek: Use component_match_add (git-fixes). +- iommu/mediatek: Add platform_device_put for recovering the + device refcnt (git-fixes). +- iommu/mediatek: Check return value after calling + platform_get_resource() (git-fixes). +- commit 7224acf + +- iommu/amd: Add map/unmap_pages() iommu_domain_ops callback + support (bsc#1212423). +- iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops + callback (bsc#1212423). +- iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops + callback (bsc#1212423). +- commit c0cd652 + +- nvme-rdma: fix potential unbalanced freeze & unfreeze + (bsc#1208902). +- nvme-tcp: fix potential unbalanced freeze & unfreeze + (bsc#1208902). +- commit 2d8bf94 + +- x86/mce: Make sure logged MCEs are processed after sysfs update (git-fixes). +- commit 64aa9ec + +- x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (git-fixes). +- commit b1259cb + +- blacklist.conf: Blacklist useless doc patch +- commit be8f79d + +- x86/speculation: Add cpu_show_gds() prototype (git-fixes). +- commit edd5557 + +- fs/sysv: Null check to prevent null-ptr-deref bug (git-fixes). +- commit ae6500e + +- iio: cros_ec: Fix the allocation size for cros_ec_command + (git-fixes). +- iio: adc: ina2xx: avoid NULL pointer dereference on OF device + match (git-fixes). +- usb: dwc3: Properly handle processing of pending events + (git-fixes). +- usb-storage: alauda: Fix uninit-value in alauda_check_media() + (git-fixes). +- usb: common: usb-conn-gpio: Prevent bailing out if initial + role is none (git-fixes). +- usb: typec: altmodes/displayport: Signal hpd when configuring + pin assignment (git-fixes). +- usb: typec: tcpm: Fix response to vsafe0V event (git-fixes). +- commit d86b205 + +- netfilter: KABI workaround for CVE-2023-3610 bsc#1213580 + (git-fixes). +- commit b3532ef + +- netfilter: nf_tables: fix chain binding transaction logic + (bsc#1213580 CVE-2023-3610). +- commit e6eb926 + +- Refresh + patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch. +- commit 60482d4 + +- netfilter: KABI workaround for CVE-2023-3610 bsc#1213580 + (git-fixes). +- commit ecae123 + +- netfilter: nf_tables: fix chain binding transaction logic + (bsc#1213580 CVE-2023-3610). +- commit 12da4f7 + +- drm/amd: Disable S/G for APUs when 64GB or more host memory + (git-fixes). +- drm/amdgpu: add S/G display parameter (git-fixes). +- commit 5f61fab + +- drm/amdgpu: Remove unnecessary domain argument (git-fixes). +- commit d154fc5 + +- drm/amd/display: Ensure that planes are in the same order + (git-fixes). +- drm/amdgpu: add vram reservation based on + vram_usagebyfirmware_v2_2 (git-fixes). +- commit f3e97e4 + +- hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for + pfe1100 (git-fixes). +- nilfs2: fix use-after-free of nilfs_root in dirtying inodes + via iput (git-fixes). +- drm/amd/display: check attr flag before set cursor degamma on + DCN3+ (git-fixes). +- drm/shmem-helper: Reset vma->vm_ops before calling + dma_buf_mmap() (git-fixes). +- drm/rockchip: Don't spam logs in atomic check (git-fixes). +- drm/nouveau/disp: Revert a NULL check inside + nouveau_connector_get_modes (git-fixes). +- arm64: dts: imx8mn-var-som: add missing pull-up for onboard + PHY reset pinmux (git-fixes). +- soundwire: fix enumeration completion (git-fixes). +- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb + (git-fixes). +- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb + (git-fixes). +- selftests/rseq: check if libc rseq support is registered + (git-fixes). +- soundwire: bus: pm_runtime_request_resume on peripheral + attachment (git-fixes). +- commit 1f8ce0d + +- net/sched: cls_route: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- net/sched: cls_fw: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- net/sched: cls_u32: No longer copy tcf_result on update to + avoid use-after-free (bsc#1214149 CVE-2023-4128). +- commit 9904c3b + +- ceph: never send metrics if disable_send_metrics is set + (bsc#1214180). +- commit 32f3ae7 + +- wifi: cfg80211: fix sband iftype data lookup for AP_VLAN + (git-fixes). +- selftests: forwarding: tc_flower: Relax success criterion + (git-fixes). +- selftests: forwarding: ethtool_extended_state: Skip when using + veth pairs (git-fixes). +- selftests: forwarding: ethtool: Skip when using veth pairs + (git-fixes). +- selftests: forwarding: Add a helper to skip test when using + veth pairs (git-fixes). +- selftests: forwarding: Switch off timeout (git-fixes). +- selftests: forwarding: Skip test when no interfaces are + specified (git-fixes). +- net: phy: at803x: remove set/get wol callbacks for AR8032 + (git-fixes). +- dmaengine: pl330: Return DMA_PAUSED when transaction is paused + (git-fixes). +- dmaengine: mcf-edma: Fix a potential un-allocated memory access + (git-fixes). +- commit b70a6bf + +- blacklist.conf: Blacklist useless doc fix +- commit 685dbed + +- exfat: check if filename entries exceeds max filename length + (bsc#1214120 CVE-2023-4273). +- commit b7e68de + +- x86/srso: Fix return thunks in generated code (git-fixes). +- commit b4d125e + +- Refresh patches.suse/kvm-add-gds_no-support-to-kvm.patch. +- Refresh + patches.suse/x86-speculation-add-force-option-to-gds-mitigation.patch. +- Refresh + patches.suse/x86-speculation-add-gather-data-sampling-mitigation.patch. +- Refresh + patches.suse/x86-speculation-add-kconfig-option-for-gds.patch. +- Refresh + patches.suse/x86-srso-add-a-speculative-ras-overflow-mitigation.patch. +- Refresh patches.suse/x86-srso-add-srso_no-support.patch. + Sort latest set of security vulnerabilities according to upstream order. +- commit 4a12398 + +- tracing/histograms: Return an error if we fail to add histogram + to hist_vars list (git-fixes). +- commit d08da8a + +- Drop cfg80211 lock fix patches that caused a regression (bsc#1213757) + Deleted: + patches.suse/wifi-cfg80211-fix-locking-in-regulatory-disconnect.patch + patches.suse/wifi-cfg80211-fix-locking-in-sched-scan-stop-work.patch +- commit f824698 + +- netfilter: nf_tables: disallow rule addition to bound chain + via NFTA_RULE_CHAIN_ID (CVE-2023-4147 bsc#1213968). +- commit c0bb265 + +- cxgb4: fix use after free bugs caused by circular dependency + problem (bsc#1213970 CVE-2023-4133). +- timers: Provide timer_shutdown[_sync]() (bsc#1213970). +- timers: Add shutdown mechanism to the internal functions + (bsc#1213970). +- timers: Split [try_to_]del_timer[_sync]() to prepare for + shutdown mode (bsc#1213970). +- timers: Silently ignore timers with a NULL function + (bsc#1213970). +- timers: Rename del_timer() to timer_delete() (bsc#1213970). +- timers: Rename del_timer_sync() to timer_delete_sync() + (bsc#1213970). +- timers: Use del_timer_sync() even on UP (bsc#1213970). +- timers: Update kernel-doc for various functions (bsc#1213970). +- timers: Replace BUG_ON()s (bsc#1213970). +- clocksource/drivers/sp804: Do not use timer namespace for + timer_shutdown() function (bsc#1213970). +- clocksource/drivers/arm_arch_timer: Do not use timer namespace + for timer_shutdown() function (bsc#1213970). +- ARM: spear: Do not use timer namespace for timer_shutdown() + function (bsc#1213970). +- commit 0322b50 + +- xen/netback: Fix buffer overrun triggered by unusual packet + (CVE-2023-34319, XSA-432, bsc#1213546). +- commit 6591b03 + +- ubifs: Fix memleak when insert_old_idx() failed (git-fixes). +- commit 2837d15 + +- jffs2: correct logic when creating a hole in jffs2_write_begin + (git-fixes). +- commit f413344 + +- mmc: moxart: read scr register without changing byte order + (git-fixes). +- commit 12e8704 + +- cifs: update internal module version number for cifs.ko + (bsc#1193629). +- commit ade2a6e + +- smb: client: fix dfs link mount against w2k8 (bsc#1212142). +- commit 2f90082 + +- cifs: add missing return value check for cifs_sb_tlink + (bsc#1193629). +- commit a08c7b4 + +- smb3: do not set NTLMSSP_VERSION flag for negotiate not auth + request (bsc#1193629). +- commit 1b17674 + +- cifs: allow dumping keys for directories too (bsc#1193629). +- commit e7fda39 + +- cifs: fix mid leak during reconnection after timeout threshold + (git-fixes). +- commit 30d4c82 + +- cifs: is_network_name_deleted should return a bool + (bsc#1193629). +- commit 85c6bb9 + +- smb: client: Fix -Wstringop-overflow issues (bsc#1193629). +- commit 37f3408 + +- cifs: if deferred close is disabled then close files immediately + (git-fixes). +- commit 1cd51c4 + +- SMB3: Do not send lease break acknowledgment if all file + handles have been closed (git-fixes). +- commit 68ee604 + +- fprobe: add unlock to match a succeeded + ftrace_test_recursion_trylock (git-fixes). +- commit adbdcc7 + +- fprobe: Release rethook after the ftrace_ops is unregistered + (git-fixes). +- commit 3548d7c + +- net: tun_chr_open(): set sk_uid from current_fsuid() + (CVE-2023-4194 bsc#1214019). +- commit b6c8070 + +- net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194 + bsc#1214019). +- commit d59e993 + +- tracing/probes: Fix to avoid double count of the string length + on the array (git-fixes). +- commit 24b5022 + +- blacklist.conf: add tracing patches implementing new functionality +- commit 1e7f3cf + +- tracing/probes: Fix to record 0-length data_loc in + fetch_store_string*() if fails (git-fixes). +- commit c96ae0e + +- Revert "tracing: Add "(fault)" name injection to kernel probes" + (git-fixes). +- commit 658fc31 + +- bpf: Disable preemption in bpf_event_output (git-fixes). +- commit 21194b8 + +- tracing: Fix warning in trace_buffered_event_disable() + (git-fixes). +- commit 9a84de4 + +- ring-buffer: Fix wrong stat of cpu_buffer->read (git-fixes). +- commit 9c2f42a + +- tracing/probes: Fix to update dynamic data counter if fetcharg + uses it (git-fixes). +- commit a5e8186 + +- tracing/probes: Fix not to count error code to total length + (git-fixes). +- commit 1fa72f4 + +- tracing: Fix memory leak of iter->temp when reading trace_pipe + (git-fixes). +- commit 6f343ba + +- tracing/histograms: Add histograms to hist_vars if they have + referenced variables (git-fixes). +- commit 17940e8 + +- ftrace: Fix possible warning on checking all pages used in + ftrace_process_locs() (git-fixes). +- commit 825cbd9 + +- ring-buffer: Fix deadloop issue on reading trace_pipe + (git-fixes). +- commit fc2b8fe + +- tracing: Fix null pointer dereference in tracing_err_log_open() + (git-fixes). +- commit 498fa96 + +- README.BRANCH: Add Miroslav Franc as a SLE15-SP4 co-maintainer. +- commit 3b7c83a + +- nfsd: Remove incorrect check in nfsd4_validate_stateid + (git-fixes). +- commit 2cc1911 + +- blacklist.conf: add a cleanup +- commit 976e622 + +- drm/i915: Fix premature release of request's reusable memory + (git-fixes). +- commit a19a4b2 + +- mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() + (git-fixes). +- mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts + (git-fixes). +- mtd: rawnand: rockchip: fix oobfree offset and description + (git-fixes). +- mtd: rawnand: omap_elm: Fix incorrect type in assignment + (git-fixes). +- mtd: spinand: toshiba: Fix ecc_get_status (git-fixes). +- drm/ttm: check null pointer before accessing when swapping + (git-fixes). +- commit 6d64757 + +- exfat: release s_lock before calling dir_emit() (bsc#1214000). +- exfat: fix unexpected EOF while reading dir (bsc#1214000). +- exfat_iterate(): don't open-code file_inode(file) (bsc#1214000). +- commit 00dff49 + +- blacklist.conf: Add 3b8abb323953 mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() +- commit 3ae175c + +- blacklist.conf: Add 9ec272c586b0 watchdog/hardlockup: keep kernel.nmi_watchdog sysctl as 0444 if probe fails +- commit ff37424 + +- net: stmmac: tegra: Properly allocate clock bulk data (bsc#1213733) +- commit f38b73b + +- netfs: Fix missing xas_retry() calls in xarray iteration + (bsc#1213946 bsc#1214404). +- netfs: Fix missing xas_retry() calls in xarray iteration + (bsc#1213946). +- commit e7bc55c + +- wifi: cfg80211: Fix return value in scan logic (git-fixes). +- wifi: mt76: mt7615: do not advertise 5 GHz on first phy of + MT7615D (DBDC) (git-fixes). +- USB: zaurus: Add ID for A-300/B-500/C-700 (git-fixes). +- firmware: arm_scmi: Drop OF node reference in the transport + channel setup (git-fixes). +- USB: gadget: Fix the memory leak in raw_gadget driver + (git-fixes). +- USB: quirks: add quirk for Focusrite Scarlett (git-fixes). +- usb: ohci-at91: Fix the unhandle interrupt when resume + (git-fixes). +- USB: serial: simple: sort driver entries (git-fixes). +- USB: serial: simple: add Kaufmann RKS+CAN VCP (git-fixes). +- USB: serial: option: add Quectel EC200A module support + (git-fixes). +- USB: serial: option: support Quectel EM060K_128 (git-fixes). +- phy: qcom-snps-femto-v2: properly enable ref clock (git-fixes). +- phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during + runtime suspend (git-fixes). +- gpio: mvebu: fix irq domain leak (git-fixes). +- gpio: mvebu: Make use of devm_pwmchip_add (git-fixes). +- gpio: tps68470: Make tps68470_gpio_output() always set the + initial value (git-fixes). +- drm/ttm: never consider pinned BOs for eviction&swap + (git-fixes). +- i2c: nomadik: Remove a useless call in the remove function + (git-fixes). +- pwm: meson: fix handling of period/duty if greater than UINT_MAX + (git-fixes). +- i2c: nomadik: Use devm_clk_get_enabled() (git-fixes). +- i2c: nomadik: Remove unnecessary goto label (git-fixes). +- i2c: Improve size determinations (git-fixes). +- i2c: Delete error messages for failed memory allocations + (git-fixes). +- PCI: rockchip: Remove writes to unused registers (git-fixes). +- PCI/ASPM: Avoid link retraining race (git-fixes). +- PCI/ASPM: Factor out pcie_wait_for_retrain() (git-fixes). +- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() + (git-fixes). +- phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc + (git-fixes). +- ACPI: processor: perflib: Avoid updating frequency QoS + unnecessarily (git-fixes). +- ACPI: processor: perflib: Use the "no limit" frequency QoS + (git-fixes). +- pwm: Add a stub for devm_pwmchip_add() (git-fixes). +- phy: qcom-snps: Use dev_err_probe() to simplify code + (git-fixes). +- pwm: meson: Simplify duplicated per-channel tracking + (git-fixes). +- commit f6445d7 + +- Input: exc3000 - properly stop timer on shutdown (git-fixes). +- commit 0eb1518 + +- powerpc/security: Fix Speculation_Store_Bypass reporting on + Power10 (bsc#1188885 ltc#193722 git-fixes). +- commit 298c13e + +- blacklist.conf: Add 3d2af77e31ad blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() +- commit 84acea1 + +- blacklist.conf: Add 6f363f5aa845 cgroup: Do not corrupt task iteration when rebinding subsystem +- commit 71728c0 + +- scsi: core: Improve warning message in scsi_device_block() + (bsc#1209284). +- scsi: core: Don't wait for quiesce in scsi_device_block() + (bsc#1209284). +- scsi: core: Don't wait for quiesce in scsi_stop_queue() + (bsc#1209284). +- scsi: core: Merge scsi_internal_device_block() and + device_block() (bsc#1209284). +- scsi: sg: Increase number of devices (bsc#1210048). +- scsi: bsg: Increase number of devices (bsc#1210048). +- commit 8f3e780 + +- Created new preempt kernel flavor + Configs are cloned from the respective $arch/default configs. All + changed configs appart from CONFIG_PREEMPT->y are a result of + dependencies, namely many lock/unlock primitives are no longer + inlined in the preempt kernel. TREE_RCU has been also changed to + PREEMPT_RCU which is the default implementation for PREEMPT kernel. -- commit f994874 +- commit ba6a3b0 kexec-tools +- update to 2.0.27: + * ppc64: add --reuse-cmdline parameter support + * kexec: make -a the default + * x86: add devicetree support + * ppc64: document elf-ppc64 options and --dt-no-old-root + * LoongArch: kdump: set up kernel image segment + * arm64: zboot support + +- Disable Xen support in ALP + +- Pull kexec-bootloader from perl-Bootloader, bump version so that + perl-Bootloader can obsolete kexec-tools containing kexec-bootloader + (bsc#1211082). + +- Update kexec-tools-SYS_getrandom.patch to fix build errors on + old x86_64 distributions + +- kexec-bootloader: Add -a argument to load using kexec_load_file() when available (boo#1202820). + +- update to 2.0.26: + * m68k: pass rng seed via BI_RNG_SEED + * workflow: update to checkout@v3 + * LoongArch: Remove redundant cmdline parameters when using --reuse-cmdline option + * LoongArch: Add purgatory framework code + * LoongArch: PE format image loading support + * LoongArch: Add kexec/kdump support + * config: Add LoongArch architecture support in config.guess and config.sub files + * ppc64: remove rma_top limit +- refresh kexec-tools-riscv64.patch. + +- Replace transitional %usrmerged macro with regular version check (boo#1206798) + +- add kexec-tools-riscv64.patch + +- update to 2.0.25: + * kexec-tools: Remove duplicate ultoa() definitions and redefine it + * i386: pass rng seed via setup_data + * kexec-tools: mips: Pass initrd parameter via cmdline + * arm64/crashdump-arm64: increase CRASH_MAX_MEMORY_RANGES to 32k + +- update to 2.0.24: + * arm64: fix static data relocations in machine_apply_elf_rel() + * kexec/elf: assign one to align if sh_addralign equals zero + * arm64/crashdump-arm64: explicit type conversion to suppress compiler warning + * arm64/kexec-arm64: add support for R_AARCH64_MOVW_UABS_G* rela + * arm64/kexec-arm64: use enum to organize the reloc type + * arm64/kexec-arm64: add support for R_AARCH64_LDST128_ABS_LO12_NC rela + * kexec-tools: fix leak FILE pointer. + * purgatory: do not enable vectorization automatically for purgatory compiling + * kexec-tools: Determine if the image is lzma commpressed + * util_lib/elf_info: harden parsing of printk buffer + * github: run apt-get update before installing packages + * kexec-xen: Allow xen_kexec_exec() to return in case of Live Update + * kexec-tools: print error if kexec_file_load fails + * kexec-tools: mips: Concatenate --reuse-cmdline and --append + * kexec-tools: mips: Add some debug info + * arm64: fix PAGE_OFFSET calc for flipped mm + * arm64: read VA_BITS from kcore for 52-bits VA kernel + * arm64/crashdump: unify routine to get page_offset + * arm64: make phys_offset signed + * s390: add support for --reuse-cmdline + * use slurp_proc_file() in get_command_line() + * add slurp_proc_file() + * s390: use KEXEC_ALL_OPTIONS + * s390: add variable command line size + * arm64: support more than one crash kernel regions + * s390: handle R_390_PLT32DBL reloc entries in machine_apply_elf_rel() + * arm64/crashdump: deduce paddr of _text based on kernel code size +- drop kexec-tools-print-error-if-kexec_file_load-fails.patch, + kexec-tools-remove-duplicate-ramdisk-definition.patch (upstream) +- add homepage url +- add gpg validation + +- Bump version to 2.0.21 +- Drop patches from upstream git: + * kexec-tools-video-capability.patch + +- kexec-tools-remove-duplicate-ramdisk-definition.patch: + Remove duplicate definition of ramdisk (fix ppc build). + +- Bump version to 2.0.21 +- Drop patches from upstream git: + * kexec-tools-add-variant-helper-functions.patch + * kexec-tools-arm64-kexec-allocate-memory-space-avoiding-reserved-regions.patch + * kexec-tools-arm64-kdump-deal-with-resource-entries-in-proc-iomem.patch + * kexec-tools-build-multiboot2-for-i386.patch + * kexec-tools-fix-kexec_file_load-error-handling.patch + * kexec-tools-reset-getopt-before-falling-back-to-legacy.patch + * kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch + * kexec-tools-Remove-duplicated-variable-declarations.patch + -- Remove kexec-tools-xen-balloon-up.patch (bsc#1176606, - bsc#1174508) - This patch was introduced to address bsc#694863; it enabled kexec +- prepare usrmerge (boo#1029961) + +- Remove kexec-tools-xen-balloon-up.patch (bsc#1176606) + This patch was introduced to address bug#694863, it enabled kexec - for HVM domUs. This host feature removes the requirement to + for HVM domUs. This host feature removed the requirement to - With Xen 4.13 cpuid faulting became the default, which affects - the approach used in this patch to detect the domU type. As a - result, invoking kexec in dom0 failed. + With Xen 4.13 cpuid faulting became the default, which affected the + approach used in this patch to detect the domU type. As a result + invoking kexec in dom0 failed. + +- Make kexec-bootloader work without 'which' package (boo#1172501) + +- kexec-tools-Remove-duplicated-variable-declarations.patch: + Remove duplicated variable declarations (boo#1160399). krb5 +- Avoid KDC spoofing vulnerability, enable verify_ap_req_nofail in + krb5.conf; (jsc#PED-6213); + libcaca -- More overflow prevention of multiplying large ints - [bsc#1182731, CVE-2021-3410, libcaca-bsc1182731-prevent-overflow.patch] +- add patch [libcaca-autoconf-2.69.patch] + * Don't force autoconf to be at version 2.71 + +- Upgrade to 0.99.beta20 + * IPv6 support in cacaserver + * fixed a bug from 2004 that caused PDF documentation generation to fail + * memory allocation functions are now more robust + * numerous fixes for memory leaks and invalid memory accesses: + * CVE-2021-30498 + * CVE-2021-30499 + * CVE-2021-3410 + * CVE-2018-20546 + * CVE-2018-20547 + * CVE-2018-20545 + * CVE-2018-20548 + * CVE-2018-20549 +- Dropped upstream fixed patches + * libcaca-bsc1182731-prevent-overflow.patch + * libcaca-variable-type.patch + * Bug1120502-add_cast_to_prevent_overflow.patch -- If an image has a size of 0x0, when exporting, no data is written - and space is allocated for the header only, not taking into - account that sprintf appends a NUL byte. +- The problem is due to the fact that the images in the POC have + a size of 0x0 and thus, when exporting, no data is written for + the image bits. + However, space is allocated for the header only, not taking + into account that sprintf appends a NUL byte. +- More overflow prevention of multiplying large ints + [bsc#1182731, CVE-2021-3410, libcaca-bsc1182731-prevent-overflow.patch] + libnvme +- Update to version 1.4+29.ga3cf0a: + * tree: fix segfault in nvme_scan_subsystem() (bsc#1213993) + * src/nvme/tree.c: make __nvme_scan_subsystem() returning bool (bsc#1213993) + libopenraw +- Update to version 0.3.7 and remove incorporated patch: + 03f8270d6bb255ca6618505e83169ab9d95ccef1.patch +- Fix build using %prep from Gentoo and autoconf +- Upstream changes: + * Bug fixes: + Fix a crash when rendering Leica M Monochron DNG files. + Preserve the raw data photometric interpretation when + decompressing raw data. + Properly decode uncompressed big endian 16 bit raw data from + Pentax PEF. Issue #2. Including PENTAX *ist DS. #2 + Added missing MPL-2.0 license to tarball. #15 + Fix build issue with Rust 1.70. + Fix offline Rust build from tarball. + Fix a missing include with gcc 13. Issue #12. + * New features: + The Rust crates are vendored for the tarball. Note: resulting + tarball is bigger. + * Camera support: + [ a * denote that static WB coefficients have been included, unless DNG ] + Added Leica M11 Monochrom, Q3. + [ a * denote that static WB coefficients have been included, unless DNG ] + Added coefficients for Canon R8* and R50*. + Added coefficients for Panasonic S5M2*. + Added Panasonic GF8*. + Added Sony ZV-E1*, ILME-FX30*. + * Other: + Updated Exif tags. + +- Add 03f8270d6bb255ca6618505e83169ab9d95ccef1.patch: Include + stdint.h where needed. This fixes an issue building with gcc 13. + +- Update to version 0.3.4: + * Added Canon R8 and R50. + * Added Panasonic G95D* and S5M2. + * Added Canon 200D Mk II*, EOS R6 MKII*, EOS R7* and EOS R10*. + * Added DJI Mini 3 Pro / FC-3582 (DNG). + * Added Fujifilm X-H2*, X-H2S*, X-T5*, S6000fd*, SL1000* and HS50EXR*. + * Added Hasselblad L2D-20c / DJI Mavic 3 Cine (DNG). + * Added Olympus C5060WZ*, SP570UZ* and E-P7*. + * Added OM Systems OM-5*. + * Added Panasonic FZ38*, FZ300*, FZ70, FZ72*, G6*, G70*, G81*, G90*, GM1S*, + GX7 Mk3*, GX85*, LF1*, TZ71*, TZ81*, TZ90*, TZ96*, TZ101*, ZS40*/TZ60*/TZ61*. + * Added Sony 7RM5*. + * Added Leica D-LUX 6*. + * Added Nikon Z 30*. + * Added Epson RD-1X*. + * Added Leica DIGILUX3*. + * Added Nikon D1H*, D7500*, D850* and P7800*. + * Added Olympus E30*, E420*, E450*, E520*, E600* and E-P5*. + * Added Pentax K2000* and K-m* (PEF). + * Ensure that RawFile::init() is never called twice. + This would cause crashes if it was called concurrently. + * Properly detect compressed data for Panasonic. + * Fix the linkage of the mp4parse library with libtool. + * Fixed the demo/ccfa to output properly the byte stream. + * Fixed BitIterator code to peek past the number of bits for Olympus decoding. + * Fixed decompression of packed Olympus ORF files. + * Fixed over reported size of Panasonic compressed Raw data. + -- Run make check -- Do not use gcc -ansi flag -- Ensure all C files include "config.h" - -- Build C++ code with -fvisibility-inlines-hidden shrinks - the exported symbol table from 1844 to 1476 entries. - libvirt +- Update to libvirt 9.7.0 (jsc#PED-3279) + - Many incremental improvements and bug fixes, see + https://libvirt.org/news.html#v9-7-0-2023-09-01 +- spec: Unconditionally enable modular daemons (jsc#PED-6303) +- spec: Disable ESX hypervisor driver in ALP-based products +- spec: Disable glusterfs storage backend in ALP-based products + +- spec: Disable Apparmor support in ALP-based products +- spec: Disable interface driver in ALP-based products +- spec: Disable sanlock plugin in ALP-based products +- spec: Disable numad support in ALP-based products + +- spec: Disable Xen driver in ALP-based products + +- Add upstream commit 3d2f3fb72b to fix max file limits in systemd + services + +- Update to libvirt 9.6.0 + - Many incremental improvements and bug fixes, see + https://libvirt.org/news.html#v9-6-0-2023-08-01 + - jsc#PED-3725 +- spec: Remove logic handling package upgrade from old libvirtd +- spec: Remove obsolete Groups tag +- spec: Integrate upstream spec file changes that split the + libvirt-daemon package, allowing more modular, customized + installations +- spec: New subpackages libvirt-daemon-common, libvirt-daemon-lock, + libvirt-daemon-log, libvirt-daemon-proxy, and + libvirt-daemon-plugin-lockd +- spec: Renamed subpackage libvirt-lock-sanlock to + libvirt-daemon-plugin-sanlock + libwacom +- update to 2.8.0 (bsc#1214390): + * data: Add "Wacom One pen tablet" + * data: add Wacom One 12 & Wacom One 13 + * data: Add support for the Samsung Chromebook Plus v2 + * data: Add support for Nuvision Solo 10 Draw + * data: add ELAN 2C1B and 2D55 (Asus ZenBook Pro Duo UX482EG) + * data: create a stylus group for the generic-no-eraser pen + * data: create a generic-with-eraser group for the default + stylus + * data: include another device name for the Huion H950P + * libwacom 2.8.0 + * data: add XP Pen Deco mini7 +- update keyring with keys from https://github.com/whot.gpg + +- update to 2.7.0: + * Added support for XP-Pen Deco MW (#548) + * Add support for Lenovo Ideapad Duet 5i + * Add support for HP Spectre x360 14 + * data: make XP-Pen Deco Pro MW layout generic + * data: Add XP-Pen Deco Pro SW + * Format python files with Python black + * tools: add list-local-devices as builddir tool + * data: narrow down the Huion H950p to include a name match + * tools: list the kernel name together with the event node + * Add ID 04f3:23b9 for HP Envy x360 ar0xxx (#550) + * Add Wacom HID 52D3 (Lenovo Yoga 7 14ARB7) + * Update to follow auto-generated standard + * Add Wacom HID 52D5 (Lenovo Yoga 7 14ARB7) (#549) + * Support for xp-pen deco pro mw (#552) + +- update to libwacom-2.6.0: + * Add Ugee M708 v1 tablet + * Add tablet definition for Wacom HID 52FA Pen (#536) + * Added support for XP-Pen Deco01 v2 + * tools/clean_svg: don't modify the dict while iterating + * data: add the sysinfo to the wacom.example file + * CI: update some actions to newer versions + * CI: bump an action to the current version + * README: note that we support tablets other than Wacom's + too + * CI: bump to use latest Ubuntu LTS + * Add tablet definition for Huion Kamvas 13 + * tests: fix failure if system doesn't use systemd + libwebp +- Add 0001-Fix-OOB-write-in-BuildHuffmanTable.patch + Add 0001-Fix-invalid-incremental-decoding-check.patch: + [boo#1215231] [CVE-2023-4863] + libxml2 + * [CVE-2023-39615, bsc#1214768] Crafted xml can cause global + buffer overflow + - Added file libxml2-CVE-2023-39615.patch + +- Security update: lightdm +- Split bash-completion to separate sub-package + mariadb -- Update to 10.6.14: - https://mariadb.com/kb/en/mariadb-10-6-14-release-notes/ - https://mariadb.com/kb/en/mariadb-10-6-14-changelog/ - * fixes for the following security vulnerabilities: - 10.6.14: none +- update the list of the skipped tests for s390x, fix bsc#1215255 -- Update to 10.6.13: - https://mariadb.com/kb/en/mariadb-10-6-13-release-notes/ - https://mariadb.com/kb/en/mariadb-10-6-13-changelog/ - * fixes for the following security vulnerabilities: - 10.6.13: CVE-2022-47015 (bsc#1207404) +- Update to 10.11.5: + https://mariadb.com/kb/en/mariadb-10-11-5-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-5-changelog/ + https://mariadb.com/kb/en/mariadb-10-11-4-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-4-changelog/ + * fixes for the following security vulnerabilities: + 10.11.5: none + 10.11.4: none +- Issues that aren't affecting this package: + * CVE-2021-46669 + * CVE-2022-27376 (bsc#1198628) + * CVE-2022-27377 (bsc#1198603) + * CVE-2022-27378 (bsc#1198604) + * CVE-2022-27379 (bsc#1198605) + * CVE-2022-27380 (bsc#1198606) + * CVE-2022-27381 (bsc#1198607) + * CVE-2022-27382 (bsc#1198609) + * CVE-2022-27383 (bsc#1198610) + * CVE-2022-27384 (bsc#1198611) + * CVE-2022-27386 (bsc#1198612) + * CVE-2022-27387 (bsc#1198613) + * CVE-2022-27444 (bsc#1198634) + * CVE-2022-27445 (bsc#1198629) + * CVE-2022-27446 (bsc#1198630) + * CVE-2022-27447 (bsc#1198631) + * CVE-2022-27448 (bsc#1198632) + * CVE-2022-27449 (bsc#1198633) + * CVE-2022-27451 (bsc#1198639) + * CVE-2022-27452 (bsc#1198640) + * CVE-2022-27455 (bsc#1198638) + * CVE-2022-27456 (bsc#1198635) + * CVE-2022-27457 (bsc#1198636) + * CVE-2022-27458 (bsc#1198637) + * CVE-2022-32088 (bsc#1201168) + * CVE-2022-32087 (bsc#1201167) + * CVE-2022-32086 (bsc#1201166) + * CVE-2022-32085 (bsc#1201165) + * CVE-2022-32083 (bsc#1201163) + * CVE-2022-21427 + * bsc#1199928 + * bsc#1195076 + * jsc#SLE-22245 + +- Skip test on s390x to fix build on ALP, bsc#1211859 -- Update to 10.6.12: - https://mariadb.com/kb/en/library/mariadb-10612-release-notes - https://mariadb.com/kb/en/library/mariadb-10612-changelog - https://mariadb.com/kb/en/library/mariadb-10611-release-notes - https://mariadb.com/kb/en/library/mariadb-10611-changelog +- Refresh gcc13-fix.patch +- Update to 10.11.3: + * release notes and changelog: + https://mariadb.com/kb/en/mariadb-10-11-3-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-3-changelog/ - 10.6.12: none - 10.6.11: none + 10.11.3: CVE-2022-47015 (bsc#1207404) + +- Cherry-pick upstream changes (gcc13-fix.patch) for GCC 13. + +- Update to 10.11.2: + * release notes and changelog: + https://mariadb.com/kb/en/changes-improvements-in-mariadb-1011/ + https://mariadb.com/kb/en/mariadb-10-11-2-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-2-changelog/ + https://mariadb.com/kb/en/mariadb-10-11-1-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-1-changelog/ + https://mariadb.com/kb/en/mariadb-10-11-0-release-notes/ + https://mariadb.com/kb/en/mariadb-10-11-0-changelog/ +- Refresh mariadb-10.2.4-logrotate.patch + +- Update to 10.10.3: + https://mariadb.com/kb/en/mariadb-10-10-3-release-notes/ + https://mariadb.com/kb/en/mariadb-10-10-3-changelog/ + -- Update to 10.6.10: - https://mariadb.com/kb/en/library/mariadb-10610-release-notes - https://mariadb.com/kb/en/library/mariadb-10610-changelog +- Update to 10.10.2: + * release notes and changelog: + https://mariadb.com/kb/en/changes-improvements-in-mariadb-1010/ + https://mariadb.com/kb/en/mariadb-10-10-2-release-notes/ + https://mariadb.com/kb/en/mariadb-10-10-2-changelog/ + https://mariadb.com/kb/en/mariadb-10101-release-notes/ + https://mariadb.com/kb/en/mariadb-10101-changelog/ + https://mariadb.com/kb/en/mariadb-10100-release-notes/ + * fixes for the following security vulnerabilities: + 10.10.2: none + +- Update to 10.9.4: + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-1094-release-notes + https://mariadb.com/kb/en/library/mariadb-1094-changelog - 10.6.10: none + 10.9.4: none + +- Update to 10.9.3: + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-1093-release-notes + https://mariadb.com/kb/en/library/mariadb-1093-changelog -- Update to 10.6.9: +- Update to 10.9.2: + * changes and improvements in MariaDB 10.9: + https://mariadb.com/kb/en/changes-improvements-in-mariadb-109/ - https://mariadb.com/kb/en/library/mariadb-1069-release-notes - https://mariadb.com/kb/en/library/mariadb-1069-changelog + https://mariadb.com/kb/en/library/mariadb-1092-release-notes + https://mariadb.com/kb/en/library/mariadb-1092-changelog + https://mariadb.com/kb/en/library/mariadb-1091-release-notes + https://mariadb.com/kb/en/library/mariadb-1091-changelog + https://mariadb.com/kb/en/library/mariadb-1090-release-notes + https://mariadb.com/kb/en/library/mariadb-1090-changelog - 10.6.9: CVE-2022-32082 (bsc#1201162) + 10.9.2: CVE-2022-32082 (bsc#1201162) +- Update list of skipped tests + +- Respect socket setting in mysql-systemd-helper +- Fix my_print_defaults call in mysql-system-helper + +- use the better collation as default + * DDEFAULT_COLLATION=utf8mb4_unicode_520_ci + + * suse_skipped_tests.list -- Update to 10.6.8 (bsc#1199928): +- Update to 10.8.3: - https://mariadb.com/kb/en/library/mariadb-1068-release-notes - https://mariadb.com/kb/en/library/mariadb-1068-changelog - * fixes for the following security vulnerabilities: - 10.6.8: CVE-2021-46669 - CVE-2022-27376 (bsc#1198628) - CVE-2022-27377 (bsc#1198603) - CVE-2022-27378 (bsc#1198604) - CVE-2022-27379 (bsc#1198605) - CVE-2022-27380 (bsc#1198606) - CVE-2022-27381 (bsc#1198607) - CVE-2022-27382 (bsc#1198609) - CVE-2022-27383 (bsc#1198610) - CVE-2022-27384 (bsc#1198611) - CVE-2022-27386 (bsc#1198612) - CVE-2022-27387 (bsc#1198613) - CVE-2022-27444 (bsc#1198634) - CVE-2022-27445 (bsc#1198629) - CVE-2022-27446 (bsc#1198630) - CVE-2022-27447 (bsc#1198631) - CVE-2022-27448 (bsc#1198632) - CVE-2022-27449 (bsc#1198633) - CVE-2022-27451 (bsc#1198639) - CVE-2022-27452 (bsc#1198640) - CVE-2022-27455 (bsc#1198638) - CVE-2022-27456 (bsc#1198635) - CVE-2022-27457 (bsc#1198636) - CVE-2022-27458 (bsc#1198637) - CVE-2022-32088 (bsc#1201168) - CVE-2022-32087 (bsc#1201167) - CVE-2022-32086 (bsc#1201166) - CVE-2022-32085 (bsc#1201165) - CVE-2022-32083 (bsc#1201163) -- Update list of skipped tests -- The following issue is not affecting this package: - * CVE-2022-21427 + https://mariadb.com/kb/en/library/mariadb-1083-release-notes + https://mariadb.com/kb/en/library/mariadb-1083-changelog + https://mariadb.com/kb/en/library/mariadb-1082-release-notes + https://mariadb.com/kb/en/library/mariadb-1082-changelog + https://mariadb.com/kb/en/library/mariadb-1081-release-notes + https://mariadb.com/kb/en/library/mariadb-1081-changelog + https://mariadb.com/kb/en/library/mariadb-1080-release-notes + https://mariadb.com/kb/en/library/mariadb-1080-changelog +- Remove upstreamed patch: + * bsc1194828.patch -- Build mariadb-galera on SLE (jsc#SLE-22245) -- Add dependency on galera-4 for mariadb-galera -- Remove old constraints for mariadb-galera +- Do not include mariadb-galera files in the main package when + %{with galera} is false -- Update to 10.6.7 (bsc#1196016): +- Update to 10.7.3 (bsc#1196016): - https://mariadb.com/kb/en/library/mariadb-1067-release-notes - https://mariadb.com/kb/en/library/mariadb-1067-changelog - https://mariadb.com/kb/en/library/mariadb-1066-release-notes - https://mariadb.com/kb/en/library/mariadb-1066-changelog + https://mariadb.com/kb/en/library/mariadb-1073-release-notes + https://mariadb.com/kb/en/library/mariadb-1073-changelog + https://mariadb.com/kb/en/library/mariadb-1072-release-notes + https://mariadb.com/kb/en/library/mariadb-1072-changelog + https://mariadb.com/kb/en/library/mariadb-1071-release-notes + https://mariadb.com/kb/en/library/mariadb-1071-changelog + https://mariadb.com/kb/en/library/mariadb-1070-release-notes + https://mariadb.com/kb/en/library/mariadb-1070-changelog - 10.6.7: CVE-2021-46665 + 10.7.3: CVE-2021-46665 - 10.6.6: CVE-2022-24052 + 10.7.2: CVE-2022-24052 -- Skip failing tests for s390x, fixes bsc#1195076 - * suse_skipped_tests.list + 10.7.1: none + 10.7.0: none +- Update list of skipped tests +- Add bsc1194828.patch to fix build with GCC12, fixes bsc#1194828 +- Build mariadb-galera on SLE +- Add dependency on galera-4 for mariadb-galera +- Remove old constraints for mariadb-galera + nvme-cli +- Update to version 2.4+25.g367eb9: + * json: fix seg. fault converting NULL to JSON string (bsc#1213762) + patterns-xfce +- Restore previously removed gnome-packagekit as it is needed so that + openQA does not fail graphical update test (poo#124364). This is + also useful in preparation for offline updates method planned at some + point in the future. + perl-Bootloader -- merge gh#openSUSE/perl-bootloader#152 +- drop obsolete perl-Bootloader-YAML subpackage + +- merge gh#openSUSE/perl-bootloader#158 +- skip warning about unsupported options when in compat mode +- 1.8 + +- merge gh#openSUSE/perl-bootloader#156 +- bootloader_entry script can have an optional 'force-default' + argument (bsc#1215064) +- 1.7 + +- merge gh#openSUSE/perl-bootloader#154 +- move kexec-bootloader from kexec-tools to perl-Bootloader +- 1.6 + +- merge gh#openSUSE/perl-bootloader#153 +- check whether grub2-install supports --suse-force-signed option +- 1.5 + +- merge gh#openSUSE/perl-bootloader#151 +- default-settings: support non-x86 architectures +- add man pages for all commands +- 1.4 + +- merge gh#openSUSE/perl-bootloader#149 -- check whether grub2-install supports --suse-force-signed option -- 0.944 +- 1.3 -- merge gh#openSUSE/perl-bootloader#147 +- merge gh#openSUSE/perl-bootloader#148 -- 0.943 +- 1.2 + +- no not install kexec-bootloader +- 1.1 + +- merge gh#openSUSE/perl-bootloader#144 +- add default-settings script +- add new kexec-bootloader +- add --default-settings option (bsc#1211082) + +- merge gh#openSUSE/perl-bootloader#143 +- adjust Makefile for usrmerge and legacy package split +- move obs spec file to git repo +- split off old perl code to perl-Bootloader-legacy package +- remove legacy part completely +- 1.0 +- move binaries from /sbin to /usr/sbin (boo#1191088) +- remove /boot/boot.readme while at it so we stay out of there + +- Moved logrotate files from user specific directory /etc/logrotate.d + to vendor specific directory /usr/etc/logrotate.d. + polkit-default-privs +- Update to version 13.2+20230914.23d7b7c: + * backport systemd v254 actions for SLE-15-SP6 (bsc#1215346) + qemu -- Fix bsc#1213414, bsc#1207205, bsc#1212968, bsc#1179993, - bsc#1181740, bsc#1213001 - * vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present (CVE-2023-3301) - * hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330) - * 9pfs: prevent opening special files (CVE-2023-2861) +- Fix bsc#1215311: + * roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41 (bsc#1215311) + +- Fix the build for SLE/Leap: + * [openSUSE][RPM] Make the package buildable on SLE/Leap 15.x + +- Fix bsc#1211000: + * [openSUSE] block: Add a thread-pool version of fstat (bsc#1211000) + * [openSUSE] block: Convert qmp_query_block() to coroutine_fn (bsc#1211000) + * [openSUSE] block: Don't query all block devices at hmp_nbd_server_start (bsc#1211000) + * [openSUSE] block: Convert qmp_query_named_block_nodes to coroutine (bsc#1211000) + * [openSUSE] block: Convert bdrv_block_device_info into co_wrapper (bsc#1211000) + * [openSUSE] block: Convert bdrv_query_block_graph_info to coroutine (bsc#1211000) + * [openSUSE] block: Temporarily mark bdrv_co_get_allocated_file_size as mixed (bsc#1211000) + * [openSUSE] block: Allow the wrapper script to see functions declared in qapi.h (bsc#1211000) + * [openSUSE] block: Remove unnecessary variable in bdrv_block_device_info (bsc#1211000) + * [openSUSE] block: Remove bdrv_query_block_node_info (bsc#1211000) +- Fix bsc#1213210: + * target/s390x: Fix the "ignored match" case in VSTRS (bsc#1213210) + +- Update to version 8.1.0. Full list of changes are available at: + https://wiki.qemu.org/ChangeLog/8.1 + Highlights: + * VFIO: improved live migration support, no longer an experimental feature + * GTK GUI now supports multi-touch events + * ARM, PowerPC, and RISC-V can now use AES acceleration on host processor + * PCIe: new QMP commands to inject CXL General Media events, DRAM + events and Memory Module events + * ARM: KVM VMs on a host which supports MTE (the Memory Tagging Extension) + can now use MTE in the guest + * ARM: emulation support for bpim2u (Banana Pi BPI-M2 Ultra) board and + neoverse-v1 (Cortex Neoverse-V1) CPU + * ARM: new architectural feature support for: FEAT_PAN3 (SCTLR_ELx.EPAN), + FEAT_LSE2 (Large System Extensions v2), and experimental support for + FEAT_RME (Realm Management Extensions) + * Hexagon: new instruction support for v68/v73 scalar, and v68/v69 HVX + * Hexagon: gdbstub support for HVX + * MIPS: emulation support for Ingenic XBurstR1/XBurstR2 CPUs, and MXU + instructions + * PowerPC: TCG SMT support, allowing pseries and powernv to run with up + to 8 threads per core + * PowerPC: emulation support for Power9 DD2.2 CPU model, and perf + sampling support for POWER CPUs + * RISC-V: ISA extension support for BF16/Zfa, and disassembly support + for Zcm*/Z*inx/XVentanaCondOps/Xthead + * RISC-V: CPU emulation support for Veyron V1 + * RISC-V: numerous KVM/emulation fixes and enhancements + * s390: instruction emulation fixes for LDER, LCBB, LOCFHR, MXDB, MXDBR, + EPSW, MDEB, MDEBR, MVCRL, LRA, CKSM, CLM, ICM, MC, STIDP, EXECUTE, and + CLGEBR(A) + * SPARC: updated target/sparc to use tcg_gen_lookup_and_goto_ptr() for + improved performance + * Tricore: emulation support for TC37x CPU that supports ISA v1.6.2 + instructions + * Tricore: instruction emulation of POPCNT.W, LHA, CRC32L.W, CRC32.B, + SHUFFLE, SYSCALL, and DISABLE + * x86: CPU model support for GraniteRapids + * and lots more... +- This also (automatically) fixes: + * bsc#1212850 (CVE-2023-3354) + * bsc#1213001 (CVE-2023-3255) + * bsc#1213925 (CVE-2023-3180) + * bsc#1213414 (CVE-2023-3301) + * bsc#1207205 (CVE-2023-0330) + * bsc#1212968 (CVE-2023-2861) + * bsc#1179993, bsc#1181740, bsc#1211697 + +- perl-Text-Markdown is not available in all distros and for all + arch-es. Use discount instead +- Patches added: + * [openSUSE][spec] Use discount instead of perl-Text-Markdown + +- Update to version 8.0.4: + * Official changelog not released on the mailing list yet + * Security issues fixed: + - bsc#1212850 (CVE-2023-3354) + - bsc#1213001 (CVE-2023-3255) + - bsc#1213925 (CVE-2023-3180) + - bsc#1207205 (CVE-2023-0330) + +- Fix bsc#1179993, bsc#1181740, bsc#1213001 +- Patches added: - * [openSUSE][OBS] Refine the OBS workflow for 15-SP5 -- Fix bsc#1211000 -- Patches added: - * Run fstat asynchronously inside coroutines (bsc#1211000) - * Allow bdrv_get_allocated_file_size to run in bdrv context (bsc#1211000) - * Convert query-named-block-nodes to coroutine (bsc#1211000) - * Convert query-block/info_block to coroutine (bsc#1211000) - * block: Convert bdrv_get_allocated_file_size() to co_wrapper (bsc#1211000) - * block-coroutine-wrapper.py: support also basic return types (bsc#1211000) - * [openSUSE][RPM] Backport some spec-file improvements from Factory +- Update to version 8.0.3: + * See full log: https://lists.nongnu.org/archive/html/qemu-stable/2023-07/msg00086.html + * Security issues fixed: + - 9pfs: prevent opening special files (CVE-2023-2861) + - vhost-vdpa (CVE-2023-3301) + * Use the official xkb name for Arabic layout, not the + legacy synonym (bsc#1212966) + * [openSUSE][RPM] Update to version 8.0.3 + +- Patches added (first one is relevant for boo#1197298 and bsc#1212768): + * [openSUSE][RPM] Use --preserve-argv0 in qemu-linux-user (#32) + * [openSUSE][RPM] Split qemu-tools package (#31) + +- Update to version 8.0.2: + * Stability, security and bug fixes +- Patch added: + * [openSUSE][RPM] Update to version 8.0.2 + +- Patch added: + [openSUSE][RPM] Fix deps for virtiofsd and improve spec files -- Fix bsc#bsc#1211697 +- Update the _constraints file: + * the qemu-testsuite package does not exist any longer, but some + of the tests are done in the qemu package (so "transfer" some of + the constraints to that one) + - some of the builds are failing with OOM, happening while the RPM + is actually put together, at the end of the process. Try to give + them more RAM + +- Patch added: + [openSUSE][RPM] spec: require virtiofsd, now that it is a sep package (#27) + +- Update to version 8.0.0 (https://wiki.qemu.org/ChangeLog/8.0) + * Removed features: https://qemu-project.gitlab.io/qemu/about/removed-features.html + * Deprecated features: https://qemu-project.gitlab.io/qemu/about/deprecated.html + * Some notable changes: + - ARM: + - New emulated CPU types: + - Cortex-A55 CPU + - Cortex-R52 CPU + - x86 + - Add support for Xen guests under KVM with Linux v5.12+ + - New CPU model "SapphireRapids" + - VFIO + - Experimental migration support has been updated to the v2 VFIO migration protocol + - virtio + - virtio-mem now fully supports combining preallocation with migration + - vDPA + - Support live migration of vhost-vdpa net devices without CVQ, with no need of x-svq + - virtiofs + - The old C virtiofsd has been removed, use the new Rust implementation instead. - smbios: sanitize type from external type before checking have_fields_bitmap (bsc#1211697) - hw/smbios: fix field corruption in type 4 table (bsc#1211697) - linux-user: fill out task state in /proc/self/stat - test-vmstate: fix bad GTree usage, use-after-free - qemu/osdep: Switch position of "extern" and "G_NORETURN" + [openSUSE][RPM] Try to avoid recommending too many packages (bsc#1205680) + [openSUSE][RPM] Move documentation to a subpackage and fix qemu-headless (bsc#1209629) + roms: add back edk2-basetools target + async: Suppress GCC13 false positive in aio_bh_poll() + [openSUSE][OBS] Limit the workflow runs to the factory branch (#25) + [openSUSE][RPM] Spec file adjustments for 8.0.0 -- Switch the packaging workflow to git, like the one we have in place - already for Factory. - * Patches no longer present as patch files, but applied as commits: +- (Radical!) Change of packaging workflow. Now pretty much everything + happens via git, and interacting with https://github.com/openSUSE/qemu.git. + See README.PACKAGING for details + * Patches added: + linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls + linux-user: fill out task state in /proc/self/stat + linux-user: Emulate CLONE_PIDFD flag in clone() + * Patches transformed in git commits: + acpi-cpuhp-fix-guest-visible-maximum-acc.patch + qemu-osdep-Switch-position-of-extern-and.patch + test-vmstate-fix-bad-GTree-usage-use-aft.patch +- Enable again LTO for x86_64 target (boo#1133281). + +- Further fixes for bsc#1209546 + * Patches added: + test-vmstate-fix-bad-GTree-usage-use-aft.patch + +- Fix bsc#1209546 + * Patches added: + qemu-osdep-Switch-position-of-extern-and.patch + +- Backport the "acpi: cpuhp: fix guest-visible maximum access size + to the legacy reg block" patch, as it makes developing and + testing OVMF/EDK2 easier + acpi-cpuhp-fix-guest-visible-maximum-acc.patch +- Disable -Werror as it is very sensitive when one + updates a new compiler. -Werror is fine for upstream development, + but not when it comes to stability of a package build. + suse-module-tools +- Update to version 15.6.2: + * Revert "weak-modules2: only use kernel version under /run/regenerate-initrd" + (bsc#1214877) + - (bsc#1201066) + (bsc#1201066, bsc#1213428) systemd-presets-branding-openSUSE +- enable the various libvirt modular daemons (boo#1212195) + +- fix drkonqi entry, should end with .service + +- enable autostart of drkonqi (bsc#1203493). + sysuser-tools +- Remove all systemd requires, not supported on SLE15 [bsc#1214140] + +- Version 3.2 +- update sysusers_requires to request sysuser-shadow 3.2 +- Use TAB consistently for indention in sysusers2shadow.sh +- This pkg needs to follow behavior which is described in sysusers.d(5). + Always create a system group of the same name as the system user, + even if the user already exists. (bsc#1205161, bsc#1207778, bsc#1213240) + +- Add "quilt setup" friendly hint to %sysusers_requires usage + It is not required to have sysuser-tools installed when working + with a pkg source which uses sysuser-tools at build time. + +- Use append so if a pre file already exists it isn't overridden + +- invoke bash for bash scripts (bsc#1195391) + transmission +- Fix transmission-daemon missing /var/lib/transmission + +- Update to version 4.0.3: + + Fix 4.0.2 higher CPU load while downloading (a regression). + + Fix 4.0.0 bug where the torrentGet RPC method returned wrong + trackerStats.tier values. + + Fix 4.0.0 HTTP announce behavior with bind-address-ipv* + settings. + + Fix 4.0.0 bug in code that detects the computer's IPv6 support. + + Silenced 4.0.0 minor log warnings for cross_seed_entry and uid + entries in torrent files. + + When adding a duplicate torrent via the RPC API, the return + value now matches Transmission 3's return value. + + Fix use of metainfo display-name as a fallback name. + + Updated torrent Peer ID generation to happen once per session, + even for public torrents. + + GTK client: + - Fix 4.0.0 preferences dialog being too large for small + displays. + - Fix 4.0.0 regression of percents, speeds, sizes, etc, not + being i18nized properly. + + Daemon: Set the log level sooner at startup to ensure events + aren't missed. + + Fix 4.0.0 bug in the display of how much of a torrent has been + downloaded. + + Documentation improvements. +- Drop merged-upstream patch: + 9fc0e4ff6186e3aee3d3350e9f1b062aa6e161fe.patch + +- Add 9fc0e4ff6186e3aee3d3350e9f1b062aa6e161fe.patch: Fix: + disable-deprecated by default for end users (needed due to new + deprecation in gtkmm). + +- Update to 4.0.2: + + Highlights: + - Fixed 4.0.1 bug where some torrents thought they were + magnet links. + - Fixed 4.0.0 bug where download speed limits were ignored for + uTP peers. + - Fixed 4.0.0 bug using announce-list when creating + single-tracker private torrents. + + All platforms: + - Restored support for path.utf-8 keys in torrent info dictionaries. + - Fixed value of TR_TIME_LOCALTIME environment variable in + torrent scripts. + - Limited in-kernel file copying to 2 GiB blocks at a time to avoid + potential issues with CIFS mounts. + - Simplified filename info in log messages. + - Fixed std::clamp() assertion failures. + - Fixed small error calculating protocol overhead when receiving + peer messages. + - Fixed incorrect escaping of non-BMP characters when + generating JSON. + - Fixed 4.0.0 crash when receiving malformed piece data from peers. + - Fixed 4.0.0 potential crash when downloading from webseeds. + - Improved handling of the leechers param in trackers' + announce responses. + - Fixed 4.0.0 regression that stopped increasing the download + priority of files' first and last pieces. These pieces are + important for making incomplete files previewable / playable + while still being downloaded. + - Fixed display of IPv6 tracker URLs. + - Fixed code that could stop being interested in peers that + have pieces we want to download. + - Improved sanity checking of magnet links added via RPC. + - Fixed a misleading error message when Transmission is unable to + write to the incomplete-dir. + - Worked around an older libdht bug that could provide + invalid peer info. + - Restored RPC torrentGet.wanted return value + to match 3.00 behavior. + + QT client: + - Ensured that "Open File" opens the torrent's folder for + multi-file torrents. + - Fixed 4.0.0 bug that prevented batch-adding trackers to + multiple torrents at once. + - Fixed per-torrent ratio display in main window. + + GTK client: + - Fixed 4.0.0 ignoring -m/--minimized command line option. + - Fixed assertion failure in the progress display when creating + a new torrent. + + Web client: + - Fixed minor UI bugs, e.g. layout and control alignment. + - Fixed 4.0.0 bug that that failed to save alternate speed begin/end + settings changes. + - Improved colors in both light & dark mode. + + Daemon: + - Made the "unrecognized argument" error message more readable. + + transmission-remote: + - Fixed a spurious error message when adding magnet links. + +- Update to version 4.0.1: + + Issues fixed: + - Poor speed and some checksums being incorrectly marked as + failed in somes torrents. + - Beachballing / jank. + - Blocklists using more memory than necessary. + - Failure to migrate magnet links from Transmission 3. + - Many other fixes. +- Changes from version 4.0.0: + + Added many performance improvements, and numerous bugfixes. + + The entire codebase has been migrated from C to C++. + + The remote control GUIs (transmission-qt and transmission-web) + now use the RPC API "table" mode, resulting in smaller payloads + / less bandwidth use. + + Added support for GTK 4, and both Qt5 and Qt6. + + The GTK client has been ported to gtkmm. + + New Features: + - Support for using BitTorrent v2 and hybrid torrents. + - Users can now set "default" trackers that can be used to + announce all public torrents. + - Newly-added seeds can start immediately and verify pieces on + demand now. + - Added an option to omit potentially-identifying information + (e.g. User-Agent and date created) when creating new + torrents. + - The Web client has been rewritten and now supports mobile + use. + - When creating new torrents, users can now specify the piece + size. + - IPv6 blocklists are now supported. + - Dozens of other new features. + + Fix small scrape/announce packet size that could trip SYN flood + detection on some systems. + + Remove the 1024 open files limit previously required by how + libcurl was used. + + Add configurable anti-brute force settings. + + Fetch metadata of stopped magnets. + + Stop logging excessive error messages after they repeat too + many times. + + The web client has been given a major overhaul. + + User-visible highlights include: + - Mobile is now fully supported. + - Added fullscreen support on mobile. + - Better support for dark mode. + - Added mime icons to the torrent list. + - Improved theme consistency across the app. +- Port build system from Autotools to CMake: replace libtool build + requirement with cmake and ninja; replace Autotool macros with + CMake's. +- Add explicit build requirement on CMake modules: Qt5Gui, + Qt5LinguistTools, Qt5Network, Qt5Svg, and Qt5Widgets. +- Drop libqt5-linguist-devel, now that its CMake module is being + used instead. +- Use our own libdeflate as build requirement instead of the + bundled one. +- Replace openssl-devel with the more reliable pkgconfig(openssl). +- Replace intltool build requirement with gettext-tools. +- Replace glib-2.0 and gtk+-3.0 with giomm-2.68, glibmm-2.68, and + gtkmm-4.0 pkgconfig modules following code base switch from C to + C++. +- Drop libappindicator3-devel build requirement. AppIndicator is no + longer supported. +- Drop fdupes build requirement/macro. There isn't duplicate files + anymore. +- Drop no longer needed %desktop_database_post and + %icon_theme_cache_post macros targeted at pre-Leap openSUSE/SUSE + releases. +- Drop no longer needed patches: + transmission-hybrid-torrent-length.patch, and + transmission-3.00-openssl-3.patch. +- Refresh harden_transmission-daemon.service.patch patch with + Quilt. +- Drop transmission-qt.desktop source file favoring the one + provided by upstream. +- Add transmission.rpmlintrc file to filter the "file-not-in-%lang" + warning, since we are excluding the English translations from the + lang sub-packages and packaging them in the common sub-package + instead. + webkit2gtk3 +- Expand lang sub-package in spec file unconditionally to handle + previous name change from WebKit2GTK-lang to WebKitGTK-lang. This + change affected the automatic generated Requires tag on + WebKit2GTK-%{_apiver}, then getting out of sync of what's being + required and what's being provided. Now, any sub-package that was + providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} + instead (boo#1214835, boo#1214640, boo#1214093). +- Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, + but webkitgtk uses a function added in 1.20.0, so we need to + ensure that the wayland update is pulled in (bsc#1215072). + -- Update to version 2.40.5 (boo#1213905 boo#1213379 boo#1213581): +- Update to version 2.40.5 (boo#1213905 boo#1213379 boo#1213581 + boo#1215230): - CVE-2023-38594, CVE-2023-38595, CVE-2023-38597,, - CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611. + CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, + CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611, + CVE-2023-40397. - CVE-2023-37450. + CVE-2023-37450, CVE-2023-28198, CVE-2023-32370. zd1211-firmware +- Fix build on Leap which does not have %_firmwaredir + +- use %_firmwaredir +