------------------------------------------------------------------ --- Changelog.all ----------- Thu Jun 20 14:56:37 UTC 2024 ------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------ 2024-12-27 - Dec 27 2024 ------------------- ------------------------------------------------------------------ ++++ ibus-libpinyin: - Update ibus-libpinyin.spec: Change build requirement and installation requirement from python310 to python311 in SLE-15-SP6 and later release, since there's no python310 provided yet. (bsc#1218160) ------------------------------------------------------------------ ------------------ 2024-5-31 - May 31 2024 ------------------- ------------------------------------------------------------------ ++++ openSUSE-release: - automatically generated by openSUSE-release-tools/pkglistgen ------------------------------------------------------------------ ------------------ 2024-5-28 - May 28 2024 ------------------- ------------------------------------------------------------------ ++++ instlux: - Fix version number ++++ yt-dlp: - Update to release 2024.05.27 * Fix parsing of base URL in SMIL manifest ++++ release-notes-openSUSE: - Update for Leap 15.6 GA ------------------------------------------------------------------ ------------------ 2024-5-27 - May 27 2024 ------------------- ------------------------------------------------------------------ ++++ libqt5-qtnetworkauth: - Add security fix (boo#1224782, CVE-2024-36048) * CVE-2024-36048-qtnetworkauth-5.15.diff ++++ yt-dlp: - Update to release 2024.05.26 * Better warning when requested subs format not found * Warn if lack of installed ffmpeg alters format selection * youtube: Add mediaconnect client ------------------------------------------------------------------ ------------------ 2024-5-24 - May 24 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 125.0.6422.112 * CVE-2024-5274: Type Confusion in V8 (boo#1225199) ++++ vorta: - Fix Leap 15.6 build * Build with python 3.11 ------------------------------------------------------------------ ------------------ 2024-5-23 - May 23 2024 ------------------- ------------------------------------------------------------------ ++++ cJSON: - update to 1.7.18: * CVE-2024-31755: NULL pointer dereference via cJSON_SetValuestring() (boo#1223420) * Remove non-functional list handling of compiler flags * Fix heap buffer overflow * remove misused optimization flag -01 * Set free'd pointers to NULL whenever they are not reassigned immediately after - revert tests for NULL pointers that fail on Leap 15.5 cJSON-1.7.18-misc_tests.patch ++++ libqt5-qtwebengine: - Add compatibility patches for ICU 75: * qt5-webengine-icu-75.patch * 0001-Use-default-constructor-in-place-of-self-delegation-.patch - Consequently build with a newer compiler on Leap 15 ++++ python-QDarkStyle: - Fix test on Leap 15.6 ------------------------------------------------------------------ ------------------ 2024-5-22 - May 22 2024 ------------------- ------------------------------------------------------------------ ++++ libqt5-qtwebengine: - Update to version 5.15.17: * Add option to chose python version for building 5.15 WebEngine * Update Chromium. Backported fixes: * [Backport] Security bug 325296797 * [Backport] CVE-2024-1059: Use after free in WebRTC * [Backport] Security bug 1518994 * Fixup for [Backport] Security bug 1519980 * [Backport] CVE-2024-1283: Heap buffer overflow in Skia * [Backport] CVE-2024-1060: Use after free in Canvas * [Backport] CVE-2024-1077: Use after free in Network * [Backport] Security bug 1519980 * [Backport] CVE-2024-0808: Integer underflow in WebUI * [Backport] CVE-2024-0807: Use after free in WebAudio * Fix ffmpeg assembly with newer binutil * [Backport] Security bug 1511689 * [Backport] CVE-2024-0224: Use after free in WebAudio * [Backport] CVE-2023-7024: Heap buffer overflow in WebRTC * [Backport] Security bug 1506535 * [Backport] CVE-2024-0519: Out of bounds memory access in V8 * [Backport] CVE-2024-0518: Type Confusion in V8 * [Backport] CVE-2024-0333: Insufficient data validation in Extensions * [Backport] CVE-2024-0222: Use after free in ANGLE * Fixup: [Backport] Security bug 1488199 * FIXUP: Fix compilation with system ICU * Fixup: [Backport] Security bug 1505632 * [Backport] Security bug 1505632 * [Backport] CVE-2023-6702: Type Confusion in V8 * [Backport] CVE-2023-6345: Integer overflow in Skia * Bump V8_PATCH_LEVEL * [Backport] Security bug 1488199 (2/2) * [Backport] Security bug 1488199 (1/2) * [Backport] CVE-2023-6510: Use after free in Media Capture * Fix building with system libxml2 * [Backport] CVE-2023-6347: Use after free in Mojo * [Backport] CVE-2023-6112: Use after free in Navigation * [Backport] CVE-2023-5997: Use after free in Garbage Collection - Drop patches, merged upstream: * 0001-Fix-building-with-system-libxml2.patch * qtwebengine-python3.patch * python311-fixes.patch - Update _service file, catapult snapshots are not needed anymore ++++ virtme: - Update to 1.25: * significantly improve boot time with the microvm architecture (simply by enabling the RTC and avoiding unnecessary boot time that most kernels spend probing for a non-existent RTC) * virtme: make sure RTC is enabled with microvm * virtme-ng: silent lint errors * github: new test with KVM support ------------------------------------------------------------------ ------------------ 2024-5-21 - May 21 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 125.0.6422.76 (boo#1224818) * CVE-2024-5157: Use after free in Scheduling * CVE-2024-5158: Type Confusion in V8 * CVE-2024-5159: Heap buffer overflow in ANGLE * CVE-2024-5160: Heap buffer overflow in Dawn * Various fixes from internal audits, fuzzing and other initiatives ++++ fpc: - Use fpc-3.2.0-glibc-2.34.patch on Leap 15.6 for fix build fail with glibc 2.38 ++++ fpc-doc: - Use fpc-3.2.0-glibc-2.34.patch on Leap 15.6 for fix build fail with glibc 2.38 ++++ qt6-networkauth: - Add security fix (CVE-2024-36048, boo#1224782): * 0001-QAbstractOAuth-fix-data-race-and-poor-seeding-in-gen.patch ++++ qt6-networkauth-docs: - Add security fix (CVE-2024-36048, boo#1224782): * 0001-QAbstractOAuth-fix-data-race-and-poor-seeding-in-gen.patch ++++ vagrant: - Fix the construct to block invalid ruby versions. The syntax %{ruby:3 < 3.1} 'worked', but essentially just translated to %{ruby} in older RPM versions. Cherry-pick from https://build.opensuse.org/request/show/926871 ------------------------------------------------------------------ ------------------ 2024-5-20 - May 20 2024 ------------------- ------------------------------------------------------------------ ++++ mumble: - update to 1.5.634: * first stable release in the 1.5.x series * flag icons replaced with an MIT licensed version - replace mumble-cxx17.patch with a cmake option - drop mumble-1.5.629-The-OCB-design-is-in-the-public-domain.patch now upstream ++++ python-aiosmtpd: - Update to 1.4.6 (bsc#1224467, CVE-2024-34083): * STARTTLS is now fully enforced if used. ------------------------------------------------------------------ ------------------ 2024-5-19 - May 19 2024 ------------------- ------------------------------------------------------------------ ++++ roundcubemail: - update to 1.6.7 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerabilities: * Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes. Reported by Valentin T. and Lutz Wolf of CrowdStrike. * Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences. Reported by Huy Nguyễn Phạm Nhật. * Fix command injection via crafted im_convert_path/im_identify_path on Windows. Reported by Huy Nguyễn Phạm Nhật. CHANGELOG * Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313) * Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312) * Fix bug in collapsing/expanding folders with some special characters in names (#9324) * Fix PHP8 warnings (#9363, #9365, #9429) * Fix missing field labels in CSV import, for some locales (#9393) * Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes * Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences * Fix command injection via crafted im_convert_path/im_identify_path on Windows ++++ trytond_account: - Version 6.0.25 - Bugfix Release ++++ trytond_stock_lot: - Version 6.0.4 - Bugfix Release ------------------------------------------------------------------ ------------------ 2024-5-18 - May 18 2024 ------------------- ------------------------------------------------------------------ ++++ gitui: - update to version 0.26.2: * respect configuration for remote when fetching (also applies to pulling) * add : character to sign-off trailer to comply with Conventional Commits standard * support overriding build_date for reproducible builds - update vendored dependencies for CVE-2023-48795 (boo#1218264) ------------------------------------------------------------------ ------------------ 2024-5-17 - May 17 2024 ------------------- ------------------------------------------------------------------ ++++ libqt5-qtwebengine: - Backport Ninja 1.12 compatibility patch (and adjust paths) Add-missing-dependencies.patch from upstream ++++ util-linux: - Fix misdetection of LUKS2 partition on MD RAID (bsc#1224393, boo#1213227, boo#1213361) * add Revert-libblkid-try-LUKS2-first-when-probing.patch ++++ python-libmount: - Fix misdetection of LUKS2 partition on MD RAID (bsc#1224393, boo#1213227, boo#1213361) * add Revert-libblkid-try-LUKS2-first-when-probing.patch ++++ util-linux-systemd: - Fix misdetection of LUKS2 partition on MD RAID (bsc#1224393, boo#1213227, boo#1213361) * add Revert-libblkid-try-LUKS2-first-when-probing.patch ------------------------------------------------------------------ ------------------ 2024-5-16 - May 16 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 125.0.6422.60 (boo#1224341) * CVE-2024-4947: Type Confusion in V8 * CVE-2024-4948: Use after free in Dawn * CVE-2024-4949: Use after free in V8 * CVE-2024-4950: Inappropriate implementation in Downloads - Chromium 125.0.6422.41 * New upstream (early) stable release. - drop upstreamed patches: * chromium-124-uint-includes.patch * chromium-124-fps-optional.patch * chromium-124-span-optional.patch * chromium-124-extractor-bitset.patch * chromium-124-atomic.patch * chromium-124-webgpu-optional.patch * chromium-124-angle-powf.patch - add debian upstream patches added for 125: * chromium-125-appservice-include.patch * chromium-125-lens-include.patch * chromium-125-mojo-bindings-include.patch * chromium-125-no-vector-consts.patch * chromium-125-vulkan-include.patch * chromium-125-tabstrip-include.patch * chromium-125-ninja.patch - add debian fixes patches to fix font gc crashes: * chromium-125-debian-bad-font-gc0000.patch * chromium-125-debian-bad-font-gc000.patch * chromium-125-debian-bad-font-gc00.patch * chromium-125-debian-bad-font-gc0.patch * chromium-125-debian-bad-font-gc11.patch * chromium-125-debian-bad-font-gc1.patch * chromium-125-debian-bad-font-gc2.patch * chromium-125-debian-bad-font-gc3.patch - add from fedora (reverse applied for older ffmpeg): * chromium-125-ffmpeg-5.x-reordered_opaque.patch - re-diff and rename: * from chromium-110-compiler.patch to chromium-125-compiler.patch * from chromium-120-emplace-struct.patch to chromium-125-emplace-struct.patch * from chromium-disable-FFmpegAllowLists.patch to chromium-125-disable-FFmpegAllowLists.patch * from chromium-122-missing-header-files.patch to chromium-125-missing-header-files.patch * from chromium-122-no_matching_constructor.patch to chromium-125-no_matching_constructor.patch * from chromium-122-lp155-typename.patch to chromium-125-lp155-typename.patch - third_party/zstd added to keeplibs for third_party/blink/renderer/platform:platform - third_party/tflite/src/third_party/xla/xla/tsl/util added to keeplibs for third_party/tflite/tflite - third_party/lens_server_proto added to keeplibs for gen/third_party/lens_server_proto ++++ kernel-64kb: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-default: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ dtb-aarch64: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-debug: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-source: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-docs: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-kvmsmall: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-obs-build: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-obs-qa: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-syms: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ kernel-zfcpdump: - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348). - commit 36c1e09 ++++ openSUSE-repos-Leap: - Update to version 20240516.5431918: * Update README.md * ci: Use bash for repo_checks to not rely on shebang * t: Add diagnostic to leap test * Add ci * Add basic url_checker * repo_checks: Add handling for Leap and Leap Micro * Drop Leap armv7hl debug repo definitions boo#1224217 * Use Leap source repo for Leap 15 ports * Fix urls for leap-ports (32 bit arm) * Create repo_checks.yml * rename url_checker to repo_checks * Drop leap16 definitions for now to get url_checker working ------------------------------------------------------------------ ------------------ 2024-5-15 - May 15 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-default: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ dtb-aarch64: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ git-cliff: - update to 2.2.2: * (changelog) Allow adding custom context * (changelog) Ignore empty lines when using split_commits * (parser) Allow matching empty commit body * Documentation updates ++++ kernel-debug: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-source: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-docs: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-kvmsmall: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-obs-build: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-obs-qa: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-syms: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ kernel-zfcpdump: - cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). - commit 40aba68 - mctp: perform route lookups under a RCU read-side lock (CVE-2023-52483 bsc#1220738). - commit 659b74f ++++ patterns-base: - Cherry-pick SLE change * Enhanced base system: drop recommendation of openssh-server-config-rootlogin * Latest openssh in SP6 restores the previous behaviour of previous Service Packs by default, and drops the package. This essentially reverts the previous change. A new package, openssh-server-config-disallow-rootlogin can be installed to set PermitRootLogin to prohibit-password (bsc#1223486). ------------------------------------------------------------------ ------------------ 2024-5-14 - May 14 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 124.0.6367.207 (boo#1224294) * CVE-2024-4761: Out of bounds write in V8 ++++ lazarus: - Add lazarus-libqt6_fix.patch to fix libqt6pas per upstream issue #40901 ++++ openssh: - Add a warning in %post of openssh-clients, openssh-server and openssh-server-config-disallow-rootlogin to warn the user if the /etc/ssh/(ssh_config.d|sshd_config.d) directories are not being used (bsc#1223486). ++++ patterns-base: - Enhanced base system: drop recommendation of openssh-server-config-rootlogin * Latest openssh in SP6 restores the previous behaviour of previous Service Packs by default, and drops the package. This essentially reverts the previous change. A new package, openssh-server-config-disallow-rootlogin can be installed to set PermitRootLogin to prohibit-password (bsc#1223486). ++++ patterns-server: - kvm and xen: drop recommendation of openssh-server-config-rootlogin * Latest openssh in SP6 restores the previous behaviour of previous Service Packs by default, and drops the package. This essentially reverts the previous change. A new package, openssh-server-config-disallow-rootlogin can be installed to set PermitRootLogin to prohibit-password (bsc#1223486). ++++ python3-tqdm: - Add CVE-2024-34062-CLI-injection.patch to fix bsc#1223880 (CVE-2024-34062) improving eval safety of CLI to avoid the injection attack ------------------------------------------------------------------ ------------------ 2024-5-13 - May 13 2024 ------------------- ------------------------------------------------------------------ ++++ apptainer: - Make sure, digest values handled by the Go library github.com/opencontainers/go-digest and used throughout the Go-implemented containers ecosystem are always validated. This prevents attackers from triggering unexpected authenticated registry accesses. * Bump-github.com-containers-image-v5-from-5.30.0-to-5.30.1.patch (CVE-2024-3727, bsc#1224114). ++++ gh: - Update to version 2.49.2: * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2 * Add further docs to Option type * Comment further on config changes * Remove unnecessary config list variable * Fix mistaken find and replace for Option type * Fix repo fork to use remote protocol if none configured * Avoid reconstructing config Options on each use * Make config list less fallible * Provide more type safety around config values * Move config interfaces into gh package (#9060) * Fix typos * Creating doc to capture Codespace usage guidance * Fix test function name * Add test to verify JSON fields section is rendered in Markdown * Output `JSON Fields` section in Markdown * Add test to verify JSON fields section is rendered * Add `jsonCmd` test command variable * Output `JSON Fields` section * Output `JSON FIELDS` * Add tests to verify proper `help:json-fields` annotations * Add `help:json-fields` annotation * Add `FormatSlice` function * Add --latest=false example to `release create` command * Update create.go * Add --latest=false to `gh release create` docs ++++ ksh: - remove no longer needed qemu workaround deleted patch: ksh-qemu.patch - do not use posix_spawn as it lacks proper job handling [bsc#1224057] new patch: ksh93-no-posix_spawn.dif ++++ openssh: - Only for SLE15, restore the patch file removed in Thu Feb 18 13:54:44 UTC 2021 to restore the previous behaviour from SP5 of having root password login allowed by default (fixes bsc#1223486, related to bsc#1173067): * openssh-7.7p1-allow_root_password_login.patch - Since the default value for this config option is now set to permit root to use password logins in SLE15, the openssh-server-config-rootlogin subpackage isn't useful there so we now create an openssh-server-config-disallow-rootlogin subpackage that sets the configuration the other way around than openssh-server-config-rootlogin. ++++ peazip: - Update to 9.8.0: BACKEND * Pea 1.18 CODE * Code cleanup * Compiled with Lazarus 3.2, sources are still compatible with Lazarus 2.x line * Various fixes * Fixed directory name sorting which for some widget sets was wrongly displayed in treeview and breadcrumb dropdown menus * Fixed drag and drop extraction failing for some paths (Windows) * Fixed inability to browse symlinked directories on Windows (other systems are immune from the issue) FILE MANAGER * Added "Always browse archives in flat view" option switch in main menu > Browse and app's context menu > Navigation * Added Comment, and Info functions to Status bar context menu, to improve its usefulness in providing information to user * Improved direct extraction of archives from context menu * From context menu "Extract to" submenu it is now possible to directly extract all or selected item(s), without further confirmation, to any output path in bookmarks, history or breadcrumb * Extract here links (optionally to smart folder or to new folder) can now extract all or selected items * In the dropdown menu of Extract button are still available "Extract all" entries * Selection and navigation submenus in extraction and archiving screens are now organized in same way of extract here submenu: bookmarks are shown first, history, session history, and breadcrumb are shown in History submenu * Rename dialog now allows to directly switch to Move to dialog (change file path string rather than file name string) * Updated themes * New Mac and Tux themes * Old themes and additional custom themes are still available online, clicking "Check for Themes" button on Themes screen (Windows 10+) The application, which by default follows system colors, can be manually forced to light or dark mode, regardless system mode, creating an empty file named "light" or "dark" in the same path of the executable (not integrated with themes due to technical limitations) EXTRACTION and ARCHIVING * Added new command line switches, which can be used both in scripts and for system integration (context menus, SendTo items, .desktop files, Automator scripts) * -ext2neutral directly extracts archives in current path applying the "new folder" policy as defined in PeaZip app (non, new folder, smart new folder, or force new folder) * -ext2downloads, -ext2desktop, -ext2documents directly extract archives in Downloads, Desktop, or Documents path (applying app's new folder policy) * -ext2bookmark(1..8) extract archives in the path of the bookmarked item number 1 to 8 * Windows context menu versions of those switches begins with -ext2multi instead of -ext2 * Created sample scripts (.bat, .sh), W11 mini-context menu entries, SendTo items, .desktop files and macOS service menus for -ext2downloads, -ext2desktop, - ext2documents switches, in (PeaZip)/res/share/batch directory ------------------------------------------------------------------ ------------------ 2024-5-11 - May 11 2024 ------------------- ------------------------------------------------------------------ ++++ distrobox: - Update to version 1.7.2.1 + changes from 1.7.2.1 * chore(init): Add sudo to Wolfi (#1375) * Add fedora toolbox 40 to list of compatible images (#1377) * init: fix setting empty DISPLAY variable, breaking gpg + changes from 1.7.2 * all: properly handle env vars and configs in all commands (#1328) * chore: bump CI actions, minor fixes to README and other files (#1345) * docs: Specify that distrobox is in the extra repo (#1316) * docs: Support latest alpine (#1341) * docs: Update copyright in footer (#1365) * docs: Update useful_tips.md (#1330) * enter: make log_timestamp date format universally compatible (#1343) * export: cancel export when trying to delete (#1340) * export: consider only absolute candidate icon paths that exist (#1318) * init: Support musl variant of Void Linux (#1327) * init: add explicit creation of /etc/fish/conf.d (#1348) * init: massively speed up apt/pacman/xbps deps install (#1324) * install: use more portable install(1) arguments (#1364) * CI: fix hostname test * CI: try to ensure enough disk space * CI: use shell-funcheck * all: improve function docs * assemble: add custom hostname support * create: fix regression with rootless runc 1.20~rc1 (#1359) * docs: add Slackware 15 (#1357) * docs: move upgrading instruction a bit more ahead (#1342) * docs: update xhost command to be silent (#1350) * enter: Fix support for Active Directory usernames including backslashes (#1360) * enter: fix regression in fish shell login with initful systems * enter: fix typo in command generation (#1331) * export: fix duplicate extra_flags (#1311) * export: use different symbol for IFS (#1351) * init, create: use $CONTAINER_ID to distinguish container's prompts. Use host's hostname by default. * init: ensure fish config is sourced only on interactive shell (#1292) * init: fix endless hook append (#1320) * init: fix performance regression in skel file setup (#1317) * init: forward wayland display only if it is set * rm: revert 22bc081, simplify removal of exported app/bins (#1301) ------------------------------------------------------------------ ------------------ 2024-5-10 - May 10 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 124.0.6367.201 (boo#1224208) * CVE-2024-4671: Use after free in Visuals - Chromium 124.0.6367.155 (boo#1224045) * CVE-2024-4558: Use after free in ANGLE * CVE-2024-4559: Heap buffer overflow in WebAudio ++++ linuxrc: - merge gh#openSUSE/linuxrc#332 - write /etc/locale.conf and /etc/vconsole.conf (bsc#1218621, bsc#1222289) - update year in copyright message - 7.0.32.7 ++++ openSUSE-repos-Leap: - Update to version 20240510.6bfa644: * Update nvidia-leap-repoindex.xml * Leap add missing slash after distsub * Update README.md ++++ rshim: - Update to 2.0.29.1 (jsc#PED-6843 jsc#PED-6979) * Output SECURE_NIC_MODE in /dev/rshim/misc * Allow remote installation via bfb-install * Make DROP_MODE more robust * Avoid race in bfb push when accessing from BMC and rshim tool in parallel * Fix handshake between NIC F and rshim over PCIe ------------------------------------------------------------------ ------------------ 2024-5-9 - May 9 2024 ------------------- ------------------------------------------------------------------ ++++ freerdp: - Add freerdp-CVE-2024-32039-to-2024-32460.patch + Multiple CVE fixes * bsc#1223293, CVE-2024-32039 * bsc#1223294, CVE-2024-32040 * bsc#1223295, CVE-2024-32041 * bsc#1223296, CVE-2024-32458 * bsc#1223297, CVE-2024-32459 * bsc#1223298, CVE-2024-32460 ++++ gh: - Reenable all tests https://github.com/cli/cli/issues/8928 looks resolved. - Update to version 2.49.1: * Fix `attestation verify` source repository check bug * Fix unused params across project * Add support for jobs with long filenames * Run `attestation` command set integration tests separately * build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 * Adjust short and long to be the same * Do not mutate headers when initialising tableprinter * Document relationship between host and active account ++++ instlux: - upgraded to 15.6.1. * Set Leap 15.6 as default (latest stable) - upgraded to 15.6.0. * Added Leap 15.6 (but not default) ++++ opensuse-welcome: - Update to version 0.1.9+git.55.08b0379: * Update README.md * Refresh README with build instructions * adding donate button to allow donations to the Geeko Foundation * Translated using Weblate (Macedonian) * Translated using Weblate (Russian) ------------------------------------------------------------------ ------------------ 2024-5-8 - May 8 2024 ------------------- ------------------------------------------------------------------ ++++ OpenBoard: - update to release version 1.7.1 - remove upstreamed patches * remove 0830-cmake-community-builds.patch * remove 9686-cmake-add-shortcut-manager.patch - update patch to match updated sources * replace 0686-shortcut-configuration.patch by 0955-shortcut-configuration.patch ++++ glibc: - ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue for _start routine (bsc#1221940) ++++ glibc-utils-src: - ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue for _start routine (bsc#1221940) ++++ libguestfs: - Set Recommends on zerofree and ntfsprogs for libguestfs-appliance ++++ ovmf: - Add the following patches from edk2-stable202402 for CVE-2022-36763: - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch 1ddcb9fc6b41 SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch 4776a1b39ee0 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 - ovmf-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch 224446543206 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 (bsc#1218678, CVE-2022-36763) - Add the following patches from edk2-stable202402 for CVE-2022-36764: - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch 8f6d343ae639 SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch 0d341c01eeab SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 - ovmf-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch c7b279442181 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764 (bsc#1218679, CVE-2022-36764) - All the above patches for CVE-2022-36763 and CVE-2022-36764 need the following patches. We also backported them: - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch 264636d8e698 SecurityPkg: : Updating SecurityFixes.yaml after symbol rename - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch 326db0c90720 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename - ovmf-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch 40adbb7f628d SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename (bsc#1218678, CVE-2022-36763)(bsc#1218679, CVE-2022-36764) ++++ product-builder: - 1.2.17 * fix PowerPC build failure introduced in 1.2.16 (bsc#1224010) ++++ installation-images-openSUSE: - merge gh#openSUSE/installation-images#713 - refresh ssh_host_rsa_key (jsc#PED-129) - 16.59.13 ++++ tinyproxy: - Update to release 1.11.2 * Fix potential use-after-free in header handling [CVE-2023-49606, boo#1223746] * Prevent junk from showing up in error page in invalid requests [CVE-2022-40468, CVE-2023-40533, boo#1223743] - Delete 0001-prevent-junk-from-showing-up-in-error-page-in-invali.patch (merged) ------------------------------------------------------------------ ------------------ 2024-5-7 - May 7 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-azure: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-default: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ dtb-aarch64: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ emacs-auctex: - Add patch dinbrief.patch * Modernize this class to use by e.g. default UTF-8 - Add patch initial-reset.patch (Re)enable initial buffer reset at creation time of the document class ++++ glibc: - nscd-netgroup-cache-timeout.patch: Use time_t for return type of addgetnetgrentX (CVE-2024-33602, bsc#1223425) - Also add libc_nonshared.a workaround to 32-bit x86 compat package (bsc#1221482) ++++ glibc-utils-src: - nscd-netgroup-cache-timeout.patch: Use time_t for return type of addgetnetgrentX (CVE-2024-33602, bsc#1223425) - Also add libc_nonshared.a workaround to 32-bit x86 compat package (bsc#1221482) ++++ guestfs-tools: - Add Requires on libguestfs which will pull in libguestfs-appliance and all its dependencies. (bsc#1223444) guestfs-tools.spec ++++ kernel-debug: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-source: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-source-azure: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-docs: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-kvmsmall: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-obs-build: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-obs-qa: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-syms: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-syms-azure: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ kernel-zfcpdump: - drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). - commit 0c69759 - rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (CVE-2024-26865 bsc#1223062). - commit 4df5c35 ++++ libguestfs: - Switch Recommends to Requires for several packages in the libguestfs-appliance which is where the tools from these packages are used. (bsc#1223444) ++++ suseconnect-ng: - Update to version 1.9.0 * Fix certificate import for Yast when using a registration proxy with self-signed SSL certificate (bsc#1223107) ++++ osinfo-db: - bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS version should be SL Micro 6.0 add-slm6.0-support.patch Drop add-slem6.0-support.patch ++++ pam_pkcs11: - Fix for bsc#1221255: * Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch ++++ python3-sip4: - Rename the macros.python_all-sip4 file to macros.python3_all-sip4 so it doesn't conflict with the file from python311-sip4-common and also rename the macro defined within from %python_sip_api_ver to %python3_sip_api_ver in case the sip api version of one of the packages changes in the future (bsc#1224000) ++++ virtualbox: - Have the KMP package supplement the kernel-flavor plus virtualbox-guest-tools: -guest tools requires the kmp anyway, and this allows libsolv to give some hints on 'what kmp' to prefer on a system. ++++ python-onionshare: - version 2.6.2 * Security fix: Removes newlines from History item path * Security fix: Set a maximum length of 524288 characters for text messages in Receive mode * Security fix: Allows only specific ASCII characters for usernames and removes control characters * Security fix: Forcefully disconnect user from chat on disconnect event * Security fix: Handle username validation excpeptions to prevent silent joining ++++ python-pyodbc: - Add %{?sle15_python_module_pythons} ++++ python-python-jose: - Make python-pycryptodome dependency only required for Factory. ++++ installation-images-openSUSE: - merge gh#openSUSE/installation-images#712 - increase XZ compression level for initrd (bsc#1223982) - support ZSTD compression for initrd - 16.59.12 ++++ tryton: - Version 6.0.39 - Bugfix Release ++++ trytond: - Version 6.0.46 - Bugfix Release ++++ trytond_account: - Version 6.0.24 - Bugfix Release ++++ trytond_account_invoice: - Version 6.0.17 - Bugfix Release ++++ trytond_account_product: - Version 6.0.4 - Bugfix Release ++++ trytond_company: - Version 6.0.7 - Bugfix Release ++++ trytond_party: - Version 6.0.6 - Bugfix Release ++++ trytond_purchase: - Version 6.0.15 - Bugfix Release ++++ trytond_stock: - Version 6.0.26 - Bugfix Release ++++ trytond_stock_supply: - Version 6.0.8 - Bugfix Release ++++ ugrep: - update to 6.0.0: * faster search speeds on ARM CPUs * overall optimization * includes ugrep-indexer ++++ unison: - Update to version 2.53.5 * Various minor bugfixes. * Recovery from errors during repeat mode (enabled in 2.53.1) is disabled for time being. ++++ unison-doc: - Update to version 2.53.5 * Various minor bugfixes. * Recovery from errors during repeat mode (enabled in 2.53.1) is disabled for time being. ++++ virt-manager: - bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS version should be SL Micro 6.0 virtinst-add-slm-detection-support.patch ++++ virt-v2v: - bsc#1223444 - New virt-v2v dependency on btrfsprogs causes error with zypper dup on systems without btrfs installed Drop Requires on the following packages and move them into libguestfs-appliance btrfsprogs, curl, dhcp-client, e2fsprogs, gptfdisk ntfsprogs, xfsprogs ++++ virtualbox-kmp: - Have the KMP package supplement the kernel-flavor plus virtualbox-guest-tools: -guest tools requires the kmp anyway, and this allows libsolv to give some hints on 'what kmp' to prefer on a system. ------------------------------------------------------------------ ------------------ 2024-5-6 - May 6 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-default: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ cvise: - Build with llvm15 on SLE15/Leap15 (bsc#1222921) ++++ dtb-aarch64: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ fife: - Applying swig4.patch on Leap 15.6/SLE15-SP6 too * swig 4.1.1 has been added to SLE15-SP6 ++++ pipewire: - Update to version 1.0.5+git36.60deeb2 to fix several crashes, NULL checks, format strings and other issues: * spa: libcamera: fix RGB mappings * pw-dump: destroy all objects not just those matching the pattern * pw-dump: fix string memory leak on error * json: fix high surrogate escapes * core: handle import errors better * gst/src: fix crash when current_caps is NULL * gst/src: Avoid unnecessary renegotiations during streaming * gst/src: Cleanups for src_negotiate() * pw-mon: fix type confusion in core event handler * gst: fix stream params memory leak * gst: handle some more errors * treewide: fix errno assignments * alsa-pcm: don't force quantum for iec958 formats * journal: prepend code location to messages at debug log levels * module-rt: fix compiler warning * filter-chain: fix arguments of calloc * combine-stream tag forward * Add album to tag metadata * impl-node: avoid bitfield races * treewide: fix some format string issues * conf: warn when match actions are missing * module-protocol-simple: handle 'node.name' property * module-ffado: only start after ports are configured * context: fill basic properties early * combine-stream: fix latency-compensate with resample.disabled=true * profiler: remove unused data-loop * v4l2: fix printf format * spa: v4l2: encode device id into a json array * spa: libcamera: encode device ids into a json array * impl-port: avoid doing work when the port is destroyed * impl-port: use 0 size when clearing IO * stream: log a warning when media.class and direction mismatch * module-loopback: only enable delay with valid rate and channels * alsa: fix race when updating the eventfd * audioconvert: also clamp monitor volume to min/max * combine-stream: actually make use of resample.disable ++++ jeos-firstboot: - Update to version 1.3.0.8: * Resolve cycle w.r.t. wicked (bsc#1223391) ++++ keepassxc: - update to 2.7.8: - Changes - Add hotkey for showing search help [#10591] - Add hotkey for group switching (Ctrl+Shift+PgUp/PgDown) [#10625] - Add per-database auto-save delay setting [#9100] - Add configurable password strength check on database password [#9782] - Add setting to hide menubar [#10341] - Improve Bitwarden 1PUX import and support organization collections [#10499] - Show advanced settings checkbox only for settings that have them [#6513] - Remove obsolete setting for requiring repeated password entry [#9722] - Passkeys: Allow registering Passkeys to existing entries [#10408] - Passkeys: Show warning about data being unencrypted before Passkey export [#10411] - Passkeys: Support NFC and USB transports [#10402] - Passkeys: Pass extension JSON data to browser [#10615] - SSH Agent: Do not use entries from recycle bin [#10518] - Linux: Change hotkey sequence used for {CLEARFIELD} Auto-Type [#10008] - Windows: Improve DACL memory access protection [#10618] - Fixes - Fix crash when deleting history items [#10451] - Fix crash on screen lock or computer sleep [#10458] - Fix search field not being focused after unlock [#10459] - Fix loss of window focus when Auto-Type needs to unlock a database [#10555] - Fix inconsistent TOTP visibility on unlock [#10009] - Fix CSV import skipping over single-name groups [#10575] - Fix key file folder being remembered even if disabled in settings [#10636] - Fix issues with entry editing and database locking [#10667] - Fix key file text when provided on command line [#10642] - Fix issues with hardware key auto detection [#10663] - Do not override monospace font size [#10282] - Perform group sort only when group view is in focus [#10202] - Do not show decimals for attachment sizes in Bytes [#10595] - Prevent merging of global custom data when merging databases [#10452] - Fix minor translation issues [#10635] - Passkeys: Fix StrongBox incompatibility [#10420] - Passkeys: Set RP ID to effective domain if unset instead of returning an error [#10384] - Passkeys: Various UI fixes and improvements [#10427, #10608, [#10609]] - AppImage: Fix URL opening [#10624] - Flatpak: Fix application autostart [#10563] - Linux/macOS: Fix button sizes on modal alert popups [#10500] - Linux: Fix clipboard clear on Wayland [#10500] - Windows: Preserve file-hidden attribute [#10343] ++++ kernel-debug: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-source: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-source-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-docs: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-kvmsmall: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-obs-build: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-obs-qa: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-syms: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-syms-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ kernel-zfcpdump: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). - Update patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch (git-fixes CVE-2024-26959 bsc#1223667). - Update patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch (git-fixes CVE-2024-27059 bsc#1223738). - Update patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch (git-fixes CVE-2024-27071 bsc#1223734). - Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch (git-fixes CVE-2024-27038 bsc#1223816). - Update patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch (git-fixes CVE-2024-27039 bsc#1223821). - Update patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26970 bsc#1223644). - Update patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26969 bsc#1223645). - Update patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch (git-fixes CVE-2024-26968 bsc#1223642). - Update patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26966 bsc#1223646). - Update patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch (git-fixes CVE-2024-26965 bsc#1223648). - Update patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch (git-fixes CVE-2024-27037 bsc#1223717). - Update patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch (git-fixes CVE-2024-27051 bsc#1223769). - Update patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch (git-fixes CVE-2024-26974 bsc#1223638). - Update patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch (git-fixes CVE-2024-27040 bsc#1223711). - Update patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch (git-fixes CVE-2024-27045 bsc#1223826). - Update patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch (git-fixes CVE-2024-27044 bsc#1223723). - Update patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch (git-fixes CVE-2024-27041 bsc#1223714). - Update patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch (git-fixes CVE-2024-27042 bsc#1223823). - Update patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch (git-fixes CVE-2024-26979 bsc#1223628). - Update patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch (jsc#PED-7542 CVE-2024-27023 bsc#1223776). - Update patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch (git-fixes CVE-2024-27075 bsc#1223842). - Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch (git-fixes CVE-2024-27043 bsc#1223824). - Update patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch (git-fixes CVE-2024-27074 bsc#1223844). - Update patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch (git-fixes CVE-2024-27076 bsc#1223779). - Update patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch (git-fixes CVE-2024-27073 bsc#1223843). - Update patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch (git-fixes CVE-2024-27072 bsc#1223837). - Update patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch (git-fixes CVE-2024-27077 bsc#1223780). - Update patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch (git-fixes CVE-2024-27078 bsc#1223781). - Update patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch (git-fixes CVE-2024-27047 bsc#1223828). - Update patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch (git-fixes CVE-2024-26956 bsc#1223663). - Update patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch (git-fixes CVE-2024-26955 bsc#1223657). - Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch (git-fixes CVE-2024-26977 bsc#1223631). - Update patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch (git-fixes CVE-2024-26975 bsc#1223632). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). - Update patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch (bsc#1221816 CVE-2024-26931 bsc#1223627). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch (bsc#1221816 CVE-2024-26929 bsc#1223715). - Update patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch (bsc#1221816 CVE-2024-26930 bsc#1223626). - Update patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch (git-fixes CVE-2024-27068 bsc#1223808). - Update patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch (git-fixes CVE-2024-27060 bsc#1223725). - Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch (git-fixes CVE-2024-26919 bsc#1223847). - Update patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch (git-fixes CVE-2024-27048 bsc#1223760). - Update patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch (git-fixes CVE-2024-27052 bsc#1223829). - Update patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch (git-fixes CVE-2024-27391 bsc#1223709). - Update patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch (git-fixes CVE-2024-27053 bsc#1223737). - commit 9296e40 - Update patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch (git-fixes CVE-2023-52650 bsc#1223770). - Update patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch (git-fixes CVE-2023-52649 bsc#1223768). - Update patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch (git-fixes CVE-2023-52648 bsc#1223765). - Update patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch (git-fixes CVE-2023-52647 bsc#1223764). - commit f67398e - Update patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch (bsc#1215199 CVE-2022-48669 bsc#1223756). - commit e9a7939 - Delete patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. (bsc#1222654) - commit dc5c22e ++++ openssl-1_1: - Security fix: [bsc#1222548, CVE-2024-2511] * Fix unconstrained session cache growth in TLSv1.3 * Add openssl-CVE-2024-2511.patch ++++ openssl-3: - Security fix: [bsc#1222548, CVE-2024-2511] * Fix unconstrained session cache growth in TLSv1.3 * Add openssl-CVE-2024-2511.patch ++++ wireplumber: - Better fix for (bsc#1223916) that basically turns the main profile into the (to be in 0.5.3) video-only profile unless wireplumber-audio is installed which now turns the main profile into exactly upstream's main profile. - Add patch from upstream to fix a json log issue: * 0001-lua-json-fix-error-ouput.patch - Add patch from upstream to add a method to merge json containers: * 0002-lua-json-add-method-to-merge-json-containers.patch - Add patch from upstream to fix merging a particular case of configuration options: * 0003-json-utils-fix-overriding-of-non-container-values-when.patch - Fix wireplumber not starting successfully when audio support is not enabled since the main profile now requires it. The best option would be to use a video-only profile but it's too late to change the way wireplumber is started in SLE/Leap, so the solution just makes audio/bluetooth optional for now (bsc#1223916) * split-config-file.py ++++ nsjail: - Build with protobuf21 on Leap 15 if the version is greater than 15.3, protobuf25 has added to SLE15 since SP4 update (bsc#1222929) ++++ python-python-jose: - Add upstream patches: * CVE-2024-33663.patch, bsc#1223417, gh#mpdavis/python-jose#349 * CVE-2024-33664.patch, bsc#1223422, gh#mpdavis/python-jose#345 * fix-tests-ecdsa-019.patch, gh#mpdavis/python-jose#350 ++++ yast2: - Properly close nested progress callbacks (bsc#1223281) - 4.6.8 ------------------------------------------------------------------ ------------------ 2024-5-5 - May 5 2024 ------------------- ------------------------------------------------------------------ ++++ git-cliff: - update to 2.2.1: * Make rendering errors more verbose * Support detecting config from project manifest * Make the bump version rules configurable * bug fixes and documentation updates - CVE-2024-32650: rust-rustls: Infinite loop with proper client input fixes (boo#1223218) ------------------------------------------------------------------ ------------------ 2024-5-3 - May 3 2024 ------------------- ------------------------------------------------------------------ ++++ bcc: - Fix incorrect offset calculation when consecutive bitfields are present (bsc#1219096) * add fix-alignment-issue-on-x86_64-due-to-consecutive-bit.patch ++++ chromium: - drop patches: * chromium-123-WebUI-static_assert.patch ++++ kernel-64kb: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-azure: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-default: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ desktop-translations: - Update to version 84.87.20240503.9343de5: * Update for SLES 15 SP6 RC / Leap 15.6 RC poo#131735 * Manually remove further invalid character occurances * Fix Browse C:\ drive incorrect escaping - Update to version 84.87.20240502.b932b7c: * Add download_data_from_download-o-o.sh * Added translation using Weblate (Latvian) * Disable appstream and polkit extraction * Leap 15.6 desktop-file-translations * Translated using Weblate (Arabic) * Translated using Weblate (Catalan) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Croatian) * Translated using Weblate (Czech) * Translated using Weblate (Dutch) * Translated using Weblate (English (United Kingdom)) * Translated using Weblate (Finnish) * Translated using Weblate (German) * Translated using Weblate (Greek) * Translated using Weblate (Indonesian) * Translated using Weblate (Italian) * Translated using Weblate (Japanese) * Translated using Weblate (Latvian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Polish) * Translated using Weblate (Portuguese) * Translated using Weblate (Russian) * Translated using Weblate (Serbian (latin) (sr@latin)) * Translated using Weblate (Slovak) * Translated using Weblate (Swedish) * Translated using Weblate (Turkish) ++++ dracut: - Update to version 059+suse.521.g8412a1c0: * fix(suse-initrd): clean return of installkernel() (bsc#1223467) ++++ dtb-aarch64: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-debug: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-source: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-source-azure: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-docs: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-kvmsmall: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-obs-build: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-obs-qa: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-syms: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-syms-azure: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ kernel-zfcpdump: - Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. - commit ca33aea - btrfs: qgroup: always free reserved space for extent records (bsc#1216196). - commit 5a30b4d ++++ trousers: - fix runtime requirements for stat and udevadm (bsc#1221770). On minimal systems this can cause the %pretrans or %post scriptlets to fail because of missing tools. - add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary quote data, which would not be detected by Fapi_VerifyQuote(). ++++ lyx: - Update to 2.3.8: This is the last maintenance of the 2.3.x series with a couple of bug fixes (see included ANOUNCE file), but the most important benefit is that this version make it possible to import from and export to the 2.4.x file format - Update correct-shebang.patch ++++ package-translations: - Update to version 89.87.20240323.9bdb784: * Update for Leap 15.6 RC poo#131735 * Translated using Weblate (Catalan) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (English (United Kingdom)) * Translated using Weblate (Finnish) * Translated using Weblate (French) * Translated using Weblate (German) * Translated using Weblate (Japanese) * Translated using Weblate (Russian) * Translated using Weblate (Ukrainian) ++++ virtualbox: - Version bump to VirtualBox 7.0.18 (released May 03 2024 by Oracle)) This is a maintenance release. The following items were fixed and/or added: Networking: Fixed an issue which caused host system crash when VM was using bridged or host-only network adapter (bug #22045) Linux Guest Additions: Added more fixes to prevent UBSAN warnings (bug #21877) Fixes boo#1211941 Linux Guest Additions: Fixed issue when time stamps were displayed incorrectly within mounted shared folder (bug #22047) Permanent fix for boo#1220524. File fix_shared_folder_time.patch is deleted. Files fixes_for_python.patch and handle_gsoap_208103.patch are deleted. VirtualBox 7.0.16 (released April 16 2024) This is a maintenance release. The following items were fixed and/or added: VMM: Fixed a guru meditation executing nested-guests using the KVM hypervisor in the guest on Intel hosts (bug #21805) VMM: Fixed Linux VM crash on some recent AMD models USB: Fixed issue when EHCI controller was mishandling short packets (bug #20726) Audio: Introduced general improvements VBoxManage and vboximg-mount: Updated usage information and documentation (bugs #21895, #21992 and #21993) Guest Control: Fixed starting Windows guest processes in the correct Windows session (7.0 regression) Linux Host: Fixed issue when VBox.sh was deleting wrong VBoxSVC IPC socket when VM was started using sudo (bug #20928) Linux Host: Fixed kernel modules build failure when using GCC 13.2 Linux Host and Guest: Added fixes related to UBSAN warnings discovered on recent Linux distributions (bug #21877) Linux Host and Guest: Added possibility to prevent kernel module from automatic loading during system boot by adding mod_name.disabled=1 into kernel command line Linux Host and Guest: Added initial support for kernel 6.9 (bug #22033). File kernel-6.9.patch is deleted. Linux Host and Guest: Fixed mk_pte warning introduced in kernel 6.6 (bug #21898) Linux Guest Additions: Added initial support for kernel 6.8. File kernel-6.8.patch is deleted. Windows Guest Additions: Introduced general improvements in graphics area - Build kernel-longterm KMP on Tumbleweed (boo#1217824) ++++ tpm2.0-tools: - Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote did not check whether the magic number in the attest is equal to TPM2_GENERATED_VALUE, which might allow a malicious actor to generate arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038). - Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch: tpm2_checkquote did not compare the --pcr parameter passed to the tool with the attest. A malicious actor might thus be able to fake a valid attestation (bsc#1223689, CVE-2024-29039). ++++ virtme: - Update to 1.24: * The most noticeable changes include the support for the loop network type and the possibility to specify the --network command multipe times, both useful for kernel selftests testing * Moreover, there is a boot-time improvement in environments where the kvm acceleration is not available, such as container, cloud environments, etc. (using the q35 arch in qemu). * Notably, this new version is expected to enhance the performance of GitHub workflows that use virtme-ng. ++++ virtualbox-kmp: - Version bump to VirtualBox 7.0.18 (released May 03 2024 by Oracle)) This is a maintenance release. The following items were fixed and/or added: Networking: Fixed an issue which caused host system crash when VM was using bridged or host-only network adapter (bug #22045) Linux Guest Additions: Added more fixes to prevent UBSAN warnings (bug #21877) Fixes boo#1211941 Linux Guest Additions: Fixed issue when time stamps were displayed incorrectly within mounted shared folder (bug #22047) Permanent fix for boo#1220524. File fix_shared_folder_time.patch is deleted. Files fixes_for_python.patch and handle_gsoap_208103.patch are deleted. VirtualBox 7.0.16 (released April 16 2024) This is a maintenance release. The following items were fixed and/or added: VMM: Fixed a guru meditation executing nested-guests using the KVM hypervisor in the guest on Intel hosts (bug #21805) VMM: Fixed Linux VM crash on some recent AMD models USB: Fixed issue when EHCI controller was mishandling short packets (bug #20726) Audio: Introduced general improvements VBoxManage and vboximg-mount: Updated usage information and documentation (bugs #21895, #21992 and #21993) Guest Control: Fixed starting Windows guest processes in the correct Windows session (7.0 regression) Linux Host: Fixed issue when VBox.sh was deleting wrong VBoxSVC IPC socket when VM was started using sudo (bug #20928) Linux Host: Fixed kernel modules build failure when using GCC 13.2 Linux Host and Guest: Added fixes related to UBSAN warnings discovered on recent Linux distributions (bug #21877) Linux Host and Guest: Added possibility to prevent kernel module from automatic loading during system boot by adding mod_name.disabled=1 into kernel command line Linux Host and Guest: Added initial support for kernel 6.9 (bug #22033). File kernel-6.9.patch is deleted. Linux Host and Guest: Fixed mk_pte warning introduced in kernel 6.6 (bug #21898) Linux Guest Additions: Added initial support for kernel 6.8. File kernel-6.8.patch is deleted. Windows Guest Additions: Introduced general improvements in graphics area - Build kernel-longterm KMP on Tumbleweed (boo#1217824) ------------------------------------------------------------------ ------------------ 2024-5-2 - May 2 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 124.0.6367.118 (boo#1223846) * CVE-2024-4331: Use after free in Picture In Picture * CVE-2024-4368: Use after free in Dawn ++++ kernel-64kb: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-azure: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-default: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ dtb-aarch64: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-debug: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-source: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-source-azure: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-docs: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-kvmsmall: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-obs-build: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-obs-qa: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-syms: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-syms-azure: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ kernel-zfcpdump: - Update patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch (git-fixes CVE-2024-26927 bsc#1223525). - commit d3c5f91 ++++ leechcraft: - Workaround build problem with libtorrent-rasterbar * Add #!BuildIgnore: libboost_headers1_75_0-devel ++++ leechcraft-doc: - Workaround build problem with libtorrent-rasterbar * Add #!BuildIgnore: libboost_headers1_75_0-devel ++++ libnvme: - Update to version 1.8+26.gc96fbe8: * fabrics: keyring is a long (bsc#1216982) * config-schema.json.in: tls keys and keyrings are strings (bsc#1216982) * linux: Add nvme_scan_tls_keys() (bsc#1216982) * json: dump TLS key data in PSK interchange format (bsc#1216982) * json: import TLS key from PSK interchange format (bsc#1216982) * json: export TLS key in PSK interchange format (bsc#1216982) * tree: read TLS key in nvme_configure_ctrl() (bsc#1216982) * linux: rework nvme_insert_tls_key_versioned() (bsc#1216982) * linux: add nvme_import_tls_key() (bsc#1216982) * linux: add nvme_export_tls_key() (bsc#1216982) * crc32: Add CRC32 algorithm (bsc#1216982) * linux: add nvme_update_key() (bsc#1216982) * linux: add nvme_read_key() (bsc#1216982) * linux: allow for NULL argument in nvme_lookup_keyring() (bsc#1216982) * tree: use strtou32 to read lba_size * tree: fix lba_count size calculation * libnvme : record the nvme pci adapter physical slot (bsc#1223208) * tree: fix mem leak in nvme_ns_init() (bsc#1223331) ++++ manpages-l10n: - Remove conflicting files with xz-lang(from SLE15) - Remove conflicting files with procps-lang(from SLE15) ++++ nvme-cli: - Update to version2.8+19.g47882bb: * nvme: fix mem leak in multiple key related functions (bsc#1223331) * fabrics: fix mem leak in nvmf_check_hostid_and_hostnqn() (bsc#1223331) * nvme: check-tls-key fails despite having hostnqn file (bsc#1223331) * nvme: print retained key for gen-tls-key's -i option too (bsc#1223331) * nvme-print: print more details in ns-descs verbose output (bsc#1223331) * nvme: use library functions for importing and exporting TLS keys (bsc#1216982) * nvme: Fix to cleanup free raw_secret memory allocated ++++ bmap-tools: - Fix Leap 15 build by pass -c -k options to zstd too * Add bmap-tools-tests-Pass-c-k-options-to-zstd-too.patch ++++ sway: - Fix build with libinput * Add 0001-ipc-add-LIBINPUT_CONFIG_ACCEL_PROFILE_CUSTOM-entry.patch ++++ znc: - Update to version 1.9.0: * Fixed crash when receiving SASL lines from server without having negotiated SASL via CAP. * Fixed build with SWIG 4.2.0. * Fixed build with LibreSSL. * Fixed handling of timezones when parsing server-time tags received from server. * Use module names as the module ident, otherwise some clients were merging conversations with different modules together. * Stopped sending invalid 333 (`RPL_TOPICWHOTIME`) to client if topic owner is unknown. * Fixed an ODR violation. * Better hide password in PASS debug lines, sometimes it was not hidden. * CAP REQ sent by client without CAP LS now suspends the registration as the spec requires. * Removed 1841.patch (upstreamed). * Modified harden_znc.service.patch to apply to latest release. ------------------------------------------------------------------ ------------------ 2024-5-1 - May 1 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Add patches: * chromium-123-missing-QtGui.patch - Restore libxml 2.12 check for chromium-124-system-libxml.patch which replaced chromium-121-blink-libxml-const.patch ++++ gh: - Update to version 2.49.0: * Document repo clone protocol behaviour * whitespace aligment for inspect/inspect.go * whitespace alignment in attestation/attestation.go * Added tweaked note to tuf-root-verify * Tweaked gh attestation help strings to generate nicer cli manual site. * Update attestation's beta designation * Update cli/go-gh to v2.9.0 * Add beta designation on attestation command set * Test `gh at verify -b` does not require auth * Use ghinstance package for attestation host checks * Test cmdutil.IsAuthCheckEnabled cases * Fix issue with closing pager stream (#9020) * Support long URLs in `gh repo clone` (#9008) * check for enterprise host * Add missing title field for projectv2 * Match query fields with `ProjectV2` type * Include `URL` in `ProjectV2` type * Include `projectsV2` in GraphQL query * Remove unnecessary defensive check * Test verification failures when attestations are bad * Rework sigstore tests for easier maintenance * Make error more obvious when bundle has wrong extension * Add colon at the end of secret prompts (#9004) * Use cmdutil.ExactArgs instead of MinimumArgs; also add tests * proof of concept for flag-level disable auth check * remove hidden flag from attestation command (#8998) * Update `gh attestation verify` output (#8991) * Just base verification policy on trusted root, not bundle * Support offline mode for `gh attestation verify` * build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2 * `gh attestation tuf-root-verify` offline test fix (#8975) * Update `sigstore-go` dependency to v0.3.0 (#8977) * build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 * Make it clearer that job flag is meant to be an ID * Ignore run-id when providing also job for rerun ++++ glibc: - glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423, BZ #31677) - glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch: nscd: Avoid null pointer crashes after notfound response (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch: nscd: Do not send missing not-found response in addgetnetgrentX (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch: netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, CVE-2024-33602, bsc#1223425, BZ #31680) ++++ glibc-utils-src: - glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423, BZ #31677) - glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch: nscd: Avoid null pointer crashes after notfound response (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch: nscd: Do not send missing not-found response in addgetnetgrentX (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch: netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, CVE-2024-33602, bsc#1223425, BZ #31680) ------------------------------------------------------------------ ------------------ 2024-4-30 - Apr 30 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-default: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ dracut: - Update to version 059+suse.519.g3edf43b4: * chore(suse): remove obsolete fillup template (bsc#1223467) ++++ dtb-aarch64: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-debug: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-source: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-source-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-docs: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-kvmsmall: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-obs-build: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-obs-qa: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-syms: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-syms-azure: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ kernel-zfcpdump: - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451 git-fixes). - Update patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch (bsc#1141539 git-fixes). - commit 73a9e98 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852 bsc#1223057) - commit 9474f59 ++++ postgresql12-libversion: - update to 2.0.1: * remove unused function wrap_version_compare_simple ++++ postgresql13-libversion: - update to 2.0.1: * remove unused function wrap_version_compare_simple ++++ postgresql14-libversion: - update to 2.0.1: * remove unused function wrap_version_compare_simple ++++ postgresql15-libversion: - update to 2.0.1: * remove unused function wrap_version_compare_simple ++++ postgresql16-libversion: - update to 2.0.1: * remove unused function wrap_version_compare_simple ++++ rstudio: - New upstream release 2024.04.0+735. (boo#1223378) * RStudio now requires R 3.6.0 or newer. * RStudio's auto-completion system now supports ggplot2 aesthetic names and data columns. * RStudio's auto-completion system now supports the display of the "label" attribute. * RStudio Desktop on Windows and Linux supports auto-hiding the menu bar. * RStudio Desktop on Windows and Linux supports full-screen mode via F11. * RStudio Desktop now supports pasting of file paths for files copied to the clipboard. * RStudio now reports a diagnostics warning when `=` (rather than `==`) is used in `if`, `for`, and `while` conditionals. * R projects can be given a custom display name in Project Options. * The automatic display of Copilot code completions can now be controlled via a user preference. * Copilot code suggestions can now be requested via the keyboard shortcut `Ctrl + \`. * The next word in a Copilot code suggestion can now be accepted via `Ctrl + Right` (`Cmd + Right` on macOS). * RStudio now highlights and lints Quarto chunk options in Python code chunks. * RStudio no longer highlights `\[ \]` and `\( \)` Mathjax equations; prefer `$$ $$` and `$ $` instead. * Added cmake option to build RStudio without the check for updates feature. * Allow choosing R from non-standard location at startup. * Add `EnvironmentFile` support to systemd service definitions. * RStudio's GWT sources can now be built with JDKs > 11. * Show grey background instead of solid-white during Desktop startup. * The 'restartSession()' API method gains the 'clean' argument. * 'dot' chunks in R Markdown documents are now executable. * (rstudioapi) Fixed an issue where selectFile() did not parse filter strings in a cross-platform way. * RStudio now reports repository validation errors (if any) when adding secondary repositories in the Global Options -> Packages pane. * The working directory of a background job now defaults to the .Rproj location when a project is open. * Add search results copy button and search results breadcrumbs to RStudio User Guide. * RStudio now supports generation of a Copilot diagnostic report from the Copilot preferences pane. * The RStudio debugger is now better at matching debugged code to source documents. * RStudio no longer includes spurious chunk markers from Copilot completion results. * Added new commands which toggle the maximized state of Console, Source, and Tab Group quadrants [Accessibility]. * RStudio now prints a warning if an overly-long line of console input is truncated when sending to R. * RStudio now supports highlighting of inline YAML chunk options in R Markdown / Quarto documents. * RStudio now supports auto-completion following `@` via `.AtNames`. * RStudio now supports the execution and display of GraphViz (`dot`) graphs in R Markdown / Quarto chunks. * RStudio now supports the execution of chunks with the 'file' option set. * RStudio now supports `LuaLaTeX` to compile Sweave/Rnw documents. * RStudio now supports pasting of file paths for files copied to the clipboard. * Improved support for development documentation when a package has been loaded via `devtools::load_all()`. * Better error message when user preferences fail to save due to folder permissions. * With screen reader support enabled, hitting ESC key allows Tabbing away from editor. - Rebase patches: * 0002-Don-t-install-pandoc-and-mathjax.patch * old-boost.patch * remove-panmirror.patch - Set RSTUDIO_BOOST_REQUESTED_VERSION on all Leap versions. - Relax Java version requirement, Java > 11 is now supported. - Add fix-boost-1.85-build.patch to fix build with Boost 1.85. - Add fix-boost-1.66-build.patch from Michael Pujos to fix build with Leap's older Boost 1.66. We can't use Boost 1.75 because it conflicts with Boost 1.66 required by soci-devel. - Add respect-system-yaml-cpp.patch to make sure our choice of RSTUDIO_USE_SYSTEM_YAML_CPP=TRUE is respected. - Add skip-osrelease.patch to skip parsing of /etc/os-release. ------------------------------------------------------------------ ------------------ 2024-4-29 - Apr 29 2024 ------------------- ------------------------------------------------------------------ ++++ flatpak: - Update to version 1.14.6: * Security fixes: - Don't allow an executable name to be misinterpreted as a command-line option for bwrap(1). This prevents a sandbox escape where a malicious or compromised app could ask xdg-desktop-portal to generate a .desktop file with access to files outside the sandbox. (CVE-2024-32462, bsc#1223110) * Other bug fixes: - Don't parse as the application name ++++ jasper: - security update: Fix assertion failure in jpc_streamlist_remove() * CVE-2024-31744 [bsc#1223155] Add jasper-CVE-2024-31744.patch ++++ kernel-firmware-nvidia-gspx-G06: - Update to 550.78 * addresses boo#1223454 ++++ musescore: - Delete unnecesaary require of "pipewire-alsa if pipewire" (boo#1220821) ++++ nvidia-open-driver-G06-signed: - Update to 550.78 * addresses boo#1223454 ++++ openSUSE-repos-Leap: - Ensure that only one NVIDIA package flavor can be installed Related to Issue #53 ++++ tryton: - sources are not signed anymore ++++ trytond: - sources are not signed anymore ++++ trytond_account: - sources are not signed anymore ++++ trytond_account_invoice: - sources are not signed anymore ++++ trytond_account_product: - sources not signed anymore ++++ trytond_party: - sources not signed anymore ++++ trytond_purchase: - sources not signed anymore ++++ trytond_stock: - sources not signed anymore ++++ trytond_stock_lot: - sources not signed anymore ++++ trytond_stock_supply: - sources not signed anymore ++++ yast2-trans: - Update to version 84.87.20240428.f3ddce30c5: * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Hungarian) * Translated using Weblate (Hungarian) * Translated using Weblate (Japanese) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) ------------------------------------------------------------------ ------------------ 2024-4-28 - Apr 28 2024 ------------------- ------------------------------------------------------------------ ++++ clamav-database: - database refresh on 2024-04-29 (bsc#1084929) ++++ mkvtoolnix: - Update to version 84.0 New features and enhancements: * mkvmerge: added a new file-specific option `--regenerate-track-uids`. When used for Matroska files, `mkvmerge` will generate new random track UIDs instead of keeping existing track UIDs. This is done automatically when a Matroska file was created by MakeMKV. * mkvmerge: MP4 reader: added support for FLAC in MP4. * MKVToolNix GUI: multiplexer: the "Attachments" tab's title will now include the total number of attachments (both from source files & to newly attach). * translations: added a Norwegian Bokmål translation of the programs by Roger Knutsen (see `AUTHORS`). Bug fixes: * configure: when called with `--disable-gui` the build system still ran the check for the GUI libraries & failed if they weren't found. This check is now skipped when the option is given. * mkvmerge: several color-related track header properties were parsed into & stored as a wrong integer type internally. This could result in wrong values being copied when very large values were present in source files, or in error messages when very large values were used as command-line parameters. * MKVToolNix GUI: multiplexer: the keyboard shortcuts from the "modify selected tracks" sub-menu didn't work right after opening a file. They only started working after opening the "multiplexer" menu. Build system changes: * Release v8.0.0 of the `fmt` library is now required. If not found, the bundled copy will be used. * A C++20 compatible compiler is now required for several but certainly not all C++20 features. g++ v10 & clang++ v10 should suffice. ++++ mutter: - Add 0001-Revert-clutter-stage-Avoid-queueing-stage-updates-wh.patch: Reverting commit 261f516a to fix black screen on Xorg when logging in or logging out (glgo#GNOME/mutter#3452 bsc#1222612). ------------------------------------------------------------------ ------------------ 2024-4-27 - Apr 27 2024 ------------------- ------------------------------------------------------------------ ++++ ffmpeg-4: - Add ffmpeg-CVE-2023-50010.patch: Backporting e4d2666b from upstream, fixes the out of array access. (CVE-2023-50010 bsc#1223256) ------------------------------------------------------------------ ------------------ 2024-4-26 - Apr 26 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 124.0.6367.78 (boo#1223845) * CVE-2024-4058: Type Confusion in ANGLE * CVE-2024-4059: Out of bounds read in V8 API * CVE-2024-4060: Use after free in Dawn ++++ kernel-64kb: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-azure: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-default: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ dtb-aarch64: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ gping: - Initial Checkin ++++ kernel-debug: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-source: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-source-azure: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-docs: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-kvmsmall: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-obs-build: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-obs-qa: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-syms: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-syms-azure: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ kernel-zfcpdump: - kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415) - commit 689bcfa - Update kabi files: updated for post-PublicRC - commit f978f5f ++++ openSUSE-repos-Leap: - NVIDIA package needs to require specific flavor. Issue #53 ++++ systemtap: - Upgrade to version 5.0 (bsc#1223327): * Performance improvements in uprobe registration and module startup. * More probe point process details are printed in "-L" list mode with more "-v". * For the case where newer kernels may break systemtap runtime APIs, better pass-4 failure diagnostics are printed. * Tapset function print_ubacktrace_fileline() now understands DWARF5. * The target(s) of process probes may be specified by path name globs, as located selected debuginfod servers. This requires the debuginfod servers to support "metadata" queries. The following probes all of the binaries matching /usr/*/curl known to the debuginfod servers, regardless of what's currently installed as the system /usr/bin/curl: [#] export DEBUGINFOD_URLS="URL1 URL2 ..." [#] stap -e 'probe debuginfod.process("/usr/*/curl").begin { log("hi") }' The archive glob may be given as an optional component to filter further: [#] stap -e 'probe debuginfod.archive("*.fc38*") .process("/usr/*/c*").function("main") { log("Hello World") }' * The kernel-user message transport system added framing codes, making the transport more reliable, but becoming incompatible across pre-5.0 versions. Use matching versions of stap and staprun. * RHEL6, kernel 2.6.32* as well as older releases have been deprecated from the codebase. RHEL7 and kernel version 3.10 are now the oldest supported versions for Systemtap. * The testsuite Makefile has been simplified to remove concurrency, so "parallel" and "resume" modes are gone. * New runtime macro STP_TIMING_NSECS is now supported for reporting probe timing stats in nsecs instead of cycles. This may become default later. * Add new runtime macro STP_FORCE_STDOUT_TTY to override STP_STDOUT_NOT_ATTY. - Unlike OpenSUSE, SLE has no libdebufinfod. However detection for the !libdebuginfod case is broken: New patch: configure.ac-fix-broken-libdebuginfod-library-auto-detection.patch ++++ systemtap-docs: - Upgrade to version 5.0. See systemtap.spec for changelog ++++ systemtap-dtrace: - Upgrade to version 5.0. See systemtap.spec for changelog ++++ systemtap-headers: - Upgrade to version 5.0. See systemtap.spec for changelog ------------------------------------------------------------------ ------------------ 2024-4-25 - Apr 25 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-azure: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-default: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ dtb-aarch64: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-debug: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-source: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-source-azure: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-docs: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-kvmsmall: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-obs-build: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-obs-qa: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-syms: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-syms-azure: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ kernel-zfcpdump: - Update patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26890 bsc#1223192). - Update patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch (jsc#PED-3311 CVE-2024-26907 bsc#1223203). - Update patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes CVE-2024-26916 bsc#1223137). - Update patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch (git-fixes CVE-2024-26877 bsc#1223140). - Update patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch (git-fixes CVE-2024-26880 bsc#1223188). - Update patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch (git-fixes CVE-2024-26913 bsc#1223204). - Update patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch (git-fixes CVE-2024-26914 bsc#1223205). - Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch (git-fixes CVE-2024-26915 bsc#1223207). - Update patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch (git-fixes CVE-2024-26893 bsc#1223196). - Update patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch (bsc#1221858 CVE-2024-26582 bsc#1220214). - Update patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch (git-fixes CVE-2024-26897 bsc#1223323). - Update patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch (git-fixes CVE-2024-26892 bsc#1223195). - Update patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch (git-fixes CVE-2024-26895 bsc#1223197). - commit d9b565f - Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216). - commit 81c5485 ++++ mumble: - enable and fix tests: TestSettingsJSONSerialization fails loading qt xcb in headless ++++ mumble: - enable and fix tests: TestSettingsJSONSerialization fails loading qt xcb in headless ------------------------------------------------------------------ ------------------ 2024-4-24 - Apr 24 2024 ------------------- ------------------------------------------------------------------ ++++ crmsh: - Update to version 4.6.0+20240422.73eaf02a: * Fix: bootstrap: Detect cluster service on init node before saving the canonical hostname (bsc#1222714) * Dev: report: Collect quorum/qdevice/qnetd status * Fix: utils: set env `CIB_shadow` using `os.environ` (bsc#1205925) * Fix: pass env to child process explicitly (bsc#1205925) * Fix: term: unset env `COLUMNS` and `ROWS` (bsc#1205925) * Fix: sh: pass env to child process explicitly (bsc#1205925) * Fix: bootstrap: Remove unused -i option when calling csync2_remote and ssh_remote stage (bsc#1212080) ++++ dcmtk: - Add upstream changes: * 0001-Fixed-buffer-overflow-in-decompression-codecs.patch * 0001-Fixed-possible-overflows-when-allocating-memory.patch * 0001-Fixed-two-segmentation-faults.patch * 0001-Fixed-unchecked-typecasts-of-DcmItem-search-results.patch * 0002-Fixed-unchecked-typecasts-and-fixed-LUT-handling.patch (boo#1223324, CVE-2024-28130) * 0003-Fixed-wrong-error-handling-previous-commit.patch * 0001-Fixed-DcmDecimalString-unit-tests.patch - Run unit tests ++++ frr: - Apply upstream fix solving crash in OSPF TE parsing (bsc#1220548, CVE-2024-27913, gh#FRRouting/frr#15431) [+ 0020-ospfd-Solved-crash-in-OSPF-TE-parsing.patch] ++++ libcontainers-common: - Introduce new subpackage that ships registries.conf that uses registry.suse.com as the only unqualified registry while pulling images on SL Micro and SP6. (jsc#SMO-376, jsc#PED-8289) ++++ ntp: - Get-rid-of-EVP_MD_CTX_FLAG_NON_FIPS_ALLOW.patch: Allow certain usages of MD5 in FIPS mode. (bsc#1222865) ++++ pdns-recursor: - update to 5.0.4: * fixes a case when a crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured (bsc#1223262, CVE-2024-25583) - changes in 5.0.3 * Log if a DNSSEC related limit was hit if log_bogus is set * Reduce RPZ memory usage by not keeping the initially loaded RPZs in memory * Fix the zoneToCache regression introduced by 5.0.2 security update ++++ python3-QtPy: - Rename to python3-QtPy to build with python 3.6 for the backward compatibility - Drop BuildRequires qtdatavis3d-qt5 and qt3d-qt5 * qtdatavis3d-qt5 and qt3d-qt5 python binding has now only support python 3.11 ++++ virtualbox: - Provide a temporary fix to the problem of wrong timestamp for files in a shared folder since kernel 6.6. File "fix_shared_folder_time.patch" is added. This change fixes boo#1220524. ++++ virtualbox-kmp: - Provide a temporary fix to the problem of wrong timestamp for files in a shared folder since kernel 6.6. File "fix_shared_folder_time.patch" is added. This change fixes boo#1220524. ------------------------------------------------------------------ ------------------ 2024-4-23 - Apr 23 2024 ------------------- ------------------------------------------------------------------ ++++ wireplumber: - Update to version 0.5.2: * Highlights: - Added support for loading configuration files other than the default wireplumber.conf within Lua scripts (!629) - Added support for loading single-section configuration files, without fragments (!629) - Updated the node.software-dsp script to be able to load filter-chain graphs from external configuration files, which is needed for Asahi Linux audio DSP configuration (!629) * Fixes: - Fixed destroying camera nodes when the camera device is removed (#627, !631) - Fixed an issue with Bluetooth BAP device set naming (!632) - Fixed an issue caused by the pipewire event loop not being "entered" as expected (!634, #638) - A false positive warning about no modules being loaded is now suppressed when using libpipewire >= 1.0.5 (#620) - Default nodes can now be selected using priority.driver when priority.session is not set (#642) * Changes: - The library version is now generated following pipewire's versioning scheme: libwireplumber-0.5.so.0.5.2 becomes libwireplumber-0.5.so.0.0502.0 (!633) - Remove patches from upstream that are already in 0.5.2: * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch ++++ mumble: - Address licensedigger concerns: * drop qttranslations from tarball, adjust licenses.patch * The OCB design is in the public domain add mumble-1.5.629-The-OCB-design-is-in-the-public-domain.patch * drop unneeded installer files from tarball * unbundle audio back-end headers from tarball: pulseadio, jack, portadio, pipewire add mumble-1.5.629-unbundle-audio-backends.patch - change from tarball to obscpio and build-time service ++++ mumble: - Address licensedigger concerns: * drop qttranslations from tarball, adjust licenses.patch * The OCB design is in the public domain add mumble-1.5.629-The-OCB-design-is-in-the-public-domain.patch * drop unneeded installer files from tarball * unbundle audio back-end headers from tarball: pulseadio, jack, portadio, pipewire add mumble-1.5.629-unbundle-audio-backends.patch - change from tarball to obscpio and build-time service ++++ post-build-checks-malwarescan: - disable EXCLUDELIST, upstream false positive was fixed. bsc#1222509 ------------------------------------------------------------------ ------------------ 2024-4-22 - Apr 22 2024 ------------------- ------------------------------------------------------------------ ++++ MozillaThunderbird: - Mozilla Thunderbird 115.10.1 * fixed: Thunderbird processes did not exit cleanly; user intervention was required via task manager (bmo#1891889) * unresolved: After changing password on an IMAP account, the account could become locked due to too many failed login attempts (bmo#1862111) - Mozilla Thunderbird 115.10 * fixed: Creating a tag in General Settings with a number as the tag name did not work (bmo#1881124) * fixed: Quick Filter button selections did not persist after restart (bmo#1847265) * fixed: Collapsing and expanding message list headers sometimes caused header to scroll out of view (bmo#1862197) * fixed: Single message with no children inside a parent thread sometimes displayed incorrectly as a thread with a duplicate of itself as its child (bmo#1427546) * fixed: "Get selected messages" menu items did not work (bmo#1867091) * fixed: "Download and Sync Messages" dialog was too short when using Russian locale, obscuring OK button (bmo#1881795) * fixed: After changing password on an IMAP account, the account could become locked due to too many failed login attempts (bmo#1862111) * fixed: Retrieving multiline POP3 message from server failed if message chunk ended in newline instead of carriage return and newline (bmo#1883760) * fixed: IMAP, POP3, and SMTP Exchange autoconfiguration did not support encryption configuration (bmo#1876992) * fixed: Non-empty address book search bar interfered with displaying/editing contacts (bmo#1833031) * fixed: Deleting attendees from "Invite Attendees" view removed attendees from view, but not from invite (bmo#1874450) * fixed: Splitter arrow between task list and task description did not behave as expected (bmo#1889562) * fixed: Performance improvements and code cleanup (bmo#1878257,bmo#1883550) * fixed: Security fixes * unresolved: Thunderbird processes did not exit cleanly; user intervention was required via task manager (bmo#1891889) MFSA 2024-20 (bsc#1222535) * CVE-2024-3852 (bmo#1883542) GetBoundName in the JIT returned the wrong object * CVE-2024-3854 (bmo#1884552) Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857 (bmo#1886683) Incorrect JITting of arguments led to use-after-free during garbage collection * CVE-2024-2609 (bmo#1866100) Permission prompt input delay could expire when not in focus * CVE-2024-3859 (bmo#1874489) Integer-overflow led to out-of-bounds-read in the OpenType sanitizer * CVE-2024-3861 (bmo#1883158) Potential use-after-free due to AlignedBuffer self-move * CVE-2024-3863 (bmo#1885855) Download Protections were bypassed by .xrm-ms files on Windows * CVE-2024-3302 (bmo#1881183, https://kb.cert.org/vuls/id/421644) Denial of Service using HTTP/2 CONTINUATION frames * CVE-2024-3864 (bmo#1888333) Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 ++++ breeze: - Add patch to fix the version number (boo#1223149): * 0001-Update-version-number-for-5.27.11.patch ++++ plasma5-workspace: - Remove leftover %_plasma5_bugfix override (boo#1223149) ++++ systemd: - Restore the gpt-auto generator. The workaround is not needed anymore as commit d317008225 (see below) should fix the issue reported in bsc#1218671. ++++ yast2-trans: - Update to version 84.87.20240421.63804708b7: * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Slovak) * Translated using Weblate (Czech) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * Translated using Weblate (Japanese) * New POT for text domain 'storage'. * New POT for text domain 'docker'. * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) ------------------------------------------------------------------ ------------------ 2024-4-21 - Apr 21 2024 ------------------- ------------------------------------------------------------------ ++++ ccls: - Update to version 0.20240202. * Compatibility with LLVM 18. * Disable -include b.hh => -include b.hh.{gch,pch} transition. See https://maskray.me/blog/2023-07-16-precompiled-headers for the behavior. - Remove obsolete patches: * llvm16-optional-deprecation.patch * llvm17-precompiled-preamble-build.patch - Thanks to Björn Bidar for the original patch! ++++ clamav-database: - database refresh on 2024-04-22 (bsc#1084929) ++++ vim: - Updated to version 9.1 with patch level 0330, fixes the following problems * Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1 - refreshed vim-7.3-filetype_spec.patch - refreshed vim-7.3-filetype_ftl.patch - Update spec.skeleton to use autosetup in place of setup macro. - for the complete list of changes see https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330 ++++ waycheck: - Update to 1.2.1 + Update "Upstream" protocol list to wayland-protocols v1.35 ------------------------------------------------------------------ ------------------ 2024-4-20 - Apr 20 2024 ------------------- ------------------------------------------------------------------ ++++ java-1_8_0-openjdk: - Update to version jdk8u412 (icedtea-3.31.0) * Security fixes + JDK-8317507, JDK-8325348, CVE-2024-21094, bsc#1222986: C2 compilation fails with "Exceeded _node_regs array" + JDK-8318340: Improve RSA key implementations + JDK-8319851, CVE-2024-21011, bsc#1222979: Improve exception logging + JDK-8322114, CVE-2024-21085, bsc#1222984: Improve Pack 200 handling + JDK-8322122, CVE-2024-21068, bsc#1222983: Enhance generation of addresses * Import of OpenJDK 8 u412 build 08 + JDK-8011180: Delete obsolete scripts + JDK-8016451: Scary messages emitted by build.tools.generatenimbus.PainterGenerator during build + JDK-8021961: setAlwaysOnTop doesn't behave correctly in Linux/Solaris under certain scenarios + JDK-8023735: [TESTBUG][macosx] runtime/XCheckJniJsig/XCheckJSig.java fails on MacOS X + JDK-8074860: Structured Exception Catcher missing around CreateJavaVM on Windows + JDK-8079441: Intermittent failures on Windows with "Unexpected exit from test [exit code: 1080890248]" (0x406d1388) + JDK-8155590: Dubious collection management in sun.net.www.http.KeepAliveCache + JDK-8168518: rcache interop with krb5-1.15 + JDK-8183503: Update hotspot tests to allow for unique test classes directory + JDK-8186095: upgrade to jtreg 4.2 b08 + JDK-8186199: [windows] JNI_DestroyJavaVM not covered by SEH + JDK-8192931: Regression test java/awt/font/TextLayout/CombiningPerf.java fails + JDK-8208655: use JTreg skipped status in hotspot tests + JDK-8208701: Fix for JDK-8208655 causes test failures in CI tier1 + JDK-8208706: compiler/tiered/ /ConstantGettersTransitionsTest.java fails to compile + JDK-8213410: UseCompressedOops requirement check fails fails on 32-bit system + JDK-8222323: ChildAlwaysOnTopTest.java fails with "RuntimeException: Failed to unset alwaysOnTop" + JDK-8224768: Test ActalisCA.java fails + JDK-8251155: HostIdentifier fails to canonicalize hostnames starting with digits + JDK-8251551: Use .md filename extension for README + JDK-8268678: LetsEncryptCA.java test fails as Let’s Encrypt Authority X3 is retired + JDK-8270280: security/infra/java/security/cert/ /CertPathValidator/certification/LetsEncryptCA.java OCSP response error + JDK-8270517: Add Zero support for LoongArch + JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/ /security/cert/CertPathValidator/certification/BuypassCA.java no longer needs ocspEnabled + JDK-8276139: TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test + JDK-8288132: Update test artifacts in QuoVadis CA interop tests + JDK-8297955: LDAP CertStore should use LdapName and not String for DNs + JDK-8301310: The SendRawSysexMessage test may cause a JVM crash + JDK-8308592: Framework for CA interoperability testing + JDK-8312126: NullPointerException in CertStore.getCRLs after 8297955 + JDK-8315042: NPE in PKCS7.parseOldSignedData + JDK-8315757: [8u] Add cacerts JTREG tests to GHA tier1 test set + JDK-8320713: Bump update version of OpenJDK: 8u412 + JDK-8321060: [8u] hotspot needs to recognise VS2022 + JDK-8321408: Add Certainly roots R1 and E1 + JDK-8322725: (tz) Update Timezone Data to 2023d + JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray + JDK-8323202: [8u] Remove get_source.sh and hgforest.sh + JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed + JDK-8324530: Build error with gcc 10 + JDK-8325150: (tz) Update Timezone Data to 2024a * Bug fixes + Support make 4.4 ++++ mumble: - switch to source service generated tarball that has a number of unused, bundled libraries removed. Patch the sources to not require that they are present - add licenses.patch - mumble 1.5.629 (RC3) * ReNameNoise as a replacement for RNNoise * Accessibility across the entire application * Add ability to record MP3s * UI updates * bug fixes - packaging changes: * use system libraries where available and clean up dependencies * move appdata to client package * remove usage of tracy - mumble-unbundle-tracy.patch - drop patches: * fix-pkg_get_variable.patch - reworked upstream * mumble-1.5.517-qsystemlocaledate.patch - not needed * reproducible.patch - merged * mumble-leap-cxx17-filesystem.patch - not needed ++++ mumble: - switch to source service generated tarball that has a number of unused, bundled libraries removed. Patch the sources to not require that they are present - add licenses.patch - mumble 1.5.629 (RC3) * ReNameNoise as a replacement for RNNoise * Accessibility across the entire application * Add ability to record MP3s * UI updates * bug fixes - packaging changes: * use system libraries where available and clean up dependencies * move appdata to client package * remove usage of tracy - mumble-unbundle-tracy.patch - drop patches: * fix-pkg_get_variable.patch - reworked upstream * mumble-1.5.517-qsystemlocaledate.patch - not needed * reproducible.patch - merged * mumble-leap-cxx17-filesystem.patch - not needed ------------------------------------------------------------------ ------------------ 2024-4-19 - Apr 19 2024 ------------------- ------------------------------------------------------------------ ++++ apache2-mod_php7: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ btfs: - Build against boost 1.75 on Leap 15 to match the one used by libtorrent-rasterbar (code-o-o#leap/features/issue/155) ++++ kernel-64kb: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-azure: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-default: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ dtb-aarch64: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ ffmpeg-4: - Add ffmpeg-CVE-2024-31578.patch: Backporting ab0fdaed from upstream, Fix heap use after free when vulkan_frames_init failed. (CVE-2024-31578 bsc#1223070) ++++ gajim: - Fix Leap15 build * Add %{?sle15_python_module_pythons} * Run build_metadata.py and install_metadata.py with a specific executable python flavor ++++ gitui: - Update to version 0.26.1: Added: * sign commits using openpgp * support ssh commit signing (when user.signingKey and gpg.format = ssh of gitconfig are set; ssh-agent isn't yet supported) * provide nightly builds (see NIGHTLIES.md) * more version info in gitui -V and help popup (including git hash) * support core.commitChar filtering * allow reset in branch popup * respect configuration for remote when pushing Changed: * Make info and error message popups scrollable * clarify x86_64 linux binary in artifact names: gitui-linux-x86_64.tar.gz (formerly known as musl) Fixes: * add syntax highlighting support for more file types, e.g. Typescript, TOML, etc. ++++ kernel-debug: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-source: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-source-azure: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-docs: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-kvmsmall: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-obs-build: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-obs-qa: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-syms: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-syms-azure: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ kernel-zfcpdump: - Update patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482). - Update patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch (git-fixes CVE-2024-26891 bsc#1223037). - Update patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch (git-fixes CVE-2024-26894 bsc#1223043). - Update patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch (git-fixes CVE-2024-26799 bsc#1222415). - Update patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch (git-fixes CVE-2024-26801 bsc#1222413). - Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch (git-fixes CVE-2024-26886 bsc#1223044). - Update patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch (git-fixes CVE-2024-26839 bsc#1222975). - Update patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch (git-fixes CVE-2024-26838 bsc#1222974). - Update patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch (git-fixes CVE-2024-26872 bsc#1223115). - Update patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch (git-fixes CVE-2024-26848 bsc#1223030). - Update patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch (git-fixes CVE-2024-26736 bsc#1222586). - Update patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430). - Update patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch (bsc#1220265 CVE-2024-26840 bsc#1222976). - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689 bsc#1222503). - Update patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch (git-fixes CVE-2024-26879 bsc#1223066). - Update patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch (git-fixes CVE-2024-26824 bsc#1223081). - Update patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch (git-fixes CVE-2024-26788 bsc#1222783). - Update patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444). - Update patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch (git-fixes CVE-2024-26700 bsc#1222870). - Update patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes CVE-2024-26833 bsc#1223036). - Update patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch (git-fixes CVE-2024-26729 bsc#1222552). - Update patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch (git-fixes CVE-2024-26797 bsc#1222425). - Update patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch (git-fixes CVE-2024-26876 bsc#1223119). - Update patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch (git-fixes CVE-2024-26911 bsc#1223055). - Update patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch (git-fixes CVE-2024-26874 bsc#1223048). - Update patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch (git-fixes CVE-2024-26912 bsc#1223064). - Update patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch (git-fixes CVE-2024-26843 bsc#1223014). - Update patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch (git-fixes CVE-2024-26798 bsc#1222798). - Update patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch (git-fixes CVE-2024-26830 bsc#1223012). - Update patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch (git-fixes CVE-2024-26711 bsc#1222420). - Update patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch (git-fixes CVE-2024-26755 bsc#1222529). - Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch (git-fixes CVE-2024-26829 bsc#1223027). - Update patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch (git-fixes CVE-2024-26875 bsc#1223118). - Update patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch (git-fixes CVE-2024-26820 bsc#1223078). - Update patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch (bsc#1215322 CVE-2024-26859 bsc#1223049). - Update patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch (git-fixes CVE-2024-26803 bsc#1222788). - Update patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch (git-fixes CVE-2024-26825 bsc#1223065). - Update patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch (git-fixes CVE-2024-26697 bsc#1222550). - Update patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch (git-fixes CVE-2024-26696 bsc#1222549). - Update patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709 bsc#1222418). - Update patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch (bsc#1215199 CVE-2024-26710 bsc#1222419). - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607). - Update patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch (bsc#1215199 CVE-2024-26847 bsc#1223026). - Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes CVE-2024-26675 bsc#1222379). - Update patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056). - Update patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch (git-fixes CVE-2024-26693 bsc#1222451). - Update patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch (git-fixes CVE-2024-26779 bsc#1222772). - Update patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch (git-fixes CVE-2024-26896 bsc#1223042). - Update patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch (git-fixes CVE-2024-26687 bsc#1222435). - commit a69636a - Update patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch (git-fixes CVE-2023-52643 bsc#1222960). - Update patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch (git-fixes CVE-2023-52642 bsc#1223031). - Update patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch (git-fixes CVE-2023-52644 bsc#1222961). - commit 2c2d37f - Update patch reference of iio fix (CVE-2024-26702 bsc#1222424) - commit 9436142 ++++ libqt5-qtwebengine: - Add patch to fix build with libxml >= 2.12: * 0001-Fix-building-with-system-libxml2.patch ++++ jasper: - bsc#1223155 CVE-2024-31744: Add missing check to jpc_dec_process_sod() Add jasper-CVE-2024-31744.patch ++++ qclib: - Applied a patch to change the _PATH_MOUNTED (bsc#1222143) * qclib-change-_PATH_MOUNTED.patch ++++ libtorrent-rasterbar: - Build against boost175 on Leap15 code-o-o#leap/features/issue/155 ++++ openssl_tpm2_engine: - Update to version 4.1.2 * test fixes for newer tpm emulators ++++ php7: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ php7-embed: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ php7-fastcgi: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ php7-fpm: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ php7-test: - security update - added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch ++++ plasma5-openSUSE: - Set also defaultFileSuffix in metadata.desktop to the right wallpaper file extension (boo#1223125) ++++ virtualbox: - Fix build error on Factory;Staging due to libxml 2.12.6. Added file libxml21206.patch. Added file kernel-6.9.patch to fix builds on kernel 6.9. ++++ python-nbxmpp: - Switch to python3.11 for Leap15 by added %{?sle15_python_module_pythons} - Explicit to define runtime requirements, macro %{?python_enable_dependency_generator} won't work for Leap 15. also removed %{?python_enable_dependency_generator} ++++ python-precis-i18n: - Add %{?sle15_python_module_pythons} ++++ qbittorrent: - Build against boost 1.75 on Leap 15 to match the one used by libtorrent-rasterbar (code-o-o#leap/features/issue/155) ++++ rtl8812au: - Add patch to fix build in Leap 15.6 whose 6.4 kernel includes backported features from 6.5: * fix-15.6.patch ++++ virt-v2v: - Add Requires for dhcp-client - Add conditional x86_64 arch Requires for nbdkit-vddk-plugin ++++ virtualbox-kmp: - Fix build error on Factory;Staging due to libxml 2.12.6. Added file libxml21206.patch. Added file kernel-6.9.patch to fix builds on kernel 6.9. ------------------------------------------------------------------ ------------------ 2024-4-18 - Apr 18 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-azure: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-default: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ dtb-aarch64: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ glibc: - iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ++++ glibc-utils-src: - iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ++++ java-21-openjdk: - Update to upstream tag jdk-21.0.3+9 (April 2024 CPU) * Security fixes + JDK-8315708, CVE-2024-21012, bsc#1222987: Enhance HTTP/2 client usage + JDK-8318340: Improve RSA key implementations + JDK-8319851, CVE-2024-21011, bsc#1222979: Improve exception logging + JDK-8322122, CVE-2024-21068, bsc#1222983: Enhance generation of addresses * Other changes + JDK-6928542: Chinese characters in RTF are not decoded + JDK-8009550: PlatformPCSC should load versioned so + JDK-8077371: Binary files in JAXP test should be removed + JDK-8169475: WheelModifier.java fails by timeout + JDK-8209595: MonitorVmStartTerminate.java timed out + JDK-8210410: Refactor java.util.Currency:i18n shell tests to plain java tests + JDK-8261837: SIGSEGV in ciVirtualCallTypeData::translate_from + JDK-8263256: Test java/net/Inet6Address/serialize/ /Inet6AddressSerializationTest.java fails due to dynamic reconfigurations of network interface during test + JDK-8264899: C1: -XX:AbortVMOnException does not work if all methods in the call stack are compiled with C1 and there are no exception handlers + JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows 11 + JDK-8295343: sun/security/pkcs11 tests fail on Linux RHEL 8.6 and newer + JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts + JDK-8301310: The SendRawSysexMessage test may cause a JVM crash + JDK-8304020: Speed up test/jdk/java/util/zip/ZipFile/ /TestTooManyEntries.java and clarify its purpose + JDK-8304292: Memory leak related to ClassLoader::update_class_path_entry_list + JDK-8305962: update jcstress to 0.16 + JDK-8305971: NPE in JavacProcessingEnvironment for missing enum constructor body + JDK-8306922: IR verification fails because IR dump is chopped up + JDK-8307408: Some jdk/sun/tools/jhsdb tests don't pass test JVM args to the debuggee JVM + JDK-8309109: AArch64: [TESTBUG] compiler/intrinsics/sha/cli/ /TestUseSHA3IntrinsicsOptionOnSupportedCPU.java fails on Neoverse N2 and V1 + JDK-8309203: C2: remove copy-by-value of GrowableArray for InterfaceSet + JDK-8309302: java/net/Socket/Timeouts.java fails with AssertionError on test temporal post condition + JDK-8309697: [TESTBUG] Remove "@requires vm.flagless" from jtreg vectorization tests + JDK-8310031: Parallel: Implement better work distribution for large object arrays in old gen + JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/ /bug6889007.java fails + JDK-8310308: IR Framework: check for type and size of vector nodes + JDK-8310629: java/security/cert/CertPathValidator/OCSP/ /OCSPTimeout.java fails with RuntimeException Server not ready + JDK-8310631: test/jdk/sun/nio/cs/TestCharsetMapping.java is spuriously passing + JDK-8310807: java/nio/channels/DatagramChannel/Connect.java timed out + JDK-8310844: [AArch64] C1 compilation fails because monitor offset in OSR buffer is too large for immediate + JDK-8310919: runtime/ErrorHandling/ /TestAbortVmOnException.java times out due to core dumps taking a long time on OSX + JDK-8310923: Refactor Currency tests to use JUnit + JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows platform + JDK-8311279: TestStressIGVNAndCCP.java failed with different IGVN traces for the same seed + JDK-8311581: Remove obsolete code and comments in TestLVT.java + JDK-8311588: C2: RepeatCompilation compiler directive does not choose stress seed randomly + JDK-8311663: Additional refactoring of Locale tests to JUnit + JDK-8311893: Interactive component with ARIA role 'tabpanel' does not have a programmatically associated name + JDK-8311986: Disable runtime/os/TestTracePageSizes.java for ShenandoahGC + JDK-8311992: Test java/lang/Thread/virtual/ /JfrEvents::testVirtualThreadPinned failed + JDK-8312136: Modify runtime/ErrorHandling/TestDwarf.java to split dwarf and decoder testing + JDK-8312416: Tests in Locale should have more descriptive names + JDK-8312428: PKCS11 tests fail with NSS 3.91 + JDK-8312916: Remove remaining usages of -Xdebug from test/hotspot/jtreg + JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles + JDK-8313229: DHEKeySizing.java should be modified to use TLS versions TLSv1, TLSv1.1, TLSv1.2 + JDK-8313507: Remove pkcs11/Cipher/TestKATForGCM.java from ProblemList + JDK-8313621: test/jdk/jdk/internal/math/FloatingDecimal/ /TestFloatingDecimal should use RandomFactory + JDK-8313638: Add test for dump of resolved references + JDK-8313670: Simplify shared lib name handling code in some tests + JDK-8313720: C2 SuperWord: wrong result with - XX:+UseVectorCmov -XX:+UseCMoveUnconditionally + JDK-8313816: Accessing jmethodID might lead to spurious crashes + JDK-8313854: Some tests in serviceability area fail on localized Windows platform + JDK-8314164: java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fails intermittently in timeout + JDK-8314220: Configurable InlineCacheBuffer size + JDK-8314283: Support for NSS tests on aarch64 platforms + JDK-8314320: Mark runtime/CommandLine/ tests as flagless + JDK-8314333: Update com/sun/jdi/ProcessAttachTest.java to use ProcessTools.createTestJvm(..) + JDK-8314513: [IR Framework] Some internal IR Framework tests are failing after JDK-8310308 on PPC and Cascade Lake + JDK-8314578: Non-verifiable code is emitted when two guards declare pattern variables in colon-switch + JDK-8314610: hotspot can't compile with the latest of gtest because of + JDK-8314612: TestUnorderedReduction.java fails with - XX:MaxVectorSize=32 and -XX:+AlignVector + JDK-8314629: Generational ZGC: Clearing All SoftReferences log line lacks GCId + JDK-8314829: serviceability/sa/jmap-hprof/ /JMapHProfLargeHeapTest.java ignores vm flags + JDK-8314830: runtime/ErrorHandling/ tests ignore external VM flags + JDK-8314831: NMT tests ignore vm flags + JDK-8314835: gtest wrappers should be marked as flagless + JDK-8314837: 5 compiled/codecache tests ignore VM flags + JDK-8314838: 3 compiler tests ignore vm flags + JDK-8314990: Generational ZGC: Strong OopStorage stats reported as weak roots + JDK-8315034: File.mkdirs() occasionally fails to create folders on Windows shared folder + JDK-8315042: NPE in PKCS7.parseOldSignedData + JDK-8315097: Rename createJavaProcessBuilder + JDK-8315241: (fs) Move toRealPath tests in java/nio/file/Path/Misc.java to separate JUnit 5 test + JDK-8315406: [REDO] serviceability/jdwp/ /AllModulesCommandTest.java ignores VM flags + JDK-8315594: Open source few headless Swing misc tests + JDK-8315600: Open source few more headless Swing misc tests + JDK-8315602: Open source swing security manager test + JDK-8315611: Open source swing text/html and tree test + JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch + JDK-8315721: CloseRace.java#id0 fails transiently on libgraal + JDK-8315726: Open source several AWT applet tests + JDK-8315731: Open source several Swing Text related tests + JDK-8315761: Open source few swing JList and JMenuBar tests + JDK-8315891: java/foreign/TestLinker.java failed with "error occurred while instantiating class TestLinker: null" + JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to determine its location + JDK-8315988: Parallel: Make TestAggressiveHeap use createTestJvm + JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use createTestJvm + JDK-8316028: Update FreeType to 2.13.2 + JDK-8316106: Open source few swing JInternalFrame and JMenuBar tests + JDK-8316132: CDSProtectionDomain::get_shared_protection_domain should check for exception + JDK-8316229: Enhance class initialization logging + JDK-8316309: AArch64: VMError::print_native_stack() crashes on Java native method frame + JDK-8316319: Generational ZGC: The SoftMaxHeapSize might be wrong when CDS decreases the MaxHeapSize + JDK-8316392: compiler/interpreter/ /TestVerifyStackAfterDeopt.java failed with SIGBUS in PcDescContainer::find_pc_desc_internal + JDK-8316410: GC: Make TestCompressedClassFlags use createTestJvm + JDK-8316445: Mark com/sun/management/HotSpotDiagnosticMXBean/ /CheckOrigin.java as vm.flagless + JDK-8316446: 4 sun/management/jdp tests ignore VM flags + JDK-8316447: 8 sun/management/jmxremote tests ignore VM flags + JDK-8316462: sun/jvmstat/monitor/MonitoredVm/ /MonitorVmStartTerminate.java ignores VM flags + JDK-8316464: 3 sun/tools tests ignore VM flags + JDK-8316562: serviceability/sa/jmap-hprof/ /JMapHProfLargeHeapTest.java times out after JDK-8314829 + JDK-8316594: C2 SuperWord: wrong result with hand unrolled loops + JDK-8316661: CompilerThread leaks CodeBlob memory when dynamically stopping compiler thread in non-product + JDK-8316693: Simplify at-requires checkDockerSupport() + JDK-8316947: Write a test to check textArea triggers MouseEntered/MouseExited events properly + JDK-8316961: Fallback implementations for 64-bit Atomic::{add,xchg} on 32-bit platforms + JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm + JDK-8317042: G1: Make TestG1ConcMarkStepDurationMillis use createTestJvm + JDK-8317144: Exclude sun/security/pkcs11/sslecc/ /ClientJSSEServerJSSE.java on Linux ppc64le + JDK-8317188: G1: Make TestG1ConcRefinementThreads use createTestJvm + JDK-8317218: G1: Make TestG1HeapRegionSize use createTestJvm + JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm + JDK-8317300: javac erroneously allows "final" in front of a record pattern + JDK-8317307: test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed out: no further information + JDK-8317316: G1: Make TestG1PercentageOptions use createTestJvm + JDK-8317317: G1: Make TestG1RemSetFlags use createTestJvm + JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm + JDK-8317347: Parallel: Make TestInitialTenuringThreshold use createTestJvm + JDK-8317358: G1: Make TestMaxNewSize use createTestJvm + JDK-8317522: Test logic for BODY_CF in AbstractThrowingSubscribers.java is wrong + JDK-8317535: Shenandoah: Remove unused code + JDK-8317771: [macos14] Expand/collapse a JTree using keyboard freezes the application in macOS 14 Sonoma + JDK-8317804: com/sun/jdi/JdwpAllowTest.java fails on Alpine 3.17 / 3.18 + JDK-8318039: GHA: Bump macOS and Xcode versions + JDK-8318082: ConcurrentModificationException from IndexWriter + JDK-8318154: Improve stability of WheelModifier.java test + JDK-8318157: RISC-V: implement ensureMaterializedForStackWalk intrinsic + JDK-8318158: RISC-V: implement roundD/roundF intrinsics + JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows + JDK-8318468: compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1 + JDK-8318490: Increase timeout for JDK tests that are close to the limit when run with libgraal + JDK-8318590: JButton ignores margin when painting HTML text + JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java + JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni tests + JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads tests + JDK-8318613: ChoiceFormat patterns are not well tested + JDK-8318689: jtreg is confused when folder name is the same as the test name + JDK-8318696: Do not use LFS64 symbols on Linux + JDK-8318737: Fallback linker passes bad JNI handle + JDK-8318809: java/util/concurrent/ConcurrentLinkedQueue/ /WhiteBox.java shows intermittent failures on linux ppc64le and aarch64 + JDK-8318964: Fix build failures caused by 8315097 + JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent Files + JDK-8318983: Fix comment typo in PKCS12Passwd.java + JDK-8319103: Popups that request focus are not shown on Linux with Wayland + JDK-8319124: Update XML Security for Java to 3.0.3 + JDK-8319128: sun/security/pkcs11 tests fail on OL 7.9 aarch64 + JDK-8319136: Skip pkcs11 tests on linux-aarch64 + JDK-8319137: release _object in ObjectMonitor dtor to avoid races + JDK-8319213: Compatibility.java reads both stdout and stderr of JdkUtils + JDK-8319314: NMT detail report slow or hangs for large number of mappings + JDK-8319372: C2 compilation fails with "Bad immediate dominator info" + JDK-8319382: com/sun/jdi/JdwpAllowTest.java shows failures on AIX if prefixLen of mask is larger than 32 in IPv6 case + JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes + JDK-8319548: Unexpected internal name for Filler array klass causes error in VisualVM + JDK-8319569: Several java/util tests should be updated to accept VM flags + JDK-8319633: runtime/posixSig/TestPosixSig.java intermittent timeouts on UNIX + JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh + JDK-8319777: Zero: Support 8-byte cmpxchg + JDK-8319879: Stress mode to randomize incremental inlining decision + JDK-8319883: Zero: Use atomic built-ins for 64-bit accesses + JDK-8319897: Move StackWatermark handling out of LockStack::contains + JDK-8319938: TestFileChooserSingleDirectorySelection.java fails with "getSelectedFiles returned empty array" + JDK-8320052: Zero: Use __atomic built-ins for atomic RMW operations + JDK-8320145: Compiler should accept final variable in Record Pattern + JDK-8320168: handle setsocktopt return values + JDK-8320206: Some intrinsics/stubs missing vzeroupper on x86_64 + JDK-8320208: Update Public Suffix List to b5bf572 + JDK-8320300: Adjust hs_err output in malloc/mmap error cases + JDK-8320303: Allow PassFailJFrame to accept single window creator + JDK-8320309: AIX: pthreads created by foreign test library don't work as expected + JDK-8320383: refresh libraries cache on AIX in VMError::report + JDK-8320582: Zero: Misplaced CX8 enablement flag + JDK-8320798: Console read line with zero out should zero out underlying buffer + JDK-8320807: [PPC64][ZGC] C1 generates wrong code for atomics + JDK-8320830: [AIX] Dont mix os::dll_load() with direct dlclose() calls + JDK-8320877: Shenandoah: Remove ShenandoahUnloadClassesFrequency support + JDK-8320888: Shenandoah: Enable ShenandoahVerifyOptoBarriers in debug builds + JDK-8320890: [AIX] Find a better way to mimic dl handle equality + JDK-8320898: exclude compiler/vectorapi/reshape/ /TestVectorReinterpret.java on ppc64(le) platforms + JDK-8320907: Shenandoah: Remove ShenandoahSelfFixing flag + JDK-8320921: GHA: Parallelize hotspot_compiler test jobs + JDK-8320937: support latest VS2022 MSC_VER in abstract_vm_version.cpp + JDK-8320943: Files/probeContentType/Basic.java fails on latest Windows 11 - content type mismatch + JDK-8321120: Shenandoah: Remove ShenandoahElasticTLAB flag + JDK-8321122: Shenandoah: Remove ShenandoahLoopOptsAfterExpansion flag + JDK-8321131: Console read line with zero out should zero out underlying buffer in JLine + JDK-8321151: JDK-8294427 breaks Windows L&F on all older Windows versions + JDK-8321164: javac with annotation processor throws AssertionError: Filling jrt:/... during JarFileObject[/...] + JDK-8321215: Incorrect x86 instruction encoding for VSIB addressing mode + JDK-8321269: Require platforms to define DEFAULT_CACHE_LINE_SIZE + JDK-8321374: Add a configure option to explicitly set CompanyName property in VersionInfo resource for Windows exe/dll + JDK-8321408: Add Certainly roots R1 and E1 + JDK-8321409: Console read line with zero out should zero out underlying buffer in JLine (redux) + JDK-8321410: Shenandoah: Remove ShenandoahSuspendibleWorkers flag + JDK-8321480: ISO 4217 Amendment 176 Update + JDK-8321542: C2: Missing ChaCha20 stub for x86_32 leads to crashes + JDK-8321582: yield .class not parsed correctly. + JDK-8321599: Data loss in AVX3 Base64 decoding + JDK-8321619: Generational ZGC: ZColorStoreGoodOopClosure is only valid for young objects + JDK-8321894: Bump update version for OpenJDK: 21.0.3 + JDK-8321972: test runtime/Unsafe/InternalErrorTest.java timeout on linux-riscv64 platform + JDK-8321974: Crash in ciKlass::is_subtype_of because TypeAryPtr::_klass is not initialized + JDK-8322040: Missing array bounds check in ClassReader.parameter + JDK-8322098: os::Linux::print_system_memory_info enhance the THP output with /sys/kernel/mm/transparent_hugepage/hpage_pmd_size + JDK-8322142: JFR: Periodic tasks aren't orphaned between recordings + JDK-8322159: ThisEscapeAnalyzer crashes for erroneous code + JDK-8322255: Generational ZGC: ZPageSizeMedium should be set before MaxTenuringThreshold + JDK-8322279: Generational ZGC: Use ZFragmentationLimit and ZYoungCompactionLimit as percentage instead of multiples + JDK-8322282: Incorrect LoaderConstraintTable::add_entry after JDK-8298468 + JDK-8322321: Add man page doc for -XX:+VerifySharedSpaces + JDK-8322417: Console read line with zero out should zero out when throwing exception + JDK-8322418: Problem list gc/TestAllocHumongousFragment.java subtests for 8298781 + JDK-8322512: StringBuffer.repeat does not work correctly after toString() was called + JDK-8322583: RISC-V: Enable fast class initialization checks + JDK-8322725: (tz) Update Timezone Data to 2023d + JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray + JDK-8322772: Clean up code after JDK-8322417 + JDK-8322783: prioritize /etc/os-release over /etc/SuSE-release in hs_err/info output + JDK-8322790: RISC-V: Tune costs for shuffles with no conversion + JDK-8322957: Generational ZGC: Relocation selection must join the STS + JDK-8323008: filter out harmful -std* flags added by autoconf from CXX + JDK-8323021: Shenandoah: Encountered reference count always attributed to first worker thread + JDK-8323065: Unneccesary CodeBlob lookup in CompiledIC::internal_set_ic_destination + JDK-8323086: Shenandoah: Heap could be corrupted by oom during evacuation + JDK-8323101: C2: assert(n->in(0) == nullptr) failed: divisions with zero check should already have bailed out earlier in split-if + JDK-8323154: C2: assert(cmp != nullptr && cmp->Opcode() == Op_Cmp(bt)) failed: no exit test + JDK-8323243: JNI invocation of an abstract instance method corrupts the stack + JDK-8323331: fix typo hpage_pdm_size + JDK-8323428: Shenandoah: Unused memory in regions compacted during a full GC should be mangled + JDK-8323515: Create test alias "all" for all test roots + JDK-8323637: Capture hotspot replay files in GHA + JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed + JDK-8323659: LinkedTransferQueue add and put methods call overridable offer + JDK-8323664: java/awt/font/JNICheck/FreeTypeScalerJNICheck.java still fails with JNI warning on some Windows configurations + JDK-8323667: Library debug files contain non-reproducible full gcc include paths + JDK-8323671: DevKit build gcc libraries contain full paths to source location + JDK-8323717: Introduce test keyword for tests that need external dependencies + JDK-8323964: runtime/Thread/ThreadCountLimit.java fails intermittently on AIX + JDK-8324050: Issue store-store barrier after re-materializing objects during deoptimization + JDK-8324280: RISC-V: Incorrect implementation in VM_Version::parse_satp_mode + JDK-8324347: Enable "maybe-uninitialized" warning for FreeType 2.13.1 + JDK-8324514: ClassLoaderData::print_on should print address of class loader + JDK-8324598: use mem_unit when working with sysinfo memory and swap related information + JDK-8324637: [aix] Implement support for reporting swap space in jdk.management + JDK-8324647: Invalid test group of lib-test after JDK-8323515 + JDK-8324659: GHA: Generic jtreg errors are not reported + JDK-8324753: [AIX] adjust os_posix after JDK-8318696 + JDK-8324858: [vectorapi] Bounds checking issues when accessing memory segments + JDK-8324874: AArch64: crypto pmull based CRC32/CRC32C intrinsics clobber V8-V15 registers + JDK-8324937: GHA: Avoid multiple test suites per job + JDK-8325074: ZGC fails assert(index == 0 || is_power_of_2(index)) failed: Incorrect load shift: 11 + JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing + JDK-8325150: (tz) Update Timezone Data to 2024a + JDK-8325194: GHA: Add macOS M1 testing + JDK-8325254: CKA_TOKEN private and secret keys are not necessarily sensitive + JDK-8325444: GHA: JDK-8325194 causes a regression + JDK-8325470: [AIX] use fclose after fopen in read_psinfo + JDK-8325496: Make TrimNativeHeapInterval a product switch + JDK-8325672: C2: allocate PhaseIdealLoop::_loop_or_ctrl from C->comp_arena() + JDK-8325876: crashes in docker container tests on Linuxppc64le Power8 machines + JDK-8326000: Remove obsolete comments for class sun.security.ssl.SunJSSE + JDK-8327391: Add SipHash attribution file + JDK-8329838: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.3 - Modified patches: * disable-doclint-by-default.patch * fips.patch * java-21-openjdk.spec * java-atk-wrapper-security.patch * loadAssistiveTechnologies.patch * memory-limits.patch * multiple-pkcs11-library-init.patch * system-pcsclite.patch * zero-ranges.patch + rediff to apply without fuzz ++++ kernel-debug: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-source: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-source-azure: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-docs: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-kvmsmall: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-obs-build: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-obs-qa: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-syms: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-syms-azure: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ kernel-zfcpdump: - nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858). - tls: fix peeking with sync+async decryption (bsc#1221858). - tls: don't skip over different type records from the rx_list (bsc#1221858). - tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858). - tls: break out of main loop when PEEK gets a non-data record (bsc#1221858). - net: tls: fix returned read length with async decrypt (bsc#1221858). - net: tls: fix use-after-free with partial reads and async (bsc#1221858). - net: tls, fix WARNIING in __sk_msg_free (bsc#1221858). - commit 9d8d293 ++++ python-idna: - Add CVE-2024-3651.patch, backported from upstream commit gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7 (bsc#1222842, CVE-2024-3651) ++++ python-Django: - Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ (gh#django/django@b231bcd19e57, bsc#1222880) ++++ qemu: - Backports and bugfixes: * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() (bsc#1222841, CVE-2024-3567) * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/virtio: Introduce virtio_bh_new_guarded() helper (bsc#1222843, CVE-2024-3446) * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set (bsc#1222845, CVE-2024-3447) * hw/nvme: Use pcie_sriov_num_vfs() (bsc#1220065, CVE-2024-26328) ++++ qemu-linux-user: - Backports and bugfixes: * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() (bsc#1222841, CVE-2024-3567) * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446) * hw/virtio: Introduce virtio_bh_new_guarded() helper (bsc#1222843, CVE-2024-3446) * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set (bsc#1222845, CVE-2024-3447) * hw/nvme: Use pcie_sriov_num_vfs() (bsc#1220065, CVE-2024-26328) ++++ shim: - update public keys of shim-15.8 after it has been signed back from Microsoft. ++++ virt-v2v: - bsc#1223093 - virt-v2v needs nbdkit and libnbd on SLE15-SP6 to function correctly Add Requires on libnbd and all nbdkit packages. The nbdkit packages are required for remote execution. Added Requires on btrfsprogs ------------------------------------------------------------------ ------------------ 2024-4-17 - Apr 17 2024 ------------------- ------------------------------------------------------------------ ++++ WindowMaker: - Use png for default wallpaper as SLES, TW, Leap 15.6+ are using png * Article https://news.opensuse.org/2024/04/09/common-wallpaper-path/ * Updated style inside theme.tar.bz and symlinks in spec ++++ chromium: - Chromium 124.0.6367.60 (boo#1222958) * CVE-2024-3832: Object corruption in V8. * CVE-2024-3833: Object corruption in WebAssembly. * CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang * CVE-2024-3837: Use after free in QUIC. * CVE-2024-3838: Inappropriate implementation in Autofill. * CVE-2024-3839: Out of bounds read in Fonts. * CVE-2024-3840: Insufficient policy enforcement in Site Isolation. * CVE-2024-3841: Insufficient data validation in Browser Switcher. * CVE-2024-3843: Insufficient data validation in Downloads. * CVE-2024-3844: Inappropriate implementation in Extensions. * CVE-2024-3845: Inappropriate implementation in Network. * CVE-2024-3846: Inappropriate implementation in Prompts. * CVE-2024-3847: Insufficient policy enforcement in WebUI. - drop patches: * chromium-123-optional2.patch * chromium-122-avoid-SFINAE-TypeConverter.patch * chromium-123-PA-InternalAllocator.patch - rediff patches: * chromium-110-compiler.patch * chromium-120-emplace.patch * chromium-122-no_matching_constructor.patch * chromium-122-lp155-typename.patch - add patches: from debian/fixes * chromium-123-stats-collector.patch - add patches: from debian/upstream * chromium-124-angle-powf.patch * chromium-124-atomic.patch * chromium-124-extractor-bitset.patch * chromium-124-fps-optional.patch * chromium-124-span-optional.patch * chromium-124-uint-includes.patch * chromium-124-webgpu-optional.patch - add patches: * chromium-123-WebUI-static_assert.patch workaround for compile issue in webui_contents_wrapper.h * chromium-124-system-libxml.patch (from fedora) ++++ kernel-64kb: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-azure: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-default: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ dtb-aarch64: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ gh: - Update to version 2.48.0: * Update install_linux.md (#8950) * Remove unnecessary --help comment * Fix `go` directive in `go.mod` (#8956) * Use `filepath.Join` to support different platforms * Run `go mod tidy` * Refactor into table tests * Explain `--skip-ssh-key` usage in long doc * Tidy `go.mod` * Fix cache contention in Go CI jobs * Fix `attestation` cmd offline unit test failure (#8933) * Change subcommands default to be more user friendly * Add unit test, update naming, ensure DSSE envelope is in-toto * Updates from linter feedback * Add support to `attestation` command for more predicate types. * Close zip file in run view tests * Ensure run log cache creates cache dir if it doesn't exist * Test `--skip-ssh-key` is captured correctly * Add test to verify skipped SSH key prompts * Add `--skip-ssh-key` to options * Add `SkipSSHKey` field to `LoginOptions` * Add tests for non-happy field paths * Fix api cache test * Use testify in git url tests * Ensure cache dir is always available in RunLogCache * Remove RunLogCache interface * Use real Run Log Cache in run view tests * Capture error on Run Log Cache Exists * Rework Run Log Cache so that cache dir is injected * Expose CacheDir on Config * Minorly refactor scheme normalization in git ParseURL * Test for parsing error in git ParseURL * Remove naked returns from git ParseURL * Fix parsing IPv6 remote URLs (#8893) * Add codeowners entry for the GitHub TUF root included in the `attestation` command set (#8919) * Add comment to explain `showSelectedReposInfo` assignment * Rename const to avoid CodeQL error * Add tests to verify `numSelectedRepos` is populated when necessary * Populate `numSelectedRepos` only if needed * build(deps): bump google.golang.org/grpc from 1.61.1 to 1.61.2 * Run defers in queue * Resolve PR comments * Wrap JSON arrays, objects in array with --slurp * Resolve PR comments * Clarify --merge-pages docs * Replace --paginate-all with --merge-pages * Resolve test issues * Add more JSON merge tests * Move jsonmerge package to internal * Merge JSON responses from `gh api` * Add tests for `FindByRepo` * Apply suggestions from code review * Improve error message returned by `FindByRepo` * Add test cases to verify exported JSON has non-zero `numSelectedRepos` * Populate `numSelectedRepos` in non-interactive mode, if explicitly selected * Anchor the log filename to the start * Add pr url pattern * Test pr url lock * update example for deeply nested array update * allow multiple items in nested array ++++ pipewire: - Update to version 1.0.5: * Highlights - pw_stream can now report timestamps on buffers and the expected amount of samples for the resampler. - The GStreamer element now has more correct timestamps using the new pw_stream timestamps as a fallback. - The FFADO module now handles suspend and resume better. - A regression in v4l2 was fixed when parsing malformed filters. - A potential memory/fd leak was fixed in client-node. - Many more small bugfixes and improvements. * PipeWire - pw_stream now reports the expected resampler input or output size in the pw_time structure. (#3750) - pw_stream now also adds a time field to the buffer, which contains the time of the graph when the buffer was received in the stream. - Fix a compiler error when compiling with -Werror=shadow. (#3915) - The config parser will warn when invalid config is detected. * Modules - The FFADO module now opens and closes when suspending. This fixes some problems when FFADO properties are changed while suspended. (#3558) - Filter-chain will now warn when invalid config is detected. - Echo-cancel will now handle manage the state of the echo-cancel plugin better, making sure run() is not called after deactivate(). - Fix some potential memory/fd leaks in client-node. * SPA - Improve reading the bound ALSA controls. - The resampler can now also report the number of expected output samples. - The ALSA ACP device objects have some more properties like the card.id and alsa.components. (#3912) - Fix a potential string corruption when parsing JSON strings. - V4l2 now sets the latency on the port. (#3910) - alsa-udev now has an option to expose the device even if busy. (#3914) - Improve null-audio-sink channel handling. (#3931) - v4l2 will now drop the first frame because it often contains wrong timestamps or garbage. (#3910) - A regression in v4l2 was fixed where invalid/empty properties in the filter would make it error early. (#3959) * GStreamer - The source now falls back to the new pw_buffer time for the timestamps. * Docs - Sync with the master branch. ++++ kernel-debug: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-source: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-source-azure: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-docs: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-firmware-nvidia-gspx-G06: - update firmware to version 550.76 * addresses boo#1222972 ++++ kernel-kvmsmall: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-obs-build: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-obs-qa: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-syms: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-syms-azure: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ kernel-zfcpdump: - Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. (don't print about zero-sized CMA reservation) - commit 14e6598 - Update patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch (bsc#1222609 CVE-2024-26747). Added CVE reference - commit 5db3e1d - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - commit a6aad75 - Update patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch (bsc#1219485 bsc#1219451). - Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch (bsc#1219485 bsc#1219451). - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485 bsc#1219451). - Update patches.suse/s390-qeth-handle-deferred-cc1.patch (bsc#1219485 git-fixes bsc#1219451). - commit 097f888 - Update patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26778 bsc#1222770). - commit fbfa53e - Update patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch (git-fixes CVE-2024-26777 bsc#1222765). - commit 4648979 - Update patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch (CVE-2024-26584 bsc#1220186 CVE-2024-26800 bsc#1222728). - commit 6cb76c6 ++++ libica: - Add multibuild flavor to provide library compiled against openssl-1_1 [bsc#1221627] * Add libica-openssl1_1.patch ++++ libica-openssl1_1: - Add multibuild flavor to provide library compiled against openssl-1_1 [bsc#1221627] * Add libica-openssl1_1.patch ++++ libzypp: - Fix creation of sibling cache dirs with too restrictive mode (bsc#1222398) Some install workflows in YAST may lead to too restrictive (0700) raw cache directories in case of newly created repos. Later commands running with user privileges may not be able to access these repos. - version 17.32.4 (32) ++++ nvidia-open-driver-G06-signed: - Update to 550.76 * addresses boo#1222972 ++++ openssl-ibmca: - Amended the .spec file - Changed the package names +-------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +-------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | Both engine and provider | | openssl1_1 | openssl1_1-ibmca | openssl1 flavor | | engine | openssl-ibmca-engine | Only engine | | provider | openssl-ibmca-provider | Only provider | +-------------+---------------------------------+--------------------------+ - Applied a patch for openssl1_1 (bsc#1221627) * openssl1-rename-libica-files.patch ++++ openssl-ibmca-engine: - Amended the .spec file - Changed the package names +-------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +-------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | Both engine and provider | | openssl1_1 | openssl1_1-ibmca | openssl1 flavor | | engine | openssl-ibmca-engine | Only engine | | provider | openssl-ibmca-provider | Only provider | +-------------+---------------------------------+--------------------------+ - Applied a patch for openssl1_1 (bsc#1221627) * openssl1-rename-libica-files.patch ++++ openssl-ibmca-provider: - Amended the .spec file - Changed the package names +-------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +-------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | Both engine and provider | | openssl1_1 | openssl1_1-ibmca | openssl1 flavor | | engine | openssl-ibmca-engine | Only engine | | provider | openssl-ibmca-provider | Only provider | +-------------+---------------------------------+--------------------------+ - Applied a patch for openssl1_1 (bsc#1221627) * openssl1-rename-libica-files.patch ++++ openssl1_1-ibmca: - Amended the .spec file - Changed the package names +-------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +-------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | Both engine and provider | | openssl1_1 | openssl1_1-ibmca | openssl1 flavor | | engine | openssl-ibmca-engine | Only engine | | provider | openssl-ibmca-provider | Only provider | +-------------+---------------------------------+--------------------------+ - Applied a patch for openssl1_1 (bsc#1221627) * openssl1-rename-libica-files.patch ++++ python-gunicorn: - Add patch CVE-2024-1135.patch (bsc#1222950) ------------------------------------------------------------------ ------------------ 2024-4-16 - Apr 16 2024 ------------------- ------------------------------------------------------------------ ++++ ca-certificates: - Update to version 2+git20240416.98ae794 (bsc#1221184): * Use flock to serialize calls (boo#1188500) * Make certbundle.run container friendly * Create /var/lib/ca-certificates if needed ++++ kernel-64kb: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-azure: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-default: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ cockpit: - Do not require setroubleshoot in cockpit-selinux on Leap. It's not there ++++ cozy: - Add meson-use-python-3.6.patch to make meson force to use python 3.6 ++++ dtb-aarch64: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ emacs: - Again fix %{%ext_info} to %{ext_info} (boo#1221769) ++++ kernel-debug: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-source: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-source-azure: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-docs: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-kvmsmall: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-obs-build: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-obs-qa: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-syms: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-syms-azure: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ kernel-zfcpdump: - crash: use macro to add crashk_res into iomem early for specific arch (jsc#PED-7249, bsc#1222742). Refresh patches.suse/kdump-implement-reserve_crashkernel_cma.patch. - commit b256f70 - blacklist.conf: Disable irrelevant patch We don't have syscall hardening in our kernels. - commit 36739c9 - x86/bugs: Fix BHI documentation (git-fixes). - commit b981493 - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - commit 6f75bb6 - "nouveau: offload fence uevents work to workqueue" Reference bug report and CVE number. - commit 92c99bd - Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch (git-fixes bsc#1222449 CVE-2024-26744) - Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch (git-fixes bsc#1222677 CVE-2024-26743) - Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch (git-fixes bsc#1222726 CVE-2024-26766) - commit 3b16fea ++++ s390-tools: - Amended the .spec file for x86_64 * Recommends: s390-tools-genprotimg-data - Amended the .spec file for s390-tools-genprotimg-data-*.noarch.rpm * Removed the dependency on it on x86_64 platform * Updated the Summary and Description of the *.noarch.rpm (bsc#1222675) ++++ pacemaker: - scheduler: deprecate Nagios and Upstart resources even if built with --enable-compat-2.0 (gh#ClusterLabs/pacemaker#3417) * pacemaker#3417-0001-Log-scheduler-deprecate-Nagios-and-Upstart-resources.patch ++++ parsec: - Update to 1.4.0: * Full changelog: https://github.com/parallaxsecond/parsec/compare/1.4.0-rc2...1.4.0 - Simplify libstdc++-devel handling for Leap 15.x - Fix build on Leap 15.6 * installed the corresponding libstdc++-devel to avoid the -lstdc++ not found ++++ plasma5-openSUSE: - Remove unneeded echo and double whitespace - Remove patches used as sources and replace them with direct ln -s and sed commands: * lookandfeel.diff, sddmtheme.diff, lookandfeel_jpg.diff, sddmtheme_jpg.diff - Use %require_ge for wallpaper-branding-openSUSE ++++ python-QtPy: - Make sure to use pytest-3.11 on Leap15.6 - To buildrequires python 3.11 version of pyside6 and pyside2 ++++ remmina: - Fix dependency on SLE-15-SP6 ++++ transmission: - Build with gcc13 on Leap 15 ------------------------------------------------------------------ ------------------ 2024-4-15 - Apr 15 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-azure: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-default: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ dtb-aarch64: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ ffmpeg-4: - Add ffmpeg-CVE-2023-51793.patch: Backporting 0ecc1f0e from upstream, Fix odd height handling, Fix out of array access. (CVE-2023-51793 bsc#1223272) ++++ kcov: - Add -lsframe, -lzstd to build flags on Leap 15.5 and 15.6 build ++++ kernel-debug: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-source: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-source-azure: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-docs: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-kvmsmall: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-obs-build: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-obs-qa: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-syms: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-syms-azure: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ kernel-zfcpdump: - Revert patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch (bsc#1220419 bsc#1222656). - Revert patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch (bsc#1220419 bsc#1222656). - Refresh patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch. Revert dfa2f0483360 ("tcp: get rid of sysctl_tcp_adv_win_scale") to resolve a performance regression in HTML traffic. - commit e2e7d0b - udp: Avoid call to compute_score on multiple sites (bsc#1220709). - commit 78244c6 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - commit 3d18f9a - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - Update config files. - commit b2f373b - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - commit 66c46fb - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - commit 6aec207 - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - commit 1fdb38f - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - commit 13662e2 - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1222823). - Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch. - commit 1bc31f7 - KVM: x86: Add BHI_NO (bsc#1222823). - commit 07366ce - x86/bhi: Mitigate KVM by default (bsc#1222823). - commit 64cbcbe - x86/bhi: Add BHI mitigation knob (bsc#1222823). - Update config files. - commit 65ced6f - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1222823). - commit 5ca568d - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1222823). - commit 496b11d - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1222823). - commit dee5dff - Update patches.suse/net-pds_core-Fix-possible-double-free-in-error-handl.patch (git-fixes CVE-2024-26652 bsc#1222115). Added CVE reference. - commit 070cd49 - Update patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch (git-fixes bsc#1222427 CVE-2024-26680). Added CVE reference. - commit 97f0341 - s390/cio: fix race condition during online processing (bsc#1219485). - commit 83d7614 - s390/qdio: handle deferred cc1 (bsc#1219485). - commit aec0983 - s390/qeth: handle deferred cc1 (bsc#1219485 git-fixes). - commit 6c10bf2 - Update patches.suse/s390-cio-fix-invalid-EBUSY-on-ccw_device_start.patch (git-fixes bsc#1220360 bsc#1219485). - commit 174a4e8 - Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781) - commit 2816ca9 - Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784) - commit 0d6086f - Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764) - commit ec068f3 ++++ libguestfs: - Require ntfs-3g for libguestfs-winsupport libguestfs.spec ++++ python311-core: - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. ++++ python312-core: - Add CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in 15.6. - Drop libexpat260.patch, not needed anymore. This patch is merged with the CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to keep working on 15.6. - Add fix-test-recursion-limit-15.6.patch, gh#python/cpython#115083. ++++ wireplumber: - Add patch from upstream to silence a warning on pipewire (since 1.0.5): * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch - Add patch from upstream to fix a dangling reference to a device: * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch - Add patch from upstream to fix BAP node naming: * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch ++++ ocfs2-tools: - Update ocfs2-tools to latest code (78060fac433e) * mkfs.ocfs2-verify-the-number-of-clusters.patch * bsc1216834-fsck.ocfs2-add-the-ability-to-clear-jbd2-errno.patch ++++ openssh: - openssh-8.0p1-gssapi-keyex.patch: Added missing struct initializer, added missing parameter (bsc#1222840) ++++ pacemaker: - scheduler: correctly log resource IDs of the deprecated classes (gh#ClusterLabs/pacemaker#3415) * pacemaker#3415-0001-Log-scheduler-correctly-log-resource-IDs-of-the-depr.patch - libcib: Don't incorrectly expand "++" and "+=" in XML attr values (gh#ClusterLabs/pacemaker#3413) * pacemaker#3413-0003-Fix-libcib-Don-t-incorrectly-expand-and-in-XML-attr-.patch - cts-cli: Update for pcmk__inject_failcount() setting integer value (gh#ClusterLabs/pacemaker#3413) * pacemaker#3413-0002-Test-cts-cli-Update-for-pcmk__inject_failcount-setti.patch - libpacemaker: pcmk__inject_failcount should set an integer value (gh#ClusterLabs/pacemaker#3413) * pacemaker#3413-0001-Low-libpacemaker-pcmk__inject_failcount-should-set-a.patch - scheduler: log unknown nodes in location constraints (gh#ClusterLabs/pacemaker#3409, CLBZ#5415) * pacemaker#3409-0007-Log-scheduler-log-unknown-nodes-in-location-constrai.patch - scheduler: correct lifetime deprecation warning (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0006-Log-scheduler-correct-lifetime-deprecation-warning.patch - tools: honor rules when getting utilization attributes with crm_resource (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0005-Fix-tools-honor-rules-when-getting-utilization-attri.patch - scheduler: deprecate support for default instance attributes (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0004-Low-scheduler-deprecate-support-for-default-instance.patch - scheduler: use default timeout (20s) if user configures 0 (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0003-Fix-scheduler-use-default-timeout-20s-if-user-config.patch - tools: use better value for crm_resource --force-* timeout (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0002-Low-tools-use-better-value-for-crm_resource-force-ti.patch - tools: crm_resource should ignore resource meta-attribute node expressions (gh#ClusterLabs/pacemaker#3409) * pacemaker#3409-0001-Fix-tools-crm_resource-should-ignore-resource-meta-a.patch ++++ plasma5-openSUSE: - Use lookandfeel_jpg.diff and sddmtheme_jpg.diff on Leap <=15.5 TW and Leap 15.6+ use png for the default wallpaper ++++ putty: - Update to release 0.81 * Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 signatures are no longer generated with biased values of k. The previous bias compromises private keys. ++++ python311: - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. ++++ python311-documentation: - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. ++++ python312: - Add CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in 15.6. - Drop libexpat260.patch, not needed anymore. This patch is merged with the CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to keep working on 15.6. - Add fix-test-recursion-limit-15.6.patch, gh#python/cpython#115083. ++++ python312-documentation: - Add CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in 15.6. - Drop libexpat260.patch, not needed anymore. This patch is merged with the CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to keep working on 15.6. - Add fix-test-recursion-limit-15.6.patch, gh#python/cpython#115083. ++++ supportutils: - Changes in version 3.1.30 + Added -V key:value pair option (bsc#1222021, PED-8211) + Avoid getting duplicate kernel verifications in boot.text (pr#193) + Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082) + Includes container log timestamps (pr#197) ++++ yast2-trans: - Update to version 84.87.20240414.d73f60d6af: * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) ++++ zypper: - Do not try to refresh repo metadata as non-root user (bsc#1222086) Instead show refresh stats and hint how to update them. - man: Explain how to protect orphaned packages by collecting them in a plaindir repo. - packages: Add --autoinstalled and --userinstalled options to list them. - Don't print 'reboot required' message if download-only or dry-run (fixes #529) Instead point out that a reboot would be required if the option was not used. - Resepect zypper.conf option `showAlias` search commands (bsc#1221963) Repository::asUserString (or Repository::label) respects the zypper.conf option, while name/alias return the property. - version 1.14.71 ------------------------------------------------------------------ ------------------ 2024-4-14 - Apr 14 2024 ------------------- ------------------------------------------------------------------ ++++ chromium: - Chromium 123.0.6312.122 (boo#1222707) * CVE-2024-3157: Out of bounds write in Compositing * CVE-2024-3516: Heap buffer overflow in ANGLE * CVE-2024-3515: Use after free in Dawn - Chromium 123.0.6312.105 (boo#1222260) * CVE-2024-3156: Inappropriate implementation in V8 * CVE-2024-3158: Use after free in Bookmarks * CVE-2024-3159: Out of bounds memory access in V8 - Chromium 123.0.6312.86 (boo#1222035) * CVE-2024-2883: Use after free in ANGLE * CVE-2024-2885: Use after free in Dawn * CVE-2024-2886: Use after free in WebCodecs * CVE-2024-2887: Type Confusion in WebAssembly - Chromium 123.0.6312.58 (boo#1221732) * CVE-2024-2625: Object lifecycle issue in V8 * CVE-2024-2626: Out of bounds read in Swiftshader * CVE-2024-2627: Use after free in Canvas * CVE-2024-2628: Inappropriate implementation in Downloads - drop patches: * chromium-117-blink-BUILD-mnemonic.patch * chromium-121-blink-libxml-const.patch * chromium-122-BookmarkNode-missing-operator.patch * chromium-122-WebUI-static_assert.patch * chromium-122-PA-undo-internal-alloc.patch ++++ clamav-database: - database refresh on 2024-04-15 (bsc#1084929) ++++ lxc: - fix builds on 15.5 or 5.5 - update to 6.0.0: The LXC team is pleased to announce the release of LXC 6.0 LTS! This is the result of two years of work since the LXC 5.0 release and is the sixth LTS release for the LXC project. This release will be supported until June 2029. * New multi-call binary¶ A new tools-multicall=true configuration option can be used to produce a single lxc binary which can then have all other lxc-XYZ commands be symlinked to. This allows for a massive disk space reduction, particularly useful for embedded platforms. * Add a set_timeout function to the library A new set_timeout function is available on the main lxc_container struct and allow for setting a global timeout for interactions with the LXC monitor. Prior to this, there was no timeout, leading to potential deadlocks as there's also no way to cancel an monitor request. As a result of adding this new symbol to the library, we have bumped the liblxc symbol version to 1.8.0. * LXC bridge now has IPV6 enabled The default lxcbr0 bridge now comes with IPv6 enabled by default, using an IPv6 ULA subnet. Support for uid/gid selection in lxc-usernsexec The lxc-usernsexec tool now has both -u and -g options to control what resulting UID and GID (respectively) the user wishes to use (defaulting to 0/0). * Improvements to lxc-checkconfig lxc-checkconfig now only shows the version if lxc-start is present (rather than failing). Additionally, it's seen a number of other cosmetic improvements as well as now listing the maximum number of allowed namespaces for every namespace type. * Support for squashfs OCI images The built-in oci container template can now handle squashfs compressed OCI images through the use of atomfs. * Switched from systemd's dbus to dbus-1 LXC now uses libdbus-1 for DBus interactions with systemd rather than using libsystemd. The reason for this change is that libdbus-1 is readily available for static builds. * Removed Upstart support Support for the Upstart init system has finally been removed from LXC. This shouldn't really affect anyone at this stage and allowed for cleaning up some logic and config files from our repository. ------------------------------------------------------------------ ------------------ 2024-4-13 - Apr 13 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-azure: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-default: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ dolphin: - Add an unconditional supplements in dolphin-part-lang, automatic locale provides are missing in 15.x (boo#1222694) ++++ dtb-aarch64: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-debug: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-source: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-source-azure: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-docs: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-kvmsmall: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-obs-build: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-obs-qa: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-syms: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-syms-azure: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ kernel-zfcpdump: - Update to add bsc#1222531, CVE-2024-26756 references, patches.suse/md-Don-t-register-sync_thread-for-reshape-directly-ad39.patch (bsc#1219596, bsc#1222531, CVE-2024-26756). - commit de5884e - Update to add bsc#1222527, CVE-2024-26757 references, patches.suse/md-Don-t-ignore-read-only-array-in-md_check_recovery-55a4.patch (bsc#1219596, bsc#1222527, CVE-2024-26757). - commit 0b6b491 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-dm-verity-disable-tasklets-0a9b.patch (bsc#1222416, CVE-2024-26718). - commit 59bf5a5 - Update to add bsc# and CVE tags, patches.suse/dm-crypt-don-t-modify-the-data-when-using-authentica-50c7.patch (bsc#1222720, CVE-2024-26763). - commit 710cd5e ++++ lighttpd: - update to 1.4.76: * detect VU#421644 HTTP/2 CONTINUATION Flood * issue trace and send GO_AWAY * tarball is now more reproducible and verifiable ------------------------------------------------------------------ ------------------ 2024-4-12 - Apr 12 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-azure: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-default: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ dtb-aarch64: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ emacs: - Modify patch CVE-2024-30205.patch (bsc#1222050) * Add backport of (org--should-fetch-remote-resource-p) to be sure that remote file locations will be checked by the user * Use this in (org-file-contents) ++++ kernel-debug: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-source: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-source-azure: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-docs: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-kvmsmall: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-obs-build: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-obs-qa: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-syms: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-syms-azure: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kernel-zfcpdump: - Update patches.suse/ARM-ep93xx-Add-terminator-to-gpiod_lookup_table.patch (git-fixes CVE-2024-26751 bsc#1222724) - commit a85b7fa - Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610) - commit b7bab4f - Update patches.suse/gtp-fix-use-after-free-and-null-ptr-deref-in-gtp_gen.patch (git-fixes CVE-2024-26754 bsc#1222632). - commit 0bddcea - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789 bsc#1222626). - commit 9c3828e - KVM: arm64: pmu: Resync EL0 state on counter rotation (bsc#1219475). - commit 99d8e75 ++++ kubevirt: - Improve the OrdinalPodInterfaceName mechanism (bsc#1222699) 0004-Improve-the-handling-of-ordinal-pod-interface-name-for-upgrade.patch ++++ s390-tools: - Updated the .spec file to enable Secure Execution in the Cloud (bsc#1222675) * Creates a s390-tools-genprotimg-data-*.noarch.rpm package which includes s390x bootload binaries for x86_64: - /lib/s390-tools/stage3.bin - /usr/share/s390-tools/genprotimg/stage3a.bin - /usr/share/s390-tools/genprotimg/stage3b_reloc.bin * Excludes the above binaries from the (main) s390-tools-*.s390x.rpm * Requires: s390-tools-genprotimg-data ++++ systemd: - Import commit e8d77af4240894da620de74fbc7823aaaa448fef d317008225 gpt-auto-generator: be more defensive when checking the presence of ESP in fstab fed117d448 journalctl: explicitly check < 0 for error 41d9e82099 journalctl: make --until work again with --after-cursor and --lines (bsc#1221906) ++++ openSUSE-repos-Leap: - Update to version 20240412.89bd714: * Update opensuse-leap-micro-repoindex.xml - Update to version 20240412.c2caafb: * Drop specfile from git * remove an extra slash in 'nvidia-slowroll-repoindex.xml' file * deleted an extra slash in the repository files * Ensure that LeapMicro flavor is built also if sle_version is not set (6.X+) ++++ openssh: - Make openssh-server recommend the openssh-server-config-rootlogin package in SLE in order to keep the same behaviour of previous SPs where the PermitRootLogin default was set to yes (bsc#1221005). - Fix crypto-policies requirement to be set by openssh-server, not the config-rootlogin subpackage. - Add back %config(noreplace) tag for more config files that were already set like this in previous SPs. ++++ telegram-desktop: - Rebase patch used in Backports: * 0002-use-bundled-rnnoise-expected-gsl-ranges-webrtc.patch - Fix duplicated Source3 when building in Backports - Define a use_system_rnnoise definition instead of checking the distribution version several times across the spec file. - Use the system rnnoise in 15.5 and 15.6 too since they have the same version as in Factory. - Use gcc12 when compiler_upgrade or compiler_downgrade are set - Set -DDESKTOP_APP_DISABLE_DBUS_INTEGRATION=ON only up to 15.5 . 15.6 should have recent libraries to enable dbus integration - Define BOOST_NO_STD_ALLOCATOR to fix a FTBFS in 15.6 ------------------------------------------------------------------ ------------------ 2024-4-11 - Apr 11 2024 ------------------- ------------------------------------------------------------------ ++++ abseil-cpp: - SLE-only: import upstream patch to fix build with gcc7 in C++17 mode: hash-fix-gcc7-cpp17-build.patch (bsc#1222261) + Upstream commit bb83aceacb554e79e7cd2404856f0be30bd00303 ++++ kernel-64kb: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-azure: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-default: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ dtb-aarch64: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ pipewire: - Move the jack spa plugin from the pipewire-spa-plugins-0_2 package to a new pipewire-spa-plugins-0_2-jack package. This allows to not Suggest the pipewire-libjack package from pipewire-spa-plugins-0_2 since that's only used to connect pipewire as a client to a jack server which is not common at all (boo#1222253). ++++ kernel-debug: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-source: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-source-azure: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-docs: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-kvmsmall: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-obs-build: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-obs-qa: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-syms: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-syms-azure: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ kernel-zfcpdump: - KVM: arm64: Always invalidate TLB for stage-2 permission faults (bsc#1219478). - commit 1762ca5 - Update patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch (git-fixes CVE-2024-26749 bsc#1222680). - commit e627f8d - Update patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch (bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678). - commit 6398fc1 - Update patches.suse/l2tp-pass-correct-message-length-to-ip6_append_data.patch (bsc#1220419 CVE-2024-26752 bsc#1222667). - commit 1a3becd - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - commit a9c1ee0 - Update patches.suse/crypto-arm64-neonbs-fix-out-of-bounds-access-on-shor.patch (git-fixes CVE-2024-26789). - commit 270f850 ++++ multipath-tools: - Update to version 0.9.8+88+suse.d504d83: * Revert "libmultipath: fix max_sectors_kb on adding path" (bsc#1222458) ++++ leechcraft: - Build with gcc13 on Leap15 if gcc13 is available - Fixed shlib-policy-name-error with rpmlintrc ++++ leechcraft-doc: - Build with gcc13 on Leap15 if gcc13 is available - Fixed shlib-policy-name-error with rpmlintrc ++++ xfce4-branding-openSUSE: - Update to version 4.18.0+git4.79f6d44: * Fix wallpaper folder structure * Better split tumbleweed and leap wallpapers * Added old wallpaper symlinks still needed by leap ++++ libzypp: - Update RepoStatus fromCookieFile according to the files mtime (bsc#1222086) - TmpFile: Don't call chmod if makeSibling failed. - version 17.32.3 (32) ++++ openssh: - Fix duplicate loading of dropins. (boo#1222467) ++++ pacemaker: - fencer: always format time_t values as long long (gh#ClusterLabs/pacemaker#3407) * pacemaker#3407-0001-Log-fencer-always-format-time_t-values-as-long-long.patch ++++ csp-billing-adapter-local: - Update to version 0.5.1: * Cast file path to a string for usage ++++ tor: - tor 0.4.8.11 * Minor features and bugfixes * See https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes ------------------------------------------------------------------ ------------------ 2024-4-10 - Apr 10 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-azure: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-default: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ dtb-aarch64: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ ffmpeg-4: - Add ffmpeg-CVE-2023-49502.patch Backporting 737ede40 from upstream, Adjusts the logic to consider the chroma planes and makes the change to all three bwdif implementations. (CVE-2023-49502 bsc#1223235) ++++ frr: - Apply upstream fix on error handling when receiving BGP Prefix SID attribute (bsc#1222518,CVE-2024-31948,gh#FRRouting/frr#15628) [+ 0019-bgpd-fix-error-handling-when-receiving-BGP-Prefix-SID-attribute.patch] ++++ gdu: - Packaging improvements: * Drop autosetup -p 1 arg only needed when package has patches * Build PIE with pattern that may become recommended procedure: %%ifnarch ppc64 GOFLAGS="-buildmode=pie" %%endif go build A go toolchain buildmode default config would be preferable but none exist at this time. * Call go build with relative path to subdirectory containing func main() * Add basic %check to execute binary --help ++++ kernel-debug: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-source: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-source-azure: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-docs: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-kvmsmall: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-obs-build: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-obs-qa: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-syms: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-syms-azure: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ kernel-zfcpdump: - Update patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch (bsc#1222513 CVE-2024-26748). Added CVE references - commit b3e425f - Update patches.suse/usb-dwc3-gadget-Fix-NULL-pointer-dereference-in-dwc3.patch (bsc#1222561 CVE-2024-26715). Added CVE reference - commit ebacab7 - Update patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738). - commit d6e4ef3 - Update patches.suse/drm-amd-display-Fix-array-index-out-of-bounds-in-dcn.patch (git-fixes CVE-2024-26699 bsc#1222602). - commit f52d16e - Update patches.suse/crypto-virtio-akcipher-Fix-stack-overflow-on-memcpy.patch (git-fixes CVE-2024-26753 bsc#1222601). - commit 0099199 - Update patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch (bsc#1221391 CVE-2024-26689). - commit 8a44287 ++++ paho-mqtt-c: - The documentation isn't built anymore, fix spec file accordingly. ++++ python312-core: - Update to 3.12.3: - Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075) - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. - Core and Builtins - gh-109120: Added handle of incorrect star expressions, e.g f(3, *). Patch by Grigoryev Semyon - gh-99108: Updated the hashlib built-in HACL* project C code from upstream that we use for many implementations when they are not present via OpenSSL in a given build. This also avoids the rare potential for a C symbol name one definition rule linking issue. - gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to sys.monitoring.MISSING instead of None for CALL event. - gh-113964: Starting new threads and process creation through os.fork() are now only prevented once all non-daemon threads exit. - gh-116604: Respect the status of the garbage collector when indirect calls are made via PyErr_CheckSignals() and the evaluation breaker. Patch by Pablo Galindo - gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always emits CALL - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115154: Fix a bug that was causing the tokenize.untokenize() function to handle unicode named literals incorrectly. Patch by Pablo Galindo - gh-114828: Fix compilation crashes in uncommon code examples using super() inside a comprehension in a class body. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-112215: Change the C recursion limits to more closely reflect the underlying platform limits. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. - Library - gh-117467: Preserve mailbox ownership when rewriting in mailbox.mbox.flush(). Patch by Tony Mountifield. - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-116040: [Enum] fix by-value calls when second value is falsey; e.g. Cardinal(1, 0) - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-112364: Fixed ast.unparse() to handle format_spec with ", ' or \\. Patched by Frank Hoffmann. - gh-111358: Fix a bug in asyncio.BaseEventLoop.shutdown_default_executor() to ensure the timeout passed to the coroutine behaves as expected. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114071: Support tuple subclasses using auto() for enum member value. - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. - Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. - Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-116333: Tests of TLS related things (error codes, etc) were updated to be more lenient about specific error message strings and behaviors as seen in the BoringSSL and AWS-LC forks of OpenSSL. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-112536: Add –tsan to test.regrtest for running TSAN tests in reasonable execution times. Patch by Donghee Na. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. Use it in importlib.resources tests to avoid leaving mod around to impede importlib.metadata tests. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-116117: Backport libb2’s PR #42 to fix compiling CPython on 32-bit Windows with clang-cl. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. - gh-112536: Add support for thread sanitizer (TSAN) - Windows - gh-117267: Ensure DirEntry.stat().st_ctime behaves consistently with os.stat() during the deprecation period of st_ctime by containing the same value as st_birthtime. After the deprecation period, st_ctime will be the metadata change time (or unavailable through DirEntry), and only st_birthtime will contain the creation time. - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115049: Fixes py.exe launcher failing when run as users without user profiles. - gh-115009: Update Windows installer to use SQLite 3.45.1. - IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. - Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. - C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. - gh-116869: Make the C API compatible with - Werror=declaration-after-statement compiler flag again. Patch by Victor Stinner. ++++ pcmanfm-qt: - Adjust pcmanfm-qt-default-wallpaper.patch to use png boo#1222581 See details in https://github.com/openSUSE/branding/pull/149 ++++ python-azure-agent: - Keep the existing config file (bsc#1222620) + During separation of the config file into subpackages it was forgotten that on update of the main package the previously provided config file would be removed. SInce we do not know which flavor of our images the package is being upgraded on, preserve the previously existing config file. This will orphan the file if non of the -config-* packages gets installed. ++++ python-Pillow: - Reenable tests for s390x and ppc, bsc#1222553 gh#python-pillow/Pillow#1204 ++++ python312: - Update to 3.12.3: - Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075) - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. - Core and Builtins - gh-109120: Added handle of incorrect star expressions, e.g f(3, *). Patch by Grigoryev Semyon - gh-99108: Updated the hashlib built-in HACL* project C code from upstream that we use for many implementations when they are not present via OpenSSL in a given build. This also avoids the rare potential for a C symbol name one definition rule linking issue. - gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to sys.monitoring.MISSING instead of None for CALL event. - gh-113964: Starting new threads and process creation through os.fork() are now only prevented once all non-daemon threads exit. - gh-116604: Respect the status of the garbage collector when indirect calls are made via PyErr_CheckSignals() and the evaluation breaker. Patch by Pablo Galindo - gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always emits CALL - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115154: Fix a bug that was causing the tokenize.untokenize() function to handle unicode named literals incorrectly. Patch by Pablo Galindo - gh-114828: Fix compilation crashes in uncommon code examples using super() inside a comprehension in a class body. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-112215: Change the C recursion limits to more closely reflect the underlying platform limits. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. - Library - gh-117467: Preserve mailbox ownership when rewriting in mailbox.mbox.flush(). Patch by Tony Mountifield. - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-116040: [Enum] fix by-value calls when second value is falsey; e.g. Cardinal(1, 0) - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-112364: Fixed ast.unparse() to handle format_spec with ", ' or \\. Patched by Frank Hoffmann. - gh-111358: Fix a bug in asyncio.BaseEventLoop.shutdown_default_executor() to ensure the timeout passed to the coroutine behaves as expected. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114071: Support tuple subclasses using auto() for enum member value. - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. - Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. - Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-116333: Tests of TLS related things (error codes, etc) were updated to be more lenient about specific error message strings and behaviors as seen in the BoringSSL and AWS-LC forks of OpenSSL. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-112536: Add –tsan to test.regrtest for running TSAN tests in reasonable execution times. Patch by Donghee Na. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. Use it in importlib.resources tests to avoid leaving mod around to impede importlib.metadata tests. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-116117: Backport libb2’s PR #42 to fix compiling CPython on 32-bit Windows with clang-cl. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. - gh-112536: Add support for thread sanitizer (TSAN) - Windows - gh-117267: Ensure DirEntry.stat().st_ctime behaves consistently with os.stat() during the deprecation period of st_ctime by containing the same value as st_birthtime. After the deprecation period, st_ctime will be the metadata change time (or unavailable through DirEntry), and only st_birthtime will contain the creation time. - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115049: Fixes py.exe launcher failing when run as users without user profiles. - gh-115009: Update Windows installer to use SQLite 3.45.1. - IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. - Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. - C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. - gh-116869: Make the C API compatible with - Werror=declaration-after-statement compiler flag again. Patch by Victor Stinner. ++++ python312-documentation: - Update to 3.12.3: - Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075) - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. - Core and Builtins - gh-109120: Added handle of incorrect star expressions, e.g f(3, *). Patch by Grigoryev Semyon - gh-99108: Updated the hashlib built-in HACL* project C code from upstream that we use for many implementations when they are not present via OpenSSL in a given build. This also avoids the rare potential for a C symbol name one definition rule linking issue. - gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to sys.monitoring.MISSING instead of None for CALL event. - gh-113964: Starting new threads and process creation through os.fork() are now only prevented once all non-daemon threads exit. - gh-116604: Respect the status of the garbage collector when indirect calls are made via PyErr_CheckSignals() and the evaluation breaker. Patch by Pablo Galindo - gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always emits CALL - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115154: Fix a bug that was causing the tokenize.untokenize() function to handle unicode named literals incorrectly. Patch by Pablo Galindo - gh-114828: Fix compilation crashes in uncommon code examples using super() inside a comprehension in a class body. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-112215: Change the C recursion limits to more closely reflect the underlying platform limits. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. - Library - gh-117467: Preserve mailbox ownership when rewriting in mailbox.mbox.flush(). Patch by Tony Mountifield. - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-116040: [Enum] fix by-value calls when second value is falsey; e.g. Cardinal(1, 0) - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-112364: Fixed ast.unparse() to handle format_spec with ", ' or \\. Patched by Frank Hoffmann. - gh-111358: Fix a bug in asyncio.BaseEventLoop.shutdown_default_executor() to ensure the timeout passed to the coroutine behaves as expected. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114071: Support tuple subclasses using auto() for enum member value. - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. - Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. - Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-116333: Tests of TLS related things (error codes, etc) were updated to be more lenient about specific error message strings and behaviors as seen in the BoringSSL and AWS-LC forks of OpenSSL. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-112536: Add –tsan to test.regrtest for running TSAN tests in reasonable execution times. Patch by Donghee Na. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. Use it in importlib.resources tests to avoid leaving mod around to impede importlib.metadata tests. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-116117: Backport libb2’s PR #42 to fix compiling CPython on 32-bit Windows with clang-cl. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. - gh-112536: Add support for thread sanitizer (TSAN) - Windows - gh-117267: Ensure DirEntry.stat().st_ctime behaves consistently with os.stat() during the deprecation period of st_ctime by containing the same value as st_birthtime. After the deprecation period, st_ctime will be the metadata change time (or unavailable through DirEntry), and only st_birthtime will contain the creation time. - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115049: Fixes py.exe launcher failing when run as users without user profiles. - gh-115009: Update Windows installer to use SQLite 3.45.1. - IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. - Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. - C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. - gh-116869: Make the C API compatible with - Werror=declaration-after-statement compiler flag again. Patch by Victor Stinner. ++++ sngrep: - Update to version 1.8.1 * Fix CVE-2024-3119: sngrep: buffer overflow due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. * Fix CVE-2024-3120: sngrep: stack-buffer overflow due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers. ++++ sysctl-logger: - Update to v0.0.6 * Rephrase logging to clarify that it is unknown whether sysctl change succeeded or failed ++++ systemd-default-settings: - Import 0.10 5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123) ++++ installation-images-openSUSE: - merge gh#openSUSE/installation-images#705 - drop unused wget (bsc#1215290, bsc#1222611) - avoid using libpxbackend-1_0-mini (bsc#1215290, bsc#1222611) - BuildConflict libpxbackend-1_0-mini (bsc#1215290, bsc#1222611) - 16.59.11 ++++ ugrep: - update to 5.1.4: * use statfs() with options --include-fs and --exclude-fs when the preferred statvfs() is not available * suppress --filter utility stderr messages when ugrep options - s (--no-messages) and -q (--quiet) are used * support the NO_COLOR environment variable to suppress color output * fix TUI scroll glitch in non-split screen, and other TUI fixes - enable SIMD code for faster matching on CPUs that support it (while keeping build reproducible) ++++ xorg-x11-server: - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659) ++++ xwayland: - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659) ------------------------------------------------------------------ ------------------ 2024-4-9 - Apr 9 2024 ------------------- ------------------------------------------------------------------ ++++ MozillaFirefox: - Firefox Extended Support Release 115.10.0 ESR Placeholder changelog-entry (bsc#1222535) ++++ kernel-64kb: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-azure: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-default: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ nodejs20: - Update to 20.12.1: * CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) (bsc#1222244) * CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium) (bsc#1222384) * updated dependencies: + llhttp version 9.2.1 + undici version 5.28.4 (bsc#1222530, bsc#1222603, CVE-2024-30260, CVE-2024-30261) - node-gyp-addon-gypi.patch: adapted for new unit test layouts - fix_ci_tests.patch: add benchmark fix ++++ dtb-aarch64: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ gleam: - Initial commit ++++ ibmswtpm2: - Package LICENSE file. ++++ kernel-debug: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-source: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-source-azure: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-docs: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-kvmsmall: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-obs-build: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-obs-qa: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-syms: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-syms-azure: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ kernel-zfcpdump: - Update patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch (bsc#1219126 CVE-2024-26727 bsc#1222536). - commit 7bb93e9 - Update patches.suse/net-mlx5-DPLL-Fix-possible-use-after-free-after-dela.patch (git-fixes CVE-2024-26724 bsc#1222523). - commit bb60edc - Update patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch (git-fixes CVE-2024-26722 bsc#1222520). - commit f0aaca0 - Update patches.suse/netdevsim-avoid-potential-loop-in-nsim_dev_trap_repo.patch (git-fixes CVE-2024-26681 bsc#1222431). - commit 12b3ceb - Update patches.suse/wifi-iwlwifi-fix-double-free-bug.patch (git-fixes CVE-2024-26694 bsc#1222466). - commit 5048255 - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264 CVE-2024-0841). - commit 440934e ++++ xfce4-branding-openSUSE: - Update to version 4.18.0+git1.8b02118: * Tumbleweed now uses png for default.wallpaper ++++ libvirt: - security: Ensure file exists before attempting to restore label bsc#1220714 ++++ lxde-common-branding-openSUSE: - Default Tumbleweed wallpaper is now png boo#1222543 align lxde-common-0.99.0-pcmanfm-default.patch ++++ openssl-ibmca: - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627) +------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | openssl1 flavor | | engine | openssl3-ibmca-engine | Only engine | | provider | openssl3-ibmca-provider | Only provider | | openssl3 | openssl3-ibmca | Both engine and provider | +------------+---------------------------------+--------------------------+ - Changing/editing 'dynamic_path' after the installation on the target system * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig for openssl3 flavor ++++ openssl-ibmca-engine: - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627) +------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | openssl1 flavor | | engine | openssl3-ibmca-engine | Only engine | | provider | openssl3-ibmca-provider | Only provider | | openssl3 | openssl3-ibmca | Both engine and provider | +------------+---------------------------------+--------------------------+ - Changing/editing 'dynamic_path' after the installation on the target system * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig for openssl3 flavor ++++ openssl-ibmca-provider: - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627) +------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | openssl1 flavor | | engine | openssl3-ibmca-engine | Only engine | | provider | openssl3-ibmca-provider | Only provider | | openssl3 | openssl3-ibmca | Both engine and provider | +------------+---------------------------------+--------------------------+ - Changing/editing 'dynamic_path' after the installation on the target system * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig for openssl3 flavor ++++ openssl1_1-ibmca: - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627) +------------+---------------------------------+--------------------------+ | Flavor | Package name | Note | +------------+---------------------------------+--------------------------+ | '' | openssl-ibmca | openssl1 flavor | | engine | openssl3-ibmca-engine | Only engine | | provider | openssl3-ibmca-provider | Only provider | | openssl3 | openssl3-ibmca | Both engine and provider | +------------+---------------------------------+--------------------------+ - Changing/editing 'dynamic_path' after the installation on the target system * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig for openssl3 flavor ++++ plasma5-openSUSE: - Modify lookandfeel.diff and sddmtheme.diff to support branding-openSUSE 84.87.20240405 which replaces jpg wallpapers with png ones. - Require at least wallpaper-branding-openSUSE 84.87.20240405 to make sure the png wallpapers exist. ++++ post-build-checks-malwarescan: - EXCLUDELIST: Filter Python tarballs due to false positive (bsc#1222509) Win.Virus.Expiro-10026576-0 ++++ postgresql12-postgis: - fix man file names installation problem of last update ++++ postgresql13-postgis: - fix man file names installation problem of last update ++++ postgresql14-postgis: - fix man file names installation problem of last update ++++ postgresql15-postgis: - fix man file names installation problem of last update ++++ postgresql16-postgis: - fix man file names installation problem of last update ++++ yt-dlp: - Update to release 2024.04.09 * Add new option --progress-delta, --impersonate, - -list-impersonate-targets, --no-break-on-existing. * Infer acodec for single-codec containers * Prevent RCE when using --exec with %q (CVE-2024-22423) ++++ wicked: - client: do not convert sec to msec twice (bsc#1222105) [+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch] ++++ xen: - Update to Xen 4.18.2 security bug fix release (bsc#1027519) xen-4.18.2-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may trigger Xen bug check (XSA-454) - bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic for BTC/SRSO mitigations (XSA-455) - bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch History Injection (XSA-456) - Dropped patch contained in new tarball 65f83951-x86-mm-use-block_lock_speculation-in.patch ------------------------------------------------------------------ ------------------ 2024-4-8 - Apr 8 2024 ------------------- ------------------------------------------------------------------ ++++ adwaita-xfce-icon-theme: - Update to version 0.0.4+git0.b33d65a * Remove superfluous /apps directory from index.theme ++++ branding-openSUSE: - Use png for wallpapers for Leap 15.6 - SLES seems to be using png - Using a compat symlink wallpapers/openSUSEdefault-> wallpapers/SLEdefault allows running certain apps without rebuild. Such as cockpit. - Use optipng -o5 to compress files (has to be reflected in spec) - Bump date ++++ gnome-control-center: - Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch: Avoid emitting the time-changed signal (bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943). ++++ gnutls: - Security fix: [bsc#1221747, CVE-2024-28835] * gnutls: certtool crash when verifying a certificate chain * Add gnutls-CVE-2024-28835.patch - Security fix: [bsc#1221746, CVE-2024-28834] * gnutls: side-channel in the deterministic ECDSA * Add gnutls-CVE-2024-28834.patch ++++ icewm-theme-branding: - Do not substitute png to jpg for default wallpaper Details at https://github.com/openSUSE/branding/pull/149 - Keep openSUSEDefault although SLEDefault compat symlink exist ++++ libcontainers-common: - Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556) + 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch - Fallback to podman's default capabilities and journal driver via containers.conf - New release 20240408 - bump bundled c/common to 0.58.0 - bump bundled c/image to 5.30.0 - bump bundled c/storage to 1.53.0 ++++ plplot: - Disable python3.12 as it is not supported by upstream. - Fix doc pakcage location. ++++ prometheus-cpp: - spec: add Copyright boilerplate ++++ python311-core: - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115198: Fix support of Docutils >= 0.19 in distutils. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. * Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. * Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - gh-115198: Fix test_check_metadata_deprecate in distutils tests with a newer Docutils. * Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. * Windows - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115009: Update Windows installer to use SQLite 3.45.1. * IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. * Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. * C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. ++++ lightdm-gtk-greeter-branding-openSUSE: - Use 1600x1200.png now when we've changed backgrounds to png Details in https://github.com/openSUSE/branding/pull/149 ++++ musique: - Remove obsolete parts handling FAKE_BUILDDATE ++++ openssh: - Update to openssh 9.6p1: = Security * ssh(1), sshd(8): implement protocol extensions to thwart the so-called "Terrapin attack" discovered by Fabian Bäumer, Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts. A peer SSH client/server would not be able to detect that messages were deleted (bsc#1217950, CVE-2023-48795). * ssh-agent(1): when adding PKCS#11-hosted private keys while specifying destination constraints, if the PKCS#11 token returned multiple keys then only the first key had the constraints applied. Use of regular private keys, FIDO tokens and unconstrained keys are unaffected. * ssh(1): if an invalid user or hostname that contained shell metacharacters was passed to ssh(1), and a ProxyCommand, LocalCommand directive or "match exec" predicate referenced the user or hostname via %u, %h or similar expansion token, then an attacker who could supply arbitrary user/hostnames to ssh(1) could potentially perform command injection depending on what quoting was present in the user-supplied ssh_config(5) directive. = Potentially incompatible changes * ssh(1), sshd(8): the RFC4254 connection/channels protocol provides a TCP-like window mechanism that limits the amount of data that can be sent without acceptance from the peer. In cases where this limit was exceeded by a non-conforming peer SSH implementation, ssh(1)/sshd(8) previously discarded the extra data. From OpenSSH 9.6, ssh(1)/sshd(8) will now terminate the connection if a peer exceeds the window limit by more than a small grace factor. This change should have no effect of SSH implementations that follow the specification. = New features * ssh(1): add a %j token that expands to the configured ProxyJump hostname (or the empty string if this option is not being used) that can be used in a number of ssh_config(5) keywords. bz3610 * ssh(1): add ChannelTimeout support to the client, mirroring the same option in the server and allowing ssh(1) to terminate quiescent channels. * ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): add support for reading ED25519 private keys in PEM PKCS8 format. Previously only the OpenSSH private key format was supported. * ssh(1), sshd(8): introduce a protocol extension to allow renegotiation of acceptable signature algorithms for public key authentication after the server has learned the username being used for authentication. This allows varying sshd_config(5) PubkeyAcceptedAlgorithms in a "Match user" block. * ssh-add(1), ssh-agent(1): add an agent protocol extension to allow specifying certificates when loading PKCS#11 keys. This allows the use of certificates backed by PKCS#11 private keys in all OpenSSH tools that support ssh-agent(1). Previously only ssh(1) supported this use-case. = Bugfixes * ssh(1): when deciding whether to enable the keystroke timing obfuscation, enable it only if a channel with a TTY is active. * ssh(1): switch mainloop from poll(3) to ppoll(3) and mask signals before checking flags set in signal handler. Avoids potential race condition between signaling ssh to exit and polling. bz3531 * ssh(1): when connecting to a destination with both the AddressFamily and CanonicalizeHostname directives in use, the AddressFamily directive could be ignored. bz5326 * sftp(1): correct handling of the limits@openssh.com option when the server returned an unexpected message. * A number of fixes to the PuTTY and Dropbear regress/integration tests. * ssh(1): release GSS OIDs only at end of authentication, avoiding unnecessary init/cleanup cycles. bz2982 * ssh_config(5): mention "none" is a valid argument to IdentityFile in the manual. bz3080 * scp(1): improved debugging for paths from the server rejected for not matching the client's glob(3) pattern in old SCP/RCP protocol mode. * ssh-agent(1): refuse signing operations on destination-constrained keys if a previous session-bind operation has failed. This may prevent a fail-open situation in future if a user uses a mismatched ssh(1) client and ssh-agent(1) where the client supports a key type that the agent does not support. - Update to openssh 9.5p1: = Potentially incompatible changes * ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys are very convenient due to their small size. Ed25519 keys are specified in RFC 8709 and OpenSSH has supported them since version 6.5 (January 2014). * sshd(8): the Subsystem directive now accurately preserves quoting of subsystem commands and arguments. This may change behaviour for exotic configurations, but the most common subsystem configuration (sftp-server) is unlikely to be affected. = New features * ssh(1): add keystroke timing obfuscation to the client. This attempts to hide inter-keystroke timings by sending interactive traffic at fixed intervals (default: every 20ms) when there is only a small amount of data being sent. It also sends fake "chaff" keystrokes for a random interval after the last real keystroke. These are controlled by a new ssh_config ObscureKeystrokeTiming keyword. * ssh(1), sshd(8): Introduce a transport-level ping facility. This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to implement a ping capability. These messages use numbers in the "local extensions" number space and are advertised using a "ping@openssh.com" ext-info message with a string version number of "0". * sshd(8): allow override of Subsystem directives in sshd Match blocks. = Bugfixes * scp(1): fix scp in SFTP mode recursive upload and download of directories that contain symlinks to other directories. In scp mode, the links would be followed, but in SFTP mode they were not. bz3611 * ssh-keygen(1): handle cr+lf (instead of just cr) line endings in sshsig signature files. * ssh(1): interactive mode for ControlPersist sessions if they originally requested a tty. * sshd(8): make PerSourceMaxStartups first-match-wins * sshd(8): limit artificial login delay to a reasonable maximum (5s) and don't delay at all for the "none" authentication mechanism. bz3602 * sshd(8): Log errors in kex_exchange_identification() with level verbose instead of error to reduce preauth log spam. All of those get logged with a more generic error message by sshpkt_fatal(). * sshd(8): correct math for ClientAliveInterval that caused the probes to be sent less frequently than configured. * ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused multiplexed sessions to ignore SIGINT under some circumstances. - Update to openssh 9.4p1: = Potentially incompatible changes * This release removes support for older versions of libcrypto. OpenSSH now requires LibreSSL >= 3.1.0 or OpenSSL >= 1.1.1. Note that these versions are already deprecated by their upstream vendors. * ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories. = New features * ssh(1): allow forwarding Unix Domain sockets via ssh -W. * ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name. * ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location. * ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL extensions. This defines wire formats for optional KRL extensions and implements parsing of the new submessages. No actual extensions are supported at this point. * sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now accept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. * ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. = Bugfixes * ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider. * ssh(1): make -f (fork after authentication) work correctly with multiplexed connections, including ControlPersist. bz3589 bz3589 * ssh(1): make ConnectTimeout apply to multiplexing sockets and not just to network connections. * ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it. * sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand appears before it in sshd_config. Since OpenSSH 8.7 the AuthorizedPrincipalsCommand directive was incorrectly ignored in this situation. bz3574 * sshd(8), ssh(1), ssh-keygen(1): remove vestigal support for KRL signatures When the KRL format was originally defined, it included support for signing of KRL objects. However, the code to sign KRLs and verify KRL signatues was never completed in OpenSSH. This release removes the partially-implemented code to verify KRLs. All OpenSSH tools now ignore KRL_SECTION_SIGNATURE sections in KRL files. * All: fix a number of memory leaks and unreachable/harmless integer overflows. * ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11 modules; GHPR406 * sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config and sshd_config. Previously this directive would accept certificate algorithm names, but these were unusable in practice as OpenSSH does not support CA chains. bz3577 * ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature algorithms that are valid for CA signing. Previous behaviour was to list all signing algorithms, including certificate algorithms. * ssh-keyscan(1): gracefully handle systems where rlimits or the maximum number of open files is larger than INT_MAX; bz3581 * ssh-keygen(1): fix "no comment" not showing on when running `ssh-keygen -l` on multiple keys where one has a comment and other following keys do not. bz3580 * scp(1), sftp(1): adjust ftruncate() logic to handle servers that reorder requests. Previously, if the server reordered requests then the resultant file would be erroneously truncated. * ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was expicitly set to "none". bz3567 * scp(1): when copying local->remote, check that the source file exists before opening an SFTP connection to the server. Based on GHPR#370 - Dropped patches: * cb4ed12f.patch - implemented upstream. - Rebased patches: * openssh-7.7p1-fips.patch * openssh-7.8p1-role-mls.patch * openssh-8.0p1-gssapi-keyex.patch - Add patches from obs: * Mon Mar 4 09:57:06 UTC 2024 - Pedro Monreal - Add crypto-policies support [bsc#1211301] * Add patches: - openssh-9.6p1-crypto-policies.patch - openssh-9.6p1-crypto-policies-man.patch ++++ pgadmin4: - update to 8.5: * supported database servers - postgresql: 12, 13, 14, 15, and 16 - edb advanced server: 12, 13, 14, 15, and 16 * bundled postgresql utilities - psql, pg_dump, pg_dumpall, pg_restore: 16.1 * New features - Added support for provider, deterministic, version and RULES parameter while creating collation. - Added support for EDB Job Scheduler. - Added support for viewing Log Based Clusters. - Added support for UNIX socket in entrypoint.sh for Docker implementation. * Bug fixes - Fixed an issue in Schema Diff where Columns with sequences get altered unnecessarily. - Fixed an issue where user was unable to share a newly registered server. - Bug fixes and improvements in pgAdmin CLI. - Fixed an issue where the 'Save Password' option for SSH tunneling password was consistently disabled. - Fixed schema diff wrong query generation for table, foreign table and sequence. - Fixed an issue where table properties were not updating from properties dialog. - Fixed an issue where maximize icon is missing from query tool panel. - Fix an issue in table dialog where changing column name was not syncing table constraints appropriately. - Fixed rollback and commit button activation on execute button click. - Fixed an issue where taking backup of a shared server was using server owner's user name. - Fix an issue in editor where replace option in query tool edit menu is not working on non-Mac OS. - Fix an issue in editor where Format SQL shortcut and multiline selection are not working. - Fix an issue in editor where "Use Spaces?" Preference of Editor is not working. - Fixed an issue where Triggers, Rules, Indexes were absent from the Schema Diff when comparing views. - Fix an issue in query tool where toggle case of selected text loses selection. - Fix query tool autocomplete results when cursor is in between the SQL query. - Fix an issue in query tool where custom keyboard shortcuts are not working for some. - Fixed the issue where the update-user CLI command doesn't change the password. - Fixed issue related to email authentication of Two-factor authentication. - Fixed a remote code execution issue in the validate binary path (boo#1222390, CVE-2024-3116). - update to 8.4: * supported database servers - postgresql: 12, 13, 14, 15, and 16 - edb advanced server: 12, 13, 14, 15, and 16 * bundled postgresql utilities - psql, pg_dump, pg_dumpall, pg_restore: 16.1 * New features - Allow preferences customization using a configuration file. - Add support for JSON log format. - Add --yes option for skipping the confirmation prompt while deleting the user via CLI for scripting purpose. * Housekeeping - Upgrade CodeMirror from version 5 to 6. - Added documentation for Dashboard's System Statistics tab. - Separate the application name, branding & version information from the configuration file. - Upgrade python packages cryptography to 42.0.x and Flask-Security-Too to 5.3.x. * Bug fixes - Fix multiple issues where PasswordExecCommand was not working in server mode and PasswordExecCommand was not loaded when importing servers. - Fix the tabbed panel backward/forward shortcut for tabs. - Fixed an issue where dependencies and dependents were not showing if a composite type is used as an attribute in another composite type. - Fix an issue where constraint check control is enabled in the edit table dialog. - Fix an issue where the scripts created by generate script of Schema diff for Table with sequence was not working earlier. - Ensure that the OAuth2 session is logged out when users log out from pgAdmin. - Remove role related checks on the UI dashboard when terminating session/query and let PostgreSQL take care of it. - Fix an issue where type column in dependents/dependencies tab is not showing correct label. - Unsafe Deserialization and Remote Code Execution by an Authenticated user in pgAdmin 4 (boo#1221172, CVE-2024-2044). - Replace the requirement for cryptography 42.0 to be satisfied with 41.0 (which is the version we have in SLE) given that the code using the cryptography module doesn't seem to really require 42.0 . ++++ python311: - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115198: Fix support of Docutils >= 0.19 in distutils. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. * Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. * Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - gh-115198: Fix test_check_metadata_deprecate in distutils tests with a newer Docutils. * Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. * Windows - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115009: Update Windows installer to use SQLite 3.45.1. * IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. * Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. * C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. ++++ python311-documentation: - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. - gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. - gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. - gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. - gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. - gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). - gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. - gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. - gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). - gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. - gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115198: Fix support of Docutils >= 0.19 in distutils. - gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. - gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). - gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. - gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. - gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. - gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. - gh-90095: Make .pdbrc and -c work with any valid pdb commands. - gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. - gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. - gh-60346: Fix ArgumentParser inconsistent with parse_known_args. - gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. - gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. - gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. - gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. - gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. - bpo-44865: Add missing call to localization function in argparse. - bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. - bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. - gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. - bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. * Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. - gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. * Tests - gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - gh-115979: Update test_importlib so that it passes under WASI SDK 21. - gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. - gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. - gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. - gh-115198: Fix test_check_metadata_deprecate in distutils tests with a newer Docutils. * Build - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. - gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. * Windows - gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. - gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. - gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. - gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. - gh-115009: Update Windows installer to use SQLite 3.45.1. * IDLE - gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. * Tools/Demos - gh-113516: Don’t set LDSHARED when building for WASI. * C API - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. ++++ python-jsonformatter: - Initial release of python-jsonformatter 0.3.2 ++++ yast2-trans: - Update to version 84.87.20240407.b46e9ca4fd: * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Czech) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Catalan) * New POT for text domain 'bootloader'. * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) ------------------------------------------------------------------ ------------------ 2024-4-7 - Apr 7 2024 ------------------- ------------------------------------------------------------------ ++++ clamav-database: - database refresh on 2024-04-08 (bsc#1084929) ++++ mygnuhealth: - version 2.0.3 * No changelog provided ------------------------------------------------------------------ ------------------ 2024-4-5 - Apr 5 2024 ------------------- ------------------------------------------------------------------ ++++ cloud-init: - Add cloud-init-no-nmcfg-needed.patch (bsc#1221726) + Do not require a NetworkManager config file in order to detect NetworkManager as the renderer - Add cloud-init-no-openstack-guess.patch (bsc#1222113) + Do not guess if we are running on OpenStack or not. Only recognize the known markers and enable cloud-init if we know for sure. ++++ kernel-64kb: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-azure: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-default: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ dtb-aarch64: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ emacs: - Modify patch CVE-2024-30204.patch * Backport the variable definition untrusted-content in lisp/files.el ++++ kernel-debug: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-source: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-source-azure: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-docs: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-kvmsmall: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-obs-build: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-obs-qa: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-syms: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-syms-azure: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ kernel-zfcpdump: - Update patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch (git-fixes CVE-2024-26717 bsc#1222360). - Update patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch (git-fixes CVE-2024-26670 bsc#1222356). - Update patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch (git-fixes CVE-2024-26695 bsc#1222373). - Update patches.suse/dpll-fix-possible-deadlock-during-netlink-dump-opera.patch (jsc#PED-6079 CVE-2024-26725 bsc#1222369). - Update patches.suse/drm-amd-display-Add-NULL-test-for-timing-generator-i.patch (git-fixes CVE-2024-26661 bsc#1222323). - Update patches.suse/drm-amd-display-Fix-panel_cntl-could-be-null-in-dcn2.patch (git-fixes CVE-2024-26662 bsc#1222324). - Update patches.suse/drm-amd-display-Implement-bounds-check-for-stream-en.patch (git-fixes CVE-2024-26660 bsc#1222266). - Update patches.suse/drm-amd-display-fix-null-pointer-dereference-on-edid.patch (git-fixes CVE-2024-26728 bsc#1222370). - Update patches.suse/drm-amdgpu-Fix-variable-mca_funcs-dereferenced-befor.patch (git-fixes CVE-2024-26672 bsc#1222358). - Update patches.suse/drm-i915-dsc-Fix-the-macro-that-calculates-DSCC_-DSC.patch (git-fixes CVE-2024-26721 bsc#1222365). - Update patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch (git-fixes CVE-2024-26667 bsc#1222331). - Update patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch (git-fixes CVE-2024-26664 bsc#1222355). - Update patches.suse/lan966x-Fix-crash-when-adding-interface-under-a-lag.patch (git-fixes CVE-2024-26723 bsc#1222367). - Update patches.suse/mm-writeback-fix-possible-divide-by-zero-in-wb_dirty_limits-again.patch (git-fixes CVE-2024-26720 bsc#1222364). - Update patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch (git-fixes CVE-2024-26698 bsc#1222374). - Update patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch (git-fixes CVE-2024-26651 bsc#1221337). - Update patches.suse/usb-core-Prevent-null-pointer-dereference-in-update_.patch (git-fixes CVE-2024-26716 bsc#1222359). - Update patches.suse/wifi-mac80211-fix-RCU-use-in-TDLS-fast-xmit.patch (git-fixes CVE-2024-26666 bsc#1222293). - Update patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch (git-fixes CVE-2024-26659 bsc#1222317). - commit 967a843 - Update patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch (git-fixes bsc#1219810 CVE-2023-52639 bsc#1222300). - Update patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch (git-fixes CVE-2023-52637 bsc#1222291). - Update patches.suse/can-j1939-prevent-deadlock-by-changing-j1939_socks_l.patch (git-fixes CVE-2023-52638 bsc#1222299). - Update patches.suse/drm-amd-display-Fix-disable_otg_wa-logic.patch (git-fixes CVE-2023-52634 bsc#1222278). - Update patches.suse/drm-amd-display-Refactor-DMCUB-enter-exit-idle-inter.patch (git-fixes CVE-2023-52625 bsc#1222085). - Update patches.suse/drm-amd-display-Wake-DMCUB-before-executing-GPINT-co.patch (git-fixes CVE-2023-52624 bsc#1222083). - Update patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch (git-fixes CVE-2023-52632 bsc#1222274). - Update patches.suse/libceph-just-wait-for-more-data-to-be-available-on-th.patch (bsc#1221390 CVE-2023-52636 bsc#1222247). - Update patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch (CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117). - commit dc877fc ++++ resource-agents: - resource-agents:azure-lb IPv6 support (bsc#1220997) Add patch: 0001-Support-IPv6-with-Azure-load-balncer.patch ++++ pacemaker: - libcrmcommon: NULL-check strdup() in pcmk__register_message() (gh#ClusterLabs/pacemaker#3394) * pacemaker#3394-0004-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch - libcrmcommon: NULL-check strdup() in pcmk__register_format() (gh#ClusterLabs/pacemaker#3394) * pacemaker#3394-0003-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch - libpacemaker: Correctly free graphs and synapses (gh#ClusterLabs/pacemaker#3394) * pacemaker#3394-0002-Low-libpacemaker-Correctly-free-graphs-and-synapses.patch - libcrmcommon: Initialize some variables (gh#ClusterLabs/pacemaker#3394) * pacemaker#3394-0001-Low-libcrmcommon-Initialize-some-variables.patch - HealthSMART:fix the description of temp_lower_limit (gh#ClusterLabs/pacemaker#3392) * pacemaker#3392-0001-Doc-HealthSMART-fix-the-description-of-temp_lower_li.patch ++++ retry: - Update to version 1712304225.2d4e170: * Stop mixing option and non-option parameters ++++ telegram-desktop: - Updated to version 4.16.2 * Use IV by default for Telegraph and some Telegram links. * Support IV links in bot web-apps. * Some bug fixes. ++++ tomcat: - Update to Tomcat 9.0.87 * Fixed CVEs: + CVE-2024-24549: Improved request header validation for HTTP/2 stream (bsc#1221386) + CVE-2024-23672: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection (bsc#1221385) * Catalina + Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) + Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) + Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) + Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) + Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) + Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) + Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) + Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) + Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) + Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote + Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) + Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Altındağ. (markt) + Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of a JVM crash during Tomcat shutdown. (markt) + Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) + Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) + Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper + Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster + Fix: Avoid updating request count stats on async. (remm) * WebSocket + Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications + Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Update Checkstyle to 10.13.0. (markt) + Update: Update JSign to 6.0. (markt) + Update: Add strings for debug level messages. (remm) + Update: Update Tomcat Native to 1.3.0. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) ++++ tomcat10: - Update to Tomcat 10.1.20 * Fixed CVEs: + CVE-2024-24549: Improved request header validation for HTTP/2 stream (bsc#1221386) + CVE-2024-23672: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection (bsc#1221385) * Catalina + Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) + Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) + Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) + Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) + Fix: After forwarding a request, attempt to unwrap the response in order to suspend it, instead of simply closing it if it was wrapped. Add a new suspendWrappedResponseAfterForward boolean attribute on Context to control the bahavior, defaulting to false. (remm) + Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) + Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) + Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) + Update: Add highConcurrencyStatus attribute to the SemaphoreValve to optionally allow the valve to return an error status code to the client when a permit cannot be acquired from the semaphore. (remm) + Add: Add checking of the "age" of the running Tomcat instance since its build-date to the SecurityListener, and log a warning if the server is old. (schultz) + Fix: When using the AsyncContext, throw an IllegalStateException, rather than allowing an NullPointerException, if an attempt is made to use the AsyncContext after it has been recycled. (markt) + Fix: Correct JPMS and OSGi meta-data for tomcat-embed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) + Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) + Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote + Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) + Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow configuring the amount of time before an internal executor will scale back to the configured minSpareThreads size. (remm) + Fix: Correct a regression in the support for user provided SSLContext instances that broke the org.apache.catalina.security.TLSCertificateReloadListener. (markt) + Fix: Setting a null value for a cookie attribute should remove the attribute. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) + Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Altındağ. (markt) + Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) + Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) + Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper + Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: Handle the case where the JSP engine forwards a request/response to a Servlet that uses an OutputStream rather than a Writer. This was triggering an IllegalStateException on code paths where there was a subsequent attempt to obtain a Writer. (markt) + Fix: Correctly handle the case where a tag library is packaged in a JAR file and the web application is deployed as a WAR file rather than an unpacked directory. (markt) + Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster + Fix: Avoid updating request count stats on async. (remm) * WebSocket + Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Fix: 57130: Allow digest.(sh|bat) to accept password from a file or stdin. (csutherl/schultz) + Update: Update Checkstyle to 10.14.1. (markt) + Fix: Correct the remaining OSGi contract references in the manifest files to refer to the Jakarta EE contract names rather than the Java EE contract names. Based on pull request #685 provided by Paul A. Nicolucci. (markt) + Update: Update Checkstyle to 10.13.0. (markt) + Update: Update JSign to 6.0. (markt) + Update: Update the packaged version of the Tomcat Migration Tool for Jakarta EE to 1.0.7. (markt) + Update: Update Tomcat Native to 2.0.7. (markt) + Update: Add strings for debug level messages. (remm) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) - Regenerated patch: tomcat-jdt.patch ++++ xorg-x11-server: - U_CVE-2024-31080-Xi-ProcXIGetSelectedEvents-needs-to-use-unswapped-le.patch * Xi: ProcXIGetSelectedEvents needs to use unswapped length (CVE-2024-31080, bsc#1222309) - U_CVE-2024-31081-Xi-ProcXIPassiveGrabDevice-needs-to-use-unswapped-le.patch * Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply (CVE-2024-31081, bsc#1222310) - U_CVE-2024-31082-Xquartz-ProcAppleDRICreatePixmap-needs-to-use-unswap.patch * Xquartz: ProcAppleDRICreatePixmap needs to use unswapped length to send reply (CVE-2024-31082, bsc#1222311) - U_CVE-2024-31083-render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch * render: fix refcounting of glyphs during ProcRenderAddGlyphs (CVE-2024-31083, bsc#1222312) ++++ yast2-bootloader: - Follow up of previous change to use even more precise wording (bsc#1219989,bsc#1222353) - 4.6.7 ------------------------------------------------------------------ ------------------ 2024-4-4 - Apr 4 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-azure: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-default: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ distribution-logos-openSUSE: - Update to version 20240404: * Turn apple-touch-icon into round square ones * SLES Compatability supply apple-touch-icon for Leap, LeapMicro, TW * Delete dist/package directory * fix source mismatch with package name ++++ python-kiwi: - Set default output console to gfxterm for grub If no console setting is done in the image description for grub the default output console is set to: gfxterm and the default input console is set to: console. This Fixes bsc#1219074 ++++ dtb-aarch64: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ emacs: - Add patch CVE-2024-30203.patch * Fix bsc#1222053 -- Gnus treats inline MIME contents as trusted - Add patch CVE-2024-30204.patch * Fix bsc#1222052 -- LaTeX preview is enabled by default for e-mail attachments - Add patch CVE-2024-30205.patch * Fix bsc#1222050 -- Org mode considers contents of remote files to be trusted ++++ gdu: - Initial package version 5.27.0 ++++ gh: - Update to version 2.47.0: * Bump go-gh to v2.8.0 and go mod tidy * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1 * Bump glamour to v0.7.0 and go mod tidy * build(deps): bump github.com/google/go-containerregistry * build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 * build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 * Rely on go.mod go version in all workflows (#8911) * Upgrade to Go 1.22 (#8836) * build(deps): bump github.com/docker/docker * build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 * gh-attestation cmd integration (#8698) * fix segfault in `gh repo rename` * Bump go-gh to 2.7.0 * Fix typo in auth switch help example ++++ ibmswtpm2: - Update to version 183-2024-03-27 * tpm: Updates to rev 180 - Drop obsolete patches * Drop ibmswtpm2-NVDynamic-Fix-use-of-uninitialized-value.patch - addressed upstream * Drop ibmswtpm2-Add-support-for-OpenSSL-3.2.x.patch - merged upstream ++++ kernel-debug: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-source: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-source-azure: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-docs: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-kvmsmall: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-obs-build: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-obs-qa: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-syms: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-syms-azure: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ kernel-zfcpdump: - selinux: saner handling of policy reloads (bsc#1222230). - commit 35fdf2d ++++ s390-tools: - SE-tooling: New IBM host-key subject locality (s390-tools) (bsc#1222282) * s390-tools-sles15sp5-01-rust-pv-support-Armonk-in-IBM-signing-key-subject.patch * s390-tools-sles15sp6-02-genprotimg-support-Armonk-in-IBM-signing-key-subject.patch * s390-tools-sles15sp6-03-libpv-support-Armonk-in-IBM-signing-key-subject.patch * s390-tools-sles15sp6-04-pvattest-Fix-root-ca-parsing.patch ++++ libnvme: - Update to version 1.8+8.g8c9685f: (bsc#1222026) * nbft: Whitespace fixes * tests: Add complex NBFT table from Dell R660 * tests: Adapt to added NBFT SSNS flags * nbft: Add SSNS 'discovered' flag * nbft: Add SSNS 'unavailable' flag * doc: Document the NBFT API * log: Respect DEFAULT_LOGLEVEL on uninitialized logging * log: Introduce nvme_get_logging_level() ++++ openwsman: - add upstream patch d266a62.patch (bsc#1222272) ++++ nvme-cli: - Update to version 2.8+12.g34d799c: * sed: update SED password when initalizing (bsc#1222168) * nbft: Include SSNS index in error messages (bsc#1222026) * nbft: Pause logging for expected connection failures (bsc#1222026) * nbft: Silence connection failures for unavailable SSNS (bsc#1222026) * nbft: Fix 'verbose' argument type (bsc#1222026) * logging: track log level globally * logging: move logging code to a new file * nvme: update include for libnvme * nvme-netapp: add nspath tlv handling (bsc#1220971) ++++ openssl-ibmca: - Amended the .spec file (bsc#1221627) * Removed the flavors * Removed 'muiltibuild' environment * Removed the 'provider' logic ++++ openssl-ibmca-engine: - Amended the .spec file (bsc#1221627) * Removed the flavors * Removed 'muiltibuild' environment * Removed the 'provider' logic ++++ openssl-ibmca-provider: - Amended the .spec file (bsc#1221627) * Removed the flavors * Removed 'muiltibuild' environment * Removed the 'provider' logic ++++ openssl1_1-ibmca: - Amended the .spec file (bsc#1221627) * Removed the flavors * Removed 'muiltibuild' environment * Removed the 'provider' logic ++++ poke-dwarf: - initial package ++++ python-Pillow: - Add upstream patch CVE-2024-28219.patch to fix buffer overflow in _imagingcms.c. Add also the new source sGrey-v2-nano.icc needed to run the new test added by the patch. bsc#1222262, CVE-2024-28219, gh#python-pillow/Pillow@2a93aba5cfcf ++++ python-Pillow: - Add upstream patch CVE-2024-28219.patch to fix buffer overflow in _imagingcms.c. Add also the new source sGrey-v2-nano.icc needed to run the new test added by the patch. bsc#1222262, CVE-2024-28219, gh#python-pillow/Pillow@2a93aba5cfcf ++++ xwayland: - U_CVE-2024-31080-Xi-ProcXIGetSelectedEvents-needs-to-use-unswapped-le.patch * Xi: ProcXIGetSelectedEvents needs to use unswapped length (CVE-2024-31080, bsc#1222309) - U_CVE-2024-31081-Xi-ProcXIPassiveGrabDevice-needs-to-use-unswapped-le.patch * Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply (CVE-2024-31081, bsc#1222310) - U_CVE-2024-31083-render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch * render: fix refcounting of glyphs during ProcRenderAddGlyphs (CVE-2024-31083, bsc#1222312) ------------------------------------------------------------------ ------------------ 2024-4-3 - Apr 3 2024 ------------------- ------------------------------------------------------------------ ++++ llvm13: - Use old conflicts/provides for python3-clang on Leap. ++++ llvm14: - Use old conflicts/provides for python3-clang on Leap. ++++ kernel-64kb: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-azure: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-default: - Move upstreamed patches into sorted section - commit ebe113d ++++ dtb-aarch64: - Move upstreamed patches into sorted section - commit ebe113d ++++ glibc: - Add workaround for invalid use of libc_nonshared.a with non-SUSE libc (bsc#1221482) ++++ glibc-utils-src: - Add workaround for invalid use of libc_nonshared.a with non-SUSE libc (bsc#1221482) ++++ go1.21: - go1.21.9 (released 2024-04-03) includes a security fix to the net/http package, as well as bug fixes to the linker, and the go/types and net/http packages. Refs boo#1212475 go1.21 release tracking CVE-2023-45288 * go#65387 go#65051 boo#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers * go#66254 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock * go#66326 cmd/compile: //go:build file version ignored when using generic function from package "slices" in Go 1.21 * go#66411 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le ++++ go1.22: - go1.22.2 (released 2024-04-03) includes a security fix to the net/http package, as well as bug fixes to the compiler, the go command, the linker, and the encoding/gob, go/types, net/http, and runtime/trace packages. Refs boo#1218424 go1.22 release tracking CVE-2023-45288 * go#66298 go#65051 boo#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1 * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64 * go#66134 cmd/compile: go test . results in CLOSURE ... : internal compiler error: assertion failed * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock * go#66256 cmd/go: git shallow fetches broken at CL 556358 * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22 * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le ++++ kernel-debug: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-source: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-source-azure: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-docs: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-kvmsmall: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-obs-build: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-obs-qa: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-syms: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-syms-azure: - Move upstreamed patches into sorted section - commit ebe113d ++++ kernel-zfcpdump: - Move upstreamed patches into sorted section - commit ebe113d ++++ kubevirt: - Fix test of secure migration with TLS (bsc#1221431) 0002-Update-tls-error-string-in-migration-test.patch - Fix volume phase condition in migration test (bsc#1221430) 0003-tests-Expect-PendingPopulation-phase.patch ++++ nghttp2: - security update - added patches fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks + nghttp2-CVE-2024-28182-1.patch fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks + nghttp2-CVE-2024-28182-2.patch ++++ pacemaker: - cibsecret: Use 'ps axww' to avoid truncating issue (gh#ClusterLabs/pacemaker#3384) * pacemaker#3384-0001-Fix-cibsecret-Use-ps-axww-to-avoid-truncating-issue.patch ++++ poke-elf: - initial version ++++ nghttp2-python: - security update - added patches fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks + nghttp2-CVE-2024-28182-1.patch fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks + nghttp2-CVE-2024-28182-2.patch ++++ python-M2Crypto: - Build for modern python stack on SLE/Leap ++++ remmina: - Update to 1.4.35 stable release. ++++ rpm-ndb: - remove imaevmsign plugin from rpm-ndb [bsc#1222259] ++++ telegram-desktop: - Updated to version 4.16.1 * Show information about Fragment phone numbers and usernames. * Fix jump to original story from a story repost. * Fix old image display in viewer in some cases. * Fix several crashes. - Updated to version 4.16.0 * Instant View on Windows 10+ and macOS. * Allow scheduling messages in topics. * Telegram Business: Links to Chats. * Telegram Business: Custom Intro. * Telegram Business: Chatbots. * Sharing Revenue with Channel Owners. - Updated to version 4.15.7 * Test crashfix on Linux. - Updated to version 4.15.6 * Save the Instant View window geometry. * Fix jump to anchors with accents in the Instant View. * Fix possible crash in the ElasticScroll destructor. - Updated to version 4.15.5 * Fix a crash in Instant View article parsing. * Support AirPods Mute/Unmute toggle in calls on macOS. * Disable system proxy on Linux to check if it fixes crashes. - Updated to version 4.15.4 * Fix initial text color in dark mode Instant View on macOS. * Fix non-English symbols encoding in Instant View on macOS. * Fix sharing from Instant View on macOS. * Fix crash with long messages on Linux. - Updated to version 4.15.3 * Instant View on Windows (with WebView2) and macOS. * Allow scheduling messages in topics. * Fix system proxy support on Linux. ++++ yast2-installation: - Adapted call for connecting all discovered NVMe-over-Fabrics subsystems (bsc#1222246). - 4.6.12 ++++ yast2-storage-ng: - Fix unlimited-sized fake device graphs (bsc#1221222) - 4.6.17 ------------------------------------------------------------------ ------------------ 2024-4-2 - Apr 2 2024 ------------------- ------------------------------------------------------------------ ++++ clamav-database: - database refresh on 2024-04-02 (bsc#1084929) ++++ kernel-64kb: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-azure: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-default: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ nodejs20: - Update to 20.12.0: * crypto: implement crypto.hash() * util: add loading and parsing environment variables * new connection attempt events: connectionAttempt, connectionAttemptFailed, connectionAttemptTimeout * sea: support embedding assets * support configurable snapshot through --build-snapshot-config flag * util.styleText(format, text): This function returns a formatted text considering the format passed. * vm: support using the default loader to handle dynamic import() - c-ares-fixes.patch: removed, upstreamed - nodejs-libpath.patch, versioned.patch: refreshed ++++ dtb-aarch64: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ poke: - update to 4.0 * Multiple updates to the user interface * now acknowledges the POKE_LOAD_PATH environment variable whose value, if defined, gets prepended to the load_path when poke starts. * Use UID-specific socket to allow multiple instances running in the system * New utility pokefmt: simple template system * Support customizing the poke prompt * Multiple updates to the poke language * New pickles: + srec: Motorola SREC files + orc: ORC data - stack unwinding format in Linux + gcov: GCOV data (.gcda) and notes (.gcno) files + base64: RFC 4648 + iscan, iscan-string: Icon-like scanning + gpt: GUID partition tables + jojodiff: JojoDiff binary patches + linux: Linux kernel internal data structures * Updates to existing pickles * The ELF pickle is now a separate package * The DWARF pickle is now a separate package ++++ glib2: - require dbus-launch only if dbus-service is wanted. This helps with stripping down container-only builds (jsc#PED-8153) ++++ glib2-doc: - require dbus-launch only if dbus-service is wanted. This helps with stripping down container-only builds (jsc#PED-8153) ++++ kernel-debug: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-source: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-source-azure: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-docs: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-kvmsmall: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-obs-build: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-obs-qa: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-syms: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-syms-azure: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kernel-zfcpdump: - blacklist.conf: fbdev: flush deferred IO before closing (bsc#1221814) - commit 6339fe4 - netfilter: nf_tables: skip set commit for deleted/destroyed sets (CVE-2024-0193 bsc#1218495). - commit e7bf1c3 ++++ kexec-tools: - fix kexec-bootloader path in kexec-load.service (bsc#1222245) ++++ s390-tools: - Apllied a patch(bsc#1220949,bsc#1221873) * s390-tools-sles15sp6-01-parse-ipl-device-for-activation.patch ++++ xz: - revert to 5.4.1, last release from Lasse Collin ++++ python3-core: - Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109, gh#python/cpython!16557) fixes syslog making default "ident" from sys.argv[0]. ++++ libssh2_org: - Fix an issue with Encrypt-then-MAC family. [bsc#1221622] * Test the ETM feature in the remote end's configuration when receiving data. Upstream issue: #1331. * Add libssh2_org-ETM-remote.patch ++++ libzypp: - Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014) Fixed the name of the keyword to "support_superseded" as it was agreed on in jsc#OBS-301. - version 17.32.2 (32) ++++ openssh: - Rebase openssh-7.7p1-fips.patch (bsc#1221928) Remove OPENSSL_HAVE_EVPGCM-ifdef, which is no longer supported by upstream - Use %config(noreplace) for sshd_config . In any case, it's recommended to drop a file in sshd_config.d instead of editing sshd_config (bsc#1221063) - Add patches from obs package that were also in SP3/SP4/SP5: * Fri Nov 3 10:44:14 UTC 2023 - Johannes Segitz - Enhanced SELinux functionality. Added * openssh-7.8p1-role-mls.patch Proper handling of MLS systems and basis for other SELinux improvements * openssh-6.6p1-privsep-selinux.patch Properly set contexts during privilege separation * openssh-6.6p1-keycat.patch Add ssh-keycat command to allow retrival of authorized_keys on MLS setups with polyinstantiation * openssh-6.6.1p1-selinux-contexts.patch Additional changes to set the proper context during privilege separation * openssh-7.6p1-cleanup-selinux.patch Various changes and putting the pieces together For now we don't ship the ssh-keycat command, but we need the patch for the other SELinux infrastructure This change fixes issues like bsc#1214788, where the ssh daemon needs to act on behalf of a user and needs a proper context for this ++++ powerpc-utils: - Fix SMT control on powernv with the new kernel interface (bsc#1222163) * Refresh ppc64_cpu-Clean-up-sysfs-smt-control-error-handling.patch ++++ python3: - Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109, gh#python/cpython!16557) fixes syslog making default "ident" from sys.argv[0]. ++++ python3-documentation: - Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109, gh#python/cpython!16557) fixes syslog making default "ident" from sys.argv[0]. ------------------------------------------------------------------ ------------------ 2024-4-1 - Apr 1 2024 ------------------- ------------------------------------------------------------------ ++++ java-21-openjdk: - Added patch: * reproducible-jlink.patch + make the timestamp in jmods reproducible ++++ kcov: - Update to version 42 * Issue #317: Correct handling of large amounts of solib data * Issue #399: Suppor for the LoongArch architecture * Issue #397: Correct symlinks if the out-directory is a relative path * OSX: Replace the lldb-engine/parser with a macho-parser and a mach-engine for improved performance (~20x) ++++ wireplumber: - Update to version 0.5.1: * Highlights: - Added a guide documenting how to migrate configuration from 0.4 to 0.5, also available online at: https://pipewire.pages.freedesktop.org/wireplumber/daemon/configuration/migration.html If you are packaging WirePlumber for a distribution, please consider informing users about this. Installing the wireplumber-doc subpackage, this file can be read by running: xdg-open /usr/share/doc/wireplumber/html/daemon/configuration/migration.html * Fixes: - Fixed an odd issue where microphones would stop being usable when a Bluetooth headset was connected in the HSP/HFP profile (#598, !620) - Fixed an issue where it was not possible to store the volume/mute state of system notifications (#604) - Fixed a rare crash that could occur when a node was destroyed while the 'select-target' event was still being processed (!621) - Fixed deleting all the persistent settings via wpctl --delete (!622) - Fixed using Bluetooth autoswitch with A2DP profiles that have an input route (!624) - Fixed sending an error to clients when linking fails due to a format mismatch (!625) * Additions: - Added a check that prints a verbose warning when old-style 0.4.x Lua configuration files are found in the system. (#611) - The "policy-dsp" script, used in Asahi Linux to provide a software DSP for Apple Sillicon devices, has now been ported to 0.5 properly and documented (#619, !627) - Remove patch already included upstream: * 0001-filter-utils-fix-handling-of-targetless-smart-filters.patch - Enable documentation generation and create new doc subpackage including the documentation that can be read by running: xdg-open /usr/share/doc/wireplumber/html/index.html ++++ virtualbox: - Setting 0660 as permissions of /dev/vboxusb directory itself was preventing access to this directory by any non-root user, even if member of vboxusers. This results in VBox UI failing to enable USB passthrough. Fix issue by removing all the workarounds for /dev/vboxusb/* as they should no longer be required. ++++ python-aiosmtpd: - Reenable tests for tumbleweed and Leap. Adds the python-pytest-asyncio build requirements for tests and ignore some tests that are failing for Leap but not for Factory. ++++ retry: - Update to version 1711985904.b9b8f3b: * Add count-fail-ratio to Makefile+spec * Mention alternative github.com/minfrin/retry * Explain count-fail-ratio in README as well * count-fail-ratio: Enable timing by default * Add count-fail-ratio with tests * Makefile: Adapt path to checkbashisms ++++ tup: - Update to version 0.8 Backwards incompatibility with variants: * The FUSE overlay variants have been removed in favor of explicit variants. If you use variants on version v0.7.11 or earlier, you may need to update your Tupfiles. See https://gittup.org/tup/ex_explicit_variants.html for more details. New features: * 'import' keyword to set a Tupfile variable to an environment variable. * 'tup compiledb' can create a compile_commands.json for third-party tools to see compilation commands. * 'tup commandline' shows the commandline used to compile a file. * 'tup generate' can support building in a separate build directory (if the project supports building with variants). * 'tup generate' can take an output list to limit what the script generates (ie: a partial build script). * A single Lua state is now re-used during parsing and doesn't need to be reinitialized for every Lua-based Tupfile. * Internal mtime tracking is now at nanosecond resolution (where supported by the OS) instead of 1-second intervals. Dependency updates: * Internal Lua version is now 5.4.6 * Internal SQLite version is now 3.45.2 * Internal PCRE version is now PCRE2 10.42 * External PCRE dependency is now libpcre2 instead of libpcre (default unless built with CONFIG_TUP_USE_SYSTEM_PCRE=n in which case the internal version is used) Bug fixes: * Fixed a bug that results in tup_entry_rm called on tupid X, which still has refcount=1 * ^o rules that fail with a monitor autoupdate no longer cause infinite loops * Deleted files are now removed from the transient_list. - Drop tup-add_archs.patch (no longer necessary) - Drop tup.rpmlintrc ++++ virtualbox-kmp: - Setting 0660 as permissions of /dev/vboxusb directory itself was preventing access to this directory by any non-root user, even if member of vboxusers. This results in VBox UI failing to enable USB passthrough. Fix issue by removing all the workarounds for /dev/vboxusb/* as they should no longer be required. ++++ yast2-trans: - Update to version 84.87.20240331.90b1d91d29: * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (Romanian) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Catalan) * Translated using Weblate (Czech) * Translated using Weblate (Japanese) * New POT for text domain 'rmt'. * New POT for text domain 'control'. ------------------------------------------------------------------ ------------------ 2024-3-31 - Mar 31 2024 ------------------- ------------------------------------------------------------------ ++++ swww: - Update to version 0.9.1: * deprecate swww init * update CHANGELOG.md * add BSD2 and Apache2.0 with LLVM-exception license * update MSRV to 1.74.0 * support animations when piping from stdin * update dependencies * forward init format option to daemon * option to force use of a wayland_shm format * prevent UB from a malformed BitPack at decompression * do not use unsafe for the FORMAT statics * specialize transitions for 3channels * Use 3 channel formats when available * only swap R and B channels when necessary * document unsafe invariants * compression functions api signal errors better * reuse the buffer when compressing * use system lz4 library * implement sse variants of compress and decompress * new compression functions * Implement frame callbacks and a new memory pool * refactor version.sh * fix out-of-bounds access in decompression * process clear-cache before sending requests * rename `Init` request/answer to `Ping` * wait for daemon initialization before any requests * wait for daemon initialization before certain requests * add restore command * wait for child swww process, to prevent zombies * fix randomize script trying to use directories as images * fix gif animations overlapping when sending two gifs * center cropped images larger than the monitor * make an fps an u16 * Format code with cargo fmt * Update ahash to 0.7.8 * remove all cache contents on clean-cache * support animated pngs * typo in comment * fix busyloop while waiting for WlBuffers to be released * fix single image webp and gif * fix let_underscore_lock lint * explicit versions for all dependencies ------------------------------------------------------------------ ------------------ 2024-3-30 - Mar 30 2024 ------------------- ------------------------------------------------------------------ ++++ zabbix: - update to 6.0.28: * Added metadata in JavaScript for AWS templates * Added AWS ELB Application Load Balancer by HTTP template * Added Check Point Next Generation Firewall by SNMP template * Added MSSQL by Zabbix agent 2 template * Updated max supported TimescaleDB version to 2.14 * bug fixes - fix broken copypasta for system-user-zabbix source file and file itself to remove gecos (description) in file fixes bsc#1222169 Packaging Error in system-user-zabbix-6.0.27-1.1.noarch package prevents upgrade Thanks Andreas Stieger for pointing out and reporter himself ++++ waycheck: - Update to 1.2.0 + Update "Upstream" protocol list to wayland-protocols v1.34 + Add KDE "Screen edge" protocol + Add Gamescope protocols 🐸 + Clean up Meson post-install script ------------------------------------------------------------------ ------------------ 2024-3-29 - Mar 29 2024 ------------------- ------------------------------------------------------------------ ++++ rust1.76: - bsc#1222047 - update gcc minimum to 13 for SLE ++++ rust1.77: - bsc#1222047 - update gcc minimum to 13 for SLE ++++ kernel-64kb: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-azure: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-default: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ deepin-image-viewer: - Refactor update-libraw-api.patch make it works between openSUSE products ++++ dtb-aarch64: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ grub2: - Fix os name is used for root file system mount (bsc#1220949) * 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch ++++ guestfs-tools: - Upstream bug fixes Update-virt-customize-generated-files.patch Initialise-bar-fp-as-NULL.patch ++++ kernel-debug: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-source: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-source-azure: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-docs: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-kvmsmall: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-obs-build: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-obs-qa: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-syms: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-syms-azure: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ kernel-zfcpdump: - README.BRANCH: Remove copy of branch name - commit fc25aed ++++ qt6-virtualkeyboard: - Fix description of libQt6VirtualKeyboard6 - Make the lib depend on the inputcontext plugin (boo#1222158) ++++ libguestfs: - Upstream bug fixes Split-chown-parameter-on-character.patch Initialise-bar-fp-as-NULL.patch ++++ libratbag: - Add use-python-3.6.patch force to build with python 3.6 on Leap 15 * meson has pulls python 3.11 and was selected python 3.11 to build with, however the dependencies are python 3.6 base, force meson to use python 3.6 since both python 3.6 and python 3.11 has installed in the build env ++++ patterns-fonts: - Update patterns-fonts.spec: Add google-noto-sans-symbols-fonts google-noto-sans-symbols2-fonts to default installation, to enable terminal display special characters (bsc#1219553). ++++ python-sip4: - Add %{?sle15_python_module_pythons} to build with python 3.11 * With python311_frame.patch this package won't work with python 3.6, on Leap 15, this should've build with python 3.11, a python 3.6 build of python-sip4 was provided by python3-sip4 package (related to bsc#1222203) ++++ python-pygame: - Add BuildRequires pkgconfig(vorbisfile) for tests * libvorbisfile does installed by libsndfile-devel on Tumbleweed but was not on Leap 15, have a explicit pkgconfig(vorbisfile) to install libvorbis-devel ++++ python3-sip4: - Removed python311_frame.patch (bsc#1222203) * It should not applied to a version to build with python 3.6 - Renamed python-sip4-common to python3-sip4-common * python-sip4-common is now generated from python-sip4 package as build with python 3.11 - Renamed python-sip4-doc to python3-sip4-doc * python-sip4-doc is now generated from python-sip4 package as build with python 3.11 ++++ python-minio: - Add %{?sle15_python_module_pythons} ++++ qt6-virtualkeyboard-docs: - Fix description of libQt6VirtualKeyboard6 - Make the lib depend on the inputcontext plugin (boo#1222158) ++++ virt-v2v: - Add Requires on gptfdisk and libguestfs-winsupport for converting windows VMs. ++++ virtme: - Update to 1.23: * Fix breakage with QEMU 8.2.2 * Change behaviour of --kconfig, that will always override the .config if present (since there is not reason to use - -kconfig and not update the .config). * It is now possible to force the legacy cgroup v1 using the option -a "SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1": the vng init script will mimic systemd behavior and mount cgroup v1, instead of v2. - Drop qemu-remove-unnecessary-serial-none-arg.patch ------------------------------------------------------------------ ------------------ 2024-3-28 - Mar 28 2024 ------------------- ------------------------------------------------------------------ ++++ NetworkManager-openconnect: - Add missing supplements(bsc#1220391): + NMA subpackage: Main package and gnome-control-center ++++ NetworkManager-openvpn: - Add missing supplements(bsc#1220391): + NMA subpackage: Main package and gnome-control-center ++++ NetworkManager-pptp: - Add missing supplements(bsc#1220391): + NMA subpackage: Main package and gnome-control-center ++++ NetworkManager-strongswan: - Add missing supplements(bsc#1220391): + NMA subpackage: Main package and gnome-control-center ++++ apache-commons-configuration: - Added patches: * 0001-CONFIGURATION-840-Fix-StackOverflowError-adding-Path.patch + Backport the upstream fix of bsc#1221797 (CVE-2024-29131). https://issues.apache.org/jira/browse/CONFIGURATION-840 and add a test * 0002-CONFIGURATION-841-Fix-StackOverflow-with-a-cyclical-.patch + Backport the upstream fix of bsc#1221793 (CVE-2024-29133), https://issues.apache.org/jira/browse/CONFIGURATION-841 and add a test ++++ apache2: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-devel: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-event: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-manual: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-prefork: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-utils: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ apache2-worker: - Add patches to improve FIPS compatibility (bsc#1220681): * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch ++++ cloud-init: - Add cloud-init-ds-deterministic.patch (bsc#1221132) + Do not guess a data source when checking for a CloudStack environment ++++ kernel-64kb: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-azure: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-default: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ dtb-aarch64: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kdump: - upgrade to version 2.0.3+git10.gfdb71b2 * add a note to README.txt about the flattened format (bsc#1221374) * use the same persistent device links as dracut (bsc#1222009, bsc#1219471) * remove dracut parse-root.sh hook (bsc#1221288) ++++ kernel-debug: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-source: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-source-azure: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-docs: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-kvmsmall: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-obs-build: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-obs-qa: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-syms: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-syms-azure: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ kernel-zfcpdump: - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217958). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - commit 561883a - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc#1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc#1221816). - scsi: qla2xxx: Change debug message during driver unload (bsc#1221816). - scsi: qla2xxx: Fix double free of fcport (bsc#1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc#1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc#1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc#1221816). - scsi: qla2xxx: Update manufacturer detail (bsc#1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc#1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc#1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc#1221816). - commit 5c3d977 - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - commit c9d3937 - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (bsc#1221491) - commit 24e3b19 - phy: tegra: xusb: Add API to retrieve the port number of phy (bsc#1221491) - commit be854b3 ++++ libplacebo5: - Add %{?sle15_python_module_pythons} to make libplacebo5 build with python 3.11 on Leap15 ++++ libzypp: - Add resolver option 'removeUnneeded' to file weak remove jobs for unneeded packages (bsc#1175678) - version 17.32.1 (32) ++++ micro-editor: - Update to version 2.0.13: * Add reload setting - finalization of #2627 (#2845) * Handle SIGABRT properly * Fix python decorator syntax. (#2827) * Fixed newline format detection for files not ending with a newline (#2875) * Fix typos in README (#2919) * fix: recognize .cmd as batch files (#2922) * help: fix incorrect instructions for disabling key binding (#2943) * Fix non-working lua Lock (#2945) * save: Restore the screen before overwriteFile() is left (#2967) * save: Restore the screen if failed to start sudo (#2971) * syntax: Fix include of patch in git-commit (#2917) * Improve metainfo file (#2910) * Fix issues with handling invalid regex in syntax files (#2913) * Fix term output capturing * Docs for fakecursor option - small .spec cleanup - run unit tests during build phase ++++ musique: - Use fixed BUILD_YEAR (boo#1047218) ++++ parsec: - Update to 1.4.0-rc2: * Full changelog: https://github.com/parallaxsecond/parsec/compare/1.3.0...1.4.0-rc2 ++++ perl-Net-OBS-Client: - updated to 0.1.2 see /usr/share/doc/packages/perl-Net-OBS-Client/Changes ++++ python-python3-openid: - Use %{?sle15allpythons} to build with both python 3.6 and 3.11 - Do not BuildRequires python311-mysqlslient for testing on Leap15 since python311-mysqlclient is not available - Add BuildRequires python-dbm to tests ++++ virtualbox: - The location of vboxconfig is wrong. Add file fixes_for_vboxconfig.patch to fix. Some errors in vboxdrv.sh are fixed. ++++ python-django-avatar: - Add %{?sle15_python_module_pythons} ++++ python-django-ckeditor: - Add %{?sle15_python_module_pythons} ++++ python-django-debreach: - Add %{?sle15_python_module_pythons} ++++ python-django-haystack: - Numbering patches for fix Leap15 build ++++ python-django-js-asset: - Add %{?sle15_python_module_pythons} ++++ python-django-minio-storage: - Add %{?sle15_python_module_pythons} ++++ python-django-pglocks: - Add %{?sle15_python_module_pythons} ++++ python-django-rest-framework-client: - Add %{?sle15_python_module_pythons} ++++ python-django-reversion: - Add %{?sle15_python_module_pythons} ++++ python-django-settings-toml: - Add %{?sle15_python_module_pythons} ++++ python-django-webpack-loader: - Add %{?sle15_python_module_pythons} ++++ python-social-auth-app-django: - Add %{?sle15_python_module_pythons} ++++ python-social-auth-core: - Add %{?sle15_python_module_pythons} ++++ seamonkey: - update to SeaMonkey 2.53.18.2 * Block set-cookie from multipart/x-mixed-replace with pref bug 1864385. * Check if WorkerRunnable::Run runs on top of WorkerThreadPrimaryRunnable::Run in a worker thread bug 1867982. * Process pairs in coord list in PolyArea bug 1878211. * Cherry-pick update to dav1d bug 1881093. * Land NSS NSS_3_90_2_RTM UPGRADE_NSS_RELEASE bug 1880562. * Fix DSN for send later bug 815638. * Catch webNavigation error during tab restore bug 1885748. * SeaMonkey 2.53.18.2 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.18.2 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.8.0 release notes for specific security fixes in this release. * Additional important security fixes up to Current Firefox 115.9 and Thunderbird 115.9 ESR plus many enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. - request inclusion in Leap 15.5 and 15.6: https://bugzilla.opensuse.org/show_bug.cgi?id=1222137 ++++ systemd-default-settings: - Import 0.9 bb859bf user@.service: Disable controllers by default (jsc#PED-2276) ++++ virtme: - qemu 8.2.2 compatibility * qemu-remove-unnecessary-serial-none-arg.patch ++++ virtualbox-kmp: - The location of vboxconfig is wrong. Add file fixes_for_vboxconfig.patch to fix. Some errors in vboxdrv.sh are fixed. ------------------------------------------------------------------ ------------------ 2024-3-27 - Mar 27 2024 ------------------- ------------------------------------------------------------------ ++++ ansible: - update to 9.4.0: Ansible 9.4.0 includes ansible-core 2.16.5 as well as a curated set of Ansible collections that provide a vast number of modules and plugins. Collections which have opted-in to being a part of the Ansible 9 unified changelog will have an entry on this page: https://github.com/ansible-community/ansible-build-data/blob/main/9/CHANGELOG-v9.rst ++++ ansible-core: - update to 2.16.5: https://github.com/ansible/ansible/blob/v2.16.5/changelogs/CHANGELOG-v2.16.rst * Minor Changes - ansible-test - Add a work-around for permission denied errors when using pytest >= 8 on multi-user systems with an installed version of ansible-test. * Bugfixes - Fix an issue when setting a plugin name from an unsafe source resulted in ValueError: unmarshallable object (#82708) - Harden python templates for respawn and ansiballz around str literal quoting - ansible-test - The libexpat package is automatically upgraded during remote bootstrapping to maintain compatibility with newer Python packages. - template - Fix error when templating an unsafe string which corresponds to an invalid type in Python (#82600). - winrm - does not hang when attempting to get process output when stdin write failed ++++ kernel-64kb: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-azure: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-default: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-rt: - Delete config-test/arm64/rt. No plan to support arm64 on SLE15-SP6 - commit e5213ef ++++ curl: - Security fix: [bsc#1221666, CVE-2024-2379] * curl: QUIC certificate check bypass with wolfSSL * Add curl-CVE-2024-2379.patch - Security fix: [bsc#1221668, CVE-2024-2466] * curl: TLS certificate check bypass with mbedTLS * Add curl-CVE-2024-2466.patch ++++ dtb-aarch64: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ grub2: - Fix LPAR falls into grub shell after installation with lvm (bsc#1221866) * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch ++++ kernel-debug: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-source: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-source-azure: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-source-rt: - Delete config-test/arm64/rt. No plan to support arm64 on SLE15-SP6 - commit e5213ef ++++ kernel-docs: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-kvmsmall: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-obs-build: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-obs-qa: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-rt_debug: - Delete config-test/arm64/rt. No plan to support arm64 on SLE15-SP6 - commit e5213ef ++++ kernel-syms: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-syms-azure: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ kernel-syms-rt: - Delete config-test/arm64/rt. No plan to support arm64 on SLE15-SP6 - commit e5213ef ++++ kernel-zfcpdump: - Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d. This fixes bsc#1221814 - commit a7a9087 - Update patches.suse/arm64-sme-Always-exit-sme_alloc-early-with-existing-.patch (git-fixes CVE-2024-26618 bsc#1221295). - Update patches.suse/btrfs-don-t-abort-filesystem-when-attempting-to-snap.patch (bsc#1221282 CVE-2024-26644 bsc#1222072). - Update patches.suse/btrfs-scrub-avoid-use-after-free-when-chunk-length-i.patch (bsc#1220943 CVE-2024-26616). - Update patches.suse/drm-amd-display-Fix-late-derefrence-dsc-check-in-lin.patch (git-fixes CVE-2024-26647 bsc#1222066). - Update patches.suse/drm-amd-display-Fix-variable-deferencing-before-NULL.patch (git-fixes CVE-2024-26648 bsc#1222067). - Update patches.suse/drm-amdgpu-Fix-the-null-pointer-when-load-rlc-firmwa.patch (git-fixes CVE-2024-26649 bsc#1222055). - Update patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch (git-fixes CVE-2024-26597 bsc#1220363). - Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch (bsc#1218968 CVE-2024-26629 bsc#1221379). - Update patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch (git-fixes CVE-2024-26599 bsc#1220365). - Update patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch (git-fixes CVE-2024-26627 bsc#1221090). - Update patches.suse/thermal-intel-hfi-Add-syscore-callbacks-for-system-w.patch (git-fixes CVE-2024-26646 bsc#1222070). - Update patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch (git-fixes CVE-2024-26645 bsc#1222056). - Update patches.suse/wifi-iwlwifi-fix-a-memory-corruption.patch (git-fixes CVE-2024-26610 bsc#1221299). - Update patches.suse/x86-fpu-Stop-relying-on-userspace-for-info-to-fault-in-xsa.patch (bsc#1220335 CVE-2024-26603). - commit 29c1925 - Update patches.suse/0002-ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch (bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836). - Update patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch (git-fixes CVE-2023-52518 bsc#1221056). - Update patches.suse/EDAC-thunderx-Fix-possible-out-of-bounds-string-acce.patch (git-fixes CVE-2023-52464 bsc#1220330). - Update patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52604 bsc#1221067). - Update patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch (git-fixes CVE-2023-52519 bsc#1220920). - Update patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch (git-fixes CVE-2023-52529 bsc#1220929). - Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch (jsc#PED-6864 CVE-2023-52587 bsc#1221082). - Update patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch (git-fixes CVE-2023-52617 bsc#1221613). - Update patches.suse/PM-devfreq-Fix-buffer-overflow-in-trans_stat_show.patch (git-fixes CVE-2023-52614 bsc#1221617). - Update patches.suse/PM-sleep-Fix-possible-deadlocks-in-core-system-wide-.patch (git-fixes CVE-2023-52498 bsc#1221269). - Update patches.suse/RDMA-siw-Fix-connection-failure-handling.patch (git-fixes CVE-2023-52513 bsc#1221022). - Update patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch (git-fixes CVE-2023-52515 bsc#1221048). - Update patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch (git-fixes CVE-2023-52564 bsc#1220938). - Update patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch (git-fixes CVE-2023-52623 bsc#1222060). - Update patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch (git-fixes CVE-2023-52603 bsc#1221066). - Update patches.suse/apparmor-avoid-crash-when-parsed-profile-name-is-emp.patch (git-fixes CVE-2023-52443 bsc#1220240). - Update patches.suse/arm64-dts-qcom-sdm845-db845c-Mark-cont-splash-memory.patch (git-fixes CVE-2023-52561 bsc#1220935). - Update patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch (bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073). - Update patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch (git-fixes CVE-2023-52494 bsc#1221273). - Update patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch (git-fixes CVE-2023-52493 bsc#1221274). - Update patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread.patch (bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946). - Update patches.suse/class-fix-use-after-free-in-class_register.patch (git-fixes CVE-2023-52468 bsc#1220431). - Update patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch (git-fixes CVE-2023-52612 bsc#1221616). - Update patches.suse/dccp-fix-dccp_v4_err-dccp_v6_err-again.patch (bsc#1220419 CVE-2023-52577 bsc#1220873). - Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes CVE-2023-52492 bsc#1221276). - Update patches.suse/drivers-amd-pm-fix-a-use-after-free-in-kv_parse_powe.patch (git-fixes CVE-2023-52469 bsc#1220411). - Update patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch (git-fixes CVE-2023-52486 bsc#1221277). - Update patches.suse/drm-amd-display-Fix-NULL-pointer-dereference-at-hibe.patch (git-fixes CVE-2023-52460 bsc#1220319). - Update patches.suse/drm-amdgpu-Fix-possible-NULL-dereference-in-amdgpu_r.patch (git-fixes CVE-2023-52585 bsc#1221080). - Update patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52563 bsc#1220937). - Update patches.suse/drm-msm-dpu-Add-mutex-lock-in-control-vblank-irq.patch (git-fixes CVE-2023-52586 bsc#1221081). - Update patches.suse/drm-radeon-check-the-alloc_workqueue-return-value-in.patch (git-fixes CVE-2023-52470 bsc#1220413). - Update patches.suse/drm-sched-Fix-bounds-limiting-when-given-a-malformed.patch (git-fixes CVE-2023-52461 bsc#1220322). - Update patches.suse/firmware-arm_scmi-Check-mailbox-SMT-channel-for-cons.patch (git-fixes CVE-2023-52608 bsc#1221375). - Update patches.suse/gfs2-Fix-kernel-NULL-pointer-dereference-in-gfs2_rgrp_dump.patch (git-fixes CVE-2023-52448 bsc#1220253). - Update patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch (git-fixes CVE-2023-52615 bsc#1221614). - Update patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch (git-fixes CVE-2023-52510 bsc#1220898). - Update patches.suse/iio-adc-ad7091r-Allow-users-to-configure-device-even.patch (git-fixes CVE-2023-52627 bsc#1222051). - Update patches.suse/iommu-Don-t-reserve-0-length-IOVA-region.patch (git-fixes CVE-2023-52455 bsc#1220332). - Update patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch (bsc#1215921 CVE-2023-52484 bsc#1220797). - Update patches.suse/iommu-vt-d-Avoid-memory-allocation-in-iommu_suspend (jsc#PED-7779 jsc#PED-7780 CVE-2023-52559 bsc#1220933). - Update patches.suse/ipv4-ipv6-Fix-handling-of-transhdrlen-in-__ip-6-_app.patch (bsc#1220419 CVE-2023-52527 bsc#1220928). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch (git-fixes CVE-2023-52601 bsc#1221068). - Update patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch (git-fixes CVE-2023-52599 bsc#1221062). - Update patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch (git-fixes CVE-2023-52602 bsc#1221070). - Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch (git-fixes CVE-2023-52600 bsc#1221071). - Update patches.suse/ksmbd-fix-slub-overflow-in-ksmbd_decode_ntlmss.patch (bsc#1012628 CVE-2023-52440 bsc#1220182). - Update patches.suse/media-mtk-jpeg-Fix-use-after-free-bug-due-to-error-p.patch (git-fixes CVE-2023-52491 bsc#1221281). - Update patches.suse/media-rkisp1-Fix-IRQ-disable-race-issue.patch (git-fixes CVE-2023-52589 bsc#1221084). - Update patches.suse/media-uvcvideo-Fix-OOB-read.patch (git-fixes CVE-2023-52565 bsc#1220939). - Update patches.suse/mfd-syscon-Fix-null-pointer-dereference-in-of_syscon.patch (git-fixes CVE-2023-52467 bsc#1220433). - Update patches.suse/mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch (git-fixes CVE-2023-52490 bsc#1221325). - Update patches.suse/mm-slab_common-fix-slab_caches-list-corruption-after-kmem_cache_destroy.patch (git-fixes CVE-2023-52562 bsc#1220936). - Update patches.suse/mtd-Fix-gluebi-NULL-pointer-dereference-caused-by-ft.patch (git-fixes CVE-2023-52449 bsc#1220238). - Update patches.suse/net-bridge-use-DEV_STATS_INC.patch (bsc#1220419 CVE-2023-52578 bsc#1220874). - Update patches.suse/net-core-Fix-ETH_P_1588-flow-dissector.patch (bsc#1220419 CVE-2023-52580 bsc#1220876). - Update patches.suse/net-fix-possible-store-tearing-in-neigh_periodic_wor.patch (bsc#1220419 CVE-2023-52522 bsc#1220924). - Update patches.suse/net-mlx5e-Fix-operation-precedence-bug-in-port-times.patch (jsc#PED-3311 CVE-2023-52626 bsc#1222054). - Update patches.suse/net-mlx5e-Fix-peer-flow-lists-handling.patch (jsc#PED-3311 CVE-2023-52487 bsc#1221341). - Update patches.suse/net-nfc-fix-races-in-nfc_llcp_sock_get-and-nfc_llcp_.patch (git-fixes CVE-2023-52502 bsc#1220831). - Update patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch (git-fixes CVE-2023-52524 bsc#1220927). - Update patches.suse/net-rds-Fix-possible-NULL-pointer-dereference.patch (bsc#1220419 CVE-2023-52573 bsc#1220869). - Update patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch (git-fixes CVE-2023-52528 bsc#1220843). - Update patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch (git-fixes CVE-2023-52433 bsc#1220137). - Update patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch (git-fixes CVE-2023-52507 bsc#1220833). - Update patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch (git-fixes CVE-2023-52566 bsc#1220940). - Update patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch (bsc#1214842 CVE-2023-52508 bsc#1221015). - Update patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356 CVE-2023-52454 bsc#1220320). - Update patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch (bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088). - Update patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch (bsc#1218958 CVE-2023-52450 bsc#1220237). - Update patches.suse/perf-x86-lbr-Filter-vsyscall-addresses.patch (git-fixes CVE-2023-52476 bsc#1220703). - Update patches.suse/phy-lynx-28g-serialize-concurrent-phy_set_mode_ext-c.patch (git-fixes CVE-2023-52505 bsc#1220830). - Update patches.suse/pinctrl-nuvoton-wpcm450-fix-out-of-bounds-write.patch (git-fixes CVE-2023-52512 bsc#1221021). - Update patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch (git-fixes CVE-2023-52520 bsc#1220921). - Update patches.suse/power-supply-rk817-Fix-node-refcount-leak.patch (git-fixes CVE-2023-52571 bsc#1220945). - Update patches.suse/powerpc-lib-Validate-size-for-vector-operations.patch (bsc#1215199 CVE-2023-52606 bsc#1221069). - Update patches.suse/powerpc-mm-Fix-null-pointer-dereference-in-pgtable_c.patch (bsc#1215199 CVE-2023-52607 bsc#1221061). - Update patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch (git-fixes CVE-2023-52619 bsc#1221618). - Update patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch (git-fixes CVE-2023-52501 bsc#1220885). - Update patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch (jsc#PED-6874 CVE-2023-52500 bsc#1220883). - Update patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch (git-fixes CVE-2023-52567 bsc#1220839). - Update patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch (git-fixes CVE-2023-52488 bsc#1221162). - Update patches.suse/soc-qcom-pmic_glink_altmode-fix-port-sanity-check.patch (git-fixes CVE-2023-52495 bsc#1221271). - Update patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch (git-fixes CVE-2023-52517 bsc#1221055). - Update patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch (git-fixes CVE-2023-52511 bsc#1221012). - Update patches.suse/spmi-mediatek-Fix-UAF-on-device-remove.patch (git-fixes CVE-2023-52584 bsc#1221079). - Update patches.suse/thermal-core-Fix-NULL-pointer-dereference-in-zone-re.patch (git-fixes CVE-2023-52473 bsc#1220430). - Update patches.suse/uio-Fix-use-after-free-in-uio_open.patch (git-fixes CVE-2023-52439 bsc#1220140). - Update patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch (git-fixes CVE-2023-52594 bsc#1221045). - Update patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch (git-fixes CVE-2023-52525 bsc#1220840). - Update patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch (git-fixes CVE-2023-52595 bsc#1221046). - Update patches.suse/wifi-rtw88-sdio-Honor-the-host-max_req_size-in-the-R.patch (git-fixes CVE-2023-52611 bsc#1221611). - Update patches.suse/wifi-wfx-fix-possible-NULL-pointer-dereference-in-wf.patch (git-fixes CVE-2023-52593 bsc#1221042). - Update patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch (git-fixes CVE-2023-52504 bsc#1221553). - Update patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch (git-fixes CVE-2023-52575 bsc#1220871). - commit 6296dca - net: pds_core: Fix possible double free in error handling path (git-fixes). - commit 2613145 ++++ qt6-multimedia: - Make libQt6Multimedia6 require the qtmultimedia plugins (related: boo#1222064) ++++ libvirt: - qemu: Fix migration from libvirt older than 9.10.0 when vmx is enabled bsc#1221879 ++++ open-vm-tools: - Remove protobuf < 22 dependency from spec file (bsc#1217478) Required linking with additional absl libraries for sle_version > 150400. - Use (boo#1222089) for updating open-vm-tools to version 12.4.0. ++++ netty: - Upgrade to upstream version 4.1.108 * Fixes of 4.1.108: + HttpPostRequestDecoder can OOM (bsc#1222045, CVE-2024-29025) + Add zstd decoder + Updated HTTP2 Reader to fix missing header state + codec-http2: fix some frame validation errors + SSL: Only wrap TrustManager if FIPS is not used + Epoll: Correctly handle splice tasks when Channel is closed + Allow to cancel connect() operations when using non-blocking IO + DNS resolver final CNAME lookup disabled + DNS: Add DnsRecordType definitions for SVCB and HTTPS + SSL: Only try to use TLSv1.3 if a compatible ciphersuite is configured + Backport 'Fix buffer leak in DefaultHttp2HeadersEncoder' to v4 + SSL: Hold the right monitor while running delegating task + SSL: Execute SSL_do_handshake(...) after task is run to ensure SSLEngine.getHandshakeStatus() returns the correct value all the time + Add active flag to EpollServerDomainSocketChannel fd constructor + Epoll: Fix possible Classloader deadlock caused by loading class via JNI + Prefer /etc/resolv.conf on Linux and Mac + Handle invalid cookie value + Upgrade to latest tcnative release + ByteToMessageDecoder.channelReadComplete(...) does call read() too often + Remove the lock usage in PoolArena#numPinnedBytes() + Fix x-www-form-urlencoded parsing for no-value key (re-submission) * Fixes of 4.1.107: + Speedup pseudoheader lookup + Add support for the Partitioned attribute in cookies + Reduce HTTP 1.1 Full msg pipeline traversals + DnsNameResolver: Add DnsQueryIdSpace class to reduce overhead while generating IDs + Fix copy-paste mistake in LazyX509Certificate.getIssuerAlternativeNames() + HTTP2: lastStreamCreated() does return the wrong value when all stream ids were used + HTTP2: Update local window should not fail queued frames + DnsNameResolver: Allways call bind() during bootstrap + HTTP: HttpObjectDecoder must not use HTTPMessage once it is passed to the next handler in the ChannelPipeline + Ensure key / values are shared between resumed sessions + SSLSession.getLastAccessedTime() and getCreationTime() should not be equal when session is reused + Snappy: Use unsigned short to handle 2 ^ 16 input size instead of 2 ^ 15 * Fixes of 4.1.106: + HTTP2: Prevent sharing the index of the continuation frame header ByteBuf. + DnsNameResolver: Fail query if id space is exhausted + Short-circuit ByteBuf::release * Fixes of 4.1.105: + Fix exception on HTTP chunk size overflow + Default value of MAX_MESSAGES_PER_READ not used for native DatagramChannels + Redo fix scalability issue due to checkcast on context's invoke operations + Be able to retry the query via TCP if a query failed because of a timeout + Save HTTP 2 pseudo-header lower-case validation + DnsNameResolver: Limit connect timeout to query timeout + h2: propagate stream close without read pending, avoid SOOE if !autoRead * Fixes of 4.1.104: + dyld: Symbol not found: _netty_jni_util_JNI_OnLoad * Fixes of 4.1.103: + Workaround for regex bug in Android SDK + Use Http2Headers.size() instead of isEmpty() + Add support for RISC-V * Fixes of 4.1.101: + Add service-loaded extension points for channel initialization + Added check for pseudo-headers in trailers + Automatically close Http2StreamChannel when Http2FrameStreamExceptionreaches end ofChannelPipeline + Throwing a stackless exception if RST_FRAME rate is exceeded + Only enable the RST limit for servers by default + Change default value of MAX_MESSAGES_PER_READ for DatagramChannel implementations + Descriptive message for errors related to unknown http2 streams - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Disable-Brotli-and-ZStd-compression.patch * 0005-Do-not-use-the-Graal-annotations.patch * 0006-Do-not-use-the-Jetbrains-annotations.patch * 0007-Do-not-require-the-tcnative-native-library.patch + rebase ++++ netty-tcnative: - Upgrade to version 2.0.65 Final * No formal changelog present. Required by netty 4.1.108 ++++ openSUSE-repos-Leap: - Update to version 20240327.09add4e: * Set higher prio for Slowroll update repo * Re-use TW Nvidia repo for Slowroll * Add slowroll repos * LeapMicro cleanup of repo-main.repo ++++ pink-pony: - Build with GCC13 on Leap 15 - Apply pink-pony-1.4.1-protobuf.diff on Leap 15 starts from 15.4 since protobuf 25 has been added to SLE15-SP4 - Refresh pink-pony-1.4.1-protobuf.diff and 0001-Fix-compile-issues-caused-by-Imath-being-moved-out-o.patch, and change the reordering ++++ virtualbox: - Further fixes for builds on Leap 15.6. Fixes boo#1221496. Adds file fixes_for_leap15.6.patch ++++ python-djangorestframework-simplejwt: - Add %{?sle15_python_module_pythons} ++++ python311-pyside6: - Exclude a broken pyside test since Qt 6.6.3 release ++++ python311-pyside6: - Exclude a broken pyside test since Qt 6.6.3 release ++++ python311-shiboken6: - Exclude a broken pyside test since Qt 6.6.3 release ++++ qt6-multimedia-docs: - Make libQt6Multimedia6 require the qtmultimedia plugins (related: boo#1222064) ++++ virtualbox-kmp: - Further fixes for builds on Leap 15.6. Fixes boo#1221496. Adds file fixes_for_leap15.6.patch ------------------------------------------------------------------ ------------------ 2024-3-26 - Mar 26 2024 ------------------- ------------------------------------------------------------------ ++++ Bear: - Build with GCC13 on Leap 15 ++++ akonadi-calendar: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-calendar-tools: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-contact: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-import-wizard: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-mime: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-notes: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-search: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akonadi-server: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Also skip MySQL tests on the FreeBSD CI * Disable PostgreSQL Akonadi tests on the CI ++++ akonadiconsole: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ akregator: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Initial import snapcraft files. ++++ alligator: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ analitza: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ angelfish: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ arianna: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ ark: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: remove non-existant accessibility plug, use unity7 ++++ artikulate: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ baloo5-widgets: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ bcc: - Update bcc-devel requirement to depend on specific version of llvm-devel ++++ blinken: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ bomber: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ bovo: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ bpftrace: - Bump LLVM major version to 17 ++++ btrfsprogs: - enable zstd support for 15.6 / SLE15-SP6 build targets (bsc#1221943) ++++ cabal-install: - Relax over-specified constraint on hashable. ++++ nextcloud-desktop: - No longer needed .ini file on Leap 15.6 since Leap 15.6 have got libcloudproviders 0.3.5 from SLE15-SP6 ++++ calendarsupport: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ calindori: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Drop snapcraft.yaml paragraph from .reuse/dep5 * Update reuse/dep after repo changes ++++ cantor: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Ask Craft to build an APPX package * Add CI template for building APPX packages on invent ++++ rust: - Update to version 1.77.0 - for details see the rust1.77 package ++++ rust1.77: Version 1.77.0 (2024-03-21) Language -------- - [Reveal opaque types within the defining body for exhaustiveness checking.](https://github.com/rust-lang/rust/pull/116821/) - [Stabilize C-string literals.](https://github.com/rust-lang/rust/pull/117472/) - [Stabilize THIR unsafeck.](https://github.com/rust-lang/rust/pull/117673/) - [Add lint `static_mut_refs` to warn on references to mutable statics.](https://github.com/rust-lang/rust/pull/117556/) - [Support async recursive calls (as long as they have indirection).](https://github.com/rust-lang/rust/pull/117703/) - [Undeprecate lint `unstable_features` and make use of it in the compiler.](https://github.com/rust-lang/rust/pull/118639/) - [Make inductive cycles in coherence ambiguous always.](https://github.com/rust-lang/rust/pull/118649/) - [Get rid of type-driven traversal in const-eval interning](https://github.com/rust-lang/rust/pull/119044/), only as a [future compatiblity lint](https://github.com/rust-lang/rust/pull/122204) for now. - [Deny braced macro invocations in let-else.](https://github.com/rust-lang/rust/pull/119062/) Compiler -------- - [Include lint `soft_unstable` in future breakage reports.](https://github.com/rust-lang/rust/pull/116274/) - [Make `i128` and `u128` 16-byte aligned on x86-based targets.](https://github.com/rust-lang/rust/pull/116672/) - [Use `--verbose` in diagnostic output.](https://github.com/rust-lang/rust/pull/119129/) - [Improve spacing between printed tokens.](https://github.com/rust-lang/rust/pull/120227/) - [Merge the `unused_tuple_struct_fields` lint into `dead_code`.](https://github.com/rust-lang/rust/pull/118297/) - [Error on incorrect implied bounds in well-formedness check](https://github.com/rust-lang/rust/pull/118553/), with a temporary exception for Bevy. - [Fix coverage instrumentation/reports for non-ASCII source code.](https://github.com/rust-lang/rust/pull/119033/) - [Fix `fn`/`const` items implied bounds and well-formedness check.](https://github.com/rust-lang/rust/pull/120019/) - [Promote `riscv32{im|imafc}-unknown-none-elf` targets to tier 2.](https://github.com/rust-lang/rust/pull/118704/) - Add several new tier 3 targets: - [`aarch64-unknown-illumos`](https://github.com/rust-lang/rust/pull/112936/) - [`hexagon-unknown-none-elf`](https://github.com/rust-lang/rust/pull/117601/) - [`riscv32imafc-esp-espidf`](https://github.com/rust-lang/rust/pull/119738/) - [`riscv32im-risc0-zkvm-elf`](https://github.com/rust-lang/rust/pull/117958/) Refer to Rust's [platform support page][platform-support-doc] for more information on Rust's tiered platform support. Libraries --------- - [Implement `From<&[T; N]>` for `Cow<[T]>`.](https://github.com/rust-lang/rust/pull/113489/) - [Remove special-case handling of `vec.split_off(0)`.](https://github.com/rust-lang/rust/pull/119917/) Stabilized APIs - [`array::each_ref`](https://doc.rust-lang.org/stable/std/primitive.array.html#method.each_ref) - [`array::each_mut`](https://doc.rust-lang.org/stable/std/primitive.array.html#method.each_mut) - [`core::net`](https://doc.rust-lang.org/stable/core/net/index.html) - [`f32::round_ties_even`](https://doc.rust-lang.org/stable/std/primitive.f32.html#method.round_ties_even) - [`f64::round_ties_even`](https://doc.rust-lang.org/stable/std/primitive.f64.html#method.round_ties_even) - [`mem::offset_of!`](https://doc.rust-lang.org/stable/std/mem/macro.offset_of.html) - [`slice::first_chunk`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.first_chunk) - [`slice::first_chunk_mut`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.first_chunk_mut) - [`slice::split_first_chunk`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.split_first_chunk) - [`slice::split_first_chunk_mut`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.split_first_chunk_mut) - [`slice::last_chunk`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.last_chunk) - [`slice::last_chunk_mut`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.last_chunk_mut) - [`slice::split_last_chunk`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.split_last_chunk) - [`slice::split_last_chunk_mut`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.split_last_chunk_mut) - [`slice::chunk_by`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.chunk_by) - [`slice::chunk_by_mut`](https://doc.rust-lang.org/stable/std/primitive.slice.html#method.chunk_by_mut) - [`Bound::map`](https://doc.rust-lang.org/stable/std/ops/enum.Bound.html#method.map) - [`File::create_new`](https://doc.rust-lang.org/stable/std/fs/struct.File.html#method.create_new) - [`Mutex::clear_poison`](https://doc.rust-lang.org/stable/std/sync/struct.Mutex.html#method.clear_poison) - [`RwLock::clear_poison`](https://doc.rust-lang.org/stable/std/sync/struct.RwLock.html#method.clear_poison) Cargo ----- - [Extend the build directive syntax with `cargo::`.](https://github.com/rust-lang/cargo/pull/12201/) - [Stabilize metadata `id` format as `PackageIDSpec`.](https://github.com/rust-lang/cargo/pull/12914/) - [Pull out `cargo-util-schemas` as a crate.](https://github.com/rust-lang/cargo/pull/13178/) - [Strip all debuginfo when debuginfo is not requested.](https://github.com/rust-lang/cargo/pull/13257/) - [Inherit jobserver from env for all kinds of runners.](https://github.com/rust-lang/cargo/pull/12776/) - [Deprecate rustc plugin support in cargo.](https://github.com/rust-lang/cargo/pull/13248/) Rustdoc ----- - [Allows links in markdown headings.](https://github.com/rust-lang/rust/pull/117662/) - [Search for tuples and unit by type with `()`.](https://github.com/rust-lang/rust/pull/118194/) - [Clean up the source sidebar's hide button.](https://github.com/rust-lang/rust/pull/119066/) - [Prevent JS injection from `localStorage`.](https://github.com/rust-lang/rust/pull/120250/) Misc ---- - [Recommend version-sorting for all sorting in style guide.](https://github.com/rust-lang/rust/pull/115046/) ++++ cervisia: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kernel-64kb: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-azure: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-default: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-rt: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ colord-kde: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Extract i18n messages from *.qml (kde#432073) ++++ dolphin: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix build with cmake >= 3.28 ++++ dolphin-plugins: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ dragonplayer: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ dropwatch: - Add BuildRequires: pkgconfig(libzstd) * libzstd-devel doesn't be added in Leap 15 build env ++++ dtb-aarch64: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ elisa: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Add GitLab jobs to sign and optionally publish Microsoft APPX packages * Make context drawer interactive on mobile (kde#478121) * Ask Craft to build an APPX package * Add CI template for building APPX packages on invent ++++ eventviews: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ falkon: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Update CHANGELOG * History: Store addresses with custom schemes (kde#406375) * SpeedDial: Fix tooltip on Reload button * Display correct URL in urlBar after window restore (kde#478823) * Gitlab CI: Update configuration * MainApplication: Enable localStorage for private ++++ ffmpegthumbs: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ filelight: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Add GitLab jobs to sign and optionally publish Microsoft APPX packages * Ask Craft to build an APPX package * Add CI template for building APPX packages on invent ++++ kiten: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ ghostwriter: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ gradle: - security update - Added patch: * gradle-CVE-2019-15052.patch + fix CVE-2019-15052 [bsc#1145903], authentication credentials are sent to all subsequent hosts that the request redirects to ++++ granatier: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ grantlee-editor: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ grantleetheme: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ gwenview5: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ incidenceeditor: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ itinerary: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Don't publish 23.08 to Google Play anymore * Build ZXing statically to avoid clashing with the one in the platform * Fix APK builds after KHealthCertificate became Qt6-only in master * Fix Qt 5 Flatpak build * Disable flatpak * Add 23.08.4 release notes ++++ juk: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix build with taglib 2 - Drop patch, merged upstream: * 0001-Fix-build-with-taglib-2.patch ++++ k3b: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix loading plugin KCMs (kde#253768) ++++ kaccounts-integration: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kaccounts-providers: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kaddressbook: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Bump content pack. ++++ kajongg: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kalarm: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Bug 481132: Remove description of local directory calendars, which are no longer supported (kde#481132) * Fix version number * Bug 481053: Fix --name command line option not using its parameter (kde#481053) * Update version number * Remove 'spread windows' option for Wayland * Fix build * Port away from KWindowSystem::setState * snapcraft: New release. ++++ kalgebra: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kalzium: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kamera: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kamoso: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kanagram: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kapman: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kapptemplate: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kasts: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Add GitLab jobs to sign and optionally publish Microsoft APPX packages * Ask Craft to build an APPX package * Add CI template for building APPX packages on invent ++++ kate: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Add qtwayland5 platform plugin. * Add further missing includes * Fix build * Add GitLab jobs to sign and optionally publish Microsoft APPX packages * Ask Craft to build an APPX package * Add CI template for building APPX packages on invent ++++ katomic: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kbackup: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kblackbox: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kblocks: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kbounce: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kbreakout: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kbruch: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcachegrind: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcalc: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcalutils: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcharselect: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kclock: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcolorchooser: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kcron: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ poxml: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kde-print-manager: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdebugsettings: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdeconnect-kde: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Tell craft to build .appx bundle * Add Qt5 craft pipelines for building current released version ++++ kdeedu-data: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix encoding of sv animals.kvtml file ++++ libkdegames: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdegraphics-thumbnailers: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdenetwork-filesharing: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdenlive: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Too many changes since 23.08.4, only listing bugfixes: * Multi guides export: replace slash and backslash in section names to fix rendering (kde#480845) * Fix sequence corruption on project load (kde#480776) * Fix multiple archiving issues (kde#456346) * Fix possible sequence corruption (kde#480398) * Fix subtitles not covering transparent zones (kde#480350) * Group resize: don't allow resizing a clip to length < 1 (kde#480348) * Fix crash cutting grouped overlapping subtitles (kde#480316) * Fix clip monitor not updating when clicking in a bin column like date or description (kde#480148) * Fix start playing at end of timeline (kde#479994) * Fix save clip zone from timeline adding an extra frame (kde#480005) * Fix sequence effects lost (kde#479788) * Fix center crop adjust not covering full image (kde#464974) * Fix cannot save list of project files. (kde#479370) * Fix editing title clip with a mix can mess up the track (kde#478686) * Fix audio or video only drag of subclips (kde#478660) * Glaxnimate animations: use rawr format instead of Lottie by default. (kde#478685) * Right click on a mix now shows a mix menu (allowing deletion) (kde#442088) * Fix proxied playlist clips (like stabilized clips) rendered as interlaced (kde#476716) ++++ kdepim-addons: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix TRANSLATION_DOMAIN name ++++ kdepim-runtime: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix -Wenum-constexpr-conversion with latest clang ++++ kdesdk-scripts: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdesdk-thumbnailers: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdevelop5: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Unbreak compile with Unix Makefile and newer CMake ++++ kdevelop5-plugin-php: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdevelop5-plugin-python3: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdf: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdialog: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdiamond: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Fix build by removing glob for duplicate lib. ++++ kdnssd: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ keditbookmarks: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kernel-debug: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-source: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-source-azure: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-source-rt: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-docs: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-kvmsmall: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-obs-build: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-obs-qa: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-rt_debug: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-syms: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-syms-azure: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-syms-rt: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ kernel-zfcpdump: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch. (fix unused variable warning) - commit c953180 - Move upstreamed patches into sorted section - commit 70b2e3d ++++ keysmith: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Use new CI format ++++ kfind: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kfourinline: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kgeography: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kget: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kgoldrunner: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kgpg: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ khangman: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ khelpcenter5: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kidentitymanagement: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kig: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kigo: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Remove dbus for kwin as it had zero affect. * snapcraft: Add back doctools build dep. * snapcraft: New release. * snapcraft: Prepare 23.08.3 Release. ++++ killbots: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kimagemapeditor: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kimap: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kio-extras5: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kio-gdrive: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kio_audiocd: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kdesdk-kioslaves: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kipi-plugins: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kirigami-gallery: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kiriki: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kitinerary: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Search for Threads::Threads * Don't crash on missing PDF link actions * Fix extracting B&B Hotel confirmations with breakfast * Handle one other boarding time variant of LH boarding passes * Extract order numbers from DB Next PDF tickets * Make the Accor extractor more robust against HTML structure variations * Add CCC pass identifier to the Pretix filter pattern * Fix parsing RCT2 arrival times across the end-of-year boundary ++++ kjournald: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kjumpingcube: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kldap: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kleopatra: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix compilation with Clang 16 ++++ klettres: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ klickety: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ klines: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmag: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmahjongg: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmail: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * snapcraft: Initial import snapcraft files. ++++ kmail-account-wizard: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmailtransport: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmbox: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmime: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Use a locale for the tests that also works on FreeBSD ++++ kmines: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmix: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmousetool: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmouth: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ kmplot: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - No code change since 23.08.4 ++++ knavalbattle: - Update to 23.08.5 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/23.08.5/ - Changes since 23.08.4: * Fix test for placing a ship vertically ++++ k