Image summary for sles-15-sp4-chost-byos-v20221118-x86-64

SUSE-IU-2022:1124-1

Container Advisory ID	SUSE-IU-2022:1124-1
Container Tags	sles-15-sp4-chost-byos-v20221118-x86-64:20221118
Container Release

The following patches have been included in this update:

Advisory ID	SUSE-RU-2022:3663-1
Released	Wed Oct 19 19:05:21 2022
Summary	Recommended update for openssl-1_1
Type	recommended
Severity	moderate
References	1121365,1180995,1190651,1190653,1190888,1193859,1198471,1198472,1201293,1202148,1203046,1203069

Description:

This update for openssl-1_1 fixes the following issues:

FIPS: Default to RFC-7919 groups for genparam and dhparam
FIPS: list only FIPS approved digest and public key algorithms [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472]
FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069]
FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293] * The FIPS_drbg implementation is not FIPS validated anymore. To provide backwards compatibility for applications that need FIPS compliant RNG number generation and use FIPS_drbg_generate, this function was re-wired to call the FIPS validated DRBG instance instead through the RAND_bytes() call.
FIPS: Fix minor memory leaks by FIPS patch [bsc#1203046]
FIPS: OpenSSL: Port openssl to use jitterentropy [bsc#1202148, jsc#SLE-24941] libcrypto.so now requires libjitterentropy3 library.
FIPS: OpenSSL Provide a service-level indicator [bsc#1190651]
FIPS: Add zeroization of temporary variables to the hmac integrity function FIPSCHECK_verify(). [bsc#1190653]

Advisory ID	SUSE-RU-2022:3670-1
Released	Thu Oct 20 10:44:13 2022
Summary	Recommended update for zchunk
Type	recommended
Severity	moderate
References	1204244

Description:

This update for zchunk fixes the following issues:

Make sure to ship libzck1 to Micro 5.3 (bsc#1204244)

Advisory ID	SUSE-RU-2022:3678-1
Released	Thu Oct 20 14:38:19 2022
Summary	Recommended update for kdump
Type	recommended
Severity	moderate
References	1187312,1201051,1202981

Description:

This update for kdump fixes the following issues:

Fix broken URL in manpage (bsc#1187312)
Fix network-related dracut options handling for fadump case (bsc#1201051)
use inst_binary to install kdump-save (bsc#1202981)

Advisory ID	SUSE-SU-2022:3683-1
Released	Fri Oct 21 11:48:39 2022
Summary	Security update for libksba
Type	security
Severity	critical
References	1204357,CVE-2022-3515

Description:

This update for libksba fixes the following issues:
- CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357).

Advisory ID	SUSE-SU-2022:3692-1
Released	Fri Oct 21 16:15:07 2022
Summary	Security update for libxml2
Type	security
Severity	important
References	1204366,1204367,CVE-2022-40303,CVE-2022-40304

Description:

This update for libxml2 fixes the following issues:
- CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366). - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).

Advisory ID	SUSE-SU-2022:3727-1
Released	Tue Oct 25 15:38:34 2022
Summary	Security update for xen
Type	security
Severity	moderate
References	1027519,1167608,1201631,1201994,1203806,1203807,CVE-2022-33746,CVE-2022-33748

Description:

This update for xen fixes the following issues:
Updated to version 4.16.2 (bsc#1027519): - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).

Bugfixes:
- Fixed Xen DomU unable to emulate audio device (bsc#1201994). - Fixed logic error in built-in default of max_event_channels (bsc#1167608, bsc#1201631).

Advisory ID	SUSE-SU-2022:3767-1
Released	Wed Oct 26 11:49:43 2022
Summary	Recommended update for bind
Type	security
Severity	important
References	1201689,1203250,1203614,1203618,1203619,1203620,CVE-2022-2795,CVE-2022-3080,CVE-2022-38177,CVE-2022-38178

Description:

This update for bind fixes the following issues:
Update to release 9.16.33:

CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cache for the incoming query and the stale-answer-client-timeout option is set to 0 (bsc#1203618).
CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

Add systemd drop-in directory for named service (bsc#1201689).
Add modified createNamedConfInclude script and README-bind.chrootenv (bsc#1203250).

Feature Changes: - Response Rate Limiting (RRL) code now treats all QNAMEs that are subject to wildcard processing within a given zone as the same name, to prevent circumventing the limits enforced by RRL.

- Zones using dnssec-policy now require dynamic DNS or inline-signing to be configured explicitly.
- A backward-compatible approach was implemented for encoding internationalized domain names (IDN) in dig and converting the domain to IDNA2008 form; if that fails, BIND tries an IDNA2003 conversion.
- The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically disabled on systems where they are disallowed by the security policy. Primary zones using those algorithms need to be migrated to new algorithms prior to running on these systems, as graceful migration to different DNSSEC algorithms is not possible when RSASHA1 is disallowed by the operating system.
- Log messages related to fetch limiting have been improved to provide more complete information. Specifically, the final counts of allowed and spilled fetches are now logged before the counter object is destroyed.
- Non-dynamic zones that inherit dnssec-policy from the view or options blocks were not marked as inline-signed and therefore never scheduled to be re-signed. This has been fixed.
- The old max-zone-ttl zone option was meant to be superseded by the max-zone-ttl option in dnssec-policy; however, the latter option was not fully effective. This has been corrected: zones no longer load if they contain TTLs greater than the limit configured in dnssec-policy. For zones with both the old max-zone-ttl option and dnssec-policy configured, the old option is ignored, and a warning is generated.
- rndc dumpdb -expired was fixed to include expired RRsets, even if stale-cache-enable is set to no and the cache-cleaning time window has passed. (jsc#SLE-24600)

Advisory ID	SUSE-SU-2022:3784-1
Released	Wed Oct 26 18:03:28 2022
Summary	Security update for libtasn1
Type	security
Severity	critical
References	1204690,CVE-2021-46848

Description:

This update for libtasn1 fixes the following issues:

CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)

Advisory ID	SUSE-SU-2022:3785-1
Released	Wed Oct 26 20:20:19 2022
Summary	Security update for curl
Type	security
Severity	important
References	1204383,1204386,CVE-2022-32221,CVE-2022-42916

Description:

This update for curl fixes the following issues:
- CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383). - CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

Advisory ID	SUSE-RU-2022:3787-1
Released	Thu Oct 27 04:41:09 2022
Summary	Recommended update for permissions
Type	recommended
Severity	important
References	1194047,1203911

Description:

This update for permissions fixes the following issues:

Fix regression introduced by backport of security fix (bsc#1203911)
Add permissions for enlightenment helper on 32bit arches (bsc#1194047)

Advisory ID	SUSE-RU-2022:3799-1
Released	Thu Oct 27 14:59:06 2022
Summary	Recommended update for gnutls
Type	recommended
Severity	important
References	1202146,1203779

Description:

This update for gnutls fixes the following issues:

FIPS: Set error state when jent init failed in FIPS mode (bsc#1202146)
FIPS: Make XTS key check failure not fatal (bsc#1203779)

Advisory ID	SUSE-SU-2022:3806-1
Released	Thu Oct 27 17:21:11 2022
Summary	Security update for dbus-1
Type	security
Severity	important
References	1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012

Description:

This update for dbus-1 fixes the following issues:
- CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111). - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112). - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).
Bugfixes:
- Disable asserts (bsc#1087072).

Advisory ID	SUSE-RU-2022:3812-1
Released	Mon Oct 31 09:44:26 2022
Summary	Recommended update for sudo
Type	recommended
Severity	moderate
References	1177578

Description:

This update for sudo fixes the following issues:

Removed redundant and confusing 'secure_path' settings in sudo-sudoers file

(bsc#1177578).

Advisory ID	SUSE-SU-2022:3844-1
Released	Tue Nov 1 18:20:11 2022
Summary	Security update for the Linux Kernel
Type	security
Severity	important
References	1185032,1190497,1194023,1194869,1195917,1196444,1196869,1197659,1198189,1200288,1200622,1201309,1201310,1201987,1202095,1202960,1203039,1203066,1203101,1203197,1203263,1203338,1203360,1203361,1203389,1203410,1203505,1203552,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203893,1203902,1203906,1203908,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125,CVE-2022-1263,CVE-2022-2586,CVE-2022-3202,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-39189,CVE-2022-41218,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated.
The following security bugs were fixed:

CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking (bnc#1203769).
CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c (bnc#1202960).
CVE-2022-3239: Fixed an use-after-free in the video4linux driver that could lead a local user to able to crash the system or escalate their privileges (bnc#1203552).
CVE-2022-41848: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl (bnc#1203987).
CVE-2022-41849: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open (bnc#1203992).
CVE-2022-41674: Fixed a DoS issue where kernel can crash on the reception of specific WiFi Frames (bsc#1203770).
CVE-2022-1263: Fixed a NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allowed an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service (bnc#1198189).
CVE-2022-32296: Fixed a bug which allowed TCP servers to identify clients by observing what source ports are used (bnc#1200288).
CVE-2022-3202: Fixed a NULL pointer dereference flaw in Journaled File System. This could allow a local attacker to crash the system or leak kernel internal information (bnc#1203389).
CVE-2022-39189: Fixed a bug in the x86 KVM subsystem which allows unprivileged guest users to compromise the guest kernel because TLB flush operations are mishandled (bnc#1203066).
CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bnc#1202095).
CVE-2022-42722: Fixed crash in beacon protection for P2P-device. (bsc#1204125)
CVE-2022-42719: Fixed MBSSID parsing use-after-free. (bsc#1204051)
CVE-2022-42721: Avoid nontransmitted BSS list corruption. (bsc#1204060)
CVE-2022-42720: Fixed BSS refcounting bugs. (bsc#1204059)

The following non-security bugs were fixed:

ACPI / scan: Create platform device for CS35L41 (bsc#1203699).
ACPI: processor idle: Practically limit 'Dummy wait' workaround to old Intel systems (bsc#1203767).
ACPI: resource: skip IRQ override on AMD Zen platforms (git-fixes).
ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699).
ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699).
ALSA: aloop: Fix random zeros in capture data when using jiffies timer (git-fixes).
ALSA: core: Fix double-free at snd_card_new() (git-fixes).
ALSA: cs35l41: Check hw_config before using it (bsc#1203699).
ALSA: cs35l41: Enable Internal Boost in shared lib (bsc#1203699).
ALSA: cs35l41: Move cs35l41_gpio_config to shared lib (bsc#1203699).
ALSA: cs35l41: Unify hardware configuration (bsc#1203699).
ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (git-fixes).
ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
ALSA: hda: cs35l41: Add Amp Name based on channel and index (bsc#1203699).
ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699).
ALSA: hda: cs35l41: Add calls to newly added test key function (bsc#1203699).
ALSA: hda: cs35l41: Add defaulted values into dsp bypass config sequence (bsc#1203699).
ALSA: hda: cs35l41: Add initial DSP support and firmware loading (bsc#1203699).
ALSA: hda: cs35l41: Add missing default cases (bsc#1203699).
ALSA: hda: cs35l41: Add module parameter to control firmware load (bsc#1203699).
ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems (bsc#1203699).
ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699).
ALSA: hda: cs35l41: Allow compilation test on non-ACPI configurations (bsc#1203699).
ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699).
ALSA: hda: cs35l41: Avoid overwriting register patch (bsc#1203699).
ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD Properties (bsc#1203699).
ALSA: hda: cs35l41: Consolidate selections under SND_HDA_SCODEC_CS35L41 (bsc#1203699).
ALSA: hda: cs35l41: Do not dereference fwnode handle (bsc#1203699).
ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699).
ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops (bsc#1203699).
ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate reference (bsc#1203699).
ALSA: hda: cs35l41: fix double free on error in probe() (bsc#1203699).
ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name (bsc#1203699).
ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699).
ALSA: hda: cs35l41: Handle all external boost setups the same way (bsc#1203699).
ALSA: hda: cs35l41: Improve dev_err_probe() messaging (bsc#1203699).
ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void (bsc#1203699).
ALSA: hda: cs35l41: Make use of the helper function dev_err_probe() (bsc#1203699).
ALSA: hda: cs35l41: Move boost config to initialization code (bsc#1203699).
ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol namespace (bsc#1203699).
ALSA: hda: cs35l41: Move external boost handling to lib for ASoC use (bsc#1203699).
ALSA: hda: cs35l41: Mute the device before shutdown (bsc#1203699).
ALSA: hda: cs35l41: Put the device into safe mode for external boost (bsc#1203699).
ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI variables (bsc#1203699).
ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct (bsc#1203699).
ALSA: hda: cs35l41: Remove Set Channel Map api from binding (bsc#1203699).
ALSA: hda: cs35l41: Reorganize log for playback actions (bsc#1203699).
ALSA: hda: cs35l41: Save codec object inside component struct (bsc#1203699).
ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver (bsc#1203699).
ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop (bsc#1203699).
ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699).
ALSA: hda: cs35l41: Support Firmware switching and reloading (bsc#1203699).
ALSA: hda: cs35l41: Support Hibernation during Suspend (bsc#1203699).
ALSA: hda: cs35l41: Support multiple load paths for firmware (bsc#1203699).
ALSA: hda: cs35l41: Support reading subsystem id from ACPI (bsc#1203699).
ALSA: hda: cs35l41: Support Speaker ID for laptops (bsc#1203699).
ALSA: hda: cs35l41: Tidyup code (bsc#1203699).
ALSA: hda: cs35l41: Use the CS35L41 HDA internal define (bsc#1203699).
ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses (bsc#1203699).
ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699).
ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount saturation (git-fixes).
ALSA: hda: Fix Nvidia dp infoframe (git-fixes).
ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls directly (bsc#1203699).
ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699).
ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA controls (bsc#1203699).
ALSA: hda: intel-dsp-config: Add RaptorLake PCI IDs (jsc#PED-720).
ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699).
ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg (bsc#1203699).
ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock (bsc#1203699).
ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to static (bsc#1203699).
ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg (bsc#1203699).
ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants (bsc#1203699).
ALSA: hda/cs8409: Fix Warlock to use mono mic configuration (bsc#1203699).
ALSA: hda/cs8409: Re-order quirk table into ascending order (bsc#1203699).
ALSA: hda/cs8409: Support manual mode detection for CS42L42 (bsc#1203699).
ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699).
ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699).
ALSA: hda/cs8409: Support new Warlock MLK Variants (bsc#1203699).
ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda driver (bsc#1203699).
ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED (git-fixes).
ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops (bsc#1203699).
ALSA: hda/realtek: Add mute and micmut LED support for Zbook Fury 17 G9 (bsc#1203699).
ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model (bsc#1203699).
ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7 (bsc#1203699).
ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41 (bsc#1203699).
ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699).
ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop (bsc#1203699).
ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop (git-fixes).
ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop (git-fixes).
ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook 845/865 G9 (bsc#1203699).
ALSA: hda/realtek: Enable mute/micmute LEDs support for HP Laptops (bsc#1203699).
ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops (bsc#1203699).
ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699).
ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41 s-codec (bsc#1203699).
ALSA: hda/realtek: More robust component matching for CS35L41 (bsc#1203699).
ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
ALSA: hda/sigmatel: Fix unused variable warning for beep power change (git-fixes).
ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes).
ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
ALSA: hda/tegra: set depop delay for tegra (git-fixes).
ALSA: hda/tegra: Update scratch reg. communication (git-fixes).
ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (git-fixes).
ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (git-fixes).
ALSA: usb-audio: Inform the delayed registration more properly (git-fixes).
ALSA: usb-audio: Register card again for iface over delayed_register option (git-fixes).
ALSA: usb-audio: Split endpoint setups for hw_params and prepare (git-fixes).
ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes).
ARM: dts: imx: align SPI NOR node name with dtschema (git-fixes).
ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible (git-fixes).
arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes).
arm64: dts: rockchip: Fix typo in lisense text for PX30.Core (git-fixes).
arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes).
arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma (git-fixes).
arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes).
arm64: errata: Add Cortex-A510 to the repeat tlbi list (git-fixes) Enable this errata fix configuration option to arm64/default.
arm64: kexec_file: use more system keyrings to verify kernel image signature (bsc#1196444).
arm64: lib: Import latest version of Arm Optimized Routines' strcmp (git-fixes)
arm64: select TRACE_IRQFLAGS_NMI_SUPPORT (git-fixes)
arm64: topology: fix possible overflow in amu_fie_setup() (git-fixes).
ASoC: cs35l41: Add ASP TX3/4 source to register patch (bsc#1203699).
ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699).
ASoC: cs35l41: Add common cs35l41 enter hibernate function (bsc#1203699).
ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699).
ASoC: cs35l41: Add endianness flag in snd_soc_component_driver (bsc#1203699).
ASoC: cs35l41: Add one more variable in the debug log (bsc#1203699).
ASoC: cs35l41: Add one more variable in the debug log (bsc#1203699).
ASoC: cs35l41: Add support for CLSA3541 ACPI device ID (bsc#1203699).
ASoC: cs35l41: Add support for hibernate memory retention mode (bsc#1203699).
ASoC: cs35l41: Binding fixes (bsc#1203699).
ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699).
ASoC: cs35l41: Combine adjacent register writes (bsc#1203699).
ASoC: cs35l41: Convert tables to shared source code (bsc#1203699).
ASoC: cs35l41: Correct DSP power down (bsc#1203699).
ASoC: cs35l41: Correct handling of some registers in the cache (bsc#1203699).
ASoC: cs35l41: Correct some control names (bsc#1203699).
ASoC: cs35l41: Create shared function for boost configuration (bsc#1203699).
ASoC: cs35l41: Create shared function for errata patches (bsc#1203699).
ASoC: cs35l41: Create shared function for setting channels (bsc#1203699).
ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699).
ASoC: cs35l41: Do not overwrite returned error code (bsc#1203699).
ASoC: cs35l41: Do not print error when waking from hibernation (bsc#1203699).
ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699).
ASoC: cs35l41: DSP Support (bsc#1203699).
ASoC: cs35l41: Fix a bunch of trivial code formating/style issues (bsc#1203699).
ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN (bsc#1203699).
ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t (bsc#1203699).
ASoC: cs35l41: Fix DSP mbox start command and global enable order (bsc#1203699).
ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699).
ASoC: cs35l41: Fix link problem (bsc#1203699).
ASoC: cs35l41: Fix max number of TX channels (bsc#1203699).
ASoC: cs35l41: Fix undefined reference to core functions (bsc#1203699).
ASoC: cs35l41: Fix use of an uninitialised variable (bsc#1203699).
ASoC: cs35l41: Fixup the error messages (bsc#1203699).
ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699).
ASoC: cs35l41: Move cs_dsp config struct into shared code (bsc#1203699).
ASoC: cs35l41: Move cs35l41 exit hibernate function into shared code (bsc#1203699).
ASoC: cs35l41: Move cs35l41 fs errata into shared code (bsc#1203699).
ASoC: cs35l41: Move cs35l41_otp_unpack to shared code (bsc#1203699).
ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code (bsc#1203699).
ASoC: cs35l41: Move power initializations to reg_sequence (bsc#1203699).
ASoC: cs35l41: Read System Name from ACPI _SUB to identify firmware (bsc#1203699).
ASoC: cs35l41: Remove incorrect comment (bsc#1203699).
ASoC: cs35l41: Remove unnecessary param (bsc#1203699).
ASoC: cs35l41: Set the max SPI speed for the whole device (bsc#1203699).
ASoC: cs35l41: Support external boost (bsc#1203699).
ASoC: cs35l41: Update handling of test key registers (bsc#1203699).
ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot (bsc#1203699).
ASoC: cs42l42: Add control for audio slow-start switch (bsc#1203699).
ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START (bsc#1203699).
ASoC: cs42l42: Allow time for HP/ADC to power-up after enable (bsc#1203699).
ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts (bsc#1203699).
ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ handling (bsc#1203699).
ASoC: cs42l42: Do not claim to support 192k (bsc#1203699).
ASoC: cs42l42: Do not reconfigure the PLL while it is running (bsc#1203699).
ASoC: cs42l42: Fix WARN in remove() if running without an interrupt (bsc#1203699).
ASoC: cs42l42: free_irq() before powering-down on probe() fail (bsc#1203699).
ASoC: cs42l42: Handle system suspend (bsc#1203699).
ASoC: cs42l42: Implement Manual Type detection as fallback (bsc#1203699).
ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile (bsc#1203699).
ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl script (bsc#1203699).
ASoC: cs42l42: Move CS42L42 register descriptions to general include (bsc#1203699).
ASoC: cs42l42: Only report button state if there was a button interrupt (git-fixes).
ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler (bsc#1203699).
ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699).
ASoC: cs42l42: Remove redundant writes to DETECT_MODE (bsc#1203699).
ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG masks (bsc#1203699).
ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume callbacks (bsc#1203699).
ASoC: cs42l42: Report full jack status when plug is detected (bsc#1203699).
ASoC: cs42l42: Report initial jack state (bsc#1203699).
ASoC: cs42l42: Reset and power-down on remove() and failed probe() (bsc#1203699).
ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699).
ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699).
ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699).
ASoC: cs42l42: Use two thresholds and increased wait time for manual type detection (bsc#1203699).
ASoC: dt-bindings: cs42l42: Convert binding to yaml (bsc#1203699).
ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes).
ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion (git-fixes).
ASoC: mchp-spdiftx: remove references to mchp_i2s_caps (git-fixes).
ASoC: nau8824: Fix semaphore unbalance at error paths (git-fixes).
ASoC: qcom: sm8250: add missing module owner (git-fixes).
ASoC: SOF: Intel: pci-tgl: add ADL-PS support (jsc#PED-720).
ASoC: SOF: Intel: pci-tgl: add RPL-P support (jsc#PED-720).
ASoC: SOF: Intel: pci-tgl: add RPL-S support (jsc#PED-652).
ASoC: tas2770: Reinit regcache on reset (git-fixes).
ASoC: wm_adsp: Add support for 'toggle' preloaders (bsc#1203699).
ASoC: wm_adsp: Add trace caps to speaker protection FW (bsc#1203699).
ASoC: wm_adsp: Cancel ongoing work when removing controls (bsc#1203699).
ASoC: wm_adsp: Compressed stream DSP memory structs should be __packed (bsc#1203699).
ASoC: wm_adsp: Correct control read size when parsing compressed buffer (bsc#1203699).
ASoC: wm_adsp: Expand firmware loading search options (bsc#1203699).
ASoC: wm_adsp: Fix event for preloader (bsc#1203699).
ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699).
ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699).
ASoC: wm_adsp: Minor clean and redundant code removal (bsc#1203699).
ASoC: wm_adsp: Move check for control existence (bsc#1203699).
ASoC: wm_adsp: Move check of dsp->running to better place (bsc#1203699).
ASoC: wm_adsp: move firmware loading to client (bsc#1203699).
ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699).
ASoC: wm_adsp: Pass firmware names as parameters when starting DSP core (bsc#1203699).
ASoC: wm_adsp: remove a repeated including (bsc#1203699).
ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699).
ASoC: wm_adsp: Remove the wmfw_add_ctl helper function (bsc#1203699).
ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699).
ASoC: wm_adsp: Rename generic DSP support (bsc#1203699).
ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling (bsc#1203699).
ASoC: wm_adsp: Separate some ASoC and generic functions (bsc#1203699).
ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops (bsc#1203699).
ASoC: wm_adsp: Split DSP power operations into helper functions (bsc#1203699).
ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp (bsc#1203699).
ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed buffers (bsc#1203699).
ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol 'ret' (bsc#1203699).
batman-adv: Fix hang up with small MTU hard-interface (git-fixes).
Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend (git-fixes).
Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure (git-fixes).
Bluetooth: hci_core: Fix not handling link timeouts propertly (git-fixes).
bnx2x: fix built-in kernel driver load failure (git-fixes).
bnx2x: fix driver load from initrd (git-fixes).
btrfs: fix relocation crash due to premature return from btrfs_commit_transaction() (bsc#1203360).
btrfs: fix space cache corruption and potential double allocations (bsc#1203361).
can: gs_usb: gs_can_open(): fix race dev->can.state condition (git-fixes).
can: rx-offload: can_rx_offload_init_queue(): fix typo (git-fixes).
cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() (bsc#1196869).
cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (bsc#1203906).
cgroup: Fix race condition at rebind_subsystems() (bsc#1203902).
cgroup: Fix threadgroup_rwsem cpus_read_lock() deadlock (bsc#1196869).
clk: bcm: rpi: Prevent out-of-bounds access (git-fixes).
clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc() (git-fixes).
clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks (git-fixes).
clk: ingenic-tcu: Properly enable registers before accessing timers (git-fixes).
clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
constraints: increase disk space for all architectures References: bsc#1203693 aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is very close to the limit.
crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)
cs-dsp and serial-multi-instantiate enablement (bsc#1203699)
dmaengine: idxd: add helper for per interrupt handle drain (jsc#PED-682).
dmaengine: idxd: add knob for enqcmds retries (jsc#PED-755).
dmaengine: idxd: change MSIX allocation based on per wq activation (jsc#PED-664).
dmaengine: idxd: create locked version of idxd_quiesce() call (jsc#PED-682).
dmaengine: idxd: embed irq_entry in idxd_wq struct (jsc#PED-664).
dmaengine: idxd: fix descriptor flushing locking (jsc#PED-664).
dmaengine: idxd: fix retry value to be constant for duration of function call (git-fixes).
dmaengine: idxd: handle interrupt handle revoked event (jsc#PED-682).
dmaengine: idxd: handle invalid interrupt handle descriptors (jsc#PED-682).
dmaengine: idxd: int handle management refactoring (jsc#PED-682).
dmaengine: idxd: match type for retries var in idxd_enqcmds() (git-fixes).
dmaengine: idxd: move interrupt handle assignment (jsc#PED-682).
dmaengine: idxd: rework descriptor free path on failure (jsc#PED-682).
dmaengine: idxd: set defaults for wq configs (jsc#PED-688).
dmaengine: idxd: update IAA definitions for user header (jsc#PED-763).
dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() (git-fixes).
docs: i2c: i2c-topology: fix incorrect heading (git-fixes).
dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe (git-fixes).
drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV (git-fixes).
drm/amd/amdgpu: skip ucode loading if ucode_size == 0 (git-fixes).
drm/amd/display: Limit user regamma to a valid value (git-fixes).
drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage (git-fixes).
drm/amd/display: Reduce number of arguments of dml31's CalculateFlipSchedule() (git-fixes).
drm/amd/display: Reduce number of arguments of dml31's CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes).
drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards (git-fixes).
drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).
drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
drm/amdgpu: make sure to init common IP before gmc (git-fixes).
drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).
drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega (git-fixes).
drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega (git-fixes).
drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes).
drm/amdgpu: Separate vf2pf work item init from virt data exchange (git-fixes).
drm/amdgpu: use dirty framebuffer helper (git-fixes).
drm/bridge: display-connector: implement bus fmts callbacks (git-fixes).
drm/bridge: lt8912b: add vsync hsync (git-fixes).
drm/bridge: lt8912b: fix corrupted image output (git-fixes).
drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes).
drm/gem: Fix GEM handle release errors (git-fixes).
drm/gma500: Fix BUG: sleeping function called from invalid context errors (git-fixes).
drm/i915: Implement WaEdpLinkRateDataReload (git-fixes).
drm/i915: Skip wm/ddb readout for disabled pipes (git-fixes).
drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).
drm/i915/gt: Restrict forced preemption to the active context (git-fixes).
drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, reset callbacks (git-fixes).
drm/mediatek: dsi: Move mtk_dsi_stop() call back to mtk_dsi_poweroff() (git-fixes).
drm/meson: Correct OSD1 global alpha value (git-fixes).
drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
drm/panel: simple: Fix innolux_g121i1_l01 bus_format (git-fixes).
drm/panfrost: devfreq: set opp to the recommended one to configure regulator (git-fixes).
drm/radeon: add a force flush to delay work when radeon (git-fixes).
drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes).
dt-bindings: hwmon: (mr75203) fix 'intel,vm-map' property to be optional (git-fixes).
EDAC/dmc520: Do not print an error for each unconfigured interrupt line (bsc#1190497).
efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).
efi: libstub: Disable struct randomization (git-fixes).
eth: alx: take rtnl_lock on resume (git-fixes).
eth: sun: cassini: remove dead code (git-fixes).
fbcon: Add option to enable legacy hardware acceleration (bsc#1152472) Backporting changes: * context fixes in other patch * update config
fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472)
fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (git-fixes).
firmware: arm_scmi: Fix the asynchronous reset requests (git-fixes).
firmware: arm_scmi: Harden accesses to the reset domains (git-fixes).
firmware: cs_dsp: add driver to support firmware loading on Cirrus Logic DSPs (bsc#1203699).
firmware: cs_dsp: Add lockdep asserts to interface functions (bsc#1203699).
firmware: cs_dsp: Add memory chunk helpers (bsc#1203699).
firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699).
firmware: cs_dsp: Add pre_run callback (bsc#1203699).
firmware: cs_dsp: Add pre_stop callback (bsc#1203699).
firmware: cs_dsp: Add support for rev 2 coefficient files (bsc#1203699).
firmware: cs_dsp: Add version checks on coefficient loading (bsc#1203699).
firmware: cs_dsp: Allow creation of event controls (bsc#1203699).
firmware: cs_dsp: Clarify some kernel doc comments (bsc#1203699).
firmware: cs_dsp: Clear core reset for cache (bsc#1203699).
firmware: cs_dsp: Fix overrun of unterminated control name string (bsc#1203699).
firmware: cs_dsp: Move lockdep asserts to avoid potential null pointer (bsc#1203699).
firmware: cs_dsp: Perform NULL check in cs_dsp_coeff_write/read_ctrl (bsc#1203699).
firmware: cs_dsp: Print messages from bin files (bsc#1203699).
firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h (bsc#1203699).
ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (git-fixes).
fuse: Remove the control interface for virtio-fs (bsc#1203798).
gpio: mockup: fix NULL pointer dereference when removing debugfs (git-fixes).
gpio: mockup: remove gpio debugfs when remove device (git-fixes).
gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (git-fixes).
gpio: mvebu: Fix check for pwm support on non-A8K platforms (git-fixes).
gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully (git-fixes).
gve: Fix GFP flags when allocing pages (git-fixes).
hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message (git-fixes).
HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).
hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API (git-fixes).
hwmon: (mr75203) enable polling for all VM channels (git-fixes).
hwmon: (mr75203) fix multi-channel voltage reading (git-fixes).
hwmon: (mr75203) fix VM sensor allocation when 'intel,vm-map' not defined (git-fixes).
hwmon: (mr75203) fix voltage equation for negative source input (git-fixes).
hwmon: (mr75203) update pvt->v_num and vm_num to the actual number of used sensors (git-fixes).
hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase mp2888 controller (git-fixes).
hwmon: (tps23861) fix byte order in resistance register (git-fixes).
i2c: acpi: Add an i2c_acpi_client_count() helper function (bsc#1203699).
i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible (git-fixes).
i2c: mlxbf: Fix frequency calculation (git-fixes).
i2c: mlxbf: incorrect base address passed during io write (git-fixes).
i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() (git-fixes).
i2c: mlxbf: support lock mechanism (git-fixes).
ice: Allow operation with reduced device MSI-X (bsc#1201987).
ice: arfs: fix use-after-free when freeing @rx_cpu_rmap (git-fixes).
ice: Do not skip not enabled queues in ice_vc_dis_qs_msg (git-fixes).
ice: fix crash when writing timestamp on RX rings (git-fixes).
ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler (git-fixes).
ice: fix possible under reporting of ethtool Tx and Rx statistics (git-fixes).
ice: Fix race during aux device (un)plugging (git-fixes).
ice: Match on all profiles in slow-path (git-fixes).
ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
igb: skip phy status check where unavailable (git-fixes).
Input: goodix - add compatible string for GT1158 (git-fixes).
Input: goodix - add support for GT1158 (git-fixes).
Input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).
Input: iqs62x-keys - drop unused device node references (git-fixes).
Input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).
Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).
kABI workaround for spi changes (bsc#1203699).
kABI: Add back removed struct paca member (bsc#1203664 ltc#199236).
kABI: fix adding another field to scsi_device (bsc#1203039).
kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924, jsc#SLE-24814).
kbuild: disable header exports for UML in a straightforward way (git-fixes).
kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification (bsc#1196444).
kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).
kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
kexec: drop weak attribute from functions (bsc#1196444).
KVM: SVM: Create a separate mapping for the GHCB save area (jsc#SLE-19924, jsc#SLE-24814).
KVM: SVM: Create a separate mapping for the SEV-ES save area (jsc#SLE-19924, jsc#SLE-24814).
KVM: SVM: Define sev_features and VMPL field in the VMSA (jsc#SLE-19924, jsc#SLE-24814).
KVM: SVM: fix tsc scaling cache logic (bsc#1203263).
KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924, jsc#SLE-24814).
KVM: VMX: Heed the 'msr' argument in msr_write_intercepted() (git-fixes).
KVM: X86: Fix when shadow_root_level=5 and guest root_level 4 (git-fixes).
KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_send_ipi() (git-fixes).
KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall (git-fixes).
KVM: x86: Move lookup of indexed CPUID leafs to helper (jsc#SLE-19924, jsc#SLE-24814).
libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 (git-fixes).
lockd: detect and reject lock arguments that overflow (git-fixes).
md-raid10: fix KASAN warning (git-fixes).
md: call __md_stop_writes in md_stop (git-fixes).
md: unlock mddev before reap sync_thread in action_store (bsc#1197659).
media: aspeed: Fix an error handling path in aspeed_video_probe() (git-fixes).
media: coda: Add more H264 levels for CODA960 (git-fixes).
media: coda: Fix reported H264 profile (git-fixes).
media: dvb_vb2: fix possible out of bound access (git-fixes).
media: exynos4-is: Change clk_disable to clk_disable_unprepare (git-fixes).
media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe (git-fixes).
media: flexcop-usb: fix endpoint type check (git-fixes).
media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes).
media: imx-jpeg: Correct some definition according specification (git-fixes).
media: imx-jpeg: Disable slot interrupt when frame done (git-fixes).
media: imx-jpeg: Fix potential array out of bounds in queue_setup (git-fixes).
media: imx-jpeg: Leave a blank space before the configuration data (git-fixes).
media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes).
media: mceusb: Use new usb_control_msg_*() routines (git-fixes).
media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment.
media: rkvdec: Disable H.264 error detection (git-fixes).
media: st-delta: Fix PM disable depth imbalance in delta_probe (git-fixes).
media: vsp1: Fix offset calculation for plane cropping.
misc: cs35l41: Remove unused pdn variable (bsc#1203699).
mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
mlxsw: i2c: Fix initialization error flow (git-fixes).
mm: Fix PASID use-after-free issue (bsc#1203908).
mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure (git-fixes).
mmc: hsq: Fix data stomping during mmc recovery (git-fixes).
mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv (git-fixes).
net: axienet: fix RX ring refill allocation failure handling (git-fixes).
net: axienet: reset core on initialization prior to MDIO access (git-fixes).
net: bcmgenet: hide status block before TX timestamping (git-fixes).
net: bcmgenet: Revert 'Use stronger register read/writes to assure ordering' (git-fixes).
net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).
net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator (git-fixes).
net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (git-fixes).
net: dsa: felix: fix tagging protocol changes with multiple CPU ports (git-fixes).
net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
net: dsa: introduce helpers for iterating through ports using dp (git-fixes).
net: dsa: lantiq_gswip: Do not set GSWIP_MII_CFG_RMII_CLK (git-fixes).
net: dsa: lantiq_gswip: fix use after free in gswip_remove() (git-fixes).
net: dsa: microchip: fix bridging with more than two member ports (git-fixes).
net: dsa: mt7530: 1G can also support 1000BASE-X link mode (git-fixes).
net: dsa: mt7530: add missing of_node_put() in mt7530_setup() (git-fixes).
net: dsa: mv88e6xxx: Fix port_hidden_wait to account for port_base_addr (git-fixes).
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (git-fixes).
net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes).
net: emaclite: Add error handling for of_address_to_resource() (git-fixes).
net: enetc: Use pci_release_region() to release some resources (git-fixes).
net: ethernet: mediatek: ppe: fix wrong size passed to memset() (git-fixes).
net: ethernet: mv643xx: Fix over zealous checking of_get_mac_address() (git-fixes).
net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link (git-fixes).
net: ethernet: stmmac: fix write to sgmii_adapter_base (git-fixes).
net: fec: add missing of_node_put() in fec_enet_init_stop_mode() (git-fixes).
net: ftgmac100: access hardware register after clock ready (git-fixes).
net: hns3: add netdev reset check for hns3_set_tunable() (git-fixes).
net: hns3: fix the concurrency between functions reading debugfs (git-fixes).
net: ipa: get rid of a duplicate initialization (git-fixes).
net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes).
net: ipa: record proper RX transaction count (git-fixes).
net: macb: Fix PTP one step sync support (git-fixes).
net: macb: Increment rx bd head after allocating skb and buffer (git-fixes).
net: mana: Add rmb after checking owner bits (git-fixes).
net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller (git-fixes).
net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters (git-fixes).
net: mscc: ocelot: fix all IP traffic getting trapped to CPU with PTP over IP (git-fixes).
net: mscc: ocelot: fix broken IP multicast flooding (git-fixes).
net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted (git-fixes).
net: mscc: ocelot: fix missing unlock on error in ocelot_hwstamp_set() (git-fixes).
net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups (git-fixes).
net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 (git-fixes).
net: phy: aquantia: wait for the suspend/resume operations to finish (git-fixes).
net: phy: at803x: move page selection fix to config_init (git-fixes).
net: phy: Do not WARN for PHY_UP state in mdio_bus_phy_resume() (git-fixes).
net: sparx5: depends on PTP_1588_CLOCK_OPTIONAL (git-fixes).
net: sparx5: uses, depends on BRIDGE or !BRIDGE (git-fixes).
net: stmmac: dwmac-qcom-ethqos: add platform level clocks management (git-fixes).
net: stmmac: dwmac-qcom-ethqos: Enable RGMII functional clock on resume (git-fixes).
net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() (git-fixes).
net: stmmac: enhance XDP ZC driver level switching performance (git-fixes).
net: stmmac: fix out-of-bounds access in a selftest (git-fixes).
net: stmmac: Fix unset max_speed difference between DT and non-DT platforms (git-fixes).
net: stmmac: only enable DMA interrupts when ready (git-fixes).
net: stmmac: perserve TX and RX coalesce value during XDP setup (git-fixes).
net: stmmac: remove unused get_addr() callback (git-fixes).
net: stmmac: Use readl_poll_timeout_atomic() in atomic state (git-fixes).
net: systemport: Fix an error handling path in bcm_sysport_probe() (git-fixes).
net: thunderbolt: Enable DMA paths only after rings are enabled (git-fixes).
net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
net: wwan: iosm: Call mutex_init before locking it (git-fixes).
net: wwan: iosm: remove pointless null check (git-fixes).
net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes).
net/mlx5: Drain fw_reset when removing device (git-fixes).
net/mlx5e: Block rx-gro-hw feature in switchdev mode (git-fixes).
net/mlx5e: Properly block HW GRO when XDP is enabled (git-fixes).
net/mlx5e: Properly block LRO when XDP is enabled (git-fixes).
net/mlx5e: Remove HW-GRO from reported features (git-fixes).
net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes).
net/qla3xxx: Fix a test in ql_reset_work() (git-fixes).
net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change() (git-fixes).
NFS: Do not decrease the value of seq_nr_highest_sent (git-fixes).
NFS: fix problems with __nfs42_ssc_open (git-fixes).
NFS: Fix races in the legacy idmapper upcall (git-fixes).
NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests (git-fixes).
NFS: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes).
NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
NFS: RECLAIM_COMPLETE must handle EACCES (git-fixes).
NFS: Turn off open-by-filehandle and NFS re-export for NFSv4.0 (git-fixes).
NFS: Update mode bits after ALLOCATE and DEALLOCATE (git-fixes).
NFSD: Clean up the show_nf_flags() macro (git-fixes).
NFSD: eliminate the NFSD_FILE_BREAK_* flags (git-fixes).
NFSD: Fix offset type in I/O trace points (git-fixes).
NFSD: Report RDMA connection errors to the server (git-fixes).
NFSD: restore EINVAL error translation in nfsd_commit() (git-fixes).
of/device: Fix up of_dma_configure_id() stub (git-fixes).
of/fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).
parisc/sticon: fix reverse colors (bsc#1152489)
parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489)
parisc/stifb: Implement fb_is_primary_device() (bsc#1152489)
parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489)
PCI: Correct misspelled words (git-fixes).
PCI: Disable MSI for Tegra234 Root Ports (git-fixes).
PCI: Prefer 'unsigned int' over bare 'unsigned' (git-fixes).
PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited (jsc#PED-387).
pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes).
pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes).
pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes).
platform/surface: aggregator_registry: Add support for Surface Laptop Go 2 (git-fixes).
platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (git-fixes).
platform/x86: i2c-multi-instantiate: Rename it for a generic serial driver name (bsc#1203699).
platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop (bsc#1203699).
platform/x86: serial-multi-instantiate: Add SPI support (bsc#1203699).
platform/x86: serial-multi-instantiate: Reorganize I2C functions (bsc#1203699).
powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL (bsc#1194869).
ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
regulator: core: Clean up on enable failure (git-fixes).
regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (git-fixes).
regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
s390: fix double free of GS and RI CBs on fork() failure (bsc#1203197 LTC#199895).
s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD (bsc#1203039).
scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).
scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID cases (bsc#1203939).
scsi: lpfc: Add reporting capability for Link Degrade Signaling (bsc#1203939).
scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).
scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload (bsc#1203939).
scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same NPort ID (bsc#1203939).
scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).
scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (bsc#1185032 bsc#1203939).
scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
scsi: lpfc: Remove unneeded result variable (bsc#1203939).
scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd (bsc#1203939).
scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1203939).
scsi: lpfc: Rework FDMI attribute registration for unintential padding (bsc#1203939).
scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency (bsc#1203939).
scsi: lpfc: Update congestion mode logging for Emulex SAN Manager application (bsc#1203939).
scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
scsi: mpt3sas: Fix use-after-free warning (git-fixes).
scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status (bsc#1203935).
scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1() (bsc#1203935).
scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
scsi: qla2xxx: Define static symbols (bsc#1203935).
scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX (bsc#1203935).
scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
scsi: qla2xxx: Enhance driver tracing with separate tunable and more (bsc#1203935).
scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).
scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1203935).
scsi: qla2xxx: Fix spelling mistake 'definiton' 'definition' (bsc#1203935).
scsi: qla2xxx: Log message 'skipping scsi_scan_host()' as informational (bsc#1203935).
scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).
scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
scsi: qla2xxx: Revert 'scsi: qla2xxx: Fix response queue handler reading stale packets' (bsc#1203935).
scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
scsi: Revert 'scsi: qla2xxx: Fix disk failure to rediscover' (git-fixes).
scsi: smartpqi: Add module param to disable managed ints (bsc#1203893).
scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).
selftests: Fix the if conditions of in test_extra_filter() (git-fixes).
selftests: forwarding: add shebang for sch_red.sh (git-fixes).
selftests: forwarding: Fix failing tests with old libnet (git-fixes).
serial: atmel: remove redundant assignment in rs485_config (git-fixes).
serial: Create uart_xmit_advance() (git-fixes).
serial: fsl_lpuart: Reset prior to registration (git-fixes).
serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).
serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).
soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
spi: Add API to count spi acpi resources (bsc#1203699).
spi: Create helper API to lookup ACPI info for spi device (bsc#1203699).
spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe (git-fixes).
spi: meson-spicc: do not rely on busy flag in pow2 clk ops (git-fixes).
spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
spi: propagate error code to the caller of acpi_spi_device_alloc() (bsc#1203699).
spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() (git-fixes).
spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() (git-fixes).
spi: Return deferred probe error when controller isn't yet available (bsc#1203699).
spi: s3c64xx: Fix large transfers with DMA (git-fixes).
spi: Support selection of the index of the ACPI Spi Resource before alloc (bsc#1203699).
spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe (git-fixes).
struct ehci_hcd: hide new element going into a hole (git-fixes).
struct xhci_hcd: restore member now dynamically allocated (git-fixes).
SUNRPC: Do not call connect() more than once on a TCP socket (git-fixes).
SUNRPC: Do not leak sockets in xs_local_connect() (git-fixes).
SUNRPC: fix expiry of auth creds (git-fixes).
SUNRPC: Fix xdr_encode_bool() (git-fixes).
SUNRPC: Reinitialise the backchannel request buffers before reuse (git-fixes).
SUNRPC: RPC level errors should set task->tk_rpc_status (git-fixes).
thunderbolt: Add support for Intel Maple Ridge single port controller (git-fixes).
tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).
tty: serial: atmel: Preserve previous USART mode if RS485 disabled (git-fixes).
USB: Add ignore-residue quirk for NXP PN7462AU (git-fixes).
USB: add quirks for Lenovo OneLink+ Dock (git-fixes).
USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).
USB: core: Fix RST error in hub.c (git-fixes).
USB: core: Prevent nested device-reset calls (git-fixes).
USB: Drop commas after SoC match table sentinels (git-fixes).
USB: dwc3: core: leave default DMA if the controller does not support 64-bit DMA (git-fixes).
USB: dwc3: disable USB core PHY management (git-fixes).
USB: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind (git-fixes).
USB: dwc3: gadget: Do not modify GEVNTCOUNT in pullup() (git-fixes).
USB: dwc3: gadget: Refactor pullup() (git-fixes).
USB: dwc3: pci: Add support for Intel Raptor Lake (git-fixes).
USB: Fix ehci infinite suspend-resume loop issue in zhaoxin (git-fixes).
USB: Fix memory leak in usbnet_disconnect() (git-fixes).
USB: host: xhci: fix a comment typo in xhci_mem_init() (git-fixes).
USB: host: xhci: use ffs() in xhci_mem_init() (git-fixes).
USB: hub: avoid warm port reset during USB3 disconnect (git-fixes).
USB: serial: cp210x: add Decagon UCA device id (git-fixes).
USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).
USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
USB: serial: option: add Quectel EM060K modem (git-fixes).
USB: serial: option: add Quectel RM520N (git-fixes).
USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (git-fixes).
USB: serial: option: add support for OPPO R11 diag port (git-fixes).
USB: storage: Add ASUS 0x0b05:0x1932 to IGNORE_UAS (git-fixes).
USB: struct usb_device: hide new member (git-fixes).
USB: typec: intel_pmc_mux: Add new ACPI ID for Meteor Lake IOM device (git-fixes).
USB: typec: tipd: Add an additional overflow check (git-fixes).
USB: typec: tipd: Do not read/write more bytes than required (git-fixes).
USB: typec: ucsi: Remove incorrect warning (git-fixes).
USB: xhci-mtk: relax TT periodic bandwidth allocation (git-fixes).
vfio/type1: Unpin zero pages (git-fixes).
vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
video: fbdev: i740fb: Error out if 'pixclock' equals zero (git-fixes).
video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (git-fixes).
virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814).
virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement (jsc#SLE-19924, jsc#SLE-24814).
virt: sevguest: Add support to derive key (jsc#SLE-19924, jsc#SLE-24814).
virt: sevguest: Add support to get extended report (jsc#SLE-19924, jsc#SLE-24814).
virt: sevguest: Fix bool function returning negative value (jsc#SLE-19924, jsc#SLE-24814).
virt: sevguest: Fix return value check in alloc_shared_pages() (jsc#SLE-19924, jsc#SLE-24814).
vrf: fix packet sniffing for traffic originating from ip tunnels (git-fixes).
vt: Clear selection before changing the font (git-fixes).
watchdog: wdat_wdt: Set the min and max timeout values properly (bsc#1194023).
wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (git-fixes).
wifi: ath11k: fix number of VHT beamformee spatial streams (git-fixes).
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).
wifi: mac80211_hwsim: check length for virtio packets (git-fixes).
wifi: mac80211: allow bw change during channel switch in mesh (git-fixes).
wifi: mac80211: fix regression with non-QoS drivers (git-fixes).
wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
wifi: mt76: fix reading current per-tid starting sequence number for aggregation (git-fixes).
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_offload (git-fixes).
wifi: mt76: mt7915: do not check state before configuring implicit beamform (git-fixes).
wifi: mt76: sdio: fix transmitting packet hangs (git-fixes).
wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask (git-fixes).
wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() (git-fixes).
wifi: rtlwifi: 8192de: correct checking of IQK reload (git-fixes).
wifi: rtw88: add missing destroy_workqueue() on error path in rtw_core_init() (git-fixes).
workqueue: do not skip lockdep work dependency in cancel_work_sync() (git-fixes).
x86/boot: Add a pointer to Confidential Computing blob in bootparams (jsc#SLE-19924, jsc#SLE-24814).
x86/boot: Add Confidential Computing type to setup_data (jsc#SLE-19924, jsc#SLE-24814).
x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924, jsc#SLE-24814).
x86/boot: Put globals that are accessed early into the .data section (jsc#SLE-19924, jsc#SLE-24814).
x86/boot: Use MSR read/write helpers instead of inline assembly (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed: Add helper for validating pages in the decompression stage (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed: Add SEV-SNP feature detection/setup (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed: Export and rename add_identity_map() (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed: Register GHCB memory when SEV-SNP is active (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/64: Add identity mapping for Confidential Computing blob (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/64: Add support for SEV-SNP CPUID table in #VC handlers (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/64: Detect/setup SEV/SME features earlier during boot (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/acpi: Move EFI config table lookup to helper (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/acpi: Move EFI detection to helper (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/acpi: Move EFI kexec handling into common code (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/acpi: Move EFI system table lookup to helper (jsc#SLE-19924, jsc#SLE-24814).
x86/compressed/acpi: Move EFI vendor table lookup to helper (jsc#SLE-19924, jsc#SLE-24814).
x86/head/64: Re-enable stack protection (jsc#SLE-19924, jsc#SLE-24814).
x86/ibt,ftrace: Make function-graph play nice (bsc#1203969).
x86/kernel: Mark the .bss..decrypted section as shared in the RMP table (jsc#SLE-19924, jsc#SLE-24814).
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active (jsc#SLE-19924, jsc#SLE-24814).
x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924, jsc#SLE-24814).
x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Add a helper for the PVALIDATE instruction (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Add a sev= cmdline option (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Add helper for validating pages in early enc attribute changes (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Add missing __init annotations to SEV init routines (jsc#SLE-19924 jsc#SLE-24814).
x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Check SEV-SNP features support (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Detect/setup SEV/SME features earlier in boot (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Get the AP jump table address from secrets page (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Move MSR-based VMGEXITs for CPUID to helper (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Provide support for SNP guest request NAEs (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Register GHCB memory when SEV-SNP is active (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Register SEV-SNP guest request platform device (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Use firmware-validated CPUID for SEV-SNP guests (jsc#SLE-19924, jsc#SLE-24814).
x86/sev: Use SEV-SNP AP creation to start secondary CPUs (jsc#SLE-19924, jsc#SLE-24814).
x86/xen: Remove undefined behavior in setup_features() (git-fixes).
xen-blkback: Advertise feature-persistent as user requested (git-fixes).
xen-blkback: Apply 'feature_persistent' parameter when connect (git-fixes).
xen-blkback: fix persistent grants negotiation (git-fixes).
xen-blkfront: Advertise feature-persistent as user requested (git-fixes).
xen-blkfront: Apply 'feature_persistent' parameter when connect (git-fixes).
xen-blkfront: Cache feature_persistent value before advertisement (git-fixes).
xen-blkfront: Handle NULL gendisk (git-fixes).
xen-netback: only remove 'hotplug-status' when the vif is actually destroyed (git-fixes).
xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE (git-fixes).
xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() (git-fixes).
xen/usb: do not use arbitrary_virt_to_machine() (git-fixes).
xhci: Allocate separate command structures for each LPM command (git-fixes).

Advisory ID	SUSE-feature-2022:3845-1
Released	Wed Nov 2 07:22:59 2022
Summary	Feature update for grub2
Type	feature
Severity	important
References	1196668,1201361

Description:

This feature update for grub2 fixes the following issues:

Include loopback into signed grub2 image (jsc#PED-2151, jsc#PED-2150)
Enable 'Automatic TPM Disk Unlock' mechanism (jsc#PED-1423, jsc#PED-1091, bsc#1196668)
Fix installation failure due to unavailable nvram device on ppc64le (bsc#1201361)

Advisory ID	SUSE-RU-2022:3870-1
Released	Fri Nov 4 11:12:08 2022
Summary	Recommended update for openssl-1_1
Type	recommended
Severity	moderate
References	1190651,1202148

Description:

This update for openssl-1_1 fixes the following issues:

FIPS: Add a missing dependency on jitterentropy-devel for libopenssl-1_1-devel (bsc#1202148)
FIPS: OpenSSL service-level indicator: Allow AES XTS 256 (bsc#1190651)

Advisory ID	SUSE-SU-2022:3884-1
Released	Mon Nov 7 10:59:26 2022
Summary	Security update for expat
Type	security
Severity	important
References	1204708,CVE-2022-43680

Description:

This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).

Advisory ID	SUSE-RU-2022:3885-1
Released	Mon Nov 7 11:32:04 2022
Summary	Recommended update for gnutls
Type	recommended
Severity	moderate
References	1203299

Description:

This update for gnutls fixes the following issues:

Fix AVX CPU feature detection for OSXSAVE (bsc#1203299) This fixes a SIGILL termination at the verzoupper instruction when trying to run GnuTLS on a Linux kernel with the noxsave command line parameter set. Relevant mostly for virtual systems.

Advisory ID	SUSE-RU-2022:3900-1
Released	Tue Nov 8 10:47:55 2022
Summary	Recommended update for docker
Type	recommended
Severity	moderate
References	1200022

Description:

This update for docker fixes the following issues:

Fix a crash-on-start issue with dockerd (bsc#1200022)

Advisory ID	SUSE-RU-2022:3904-1
Released	Tue Nov 8 10:52:13 2022
Summary	Recommended update for openssh
Type	recommended
Severity	moderate
References	1192439

Description:

This update for openssh fixes the following issue:

Prevent empty messages from being sent. (bsc#1192439)

Advisory ID	SUSE-RU-2022:3910-1
Released	Tue Nov 8 13:05:04 2022
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References

Description:

This update for pam fixes the following issue:

Update pam_motd to the most current version. (PED-1712)

Advisory ID	SUSE-SU-2022:3922-1
Released	Wed Nov 9 09:03:33 2022
Summary	Security update for protobuf
Type	security
Severity	important
References	1194530,1203681,1204256,CVE-2021-22569,CVE-2022-1941,CVE-2022-3171

Description:

This update for protobuf fixes the following issues:

CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530).
CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681)
CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256)

Advisory ID	SUSE-RU-2022:3927-1
Released	Wed Nov 9 14:55:47 2022
Summary	Recommended update for runc
Type	recommended
Severity	moderate
References	1202021,1202821

Description:

This update for runc fixes the following issues:

Update to runc v1.1.4 (bsc#1202021)
Fix failed exec after systemctl daemon-reload (bsc#1202821)
Fix mounting via wrong proc
Fix 'permission denied' error from runc run on noexec filesystem

Advisory ID	SUSE-RU-2022:3961-1
Released	Mon Nov 14 07:33:50 2022
Summary	Recommended update for zlib
Type	recommended
Severity	important
References	1203652

Description:

This update for zlib fixes the following issues:

Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652)

Advisory ID	SUSE-RU-2022:3974-1
Released	Mon Nov 14 15:39:20 2022
Summary	Recommended update for util-linux
Type	recommended
Severity	moderate
References	1201959,1204211

Description:

This update for util-linux fixes the following issues:

Fix file conflict during upgrade (bsc#1204211)
libuuid improvements (bsc#1201959, PED-1150): libuuid: Fix range when parsing UUIDs. Improve cache handling for short running applications-increment the cache size over runtime. Implement continuous clock handling for time based UUIDs. Check clock value from clock file to provide seamless libuuid.

Advisory ID	SUSE-SU-2022:3999-1
Released	Tue Nov 15 17:08:04 2022
Summary	Security update for systemd
Type	security
Severity	moderate
References	1204179,1204968,CVE-2022-3821

Description:

This update for systemd fixes the following issues:

CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968).

Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 * 0469b9f2bc pstore: do not try to load all known pstore modules * ad05f54439 pstore: Run after modules are loaded * ccad817445 core: Add trigger limit for path units * 281d818fe3 core/mount: also add default before dependency for automount mount units * ffe5b4afa8 logind: fix crash in logind on user-specified message string

Document udev naming scheme (bsc#1204179)
Make 'sle15-sp3' net naming scheme still available for backward compatibility reason

Advisory ID	SUSE-SU-2022:4001-1
Released	Tue Nov 15 17:08:52 2022
Summary	Security update for sudo
Type	security
Severity	important
References	1204986,CVE-2022-43995

Description:

This update for sudo fixes the following issues:

CVE-2022-43995: Fixed a potential heap-based buffer over-read when entering a password of seven characters or fewer and using the crypt() password backend (bsc#1204986).

Advisory ID	SUSE-SU-2022:4007-1
Released	Wed Nov 16 09:12:44 2022
Summary	Security update for xen
Type	security
Severity	important
References	1027519,1193923,1203806,1203807,1204482,1204483,1204485,1204487,1204488,1204489,1204490,1204494,1204496,CVE-2022-33746,CVE-2022-33747,CVE-2022-33748,CVE-2022-42309,CVE-2022-42310,CVE-2022-42311,CVE-2022-42312,CVE-2022-42313,CVE-2022-42314,CVE-2022-42315,CVE-2022-42316,CVE-2022-42317,CVE-2022-42318,CVE-2022-42319,CVE-2022-42320,CVE-2022-42321,CVE-2022-42322,CVE-2022-42323,CVE-2022-42325,CVE-2022-42326,CVE-2022-42327

Description:

This update for xen fixes the following issues:

CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806).
CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).
CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487)
CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488)
CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489)
CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490)
CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494)
CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496)
xen: Frontends vulnerable to backends (bsc#1193923).

Advisory ID	SUSE-RU-2022:4019-1
Released	Wed Nov 16 15:44:20 2022
Summary	Recommended update for apparmor
Type	recommended
Severity	low
References	1202344

Description:

This update for apparmor fixes the following issues:

profiles: permit php-fpm pid files directly under run/ (bsc#1202344)

Advisory ID	SUSE-RU-2022:4020-1
Released	Wed Nov 16 15:45:13 2022
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1199856,1202627

Description:

This update for nfs-utils fixes the following issues:

Fix nfsdcltrack bug that affected non-x86 archs (bsc#1202627)
Ensure sysctl setting work (bsc#1199856)

Advisory ID	SUSE-RU-2022:4041-1
Released	Thu Nov 17 04:55:47 2022
Summary	Recommended update for libuv
Type	recommended
Severity	moderate
References	1199062

Description:

This update for libuv fixes the following issues:

Remove epoll syscall wrappers. (bsc#1199062)

Advisory ID	SUSE-RU-2022:4062-1
Released	Fri Nov 18 09:05:07 2022
Summary	Recommended update for libusb-1_0
Type	recommended
Severity	moderate
References	1201590

Description:

This update for libusb-1_0 fixes the following issues:

Fix regression where some devices no longer work if they have a configuration value of 0 (bsc#1201590)

Advisory ID	SUSE-RU-2022:4066-1
Released	Fri Nov 18 10:43:00 2022
Summary	Recommended update for timezone
Type	recommended
Severity	important
References	1177460,1202324,1204649,1205156

Description:

This update for timezone fixes the following issues:
Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156):

Mexico will no longer observe DST except near the US border
Chihuahua moves to year-round -06 on 2022-10-30
Fiji no longer observes DST
In vanguard form, GMT is now a Zone and Etc/GMT a link
zic now supports links to links, and vanguard form uses this
Simplify four Ontario zones
Fix a Y2438 bug when reading TZif data
Enable 64-bit time_t on 32-bit glibc platforms
Omit large-file support when no longer needed
Jordan and Syria switch from +02/+03 with DST to year-round +03
Palestine transitions are now Saturdays at 02:00
Simplify three Ukraine zones into one
Improve tzselect on intercontinental Zones
Chile's DST is delayed by a week in September 2022 (bsc#1202324)
Iran no longer observes DST after 2022
Rename Europe/Kiev to Europe/Kyiv
New `zic -R` command option
Vanguard form now uses %z

Advisory ID	SUSE-SU-2022:4072-1
Released	Fri Nov 18 13:36:05 2022
Summary	Security update for the Linux Kernel
Type	security
Severity	important
References	1065729,1071995,1152472,1152489,1188238,1194869,1196018,1196632,1199904,1200567,1200692,1200788,1202187,1202686,1202700,1202914,1203098,1203229,1203290,1203435,1203514,1203699,1203767,1203802,1203922,1204017,1204142,1204166,1204168,1204171,1204241,1204353,1204354,1204355,1204402,1204413,1204415,1204417,1204428,1204431,1204439,1204470,1204479,1204498,1204533,1204569,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204753,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,CVE-2022-1882,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-40476,CVE-2022-40768,CVE-2022-42703,CVE-2022-43750

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

CVE-2022-28748: Fixed a leak of kernel memory over the network by ax88179_178a devices (bsc#1196018).
CVE-2022-1882: Fixed a use-after-free flaw in free_pipe_info() that could allow a local user to crash or potentially escalate their privileges on the system (bsc#1199904).
CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686).
CVE-2022-3169: Fixed an denial of service though request to NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET (bsc#1203290).
CVE-2022-33981: Fixed a use-after-free in floppy driver (bnc#1200692).
CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).
CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file net/ipv4/fib_semantics.c (bsc#1204171).
CVE-2022-3521: Fixed race condition in kcm_tx_work() in net/kcm/kcmsock.c (bnc#1204355).
CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bnc#1204354).
CVE-2022-3526: Fixed a memory leak in macvlan_handle_frame() from drivers/net/macvlan.c (bnc#1204353).
CVE-2022-3545: Fixed use-after-free in area_cache_get() in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
CVE-2022-3625: Fixed use-after-free in devlink_param_set()/devlink_param_get() in net/core/devlink.c (bnc#1204637).
CVE-2022-3628: Fixed potential buffer overflow in brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in net/bluetooth/l2cap_core.c (bnc#1204619).
CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bnc#1204646).
CVE-2022-40476: Fixed a null pointer dereference in fs/io_uring.c (bnc#1203435).
CVE-2022-40768: Fixed information disclosure in stex_queuecommand_lck (bnc#1203514).
CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bnc#1204653).

The following non-security bugs were fixed:

acpi: APEI: do not add task_work to kernel thread to avoid memory leak (git-fixes).
acpi: HMAT: Release platform device in case of platform_device_add_data() fails (git-fixes).
acpi: extlog: Handle multiple records (git-fixes).
acpi: tables: FPDT: Do not call acpi_os_map_memory() on invalid phys address (git-fixes).
acpi: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
acpi: video: Make backlight class device registration a separate step (v2) (git-fixes).
acpi: x86: Add a quirk for Dell Inspiron 14 2-in-1 for StorageD3Enable (git-fixes).
alsa: Use del_timer_sync() before freeing timer (git-fixes).
alsa: ac97: fix possible memory leak in snd_ac97_dev_register() (git-fixes).
alsa: aoa: Fix I2S device accounting (git-fixes).
alsa: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() (git-fixes).
alsa: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
alsa: au88x0: use explicitly signed char (git-fixes).
alsa: dmaengine: increment buffer pointer atomically (git-fixes).
alsa: hda/cs_dsp_ctl: Fix mutex inversion when creating controls (bsc#1203699).
alsa: hda/hdmi: Do not skip notification handling during PM operation (git-fixes).
alsa: hda/hdmi: Fix the converter allocation for the silent stream (git-fixes).
alsa: hda/hdmi: Fix the converter reuse for the silent stream (git-fixes).
alsa: hda/hdmi: change type for the 'assigned' variable (git-fixes).
alsa: hda/realtek: Add Intel Reference SSID to support headset keys (git-fixes).
alsa: hda/realtek: Add another HP ZBook G9 model quirks (bsc#1203699).
alsa: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
alsa: hda/realtek: Add quirk for ASUS Zenbook using CS35L41 (bsc#1203922).
alsa: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
alsa: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 (git-fixes).
alsa: hda: Fix position reporting on Poulsbo (git-fixes).
alsa: hda: cs35l41: Remove suspend/resume hda hooks (bsc#1203699).
alsa: hda: cs35l41: Support System Suspend (bsc#1203699).
alsa: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before reading/writing controls (bsc#1203699).
alsa: hda: hda_cs_dsp_ctl: Minor clean and redundant code removal (bsc#1203699).
alsa: hiface: fix repeated words in comments (git-fixes).
alsa: line6: Replace sprintf() with sysfs_emit() (git-fixes).
alsa: line6: remove line6_set_raw declaration (git-fixes).
alsa: oss: Fix potential deadlock at unregistration (git-fixes).
alsa: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
alsa: rme9652: use explicitly signed char (git-fixes).
alsa: scarlett2: Add Focusrite Clarett+ 8Pre support (git-fixes).
alsa: scarlett2: Add support for the internal 'standalone' switch (git-fixes).
alsa: scarlett2: Split scarlett2_config_items[] into 3 sections (git-fixes).
alsa: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos (git-fixes).
alsa: usb-audio: Add quirk to enable Avid Mbox 3 support (git-fixes).
alsa: usb-audio: Add quirks for M-Audio Fast Track C400/600 (git-fixes).
alsa: usb-audio: Fix NULL dererence at error path (git-fixes).
alsa: usb-audio: Fix last interface check for registration (git-fixes).
alsa: usb-audio: Fix potential memory leaks (git-fixes).
alsa: usb-audio: Fix regression with Dell Dock jack detection (bsc#1204719).
alsa: usb-audio: Register card at the last interface (git-fixes).
alsa: usb-audio: make read-only array marker static const (git-fixes).
alsa: usb-audio: remove redundant assignment to variable c (git-fixes).
alsa: usb-audio: scarlett2: Use struct_size() helper in scarlett2_usb() (git-fixes).
alsa: usb/6fire: fix repeated words in comments (git-fixes).
arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes)
arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to USB nodes (git-fixes).
arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply (git-fixes).
arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
arm64: ftrace: fix module PLTs with mcount (git-fixes).
arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored (git-fixes).
arm64: topology: move store_cpu_topology() to shared code (git-fixes).
arm: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n (git-fixes).
arm: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
arm: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE (git-fixes).
arm: Drop CMDLINE_* dependency on ATAGS (git-fixes).
arm: decompressor: Include .data.rel.ro.local (git-fixes).
arm: defconfig: clean up multi_v4t and multi_v5 configs (git-fixes).
arm: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
arm: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
arm: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
arm: dts: armada-38x: Add gpio-ranges for pin muxing (git-fixes).
arm: dts: exynos: correct s5k6a3 reset polarity on Midas family (git-fixes).
arm: dts: exynos: fix polarity of VBUS GPIO of Origen (git-fixes).
arm: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer (git-fixes).
arm: dts: imx6dl: add missing properties for sram (git-fixes).
arm: dts: imx6q: add missing properties for sram (git-fixes).
arm: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus (git-fixes).
arm: dts: imx6qp: add missing properties for sram (git-fixes).
arm: dts: imx6sl: add missing properties for sram (git-fixes).
arm: dts: imx6sll: add missing properties for sram (git-fixes).
arm: dts: imx6sx: add missing properties for sram (git-fixes).
arm: dts: imx7d-sdb: config the max pressure for tsc2046 (git-fixes).
arm: dts: integrator: Tag PCI host with device_type (git-fixes).
arm: dts: kirkwood: lsxl: fix serial line (git-fixes).
arm: dts: kirkwood: lsxl: remove first ethernet port (git-fixes).
arm: dts: turris-omnia: Add label for wan port (git-fixes).
arm: dts: turris-omnia: Fix mpp26 pin name and comment (git-fixes).
asoc: SOF: pci: Change DMI match info to support all Chrome platforms (git-fixes).
asoc: codecs: tx-macro: fix kcontrol put (git-fixes).
asoc: da7219: Fix an error handling path in da7219_register_dai_clks() (git-fixes).
asoc: eureka-tlv320: Hold reference returned from of_find_xxx API (git-fixes).
asoc: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
asoc: mt6359: fix tests for platform_get_irq() failure (git-fixes).
asoc: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe (git-fixes).
asoc: qcom: lpass-cpu: Mark HDMI TX parity register as volatile (git-fixes).
asoc: qcom: lpass-cpu: mark HDMI TX registers as volatile (git-fixes).
asoc: rsnd: Add check for rsnd_mod_power_on (git-fixes).
asoc: tas2764: Allow mono streams (git-fixes).
asoc: tas2764: Drop conflicting set_bias_level power setting (git-fixes).
asoc: tas2764: Fix mute/unmute (git-fixes).
asoc: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
asoc: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
asoc: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
asoc: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
asoc: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
asoc: wm_adsp: Handle optional legacy support (git-fixes).
ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
ata: fix ata_id_has_devslp() (git-fixes).
ata: fix ata_id_has_dipm() (git-fixes).
ata: fix ata_id_has_ncq_autosense() (git-fixes).
ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() (git-fixes).
ata: libahci_platform: Sanity check the DT child nodes number (git-fixes).
ata: pata_legacy: fix pdc20230_set_piomode() (git-fixes).
bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (git-fixes).
bluetooth: L2CAP: Fix user-after-free (git-fixes).
bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() (git-fixes).
bluetooth: RFCOMM: Fix possible deadlock on socket shutdown/release (git-fixes).
bluetooth: btintel: Mark Intel controller to support LE_STATES quirk (git-fixes).
bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (git-fixes).
bluetooth: virtio_bt: Use skb_put to set length (git-fixes).
bnxt_en: Fix bnxt_refclk_read() (git-fixes).
bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
bnxt_en: fix livepatch query (git-fixes).
bnxt_en: reclaim max resources if sriov enable fails (git-fixes).
bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (git-fixes).
can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() (git-fixes).
can: kvaser_usb: Fix possible completions during init_completion (git-fixes).
can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression (git-fixes).
can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info (git-fixes).
can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path (git-fixes).
can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness conversion (git-fixes).
can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct length to read dev_id (git-fixes).
can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path (git-fixes).
cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
clk: ast2600: BCLK comes from EPLL (git-fixes).
clk: at91: fix the build with binutils 2.27 (git-fixes).
clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent (git-fixes).
clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
clk: bcm2835: Make peripheral PLLC critical (git-fixes).
clk: bcm2835: Round UART input clock up (bsc#1188238)
clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration (git-fixes).
clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
clk: imx: scu: fix memleak on platform_device_add() fails (git-fixes).
clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent (git-fixes).
clk: meson: Hold reference returned by of_get_parent() (git-fixes).
clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical (git-fixes).
clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents (git-fixes).
clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
clk: sprd: Hold reference returned by of_get_parent() (git-fixes).
clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe (git-fixes).
clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD (git-fixes).
clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate (git-fixes).
cpufreq: qcom: fix memory leak in error path (git-fixes).
cpufreq: qcom: fix writes in read-only memory region (git-fixes).
crypto: akcipher - default implementation for setting a private key (git-fixes).
crypto: cavium - prevent integer overflow loading firmware (git-fixes).
crypto: ccp - Release dma channels before dmaengine unrgister (git-fixes).
crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
crypto: inside-secure - Change swab to swab32 (git-fixes).
crypto: inside-secure - Replace generic aes with libaes (git-fixes).
crypto: marvell/octeontx - prevent integer overflows (git-fixes).
crypto: qat - fix default value of WDT timer (git-fixes).
crypto: sahara - do not sleep when in softirq (git-fixes).
device property: Fix documentation for *_match_string() APIs (git-fixes).
dmaengine: hisilicon: Add multi-thread support for a DMA channel (git-fixes).
dmaengine: hisilicon: Disable channels when unregister hisi_dma (git-fixes).
dmaengine: hisilicon: Fix CQ head update (git-fixes).
dmaengine: idxd: change bandwidth token to read buffers (jsc#PED-679).
dmaengine: idxd: deprecate token sysfs attributes for read buffers (jsc#PED-679).
dmaengine: idxd: force wq context cleanup on device disable path (git-fixes).
dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() (git-fixes).
dmaengine: mxs: use platform_driver_register (git-fixes).
dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow (git-fixes).
dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling (git-fixes).
dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure (git-fixes).
dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property (git-fixes).
dpaa2-eth: trace the allocated address instead of page struct (git-fixes).
drivers: hv: vmbus: Fix handling of messages with transaction ID of zero (bsc#1204017).
drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017).
drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017).
drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
drivers: serial: jsm: fix some leaks in probe (git-fixes).
drm/amd/display: Assume an LTTPR is always present on fixed_vs links (git-fixes).
drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472) Backporting notes: * remove changes to non-existing 201 and 31 directories
drm/amd/display: Correct MPC split policy for DCN301 (git-fixes).
drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n (git-fixes).
drm/amd/display: Fix double cursor on non-video RGB MPO (git-fixes).
drm/amd/display: Fix vblank refcount in vrr transition (git-fixes).
drm/amd/display: Remove interface for periodic interrupt 1 (git-fixes).
drm/amd/display: skip audio setup when audio stream is enabled (git-fixes).
drm/amd/display: update gamut remap if plane has changed (git-fixes).
drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in 'performance_levels' (git-fixes).
drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472) Backporting notes: * also fix default branch
drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472) Backporting notes: * replace IP_VERSION() with CHIP_ constants
drm/amdgpu: add missing pci_disable_device() in amdgpu_pmops_runtime_resume() (git-fixes).
drm/amdgpu: fix initial connector audio value (git-fixes).
drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() (git-fixes).
drm/bridge: Avoid uninitialized variable warning (git-fixes).
drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
drm/i915/dp: Reset frl trained flag before restarting FRL training (git-fixes).
drm/i915/ehl: Update MOCS table for EHL (git-fixes).
drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489)
drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
drm/komeda: Fix handling of atomic commits in the atomic_commit_tail hook (git-fixes).
drm/meson: explicitly remove aggregate driver at module unload time (git-fixes).
drm/mipi-dsi: Detach devices when removing the host (git-fixes).
drm/msm/dp: Silence inconsistent indent warning (git-fixes).
drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa() (git-fixes).
drm/msm/dp: fix IRQ lifetime (git-fixes).
drm/msm/dpu: Fix comment typo (git-fixes).
drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
drm/msm: fix use-after-free on probe deferral (git-fixes).
drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() (git-fixes).
drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() (git-fixes).
drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472) Backporting notes: * context changes
drm/omap: dss: Fix refcount leak bugs (git-fixes).
drm/scheduler: quieten kernel-doc warnings (git-fixes).
drm/virtio: Check whether transferred 2D BO is shmem (git-fixes).
drm/virtio: Unlock reservations on virtio_gpu_object_shmem_init() error (git-fixes).
drm: Prevent drm_copy_field() to attempt copying a NULL pointer (git-fixes).
drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
drm: bridge: adv7511: fix CEC power down control register offset (git-fixes).
drm: bridge: dw_hdmi: only trigger hotplug event on link change (git-fixes).
drm: fix drm_mipi_dbi build errors (git-fixes).
drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
drm:pl111: Add of_node_put() when breaking out of for_each_available_child_of_node() (git-fixes).
drop Dell Dock regression fix patch again (bsc#1204719)
drop verbose nvme logging feature (bsc#1200567)
dt-bindings: crypto: ti,sa2ul: drop dma-coherent property (git-fixes).
dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table (git-fixes).
dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table (git-fixes).
dt-bindings: mtd: intel: lgm-nand: Fix compatible string (git-fixes).
dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value (git-fixes).
dt-bindings: pci: microchip,pcie-host: fix missing clocks properties (git-fixes).
dt-bindings: pci: microchip,pcie-host: fix missing dma-ranges (git-fixes).
dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells property (git-fixes).
dt-bindings: phy: qcom,qmp: fix bogus clock-cells property (git-fixes).
dyndbg: fix module.dyndbg handling (git-fixes).
dyndbg: fix static_branch manipulation (git-fixes).
dyndbg: let query-modname override actual module name (git-fixes).
efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
efi: libstub: drop pointless get_memory_map() call (git-fixes).
fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
fec: Fix timer capture timing in `fec_ptp_enable_pps()` (git-fixes).
firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
firmware: arm_scmi: Harden accesses to the sensor domains (git-fixes).
firmware: arm_scmi: Improve checks in the info_get operations (git-fixes).
firmware: google: Test spinlock on panic path to avoid lockups (git-fixes).
fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() (git-fixes).
fs/binfmt_elf: Fix memory leak in load_elf_binary() (git-fixes).
ftrace: Fix char print issue in print_ip_ins() (git-fixes).
ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
fuse: fix deadlock between atomic O_TRUNC and page invalidation (bsc#1204533).
gcov: support GCC 12.1 and newer compilers (git-fixes).
gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() (git-fixes).
hid: hid-logitech-hidpp: avoid unnecessary assignments in hidpp_connect_event (git-fixes).
hid: hidraw: fix memory leak in hidraw_release() (git-fixes).
hid: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
hid: multitouch: Add memory barriers (git-fixes).
hid: roccat: Fix use-after-free in roccat_read() (git-fixes).
hinic: Avoid some over memory allocation (git-fixes).
hsi: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
hsi: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
hwmon/coretemp: Handle large core ID value (git-fixes).
hwmon: (sht4x) do not overflow clamping operation on 32-bit platforms (git-fixes).
i2c: designware: Fix handling of real but unexpected device interrupts (git-fixes).
i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
i2c: i801: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
i2c: i801: Improve handling of chip-specific feature definitions (jsc#PED-634).
i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter (git-fixes).
i40e: Fix call trace in setup_tx_descriptors (git-fixes).
i40e: Fix dropped jumbo frames statistics (git-fixes).
i40e: Fix to stop tx_timeout recovery if GLOBR fails (git-fixes).
iavf: Fix adminq error handling (git-fixes).
iavf: Fix handling of dummy receive descriptors (git-fixes).
iavf: Fix reset error handling (git-fixes).
ib/core: Fix a nested dead lock as part of ODP flow (git-fixes)
ib/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
ice: Fix switchdev rules book keeping (git-fixes).
ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) (git-fixes).
ice: do not setup vlan for loopback VSI (git-fixes).
igb: Make DMA faster when CPU is active on the PCIe link (git-fixes).
igb: fix a use-after-free issue in igb_clean_tx_ring (git-fixes).
iio: ABI: Fix wrong format of differential capacitance channel ABI (git-fixes).
iio: adc: ad7923: fix channel readings for some variants (git-fixes).
iio: adc: at91-sama5d2_adc: check return status for pressure and touch (git-fixes).
iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume (git-fixes).
iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq (git-fixes).
iio: adc: mcp3911: use correct id bits (git-fixes).
iio: adxl372: Fix unsafe buffer attributes (git-fixes).
iio: bmc150-accel-core: Fix unsafe buffer attributes (git-fixes).
iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
iio: inkern: fix return value in devm_of_iio_channel_get_by_name() (git-fixes).
iio: inkern: only release the device node when done with it (git-fixes).
iio: light: tsl2583: Fix module unloading (git-fixes).
iio: ltc2497: Fix reading conversion results (git-fixes).
iio: magnetometer: yas530: Change data type of hard_offsets to signed (git-fixes).
iio: pressure: dps310: Refactor startup procedure (git-fixes).
iio: pressure: dps310: Reset chip after timeout (git-fixes).
iio: temperature: ltc2983: allocate iio channels once (git-fixes).
ima: fix blocking of security.ima xattrs of unsupported algorithms (git-fixes).
input: i8042 - fix refount leak on sparc (git-fixes).
input: synaptics-rmi4 - fix firmware update operations with bootloader v8 (git-fixes).
input: xpad - add supported devices as contributed on github (git-fixes).
input: xpad - fix wireless 360 controller breaking after suspend (git-fixes).
iommu/vt-d: Do not falsely log intel_iommu is unsupported kernel option (bsc#1204947).
ip: Fix data-races around sysctl_ip_fwd_update_priority (git-fixes).
ipv4: Fix data-races around sysctl_fib_multipath_hash_policy (git-fixes).
irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap (git-fixes).
isdn: mISDN: netjet: fix wrong check of device registration (git-fixes).
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero (git-fixes).
ixgbe: fix bcast packets Rx on VF after promisc removal (git-fixes).
ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
kABI: Fix after adding trace_iterator.wait_index (git-fixes).
kABI: Fix kABI after backport Add pmc->intr to refactor kvm_perf_overflow{_intr}() (git-fixes).
kABI: Fix kABI after backport Always set kvm_run->if_flag (git-fixes).
kABI: Fix kABI after backport Forcibly leave nested virt when SMM state is toggled (git-fixes).
kABI: Fix kABI after backport Refactoring find_arch_event() to pmc_perf_hw_id() (git-fixes).
kABI: Fix kABI after backport Update vPMCs when retiring branch instructions (git-fixes).
kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
kbuild: remove the target in signal traps when interrupted (git-fixes).
kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
kernfs: fix use-after-free in __kernfs_remove (git-fixes).
kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT (git-fixes).
kvm: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors (git-fixes).
kvm: VMX: Inject #PF on ENCLS as 'emulated' #PF (git-fixes).
kvm: fix avic_set_running for preemptable kernels (git-fixes).
kvm: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in WFS (git-fixes).
kvm: nVMX: Unconditionally purge queued/injected events on nested 'exit' (git-fixes).
kvm: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
kvm: s390: pv: do not present the ecall interrupt twice (bsc#1203229 LTC#199905).
kvm: s390x: fix SCK locking (git-fixes).
kvm: x86/emulator: Fix handing of POP SS to correctly set interruptibility (git-fixes).
kvm: x86/mmu: Do not advance iterator after restart due to yielding (git-fixes).
kvm: x86/mmu: Retry page fault if root is invalidated by memslot update (git-fixes).
kvm: x86/pmu: Add pmc->intr to refactor kvm_perf_overflow{_intr}() (git-fixes).
kvm: x86/pmu: Do not truncate the PerfEvtSeln MSR when creating a perf event (git-fixes).
kvm: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES event (git-fixes).
kvm: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id() (git-fixes).
kvm: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
kvm: x86: Add compat handler for KVM_X86_SET_MSR_FILTER (git-fixes).
kvm: x86: Always set kvm_run->if_flag (git-fixes).
kvm: x86: Forcibly leave nested virt when SMM state is toggled (git-fixes).
kvm: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled (git-fixes).
kvm: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
kvm: x86: Register perf callbacks after calling vendor's hardware_setup() (git-fixes).
kvm: x86: Sync the states size with the XCR0/IA32_XSS at, any time (git-fixes).
kvm: x86: Update vPMCs when retiring branch instructions (git-fixes).
kvm: x86: Update vPMCs when retiring instructions (git-fixes).
kvm: x86: do not report preemption if the steal time cache is stale (git-fixes).
kvm: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a result of RSM (git-fixes).
kvm: x86: nSVM: fix potential NULL derefernce on nested migration (git-fixes).
kvm: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved state (git-fixes).
lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall (git-fixes).
livepatch: Add a missing newline character in klp_module_coming() (bsc#1071995).
livepatch: fix race between fork and KLP transition (bsc#1071995).
mISDN: fix possible memory leak in mISDN_register_device() (git-fixes).
mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
mac802154: Fix LQI recording (git-fixes).
macvlan: enforce a consistent minimal mtu (git-fixes).
mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
mailbox: mpfs: account for mbox offsets while sending (git-fixes).
mailbox: mpfs: fix handling of the reg property (git-fixes).
media: atomisp: prevent integer overflow in sh_css_set_black_frame() (git-fixes).
media: cedrus: Fix endless loop in cedrus_h265_skip_bits() (git-fixes).
media: cedrus: Set the platform driver data earlier (git-fixes).
media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
media: ipu3-imgu: Fix NULL pointer dereference in active selection access (git-fixes).
media: mceusb: set timeout to at least timeout provided (git-fixes).
media: meson: vdec: add missing clk_disable_unprepare on error in vdec_hevc_start() (git-fixes).
media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
media: v4l2-compat-ioctl32.c: zero buffer passed to v4l2_compat_get_array_args() (git-fixes).
media: v4l2-dv-timings: add sanity checks for blanking values (git-fixes).
media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation (git-fixes).
media: venus: dec: Handle the case where find_format fails (git-fixes).
media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' (git-fixes).
media: vivid: dev->bitmap_cap wasn't freed in all cases (git-fixes).
media: vivid: s_fbuf: add more sanity checks (git-fixes).
media: vivid: set num_in/outputs to 0 if not supported (git-fixes).
media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init (git-fixes).
memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() (git-fixes).
memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() (git-fixes).
mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() (git-fixes).
mfd: fsl-imx25: Fix check for platform_get_irq() errors (git-fixes).
mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs (jsc#PED-634).
mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() (git-fixes).
mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() (git-fixes).
mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
mfd: sm501: Add check for platform_driver_register() (git-fixes).
misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
misc: pci_endpoint_test: Aggregate params checking for xfer (git-fixes).
misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic (git-fixes).
mlxsw: spectrum: Clear PTP configuration after unregistering the netdevice (git-fixes).
mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication (git-fixes).
mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page (bsc#1204575).
mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
mmc: core: Fix kernel panic when remove non-standard SDIO card (git-fixes).
mmc: core: Replace with already defined values for readability (git-fixes).
mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus (git-fixes).
mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake (git-fixes).
mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO (git-fixes).
mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() (git-fixes).
move upstreamed BT fixes into sorted section
move upstreamed patches into sorted section
move upstreamed sound patches into sorted section
mtd: devices: docg3: check the return value of devm_ioremap() in the probe (git-fixes).
mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
mtd: rawnand: intel: Do not re-define NAND_DATA_IFACE_CHECK_ONLY (git-fixes).
mtd: rawnand: intel: Read the chip-select line from the correct OF node (git-fixes).
mtd: rawnand: intel: Remove undocumented compatible string (git-fixes).
mtd: rawnand: marvell: Use correct logic for nand-keep-config (git-fixes).
mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() (git-fixes).
net/dsa/hirschmann: Add missing of_node_get() in hellcreek_led_setup() (git-fixes).
net/ice: fix initializing the bitmap in the switch code (git-fixes).
net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (git-fixes).
net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race condition (git-fixes).
net/mlx5e: Fix enabling sriov while tc nic rules are offloaded (git-fixes).
net/mlx5e: Properly disable vlan strip on non-UL reps (git-fixes).
net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version (git-fixes).
net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
net/mlx5e: TC, fix decap fallback to uplink when int port not supported (git-fixes).
net/mlx5e: Update netdev features after changing XDP state (git-fixes).
net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ size (git-fixes).
net: altera: Fix refcount leak in altera_tse_mdio_create (git-fixes).
net: atlantic: fix aq_vec index out of range error (git-fixes).
net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
net: bgmac: Fix a BUG triggered by wrong bytes_compl (git-fixes).
net: bgmac: Fix an erroneous kfree() in bgmac_remove() (git-fixes).
net: bgmac: support MDIO described in DT (git-fixes).
net: bonding: fix possible NULL deref in rlb code (git-fixes).
net: bonding: fix use-after-free after 802.3ad slave unbind (git-fixes).
net: chelsio: cxgb4: Avoid potential negative array offset (git-fixes).
net: dp83822: disable false carrier interrupt (git-fixes).
net: dp83822: disable rx error interrupt (git-fixes).
net: dsa: bcm_sf2: force pause link settings (git-fixes).
net: dsa: ksz9477: port mirror sniffing limited to one port (git-fixes).
net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list (git-fixes).
net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry (git-fixes).
net: dsa: microchip: ksz_common: Fix refcount leak bug (git-fixes).
net: dsa: mv88e6060: prevent crash on an unused port (git-fixes).
net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling an_complete (git-fixes).
net: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions() (git-fixes).
net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
net: dsa: vitesse-vsc73xx: silent spi_device_id warnings (git-fixes).
net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register (git-fixes).
net: ethernet: ti: am65-cpsw: Fix devlink port register sequence (git-fixes).
net: ethernet: ti: davinci_mdio: Add workaround for errata i2329 (git-fixes).
net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses (git-fixes).
net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
net: ftgmac100: Hold reference returned by of_get_child_by_name() (git-fixes).
net: hns3: do not push link state to VF if unalive (git-fixes).
net: hns3: set port base vlan tbl_sta to false before removing old vlan (git-fixes).
net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc() (git-fixes).
net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
net: ipa: do not assume SMEM is page-aligned (git-fixes).
net: ipvtap - add __init/__exit annotations to module init/exit funcs (git-fixes).
net: moxa: get rid of asymmetry in DMA mapping/unmapping (git-fixes).
net: moxa: pass pdev instead of ndev to DMA functions (git-fixes).
net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter (git-fixes).
net: pcs: xpcs: propagate xpcs_read error to xpcs_get_state_c37_sgmii (git-fixes).
net: phy: dp83822: disable MDI crossover status change interrupt (git-fixes).
net: phy: dp83867: Extend RX strap quirk for SGMII mode (git-fixes).
net: stmmac: fix dma queue left shift overflow issue (git-fixes).
net: stmmac: fix leaks in probe (git-fixes).
net: stmmac: fix pm runtime issue in stmmac_dvr_remove() (git-fixes).
net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow (git-fixes).
net: stmmac: remove redunctant disable xPCS EEE call (git-fixes).
net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() (git-fixes).
net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null (git-fixes).
net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
net: usb: r8152: Add in new Devices that are supported for Mac-Passthru (git-fixes).
netdevsim: fib: Fix reference count leak on route deletion failure (git-fixes).
nfc: fdp: Fix potential memory leak in fdp_nci_send() (git-fixes).
nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (git-fixes).
nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (git-fixes).
nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() (git-fixes).
nfp: ethtool: fix the display error of `ethtool -m DEVNAME` (git-fixes).
nfs: Fix another fsync() issue after a server reboot (git-fixes).
nfsv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
nvme: do not print verbose errors for internal passthrough requests (bsc#1202187).
nvmem: core: Check input parameter for NULL in nvmem_unregister() (bsc#1204241).
octeontx2-af: Apply tx nibble fixup always (git-fixes).
octeontx2-af: Fix key checking for source mac (git-fixes).
octeontx2-af: Fix mcam entry resource leak (git-fixes).
octeontx2-af: suppress external profile loading warning (git-fixes).
octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register configuration (git-fixes).
octeontx2-pf: Fix UDP/TCP src and dst port tc filters (git-fixes).
octeontx2-pf: cn10k: Fix egress ratelimit configuration (git-fixes).
openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
openvswitch: add nf_ct_is_confirmed check before assigning the helper (git-fixes).
openvswitch: switch from WARN to pr_warn (git-fixes).
overflow.h: restore __ab_c_size (git-fixes).
overflow: Implement size_t saturating arithmetic helpers (jsc#PED-1211).
pci/aspm: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
pci/aspm: Ignore L1 PM Substates if device lacks capability (git-fixes).
pci: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).
pci: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).
pci: hv: Fix synchronization between channel callback and hv_compose_msi_msg() (bsc#1204017).
pci: hv: Fix synchronization between channel callback and hv_pci_bus_exit() (bsc#1204017).
pci: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (bsc#1204017).
pci: mediatek-gen3: Change driver name to mtk-pcie-gen3 (git-fixes).
phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference returned by of_get_parent() (git-fixes).
phy: qualcomm: call clk_disable_unprepare in the error handling (git-fixes).
pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
pinctrl: alderlake: Add Intel Alder Lake-N pin controller support (jsc#PED-676).
pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
pinctrl: alderlake: Fix register offsets for ADL-N variant (jsc#PED-676).
pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback (git-fixes).
pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return value check (git-fixes).
platform/chrome: cros_ec: Notify the PM of wake events during resume (git-fixes).
platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure (git-fixes).
platform/chrome: cros_ec_typec: Correct alt mode index (git-fixes).
platform/chrome: fix double-free in chromeos_laptop_prepare() (git-fixes).
platform/chrome: fix memory corruption in ioctl (git-fixes).
platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute (git-fixes).
platform/x86: asus-wmi: Document the egpu_enable sysfs attribute (git-fixes).
platform/x86: asus-wmi: Document the panel_od sysfs attribute (git-fixes).
platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading (git-fixes).
platform/x86: msi-laptop: Fix old-ec check for backlight registering (git-fixes).
platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
plip: avoid rcu debug splat (git-fixes).
pm: domains: Fix handling of unavailable/disabled idle states (git-fixes).
pm: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() (git-fixes).
powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e or radix (bsc#1204413 ltc#200176).
powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU is not set (bsc#1204413 ltc#200176).
powerpc/64s: Make flush_and_reload_slb a no-op when radix is enabled (bsc#1204413 ltc#200176).
powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
powerpc/64s: Move and rename do_bad_slb_fault as it is not hash specific (bsc#1204413 ltc#200176).
powerpc/64s: Move hash MMU support code under CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176).
powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c (bsc#1204413 ltc#200176).
powerpc/fadump: align destination address to pagesize (bsc#1204728 ltc#200074).
powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
powerpc/powernv: add missing of_node_put() in opal_export_attrs() (bsc#1065729).
powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413 ltc#200176).
powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176).
powerpc/pseries: lparcfg do not include slb_size line in radix mode (bsc#1204413 ltc#200176).
powerpc: Ignore DSI error caused by the copy/paste instruction (bsc#1204413 ltc#200176).
powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176). Update config files.
powerpc: make memremap_compat_align 64s-only (bsc#1204413 ltc#200176).
printk: add missing memory barrier to wake_up_klogd() (bsc#1204934).
printk: use atomic updates for klogd work (bsc#1204934).
printk: wake waiters for safe and NMI contexts (bsc#1204934).
r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
rdma/cma: Fix arguments order in net device validation (git-fixes)
rdma/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
rdma/hns: Add the detection for CMDQ status in the device initialization process (git-fixes)
rdma/irdma: Add support for address handle re-use (git-fixes)
rdma/irdma: Align AE id codes to correct flush code and event (git-fixes)
rdma/irdma: Do not advertise 1GB page size for x722 (git-fixes)
rdma/irdma: Fix VLAN connection with wildcard address (git-fixes)
rdma/irdma: Fix a window for use-after-free (git-fixes)
rdma/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
rdma/irdma: Fix sleep from invalid context BUG (git-fixes)
rdma/irdma: Move union irdma_sockaddr to header file (git-fixes)
rdma/irdma: Remove the unnecessary variable saddr (git-fixes)
rdma/irdma: Report RNR NAK generation in device caps (git-fixes)
rdma/irdma: Report the correct max cqes from query device (git-fixes)
rdma/irdma: Return correct WC error for bind operation failure (git-fixes)
rdma/irdma: Return error on MR deregister CQP failure (git-fixes)
rdma/irdma: Use net_type to check network type (git-fixes)
rdma/irdma: Validate udata inlen and outlen (git-fixes)
rdma/mlx5: Add missing check for return value in get namespace flow (git-fixes)
rdma/mlx5: Do not compare mkey tags in DEVX indirect mkey (git-fixes)
rdma/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
rdma/qedr: Fix reporting QP timeout attribute (git-fixes)
rdma/rxe: Fix 'kernel NULL pointer dereference' error (git-fixes)
rdma/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
rdma/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
rdma/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
rdma/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
rdma/rxe: Fix rnr retry behavior (git-fixes)
rdma/rxe: Fix the error caused by qp->sk (git-fixes)
rdma/rxe: For invalidate compare according to set keys in mr (git-fixes)
rdma/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
rdma/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
rdma/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
rdma/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
rdma/siw: Pass a pointer to virt_to_page() (git-fixes)
rdma/srp: Fix srp_abort() (git-fixes)
rdma/srp: Handle dev_set_name() failure (git-fixes)
rdma/srp: Rework the srp_add_port() error path (git-fixes)
rdma/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
rdma/srp: Support more than 255 rdma ports (git-fixes)
rdma/srp: Use the attribute group mechanism for sysfs attributes (git-fixes)
rdma/srpt: Duplicate port name members (git-fixes)
rdma/srpt: Fix a use-after-free (git-fixes)
rdma/srpt: Introduce a reference count in struct srpt_device (git-fixes)
rdma/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
rdma: remove useless condition in siw_create_cq() (git-fixes)
regulator: core: Prevent integer underflow (git-fixes).
remoteproc: imx_rproc: Simplify some error message (git-fixes).
revert 'SUNRPC: Remove unreachable error condition' (git-fixes).
revert 'crypto: qat - reduce size of mapped region' (git-fixes).
revert 'drm/amdgpu: use dirty framebuffer helper' (git-fixes).
revert 'usb: storage: Add quirk for Samsung Fit flash' (git-fixes).
revert 'workqueue: remove unused cancel_work()' (bsc#1204933).
ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
ring-buffer: Allow splice to read previous partially read pages (git-fixes).
ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() (bsc#1204705).
ring-buffer: Check pending waiters when doing wake ups as well (git-fixes).
ring-buffer: Fix race between reset page and reading page (git-fixes).
ring-buffer: Have the shortest_full queue be the shortest not longest (git-fixes).
rose: Fix NULL pointer dereference in rose_send_frame() (git-fixes).
rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.
rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() (git-fixes).
s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup (git-fixes).
s390/smp: enforce lowcore protection on CPU restart (git-fixes).
sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
sbitmap: fix possible io hung due to lost wakeup (git-fixes).
scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (git-fixes).
scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for transceiver info (bsc#1204957).
scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (bsc#1204957).
scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
scsi: lpfc: Fix spelling mistake 'unsolicted' -> 'unsolicited' (bsc#1204957).
scsi: lpfc: Log when congestion management limits are in effect (bsc#1204957).
scsi: lpfc: Set sli4_param's cmf option to zero when CMF is turned off (bsc#1204957).
scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels (bnc#1204498).
scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
scsi: qla2xxx: Use transport-defined speed mask for supported_speeds (bsc#1204963).
scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle (git-fixes).
selftests/livepatch: better synchronize test_klp_callbacks_busy (bsc#1071995).
selftests/pidfd_test: Remove the erroneous ',' (git-fixes).
selftests/powerpc: Skip energy_scale_info test on older firmware (git-fixes).
selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 (git-fixes).
selinux: allow FIOCLEX and FIONCLEX with policy capability (git-fixes).
selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() (git-fixes).
selinux: use 'grep -E' instead of 'egrep' (git-fixes).
serial: 8250: Fix restoring termios speed after suspend (git-fixes).
serial: core: move RS485 configuration tasks from drivers into core (git-fixes).
sfc: disable softirqs for ptp TX (git-fixes).
sfc: fix kernel panic when creating VF (git-fixes).
sfc: fix use after free when disabling sriov (git-fixes).
signal: break out of wait loops on kthread_stop() (bsc#1204926).
slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
slimbus: qcom-ngd: use correct error in message of pdr_add_lookup() failure (git-fixes).
soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA (git-fixes).
soc: qcom: smem_state: Add refcounting for the 'state->of_node' (git-fixes).
soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
soc: sunxi: sram: Fix probe function ordering issues (git-fixes).
soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).
soundwire: cadence: Do not overwrite msg->buf during write commands (git-fixes).
soundwire: intel: fix error handling on dai registration issues (git-fixes).
spi: Ensure that sg_table won't be used after being freed (git-fixes).
spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
spi: pxa2xx: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
spmi: pmic-arb: correct duplicate APID to PPID mapping logic (git-fixes).
spmi: pmic-arb: do not ack and clear peripheral interrupts in cleanup_irq (git-fixes).
staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() (git-fixes).
staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw() (git-fixes).
staging: vt6655: fix potential memory leak (git-fixes).
staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() (git-fixes).
stmmac: intel: Fix an error handling path in intel_eth_pci_probe() (git-fixes).
thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id (git-fixes).
thermal: cpufreq_cooling: Check the policy first in cpufreq_cooling_register() (git-fixes).
thermal: int340x: Mode setting with new OS handshake (jsc#PED-678).
thermal: int340x: Update OS policy capability handshake (jsc#PED-678).
thermal: intel_powerclamp: Use first online CPU as control_cpu (git-fixes).
thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (git-fixes).
thunderbolt: Add back Intel Falcon Ridge end-to-end flow control workaround (git-fixes).
thunderbolt: Add missing device ID to tb_switch_is_alpine_ridge() (git-fixes).
thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
thunderbolt: Explicitly enable lane adapter hotplug events at startup (git-fixes).
thunderbolt: Explicitly reset plug events delay back to USB4 spec value (git-fixes).
thunderbolt: Fix buffer allocation of devices with no DisplayPort adapters (git-fixes).
tracing/osnoise: Fix possible recursive locking in stop_per_cpu_kthreads (git-fixes).
tracing: Add '(fault)' name injection to kernel probes (git-fixes).
tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
tracing: Disable interrupt or preemption before acquiring arch_spinlock_t (git-fixes).
tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
tracing: Fix reading strings from synthetic events (git-fixes).
tracing: Move duplicate code of trace_kprobe/eprobe.c into header (git-fixes).
tracing: Replace deprecated CPU-hotplug functions (git-fixes).
tracing: Simplify conditional compilation code in tracing_set_tracer() (git-fixes).
tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
tracing: Wake up waiters when tracing is disabled (git-fixes).
tracing: kprobe: Fix kprobe event gen test module on exit (git-fixes).++ kernel-source.spec (revision 4)Release: <RELEASE>.g76cfe60Provides: %name-srchash-76cfe60e3ab724313d9fba4cf5ebaf12ad49ea0e
tracing: kprobe: Make gen test module work in arm and riscv (git-fixes).
tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown (git-fixes).
tty: xilinx_uartps: Fix the ignore_status (git-fixes).
uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
uas: ignore UAS for Thinkplus chips (git-fixes).
udmabuf: Set ubuf->sg = NULL if the creation of sg table fails (git-fixes).
update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1
update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch (bsc#1204693).
usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
usb/hcd: Fix dma_map_sg error check (git-fixes).
usb: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
usb: bdc: change state when port disconnected (git-fixes).
usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair (git-fixes).
usb: common: debug: Check non-standard control requests (git-fixes).
usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination error after resume bug (git-fixes).
usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
usb: ehci: Fix a function name in comments (git-fixes).
usb: gadget: bdc: fix typo in comment (git-fixes).
usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
usb: gadget: function: fix dangling pnp_string in f_printer.c (git-fixes).
usb: host: xhci-plat: suspend and resume clocks (git-fixes).
usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() (git-fixes).
usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
usb: mon: make mmapped memory read only (git-fixes).
usb: mtu3: fix failed runtime suspend in host only mode (git-fixes).
usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
usb: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
usb: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
usb: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
usb: typec: tcpm: fix typo in comment (git-fixes).
usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller (git-fixes).
virt: vbox: convert to use dev_groups (git-fixes).
vsock: fix possible infinite sleep in vsock_connectible_wait_data() (git-fixes).
vsock: remove the unused 'wait' in vsock_connectible_recvmsg() (git-fixes).
watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING (git-fixes).
watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure (git-fixes).
wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
wifi: brcmfmac: fix invalid address access when enabling SCAN log level (git-fixes).
wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (git-fixes).
wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of small packets (git-fixes).
wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on fast-rx (git-fixes).
wifi: mac80211: fix decap offload for stations on AP_VLAN interfaces (git-fixes).
wifi: mac80211: fix probe req HE capabilities access (git-fixes).
wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
wifi: mt76: mt7921: reset msta->airtime_ac while clearing up hw value (git-fixes).
wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
wifi: rt2x00: set SoC wmac clock register (git-fixes).
wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() (git-fixes).
x86/boot: Do not propagate uninitialized boot_params->cc_blob_address (bsc#1204970).
x86/boot: Fix the setup data types max limit (bsc#1204970).
x86/compressed/64: Add identity mappings for setup_data entries (bsc#1204970).
x86/sev: Annotate stack change in the #VC handler (bsc#1204970).
x86/sev: Do not use cc_platform_has() for early SEV-SNP calls (bsc#1204970).
x86/sev: Remove duplicated assignment to variable info (bsc#1204970).
xen/gntdev: Prevent leaking grants (git-fixes).
xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices (git-fixes).
xhci: Add quirk to reset host back to default state at shutdown (git-fixes).
xhci: Do not show warning for reinit on known broken suspend (git-fixes).
xhci: Remove device endpoints from bandwidth list when freeing the device (git-fixes).
xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).

Advisory ID	SUSE-SU-2022:4081-1
Released	Fri Nov 18 15:40:46 2022
Summary	Security update for dpkg
Type	security
Severity	low
References	1199944,CVE-2022-1664

Description:

This update for dpkg fixes the following issues:

CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive (bsc#1199944).

SUSE-IU-2022:1110-1

Container Advisory ID	SUSE-IU-2022:1110-1
Container Tags	sles-15-sp4-chost-byos-v20221018-x86-64:20221018
Container Release

The following patches have been included in this update:

Advisory ID	SUSE-RU-2022:2796-1
Released	Fri Aug 12 14:34:31 2022
Summary	Recommended update for jitterentropy
Type	recommended
Severity	moderate
References

Description:

This update for jitterentropy fixes the following issues:
jitterentropy is included in version 3.4.0 (jsc#SLE-24941):
This is a FIPS 140-3 / NIST 800-90b compliant userspace jitter entropy generator library, used by other FIPS libraries.

Advisory ID	SUSE-SU-2022:2866-1
Released	Mon Aug 22 15:36:30 2022
Summary	Security update for systemd-presets-common-SUSE
Type	security
Severity	moderate
References	1199524,1200485,CVE-2022-1706

Description:

This update for systemd-presets-common-SUSE fixes the following issues:

CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524).

The following non-security bugs were fixed:

Modify branding-preset-states to fix systemd-presets-common-SUSE not enabling new user systemd service preset configuration just as it handles system service presets. By passing an (optional) second parameter 'user', the save/apply-changes commands now work with user services instead of system ones (bsc#1200485)

Add the wireplumber user service preset to enable it by default in SLE15-SP4 where it replaced pipewire-media-session, but keep pipewire-media-session preset so we don't have to branch the systemd-presets-common-SUSE package for SP4 (bsc#1200485)

Advisory ID	SUSE-RU-2022:2901-1
Released	Fri Aug 26 03:34:23 2022
Summary	Recommended update for elfutils
Type	recommended
Severity	moderate
References

Description:

This update for elfutils fixes the following issues:

Fix runtime dependency for devel package

Advisory ID	SUSE-RU-2022:2904-1
Released	Fri Aug 26 05:28:34 2022
Summary	Recommended update for openldap2
Type	recommended
Severity	moderate
References	1198341

Description:

This update for openldap2 fixes the following issues:

Prevent memory reuse which may lead to instability (bsc#1198341)

Advisory ID	SUSE-SU-2022:2919-1
Released	Fri Aug 26 15:04:20 2022
Summary	Security update for gnutls
Type	security
Severity	important
References	1190698,1198979,1202020,CVE-2022-2509

Description:

This update for gnutls fixes the following issues:

CVE-2022-2509: Fixed a double free issue during PKCS7 verification (bsc#1202020).

Non-security fixes:

FIPS: Check minimum keylength for symmetric key generation [bsc#1190698]
FIPS: Only allows ECDSA signature with valid set of hashes (SHA2 and SHA3) [bsc#1190698]
FIPS: Provides interface for running library self tests on-demand [bsc#1198979]

Advisory ID	SUSE-RU-2022:2920-1
Released	Fri Aug 26 15:17:02 2022
Summary	Recommended update for systemd
Type	recommended
Severity	important
References	1195059,1201795

Description:

This update for systemd fixes the following issues:

Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one pointing to /usr/lib/systemd/ (bsc#1201795)
Drop or soften some of the deprecation warnings (jsc#PED-944)
Ensure root user can login even if systemd-user-sessions.service is not activated yet (bsc#1195059)
Avoid applying presets to any services shipped by the experimental sub-package, as they aren't enabled by default
analyze: Fix offline check for syscal filter
calendarspec: Fix timer skipping the next elapse
core: Allow command argument to be longer
hwdb: Add AV production controllers to hwdb and add uaccess
hwdb: Allow console users access to rfkill
hwdb: Allow end-users root-less access to TL866 EPROM readers
hwdb: Permit unsetting power/persist for USB devices
hwdb: Tag IR cameras as such
hwdb: Fix parsing issue
hwdb: Make usb match patterns uppercase
hwdb: Update the hardware database
journal-file: Stop using the event loop if it's already shutting down
journal-remote: Disable `--trust` option when gnutls is disabled and check_permission() should not be called
journald: Ensure resources are properly allocated for SIGTERM handling
kernel-install: Ensure modules.builtin.alias.bin is removed when no longer needed
macro: Account for negative values in DECIMAL_STR_WIDTH()
manager: Disallow clone3() function call in seccomp filters
missing-syscall: Define MOVE_MOUNT_T_EMPTY_PATH if missing
pid1,cgroup-show: Prevent failure if cgroup.procs in some subcgroups is not readable
resolve: Fix typo in dns_class_is_pseudo()
sd-event: Improve handling of process events and termination of processes
sd-ipv4acd: Fix ARP packet conflicts occurring when sender hardware is one of the host's interfaces
stdio-bridge: Improve the meaning of the error message
tmpfiles: Check for the correct directory

Advisory ID	SUSE-RU-2022:2925-1
Released	Mon Aug 29 03:16:48 2022
Summary	Recommended update for audit-secondary
Type	recommended
Severity	important
References	1201519

Description:

This update for audit-secondary fixes the following issues:

Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519)

Advisory ID	SUSE-RU-2022:2929-1
Released	Mon Aug 29 11:21:47 2022
Summary	Recommended update for timezone
Type	recommended
Severity	important
References	1202310

Description:

This update for timezone fixes the following issue:

Reflect new Chile DST change (bsc#1202310)

Advisory ID	SUSE-RU-2022:2944-1
Released	Wed Aug 31 05:39:14 2022
Summary	Recommended update for procps
Type	recommended
Severity	important
References	1181475

Description:

This update for procps fixes the following issues:

Fix 'free' command reporting misleading 'used' value (bsc#1181475)

Advisory ID	SUSE-SU-2022:2947-1
Released	Wed Aug 31 09:16:21 2022
Summary	Security update for zlib
Type	security
Severity	important
References	1202175,CVE-2022-37434

Description:

This update for zlib fixes the following issues:

CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).

Advisory ID	SUSE-RU-2022:2973-1
Released	Thu Sep 1 11:37:02 2022
Summary	Recommended update for dracut
Type	recommended
Severity	important
References	1198709,1201975

Description:

This update for dracut fixes the following issues:

Include fixes to make network-manager module work properly with dracut (bsc#1201975)
Add auto timeout to wicked DHCP test (bsc#1198709)

Advisory ID	SUSE-RU-2022:2977-1
Released	Thu Sep 1 12:30:19 2022
Summary	Recommended update for util-linux
Type	recommended
Severity	moderate
References	1197178,1198731

Description:

This update for util-linux fixes the following issues:

agetty: Resolve tty name even if stdin is specified (bsc#1197178)
libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)

Advisory ID	SUSE-SU-2022:3003-1
Released	Fri Sep 2 15:01:44 2022
Summary	Security update for curl
Type	security
Severity	low
References	1202593,CVE-2022-35252

Description:

This update for curl fixes the following issues:

CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service (bsc#1202593).

Advisory ID	SUSE-RU-2022:3009-1
Released	Mon Sep 5 04:49:43 2022
Summary	Recommended update for rsyslog
Type	recommended
Severity	moderate
References	1199283

Description:

This update for rsyslog fixes the following issues:
-Fix memory access violation issue in qDeqLinkedList during shutdown (bsc#1199283)

Advisory ID	SUSE-RU-2022:3118-1
Released	Tue Sep 6 15:43:53 2022
Summary	Recommended update for lvm2
Type	recommended
Severity	moderate
References	1202011

Description:

This update for lvm2 fixes the following issues:

Do not use udev for device listing or device information (bsc#1202011)

Advisory ID	SUSE-RU-2022:3127-1
Released	Wed Sep 7 04:36:10 2022
Summary	Recommended update for libtirpc
Type	recommended
Severity	moderate
References	1198752,1200800

Description:

This update for libtirpc fixes the following issues:

Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800)
Fix memory leak in params.r_addr assignement (bsc#1198752)

Advisory ID	SUSE-RU-2022:3161-1
Released	Wed Sep 7 14:40:54 2022
Summary	Recommended update for hwinfo
Type	recommended
Severity	moderate
References	1200975

Description:

This update for hwinfo fixes the following issue:

improve treatment of NVME devices (bsc#1200975)

Advisory ID	SUSE-SU-2022:3162-1
Released	Wed Sep 7 15:07:31 2022
Summary	Security update for libyajl
Type	security
Severity	moderate
References	1198405,CVE-2022-24795

Description:

This update for libyajl fixes the following issues:

CVE-2022-24795: Fixed heap-based buffer overflow when handling large inputs (bsc#1198405).

Advisory ID	SUSE-RU-2022:3209-1
Released	Thu Sep 8 13:10:13 2022
Summary	Recommended update for open-iscsi
Type	recommended
Severity	moderate
References	1200570

Description:

This update for open-iscsi fixes the following issues:

Set the systemd unit files as non executable. (bsc#1200570)
For openSUSE Tumbleweed, moved logrotate files from user-specific directory `/etc/logrotate.d` to vendor-specific `/usr/etc/logrotate.d`

Advisory ID	SUSE-RU-2022:3215-1
Released	Thu Sep 8 15:58:27 2022
Summary	Recommended update for rpm
Type	recommended
Severity	moderate
References

Description:

This update for rpm fixes the following issues:

Support Ed25519 RPM signatures [jsc#SLE-24714]

Advisory ID	SUSE-RU-2022:3219-1
Released	Thu Sep 8 21:15:24 2022
Summary	Recommended update for sysconfig
Type	recommended
Severity	moderate
References	1185882,1194557,1199093

Description:

This update for sysconfig fixes the following issues:

netconfig: remove sed dependency
netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
netconfig: cleanup /var/run leftovers (bsc#1194557)
netconfig: update ntp man page documentation, fix typos
netconfig: revert NM default policy change change (bsc#1185882) With the change to the default policy, netconfig with NetworkManager as network.service accepted settings from all services/programs directly instead only from NetworkManager, where plugins/services have to deliver their settings to apply them.
Also support service(network) provides

Advisory ID	SUSE-RU-2022:3220-1
Released	Fri Sep 9 04:30:52 2022
Summary	Recommended update for libzypp, zypper
Type	recommended
Severity	moderate
References	1199895,1200993,1201092,1201576,1201638

Description:

This update for libzypp, zypper fixes the following issues:
libzypp:

Improve handling of package locks, allowing to reset the status of its initial state (bsc#1199895)
Fix issues when receiving exceptions from curl_easy_cleanup (bsc#1201092)
Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993)
Remove Medianetwork and its dependent code. First reason for this is that MediaNetwork was just meant as a way to test the new CURL based downloaded. Second the Provide API is going to completely replace the current media backend.

zypper:

Truncate the 'Name' column when using `zypper lr`, if the table is wider than the terminal (bsc#1201638)
Reject install/remove modifier without argument (bsc#1201576)
zypper-download: Handle unresolvable arguments as errors
Put signing key supplying repository name in quotes

Advisory ID	SUSE-SU-2022:3229-1
Released	Fri Sep 9 14:46:01 2022
Summary	Security update for vim
Type	security
Severity	important
References	1200270,1200697,1200698,1200700,1200701,1200732,1200884,1200902,1200903,1200904,1201132,1201133,1201134,1201135,1201136,1201150,1201151,1201152,1201153,1201154,1201155,1201249,1201356,1201359,1201363,1201620,1201863,1202046,1202049,1202050,1202051,1202414,1202420,1202421,1202511,1202512,1202515,1202552,1202599,1202687,1202689,1202862,CVE-2022-1720,CVE-2022-1968,CVE-2022-2124,CVE-2022-2125,CVE-2022-2126,CVE-2022-2129,CVE-2022-2175,CVE-2022-2182,CVE-2022-2183,CVE-2022-2206,CVE-2022-2207,CVE-2022-2208,CVE-2022-2210,CVE-2022-2231,CVE-2022-2257,CVE-2022-2264,CVE-2022-2284,CVE-2022-2285,CVE-2022-2286,CVE-2022-2287,CVE-2022-2304,CVE-2022-2343,CVE-2022-2344,CVE-2022-2345,CVE-2022-2522,CVE-2022-2571,CVE-2022-2580,CVE-2022-2581,CVE-2022-2598,CVE-2022-2816,CVE-2022-2817,CVE-2022-2819,CVE-2022-2845,CVE-2022-2849,CVE-2022-2862,CVE-2022-2874,CVE-2022-2889,CVE-2022-2923,CVE-2022-2946,CVE-2022-3016

Description:

This update for vim fixes the following issues:
Updated to version 9.0 with patch level 0313:

CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent() (bsc#1200902).
CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address() (bsc#1200903).
CVE-2022-2175: Fixed buffer over-read through cmdline_insert_reg() (bsc#1200904).
CVE-2022-2304: Fixed stack buffer overflow in spell_dump_compl() (bsc#1201249).
CVE-2022-2343: Fixed heap-based buffer overflow in GitHub repository vim prior to 9.0.0044 (bsc#1201356).
CVE-2022-2344: Fixed another heap-based buffer overflow vim prior to 9.0.0045 (bsc#1201359).
CVE-2022-2345: Fixed use after free in GitHub repository vim prior to 9.0.0046. (bsc#1201363).
CVE-2022-2819: Fixed heap-based Buffer Overflow in compile_lock_unlock() (bsc#1202414).
CVE-2022-2874: Fixed NULL Pointer Dereference in generate_loadvar() (bsc#1202552).
CVE-2022-1968: Fixed use after free in utf_ptr2char (bsc#1200270).
CVE-2022-2124: Fixed out of bounds read in current_quote() (bsc#1200697).
CVE-2022-2125: Fixed out of bounds read in get_lisp_indent() (bsc#1200698).
CVE-2022-2126: Fixed out of bounds read in suggest_trie_walk() (bsc#1200700).
CVE-2022-2129: Fixed out of bounds write in vim_regsub_both() (bsc#1200701).
CVE-2022-1720: Fixed out of bounds read in grab_file_name() (bsc#1200732).
CVE-2022-2264: Fixed out of bounds read in inc() (bsc#1201132).
CVE-2022-2284: Fixed out of bounds read in utfc_ptr2len() (bsc#1201133).
CVE-2022-2285: Fixed negative size passed to memmove() due to integer overflow (bsc#1201134).
CVE-2022-2286: Fixed out of bounds read in ins_bytes() (bsc#1201135).
CVE-2022-2287: Fixed out of bounds read in suggest_trie_walk() (bsc#1201136).
CVE-2022-2231: Fixed null pointer dereference skipwhite() (bsc#1201150).
CVE-2022-2210: Fixed out of bounds read in ml_append_int() (bsc#1201151).
CVE-2022-2208: Fixed null pointer dereference in diff_check() (bsc#1201152).
CVE-2022-2207: Fixed out of bounds read in ins_bs() (bsc#1201153).
CVE-2022-2257: Fixed out of bounds read in msg_outtrans_special() (bsc#1201154).
CVE-2022-2206: Fixed out of bounds read in msg_outtrans_attr() (bsc#1201155).
CVE-2022-2522: Fixed out of bounds read via nested autocommand (bsc#1201863).
CVE-2022-2571: Fixed heap-based buffer overflow related to ins_comp_get_next_word_or_line() (bsc#1202046).
CVE-2022-2580: Fixed heap-based buffer overflow related to eval_string() (bsc#1202049).
CVE-2022-2581: Fixed out-of-bounds read related to cstrchr() (bsc#1202050).
CVE-2022-2598: Fixed undefined behavior for Input to API related to diff_mark_adjust_tp() and ex_diffgetput() (bsc#1202051).
CVE-2022-2817: Fixed use after gree in f_assert_fails() (bsc#1202420).
CVE-2022-2816: Fixed out-of-bounds Read in check_vim9_unlet() (bsc#1202421).
CVE-2022-2862: Fixed use-after-free in compile_nested_function() (bsc#1202511).
CVE-2022-2849: Fixed invalid memory access related to mb_ptr2len() (bsc#1202512).
CVE-2022-2845: Fixed buffer Over-read related to display_dollar() (bsc#1202515).
CVE-2022-2889: Fixed use-after-free in find_var_also_in_script() in evalvars.c (bsc#1202599).
CVE-2022-2923: Fixed NULL pointer dereference in GitHub repository vim/vim prior to 9.0.0240 (bsc#1202687).
CVE-2022-2946: Fixed use after free in function vim_vsnprintf_typval (bsc#1202689).
CVE-2022-3016: Fixed use after free in vim prior to 9.0.0285 (bsc#1202862).

Bugfixes:

Fixing vim error on startup (bsc#1200884).
Fixing vim SUSE Linux Enterprise Server 15 SP4 Basesystem plugin-tlib issue (bsc#1201620).

Advisory ID	SUSE-RU-2022:3241-1
Released	Mon Sep 12 07:21:04 2022
Summary	Recommended update for cups
Type	recommended
Severity	moderate
References	1201511

Description:

This update for cups fixes the following issues:

Stuck print jobs being cancelled immediately, despite MaxJobTime being set to 0 (bsc#1201511)

Advisory ID	SUSE-SU-2022:3244-1
Released	Mon Sep 12 09:00:27 2022
Summary	Security update for samba
Type	security
Severity	important
References	1200102,1202803,1202976,CVE-2022-1615,CVE-2022-32743

Description:

This update for samba fixes the following issues:

CVE-2022-1615: Fixed error handling in random number generation (bso#15103)(bsc#1202976).
CVE-2022-32743: Implement validated dnsHostName write rights (bso#14833)(bsc#1202803).

Bugfixes:

Fixed use after free when iterating smbd_server_connection->connections after tree disconnect failure (bso#15128)(bsc#1200102).

Advisory ID	SUSE-SU-2022:3252-1
Released	Mon Sep 12 09:07:53 2022
Summary	Security update for freetype2
Type	security
Severity	moderate
References	1198823,1198830,1198832,CVE-2022-27404,CVE-2022-27405,CVE-2022-27406

Description:

This update for freetype2 fixes the following issues:

CVE-2022-27404 Fixed a segmentation fault via a crafted typeface (bsc#1198830).
CVE-2022-27405 Fixed a buffer overflow via a crafted typeface (bsc#1198832).
CVE-2022-27406 Fixed a segmentation fault via a crafted typeface (bsc#1198823).

Non-security fixes:

Updated to version 2.10.4

Advisory ID	SUSE-RU-2022:3262-1
Released	Tue Sep 13 15:34:29 2022
Summary	Recommended update for gcc11
Type	recommended
Severity	moderate
References	1199140

Description:

This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140)

Advisory ID	SUSE-SU-2022:3271-1
Released	Wed Sep 14 06:45:39 2022
Summary	Security update for perl
Type	security
Severity	moderate
References	1047178,CVE-2017-6512

Description:

This update for perl fixes the following issues:

CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178).

Advisory ID	SUSE-SU-2022:3293-1
Released	Fri Sep 16 17:30:01 2022
Summary	Security update for the Linux Kernel
Type	security
Severity	important
References	1023051,1032323,1065729,1156395,1190497,1194592,1194869,1194904,1195480,1195917,1196616,1197158,1197391,1197755,1197756,1197757,1197763,1198410,1198971,1199086,1199364,1199670,1200313,1200431,1200465,1200544,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201768,1201940,1201956,1201958,1202096,1202097,1202113,1202131,1202154,1202262,1202265,1202312,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202564,1202623,1202636,1202672,1202681,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202874,1202898,1203036,1203041,1203063,1203107,1203117,1203138,1203139,1203159,CVE-2016-3695,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-20368,CVE-2022-20369,CVE-2022-2588,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2977,CVE-2022-3028,CVE-2022-3078,CVE-2022-32250,CVE-2022-36879,CVE-2022-36946,CVE-2022-39188,CVE-2022-39190

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain (bnc#1203117).
CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097).
CVE-2022-3078: Fixed a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c (bnc#1203041).
CVE-2022-28356: Fixed a refcount leak bug that was found in net/llc/af_llc.c (bnc#1197391).
CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
CVE-2022-2905: Fixed tnum_range usage on array range checking for poke descriptors (bsc#1202564, bsc#1202860).
CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).
CVE-2022-2938: Fixed a flaw that was found inside the Pressure Stall Information implementation that could have been used to allow an attacker to crash the system or have other memory-corruption side effects (bnc#1202623).
CVE-2022-28693: Fixed x86/speculation behavior by disabling RRSBA (bsc#1201455).
CVE-2021-33135: Fixed uncontrolled resource consumption inside Intel(R) SGX that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1199515).
CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
CVE-2022-2959: Fixed a race condition that was found inside the watch queue due to a missing lock in pipe_resize_ring() (bnc#1202681 bnc#1202685).
CVE-2022-36946: Fixed a denial of service (panic) inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c (bnc#1201940 bnc#1201941 bnc#1202312 bnc#1202874).
CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702).
CVE-2022-2873: Fixed an out-of-bounds memory access flaw that was found in iSMT SMBus host controller driver (bnc#1202558).
CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
CVE-2016-3695: Fixed an issue inside the einj_error_inject function in drivers/acpi/apei/einj.c that allowed users to simulate hardware errors and consequently cause a denial of service (bnc#1023051).
CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).
CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
CVE-2022-32250: Fixed a privilege escalation issue in net/netfilter/nf_tables_api.c that allowed a local user to became root (bnc#1200015).

The following non-security bugs were fixed:

9p: Fix refcounting during full path walks for fid lookups (git-fixes).
9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (git-fixes).
9p: fix fid refcount leak in v9fs_vfs_get_link (git-fixes).
ACPI: APEI: Better fix to avoid spamming the console with old error logs (git-fixes).
ACPI: APEI: explicit init of HEST and GHES in apci_init() (git-fixes).
ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk (git-fixes).
ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks (git-fixes).
ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).
ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).
ACPI: VIOT: Fix ACS setup (git-fixes).
ACPI: processor/idle: Annotate more functions to live in cpuidle section (git-fixes).
ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).
ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool (git-fixes).
ACPI: thermal: drop an always true check (git-fixes).
ACPI: video: Force backlight native for some TongFang devices (git-fixes).
ACPI: video: Shortening quirk list by identifying Clevo by board_name only (git-fixes).
ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).
ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).
ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model (git-fixes).
ALSA: hda/conexant: add a new hda codec SN6140 (git-fixes).
ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).
ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).
ALSA: hda/realtek: Add quirk for Lenovo Yoga9 14IAP7 (git-fixes).
ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).
ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298 (git-fixes).
ALSA: hda/sigmatel: Keep power up while beep is enabled (bsc#1200544).
ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array (git-fixes).
ALSA: info: Fix llseek return value when using callback (git-fixes).
ALSA: seq: Fix data-race at module auto-loading (git-fixes).
ALSA: seq: oss: Fix data-race for max_midi_devs access (git-fixes).
ALSA: usb-audio: Add endianness annotations (git-fixes).
ALSA: usb-audio: Add quirk for Behringer UMC202HD (git-fixes).
ALSA: usb-audio: Add quirk for LH Labs Geek Out HD Audio 1V5 (git-fixes).
ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II (git-fixes).
ALSA: usb-audio: Support jack detection on Dell dock (git-fixes).
ALSA: usb-audio: Turn off 'manual mode' on Dell dock (git-fixes).
ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow (git-fixes).
ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init (git-fixes).
ARM: OMAP2+: Fix refcount leak in omapdss_init_of (git-fixes).
ARM: OMAP2+: display: Fix refcount leak bug (git-fixes).
ARM: OMAP2+: pdata-quirks: Fix refcount leak bug (git-fixes).
ARM: bcm: Fix refcount leak in bcm_kona_smc_init (git-fixes).
ARM: dts: BCM5301X: Add DT for Meraki MR26 (git-fixes).
ARM: dts: ast2500-evb: fix board compatible (git-fixes).
ARM: dts: ast2600-evb-a1: fix board compatible (git-fixes).
ARM: dts: ast2600-evb: fix board compatible (git-fixes).
ARM: dts: at91: sama5d27_wlsom1: do not keep ldo2 enabled all the time (git-fixes).
ARM: dts: at91: sama5d27_wlsom1: specify proper regulator output ranges (git-fixes).
ARM: dts: at91: sama5d2_icp: do not keep vdd_other enabled all the time (git-fixes).
ARM: dts: at91: sama5d2_icp: specify proper regulator output ranges (git-fixes).
ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node (git-fixes).
ARM: dts: imx6ul: add missing properties for sram (git-fixes).
ARM: dts: imx6ul: change operating-points to uint32-matrix (git-fixes).
ARM: dts: imx6ul: fix csi node compatible (git-fixes).
ARM: dts: imx6ul: fix keypad compatible (git-fixes).
ARM: dts: imx6ul: fix lcdif node compatible (git-fixes).
ARM: dts: imx6ul: fix qspi node compatible (git-fixes).
ARM: dts: imx7d-colibri-emmc: add cpu1 supply (git-fixes).
ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg (git-fixes).
ARM: dts: qcom: pm8841: add required thermal-sensor-cells (git-fixes).
ARM: dts: qcom: sdx55: Fix the IRQ trigger type for UART (git-fixes).
ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC (git-fixes).
ARM: findbit: fix overflowing offset (git-fixes).
ARM: shmobile: rcar-gen2: Increase refcount for new reference (git-fixes).
ASoC: SOF: debug: Fix potential buffer overflow by snprintf() (git-fixes).
ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).
ASoC: codec: tlv320aic32x4: fix mono playback via I2S (git-fixes).
ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).
ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV (git-fixes).
ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).
ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe (git-fixes).
ASoC: fsl-asoc-card: force cast the asrc_format type (git-fixes).
ASoC: fsl_asrc: force cast the asrc_format type (git-fixes).
ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format (git-fixes).
ASoC: imx-audmux: Silence a clang warning (git-fixes).
ASoC: imx-card: Fix DSD/PDM mclk frequency (git-fixes).
ASoC: imx-card: use snd_pcm_format_t type for asrc_format (git-fixes).
ASoC: mchp-spdifrx: disable end of block interrupt on failures (git-fixes).
ASoC: mt6359: Fix refcount leak bug (git-fixes).
ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe (git-fixes).
ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).
ASoC: rsnd: care default case on rsnd_ssiu_busif_err_irq_ctrl() (git-fixes).
ASoC: samsung: Fix error handling in aries_audio_probe (git-fixes).
ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global to static variables (git-fixes).
ASoC: samsung: change neo1973_audio from a global to static (git-fixes).
ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header (git-fixes).
ASoC: tas2770: Allow mono streams (git-fixes).
ASoC: tas2770: Drop conflicting set_bias_level power setting (git-fixes).
ASoC: tas2770: Fix handling of mute/unmute (git-fixes).
ASoC: tas2770: Set correct FSYNC polarity (git-fixes).
Bluetooth: Add bt_skb_sendmmsg helper (git-fixes).
Bluetooth: Add bt_skb_sendmsg helper (git-fixes).
Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks (git-fixes).
Bluetooth: Fix passing NULL to PTR_ERR (git-fixes).
Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (git-fixes).
Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).
Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg (git-fixes).
Bluetooth: SCO: Fix sco_send_frame returning skb->len (git-fixes).
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg (git-fixes).
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675 (git-fixes).
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007 (git-fixes).
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558 (git-fixes).
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586 (git-fixes).
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587 (git-fixes).
Bluetooth: btusb: Add support of IMC Networks PID 0x3568 (git-fixes).
Bluetooth: hci_bcm: Add BCM4349B1 variant (git-fixes).
Bluetooth: hci_bcm: Add DT compatible for CYW55572 (git-fixes).
Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
EDAC/ghes: Set the DIMM label unconditionally (bsc#1201768).
rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
HID: AMD_SFH: Add a DMI quirk entry for Chromebooks (git-fixes).
HID: add Lenovo Yoga C630 battery quirk (git-fixes).
HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).
HID: amd_sfh: Add NULL check for hid device (git-fixes).
HID: amd_sfh: Handle condition of 'no sensors' (git-fixes).
HID: asus: ROG NKey: Ignore portion of 0x5a report (git-fixes).
HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).
HID: hid-input: add Surface Go battery quirk (git-fixes).
HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() (git-fixes).
HID: multitouch: new device class fix Lenovo X12 trackpad sticky (git-fixes).
HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report (git-fies).
HID: thrustmaster: Add sparco wheel and fix array length (git-fixes).
HID: wacom: Do not register pad_input for touch switch (git-fixes).
HID: wacom: Only report rotation for art pen (git-fixes).
Input: exc3000 - fix return value check of wait_for_completion_timeout (git-fixes).
Input: gscps2 - check return value of ioremap() in gscps2_probe() (git-fixes).
Input: i8042 - add TUXEDO devices to i8042 quirk tables (git-fies).
Input: i8042 - add additional TUXEDO devices to i8042 quirk tables (git-fies).
Input: i8042 - merge quirk tables (git-fies).
Input: i8042 - move __initconst to fix code styling warning (git-fies).
Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes).
Input: rk805-pwrkey - fix module autoloading (git-fixes).
KABI: cgroup: Restore KABI of css_set (bsc#1201610).
KEYS: asymmetric: enforce SM2 signature use pkey algo (git-fixes).
KVM: LAPIC: Also cancel preemption timer during SET_LAPIC (git-fixes).
KVM: MMU: shadow nested paging does not have PKU (git-fixes).
KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init (bsc#1194869).
KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB (bsc#1156395).
KVM: PPC: Book3S HV: Remove kvmhv_p9_[set,restore]_lpcr declarations (bsc#1194869).
KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() (bsc#1156395).
KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator (bsc#1194869).
KVM: PPC: Book3s HV: Remove unused function kvmppc_bad_interrupt (bsc#1194869).
KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).
KVM: PPC: Use arch_get_random_seed_long instead of powernv variant (bsc#1156395).
KVM: SVM: Do not BUG if userspace injects an interrupt with GIF=0 (git-fixes).
KVM: SVM: Do not intercept #GP for SEV guests (git-fixes).
KVM: SVM: Unwind 'speculative' RIP advancement if INTn injection 'fails' (git-fixes).
KVM: SVM: fix panic on out-of-bounds guest IRQ (git-fixes).
KVM: VMX: Print VM-instruction error as unsigned (git-fixes).
KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled (git-fixes).
KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock (git-fixes).
KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg() (git-fixes).
KVM: X86: avoid uninitialized 'fault.async_page_fault' from fixed-up #PF (git-fixes).
KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
KVM: nVMX: Defer APICv updates while L2 is active until L1 is active (git-fixes).
KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 (git-fixes).
KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value (git-fixes).
KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (git-fixes).
KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case (git-fixes).
KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case (git-fixes).
KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is required (git-fixes).
KVM: nVMX: do not use vcpu->arch.efer when checking host state on nested state load (git-fixes).
KVM: selftests: Make sure kvm_create_max_vcpus test won't hit RLIMIT_NOFILE (git-fixes).
KVM: selftests: Silence compiler warning in the kvm_page_table_test (git-fixes).
KVM: x86/mmu: Do not freak out if pml5_root is NULL on 4-level host (git-fixes).
KVM: x86/mmu: Move 'invalid' check out of kvm_tdp_mmu_get_root() (git-fixes).
KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU (git-fixes).
KVM: x86/mmu: include EFER.LMA in extended mmu role (git-fixes).
KVM: x86/mmu: make apf token non-zero to fix bug (git-fixes).
KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (git-fixes).
KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (git-fixes).
KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated (git-fixes).
KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes).
KVM: x86: SVM: do not passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG case (git-fixes).
KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).
KVM: x86: check PIR even for vCPUs with disabled APICv (git-fixes).
KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_flush_tlb() (git-fixes).
KVM: x86: ignore APICv if LAPIC is not enabled (git-fixes).
KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all (git-fixes).
KVM: x86: revalidate steal time cache if MSR value changes (git-fixes).
NFSD: Clamp WRITE offsets (git-fixes).
NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (git-fixes).
NFSD: Fix ia_size underflow (git-fixes).
NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).
NFSD: prevent integer overflow on 32 bit systems (git-fixes).
NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).
NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).
PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).
PCI/AER: Iterate over error counters instead of error strings (git-fixes).
PCI/portdrv: Do not disable AER reporting in get_port_device_capability() (git-fixes).
PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
PCI: aardvark: Fix reporting Slot capabilities on emulated bridge (git-fixes).
PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
PCI: dwc: Always enable CDM check if 'snps,enable-cdm-check' exists (git-fixes).
PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
PCI: dwc: Disable outbound windows only for controllers using iATU (git-fixes).
PCI: dwc: Set INCREASE_REGION_SIZE flag based on limit address (git-fixes).
PCI: dwc: Stop link on host_init errors and de-initialization (git-fixes).
PCI: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains() (git-fixes).
PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).
PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).
PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() (git-fixes).
PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
PCI: tegra194: Fix link up retry sequence (git-fixes).
PM: domains: Ensure genpd_debugfs_dir exists before remove (git-fixes).
PM: hibernate: defer device probing when resuming from hibernation (git-fixes).
SUNRPC: Fix NFSD's request deferral on RDMA transports (git-fixes).
SUNRPC: Fix READ_PLUS crasher (git-fixes).
SUNRPC: Prevent immediate close+reconnect (git-fixes).
USB: Follow-up to SPDX GPL-2.0+ identifiers addition - remove now useless comments (git-fixes).
USB: Follow-up to SPDX identifiers addition - remove now useless comments (git-fixes).
USB: serial: ch314: use usb_control_msg_recv() (git-fixes).
USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).
USB: serial: ch341: fix lost character on LCR updates (git-fixes).
USB: serial: fix tty-port initialized comments (git-fixes).
XArray: Update the LRU list in xas_split() (git-fixes).
apparmor: Fix failed mount permission check error message (git-fixes).
apparmor: Fix memleak in aa_simple_write_to_buffer() (git-fixes).
apparmor: fix aa_label_asxprint return check (git-fixes).
apparmor: fix absroot causing audited secids to begin with = (git-fixes).
apparmor: fix overlapping attachment computation (git-fixes).
apparmor: fix quiet_denied for file rules (git-fixes).
apparmor: fix reference count leak in aa_pivotroot() (git-fixes).
apparmor: fix setting unconfined mode on a loaded profile (git-fixes).
arm64: Do not forget syscall when starting a new thread (git-fixes).
arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76 (git-fixes).
arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1 (git-fixes).
arm64: dts: allwinner: a64: orangepi-win: Fix LED node name (git-fixes).
arm64: dts: mt7622: fix BPI-R64 WPS button (git-fixes).
arm64: dts: mt8192: Fix idle-states entry-method (git-fixes).
arm64: dts: mt8192: Fix idle-states nodes naming scheme (git-fixes).
arm64: dts: qcom: ipq8074: fix NAND node name (git-fixes).
arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node (git-fixes).
arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment (git-fixes).
arm64: dts: qcom: sm8250: add missing PCIe PHY clock-cells (git-fixes).
arm64: dts: renesas: Fix thermal-sensors on single-zone sensors (git-fixes).
arm64: dts: renesas: beacon: Fix regulator node names (git-fixes).
arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes).
arm64: fix oops in concurrently setting insn_emulation sysctls (git-fixes).
arm64: fix rodata=full (git-fixes).
arm64: kasan: Revert 'arm64: mte: reset the page tag in page->flags' (git-fixes).
arm64: set UXN on swapper page tables (git-fixes).
arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes).
arm64: tegra: Fixup SYSRAM references (git-fixes).
arm64: tegra: Mark BPMP channels as no-memory-wc (git-fixes).
arm64: tegra: Update Tegra234 BPMP channel addresses (git-fixes).
arm_pmu: Validate single/group leader events (git-fixes).
asm-generic: remove a broken and needless ifdef conditional (git-fixes).
asm-generic: sections: refactor memory_intersects (git-fixes).
ata: libata-eh: Add missing command name (git-fixes).
ath10k: do not enforce interrupt trigger type (git-fixes).
ath11k: Fix incorrect debug_mask mappings (git-fixes).
ath11k: fix netdev open race (git-fixes).
atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).
audit: fix potential double free on error path from fsnotify_add_inode_mark (git-fixes).
ax25: Fix ax25 session cleanup problems (git-fixes).
bitfield.h: Fix 'type of reg too small for mask' test (git-fixes).
block: Fix fsync always failed if once failed (bsc#1202779).
block: Fix wrong offset in bio_truncate() (bsc#1202780).
block: fix rq-qos breakage from skipping rq_qos_done_bio() (bsc#1202781).
block: only mark bio as tracked if it really is tracked (bsc#1202782).
bnx2x: Invalidate fastpath HSI version for VFs (git-fixes).
bnx2x: Utilize firmware 7.13.21.0 (git-fixes).
btrfs: properly flag filesystem with BTRFS_FEATURE_INCOMPAT_BIG_METADATA (git-fixes).
bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() (git-fixes).
can: Break loopback loop on loopback documentation (git-fixes).
can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).
can: error: specify the values of data[5..7] of CAN error frames (git-fixes).
can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).
can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() (git-fixes).
can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off (git-fixes).
can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off (git-fixes).
can: mcp251x: Fix race condition on receive interrupt (git-fixes).
can: mcp251xfd: mcp251xfd_dump(): fix comment (git-fixes).
can: netlink: allow configuring of fixed bit rates without need for do_set_bittiming callback (git-fixes).
can: netlink: allow configuring of fixed data bit rates without need for do_set_data_bittiming callback (git-fixes).
can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).
can: pch_can: pch_can_error(): initialize errc before using it (git-fixes).
can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).
can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).
can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).
can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).
ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202823).
ceph: do not truncate file in atomic_open (bsc#1202824).
ceph: use correct index when encoding client supported features (bsc#1202822).
cfg80211/mac80211: assume CHECKSUM_COMPLETE includes SNAP (bsc#1202131).
cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610).
cifs: fix reconnect on smb3 mount types (bsc#1201427).
clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).
clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).
clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).
clk: mediatek: reset: Fix written reset bit offset (git-fixes).
clk: qcom: camcc-sdm845: Fix topology around titan_top power domain (git-fixes).
clk: qcom: camcc-sm8250: Fix halt on boot by reducing driver's init level (git-fixes).
clk: qcom: camcc-sm8250: Fix topology around titan_top power domain (git-fixes).
clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description (git-fixes).
clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).
clk: qcom: clk-rcg2: Fail Duty-Cycle configuration if MND divider is not enabled (git-fixes).
clk: qcom: clk-rcg2: Make sure to not write d=0 to the NMD register (git-fixes).
clk: qcom: gcc-msm8939: Add missing SYSTEM_MM_NOC_BFDCD_CLK_SRC (git-fixes).
clk: qcom: gcc-msm8939: Add missing system_mm_noc_bfdcd_clk_src (git-fixes).
clk: qcom: gcc-msm8939: Fix bimc_ddr_clk_src rcgr base address (git-fixes).
clk: qcom: gcc-msm8939: Fix weird field spacing in ftbl_gcc_camss_cci_clk (git-fixes).
clk: qcom: gcc-msm8939: Point MM peripherals to system_mm_noc clock (git-fixes).
clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).
clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).
clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks (git-fixes).
clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
clk: ti: Stop using legacy clkctrl names for omap4 and 5 (git-fixes).
configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).
cpufreq: zynq: Fix refcount leak in zynq_get_revision (git-fixes).
crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes).
crypto: ccp - During shutdown, check SEV data pointer before using (git-fixes).
crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak (git-fixes).
crypto: hisilicon - Kunpeng916 crypto driver do not sleep when in softirq (git-fixes).
crypto: hisilicon/hpre - do not use GFP_KERNEL to alloc mem during softirq (git-fixes).
crypto: hisilicon/sec - do not sleep when in softirq (git-fixes).
crypto: hisilicon/sec - fix auth key size error (git-fixes).
crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of (git-fixes).
crypto: sun8i-ss - do not allocate memory when handling hash requests (git-fixes).
crypto: sun8i-ss - fix error codes in allocate_flows() (git-fixes).
crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs() (git-fixes).
device property: Check fwnode->secondary when finding properties (git-fixes).
devlink: Fix use-after-free after a failed reload (git-fixes).
dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (git-fixes).
dma-debug: make things less spammy under memory pressure (git-fixes).
dmaengine: dw-axi-dmac: do not print NULL LLI during error (git-fixes).
dmaengine: dw-axi-dmac: ignore interrupt if no descriptor (git-fixes).
dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction semantics (git-fixes).
dmaengine: imx-dma: Cast of_device_get_match_data() with (uintptr_t) (git-fixes).
dmaengine: sf-pdma: Add multithread support for a DMA channel (git-fixes).
dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed (git-fixes).
dmaengine: stm32-mdma: Remove dead code in stm32_mdma_irq_handler() (git-fixes).
docs/kernel-parameters: Update descriptions for 'mitigations=' param with retbleed (git-fixes).
docs: i2c: i2c-sysfs: fix hyperlinks (git-fixes).
docs: zh_CN: fix a broken reference (git-fixes).
dpaa2-eth: fix ethtool statistics (git-fixes).
driver core: Do not probe devices after bus_type.match() probe deferral (git-fixes).
driver core: fix potential deadlock in __driver_attach (git-fixes).
drivers/iio: Remove all strcpy() uses (git-fixes).
drivers: usb: dwc3-qcom: Add sdm660 compatible (git-fixes).
drm/amd/amd_shared.h: Add missing doc for PP_GFX_DCS_MASK (git-fixes).
drm/amd/display: Add option to defer works of hpd_rx_irq (git-fixes).
drm/amd/display: Avoid MPC infinite loop (git-fixes).
drm/amd/display: Check correct bounds for stream encoder instances for DCN303 (git-fixes).
drm/amd/display: Enable building new display engine with KCOV enabled (git-fixes).
drm/amd/display: Fix HDMI VSIF V3 incorrect issue (git-fixes).
drm/amd/display: Fix pixel clock programming (git-fixes).
drm/amd/display: Fix surface optimization regression on Carrizo (git-fixes).
drm/amd/display: For stereo keep 'FLIP_ANY_FRAME' (git-fixes).
drm/amd/display: Ignore First MST Sideband Message Return Error (git-fixes).
drm/amd/display: Optimize bandwidth on following fast update (git-fixes).
drm/amd/display: Reset DMCUB before HW init (git-fixes).
drm/amd/display: Revert 'drm/amd/display: turn DPMS off on connector unplug' (git-fixes).
drm/amd/display: avoid doing vm_init multiple time (git-fixes).
drm/amd/display: clear optc underflow before turn off odm clock (git-fixes).
drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid (git-fixes).
drm/amdgpu: Check BO's requested pinning domains against its preferred_domains (git-fixes).
drm/amdgpu: Increase tlb flush timeout for sriov (git-fixes).
drm/amdgpu: Remove one duplicated ef removal (git-fixes).
drm/amdgpu: remove useless condition in amdgpu_job_stop_all_jobs_on_sched() (git-fixes).
drm/bridge: lt9611uxc: Cancel only driver's work (git-fixes).
drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated function (git-fixes).
drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).
drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into dedicated function (git-fixes).
drm/doc: Fix comment typo (git-fixes).
drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed (git-fixes).
drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error (git-fixes).
drm/i915/display: avoid warnings when registering dual panel backlight (git-fixes).
drm/i915/gt: Skip TLB invalidations once wedged (git-fixes).
drm/i915/reg: Fix spelling mistake 'Unsupport' -> 'Unsupported' (git-fixes).
drm/i915: fix null pointer dereference (git-fixes).
drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (git-fixes).
drm/mediatek: Allow commands to be sent during video mode (git-fixes).
drm/mediatek: Keep dsi as LP00 before dcs cmds transfer (git-fixes).
drm/mediatek: Modify dsi funcs to atomic operations (git-fixes).
drm/mediatek: Separate poweron/poweroff from enable/disable and define new funcs (git-fixes).
drm/mediatek: dpi: Only enable dpi after the bridge is enabled (git-fixes).
drm/mediatek: dpi: Remove output format of YUV (git-fixes).
drm/meson: Fix overflow implicit truncation warnings (git-fixes).
drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() (git-fixes).
drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 (git-fixes).
drm/msm/dpu: Fix for non-visible planes (git-fixes).
drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).
drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).
drm/msm/dsi: fix the inconsistent indenting (git-fixes).
drm/msm/hdmi: drop empty 'none' regulator lists (git-fixes).
drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform (git-fixes).
drm/msm/mdp5: Fix global state lock backoff (git-fixes).
drm/msm: Avoid dirtyfb stalls on video mode displays (v2) (git-fixes).
drm/msm: Fix dirtyfb refcounting (git-fixes).
drm/nouveau/acpi: Do not print error when we get -EINPROGRESS from pm_runtime (git-fixes).
drm/nouveau/kms: Fix failure path for creating DP connectors (git-fixes).
drm/nouveau: Do not pm_runtime_put_sync(), only pm_runtime_put_autosuspend() (git-fixes).
drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
drm/nouveau: recognise GA103 (git-fixes).
drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (git-fixes).
drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).
drm/rockchip: vop: Do not crash for invalid duplicate_state() (git-fixes).
drm/shmem-helper: Add missing vunmap on error (git-fixes).
drm/simpledrm: Fix return type of simpledrm_simple_display_pipe_mode_valid() (git-fixes).
drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).
drm/sun4i: dsi: Prevent underflow when computing packet sizes (git-fixes).
drm/ttm: Fix dummy res NULL ptr deref bug (git-fixes).
drm/udl: Add parameter to set number of URBs (bsc#1195917).
drm/udl: Add reset_resume (bsc#1195917)
drm/udl: Do not re-initialize stuff at retrying the URB list allocation (bsc#1195917).
drm/udl: Drop unneeded alignment (bsc#1195917).
drm/udl: Enable damage clipping (bsc#1195917).
drm/udl: Fix inconsistent urbs.count value during udl_free_urb_list() (bsc#1195917).
drm/udl: Fix potential URB leaks (bsc#1195917).
drm/udl: Increase the default URB list size to 20 (bsc#1195917).
drm/udl: Kill pending URBs at suspend and disconnect (bsc#1195917).
drm/udl: Replace BUG_ON() with WARN_ON() (bsc#1195917).
drm/udl: Replace semaphore with a simple wait queue (bsc#1195917).
drm/udl: Restore display mode on resume (bsc#1195917)
drm/udl: Suppress error print for -EPROTO at URB completion (bsc#1195917).
drm/udl: Sync pending URBs at suspend / disconnect (bsc#1195917).
drm/udl: Sync pending URBs at the end of suspend (bsc#1195917).
drm/vc4: change vc4_dma_range_matches from a global to static (git-fixes).
drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component (git-fixes).
drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration (git-fixes).
drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
drm/vc4: dsi: Fix dsi0 interrupt support (git-fixes).
drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type (git-fixes).
drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes (git-fixes).
drm/vc4: hdmi: Disable audio if dmas property is present but empty (git-fixes).
drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
drm/vc4: hdmi: Reset HDMI MISC_CONTROL register (git-fixes).
drm/vc4: plane: Fix margin calculations for the right/bottom edges (git-fixes).
drm/vc4: plane: Remove subpixel positioning check (git-fixes).
drm: adv7511: override i2c address of cec before accessing it (git-fixes).
drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).
drm: bridge: sii8620: fix possible off-by-one (git-fixes).
dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED (git-fixes).
dt-bindings: arm: qcom: fix MSM8916 MTP compatibles (git-fixes).
dt-bindings: arm: qcom: fix MSM8994 boards compatibles (git-fixes).
dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding (git-fixes).
dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources (git-fixes).
dt-bindings: gpio: zynq: Add missing compatible strings (git-fixes).
dt-bindings: iio: accel: Add DT binding doc for ADXL355 (git-fixes).
dt-bindings: usb: mtk-xhci: Allow wakeup interrupt-names to be optional (git-fixes).
eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write() (git-fixes).
erofs: fix deadlock when shrink erofs slab (git-fixes).
ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler (git-fies).
exfat: Define NLS_NAME_* as bit flags explicitly (bsc#1201725).
exfat: Downgrade ENAMETOOLONG error message to debug messages (bsc#1201725).
exfat: Drop superfluous new line for error messages (bsc#1201725).
exfat: Expand exfat_err() and co directly to pr_*() macro (bsc#1201725).
exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1201725).
exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).
exfat: fix referencing wrong parent directory information after renaming (git-fixes).
exfat: reuse exfat_inode_info variable instead of calling EXFAT_I() (git-fixes).
exfat: use updated exfat_chain directly during renaming (git-fixes).
export: fix string handling of namespace in EXPORT_SYMBOL_NS (git-fixes).
ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).
ext4: add new helper interface ext4_try_to_trim_range() (bsc#1202783).
ext4: add reserved GDT blocks check (bsc#1202712).
ext4: do not use the orphan list when migrating an inode (bsc#1197756).
ext4: fast commit may miss tracking unwritten range during ftruncate (bsc#1202759).
ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state (bsc#1202771).
ext4: fix a possible ABBA deadlock due to busy PA (bsc#1202762).
ext4: fix bug_on in ext4_writepages (bsc#1200872).
ext4: fix error handling in ext4_fc_record_modified_inode() (bsc#1202767).
ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).
ext4: fix fallocate to use file_modified to update permissions consistently (bsc#1202769).
ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE (bsc#1202757).
ext4: fix fs corruption when tring to remove a non-empty directory with IO error (bsc#1202768).
ext4: fix incorrect type issue during replay_del_range (bsc#1202867).
ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits' (bsc#1202764).
ext4: fix overhead calculation to account for the reserved gdt blocks (bsc#1200869).
ext4: fix race when reusing xattr blocks (bsc#1198971).
ext4: fix super block checksum incorrect after mount (bsc#1202773).
ext4: fix symlink file size not match to file content (bsc#1200868).
ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).
ext4: fix use-after-free in ext4_search_dir (bsc#1202710).
ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).
ext4: force overhead calculation if the s_overhead_cluster makes no sense (bsc#1200870).
ext4: initialize err_blk before calling __ext4_get_inode_loc (bsc#1202763).
ext4: make sure quota gets properly shutdown on error (bsc#1195480).
ext4: make sure to reset inode lockdep class when quota enabling fails (bsc#1202761).
ext4: mark group as trimmed only if it was fully scanned (bsc#1202770).
ext4: modify the logic of ext4_mb_new_blocks_simple (bsc#1202766).
ext4: prevent used blocks from being allocated during fast commit replay (bsc#1202765).
ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713).
ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).
ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).
ext4: use ext4_ext_remove_space() for fast commit replay delete range (bsc#1202758).
fat: add ratelimit to fat*_ent_bread() (git-fixes).
fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).
fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).
fbdev: fbcon: Properly revert changes when vc_resize() failed (git-fies).
filemap: Handle sibling entries in filemap_get_read_batch() (bsc#1202774).
firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (git-fixes).
firmware: tegra: Fix error check return value of debugfs_create_file() (git-fixes).
firmware: tegra: bpmp: Do only aligned access to IPC memory area (git-fixes).
fix race between exit_itimers() and /proc/pid/timers (git-fixes).
fpga: altera-pr-ip: fix unsigned comparison with less than zero (git-fixes).
fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages (bsc#1200873).
ftrace/x86: Add back ftrace_expected assignment (git-fixes).
fuse: ioctl: translate ENOSYS (bsc#1203139).
fuse: limit nsec (bsc#1203138).
gadgetfs: ep_io - wait until IRQ finishes (git-fixes).
geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).
geneve: fix TOS inheriting for ipv4 (git-fixes).
gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (git-fixes).
gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).
habanalabs/gaudi: fix shift out of bounds (git-fixes).
habanalabs/gaudi: mask constant value before cast (git-fixes).
hwmon: (dell-smm) Add Dell XPS 13 7390 to fan control whitelist (git-fixes).
hwmon: (drivetemp) Add module alias (git-fixes).
hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).
hwmon: (sht15) Fix wrong assumptions in device remove callback (git-fixes).
i2c: Fix a potential use after free (git-fixes).
i2c: cadence: Support PEC for SMBus block read (git-fixes).
i2c: imx: Make sure to unregister adapter on remove() (git-fixes).
i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).
i2c: mxs: Silence a clang warning (git-fixes).
i2c: npcm: Capitalize the one-line comment (git-fixes).
i2c: npcm: Correct slave role behavior (git-fixes).
i2c: npcm: Remove own slave addresses 2:10 (git-fixes).
ice: fix 'scheduling while atomic' on aux critical err interrupt (git-fixes).
ieee80211: add EHT 1K aggregation definitions (bsc#1202131).
ieee80211: change HE nominal packet padding value defines (bsc#1202131).
ieee802154/adf7242: defer destroy_workqueue call (git-fixes).
iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
iio: accel: bma400: Fix the scale min and max macro values (git-fixes).
iio: accel: bma400: Reordering of header files (git-fixes).
iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
iio: accel: sca3300: Fix alignment for DMA safety (git-fixes).
iio: ad7292: Prevent regulator double disable (git-fixes).
iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7292: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
iio: adc: ad7923: Fix alignment for DMA safety (git-fixes).
iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
iio: adc: ltc2496: Fix alignment for DMA safety (git-fixes).
iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
iio: adc: max1241: Fix alignment for DMA safety (git-fixes).
iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
iio: adc: mcp3911: make use of the sign bit (git-fixes).
iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).
iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-adc108s102: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-ads131e08: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).
iio: common: ssp: Fix alignment for DMA safety (git-fixes).
iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large (git-fixes).
iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5766: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5770r: Fix alignment for DMA safety (git-fixes).
iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).
iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
iio: fix iio_format_avail_range() printing for none IIO_VAL_INT (git-fixes).
iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).
iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).
iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).
iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).
iio: imu: fxos8700: Fix alignment for DMA safety (git-fixes).
iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).
iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).
iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).
iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).
iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).
iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).
iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).
iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
iio: temp: ltc2983: Fix alignment for DMA safety (git-fixes).
iio: temp: maxim_thermocouple: Fix alignment for DMA safety (git-fixes).
inet_diag: fix kernel-infoleak for UDP sockets (git-fixes).
intel_th: Fix a resource leak in an error handling path (git-fixes).
intel_th: msu-sink: Potential dereference of null pointer (git-fixes).
intel_th: msu: Fix vmalloced buffers (git-fixes).
intel_th: pci: Add Meteor Lake-P support (git-fixes).
intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).
intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).
interconnect: imx: fix max_node_id (git-fixes).
io_uring: add a schedule point in io_add_buffers() (git-fixes).
io_uring: terminate manual loop iterator loop correctly for non-vecs (git-fixes).
iommu/amd: Clarify AMD IOMMUv2 initialization messages (git-fixes).
iommu/amd: Enable swiotlb in all cases (git-fixes).
iommu/amd: Fix I/O page table memory leak (git-fixes).
iommu/amd: Recover from event log overflow (git-fixes).
iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement (git-fixes).
iommu/arm-smmu-v3-sva: Fix mm use-after-free (git-fixes).
iommu/arm-smmu-v3: Fix size calculation in arm_smmu_mm_invalidate_range() (git-fixes).
iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop (git-fixes).
iommu/dart: Add missing module owner to ops structure (git-fixes).
iommu/dart: check return value after calling platform_get_resource() (git-fixes).
iommu/exynos: Handle failed IOMMU device registration properly (git-fixes).
iommu/iova: Improve 32-bit free space estimate (git-fixes).
iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).
iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).
iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (git-fixes).
iommu/mediatek: Fix 2 HW sharing pgtable issue (git-fixes).
iommu/mediatek: Fix NULL pointer dereference when printing dev_name (git-fixes).
iommu/mediatek: Remove clk_disable in mtk_iommu_remove (git-fixes).
iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).
iommu/omap: Fix regression in probe for NULL pointer dereference (git-fixes).
iommu/tegra-smmu: Fix missing put_device() call in tegra_smmu_find (git-fixes).
iommu/vt-d: Acquiring lock in domain ID allocation helpers (bsc#1200301).
iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).
iommu/vt-d: Drop stop marker messages (git-fixes).
iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).
iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).
iommu/vt-d: Make DMAR_UNITS_SUPPORTED default 1024 (bsc#1200301).
iommu/vt-d: Refactor iommu information of each domain (bsc#1200301).
iommu/vt-d: Remove global g_iommus array (bsc#1200301).
iommu/vt-d: Remove intel_iommu::domains (bsc#1200301).
iommu/vt-d: Remove unnecessary check in intel_iommu_add() (bsc#1200301).
iommu/vt-d: Use IDA interface to manage iommu sequence id (bsc#1200301).
iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes).
iommu: Fix potential use-after-free during probe (git-fixes).
iov_iter: Fix iter_xarray_get_pages{,_alloc}() (git-fixes).
iov_iter: fix build issue due to possible type mis-match (git-fixes).
ipmi: fix initialization when workqueue allocation fails (git-fixes).
irqchip/sifive-plic: Add missing thead,c900-plic match string (git-fixes).
irqchip/tegra: Fix overflow implicit truncation warnings (git-fixes).
iwlwifi/fw: use struct_size over open coded arithmetic (bsc#1202131).
iwlwifi: ACPI: support revision 3 WGDS tables (bsc#1202131).
iwlwifi: Add support for getting rf id with blank otp (bsc#1202131).
iwlwifi: Add support for more BZ HWs (bsc#1202131).
iwlwifi: BZ Family BUS_MASTER_DISABLE_REQ code duplication (bsc#1202131).
iwlwifi: BZ Family SW reset support (bsc#1202131).
iwlwifi: Configure FW debug preset via module param (bsc#1202131).
iwlwifi: Fix FW name for gl (bsc#1202131).
iwlwifi: Fix missing error code in iwl_pci_probe() (bsc#1202131).
iwlwifi: Fix syntax errors in comments (bsc#1202131).
iwlwifi: Make use of the helper macro LIST_HEAD() (bsc#1202131).
iwlwifi: Read the correct addresses when getting the crf id (bsc#1202131).
iwlwifi: Start scratch debug register for Bz family (bsc#1202131).
iwlwifi: acpi: fix wgds rev 3 size (bsc#1202131).
iwlwifi: acpi: move ppag code from mvm to fw/acpi (bsc#1202131).
iwlwifi: add missing entries for Gf4 with So and SoF (bsc#1202131).
iwlwifi: add new Qu-Hr device (bsc#1202131).
iwlwifi: add new ax1650 killer device (bsc#1202131).
iwlwifi: add new device id 7F70 (bsc#1202131).
iwlwifi: add new pci SoF with JF (bsc#1202131).
iwlwifi: add some missing kernel-doc in struct iwl_fw (bsc#1202131).
iwlwifi: add support for BNJ HW (bsc#1202131).
iwlwifi: add support for BZ-U and BZ-L HW (bsc#1202131).
iwlwifi: add support for Bz-Z HW (bsc#1202131).
iwlwifi: add vendor specific capabilities for some RFs (bsc#1202131).
iwlwifi: advertise support for HE - DCM BPSK RX/TX (bsc#1202131).
iwlwifi: allow rate-limited error messages (bsc#1202131).
iwlwifi: api: fix struct iwl_wowlan_status_v7 kernel-doc (bsc#1202131).
iwlwifi: api: remove ttl field from TX command (bsc#1202131).
iwlwifi: api: remove unused RX status bits (bsc#1202131).
iwlwifi: avoid variable shadowing (bsc#1202131).
iwlwifi: avoid void pointer arithmetic (bsc#1202131).
iwlwifi: bump FW API to 67 for AX devices (bsc#1202131).
iwlwifi: bump FW API to 68 for AX devices (bsc#1202131).
iwlwifi: bump FW API to 69 for AX devices (bsc#1202131).
iwlwifi: bump FW API to 70 for AX devices (bsc#1202131).
iwlwifi: bump FW API to 71 for AX devices (bsc#1202131).
iwlwifi: bump FW API to 72 for AX devices (bsc#1202131).
iwlwifi: cfg: add support for 1K BA queue (bsc#1202131).
iwlwifi: dbg-tlv: clean up iwl_dbg_tlv_update_drams() (bsc#1202131).
iwlwifi: dbg: add infra for tracking free buffer size (bsc#1202131).
iwlwifi: dbg: check trigger data before access (bsc#1202131).
iwlwifi: dbg: disable ini debug in 8000 family and below (bsc#1202131).
iwlwifi: dbg: in sync mode do not call schedule (bsc#1202131).
iwlwifi: dbg: treat dbgc allocation failure when tlv is missing (bsc#1202131).
iwlwifi: dbg: treat non active regions as unsupported regions (bsc#1202131).
iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write (bsc#1202131).
iwlwifi: de-const properly where needed (bsc#1202131).
iwlwifi: debugfs: remove useless double condition (bsc#1202131).
iwlwifi: do not dump_stack() when we get an unexpected interrupt (bsc#1202131).
iwlwifi: do not use __unused as variable name (bsc#1202131).
iwlwifi: drv: load tlv debug data earlier (bsc#1202131).
iwlwifi: dump CSR scratch from outer function (bsc#1202131).
iwlwifi: dump RCM error tables (bsc#1202131).
iwlwifi: dump both TCM error tables if present (bsc#1202131).
iwlwifi: dump host monitor data when NIC does not init (bsc#1202131).
iwlwifi: dvm: use struct_size over open coded arithmetic (bsc#1202131).
iwlwifi: eeprom: clean up macros (bsc#1202131).
iwlwifi: fix LED dependencies (bsc#1202131).
iwlwifi: fix debug TLV parsing (bsc#1202131).
iwlwifi: fix fw/img.c license statement (bsc#1202131).
iwlwifi: fix iwl_legacy_rate_to_fw_idx (bsc#1202131).
iwlwifi: fix small doc mistake for iwl_fw_ini_addr_val (bsc#1202131).
iwlwifi: fix various more -Wcast-qual warnings (bsc#1202131).
iwlwifi: fw dump: add infrastructure for dump scrubbing (bsc#1202131).
iwlwifi: fw: add support for splitting region type bits (bsc#1202131).
iwlwifi: fw: api: add link to PHY context command struct v1 (bsc#1202131).
iwlwifi: fw: correctly detect HW-SMEM region subtype (bsc#1202131).
iwlwifi: fw: fix some scan kernel-doc (bsc#1202131).
iwlwifi: fw: init SAR GEO table only if data is present (bsc#1202131).
iwlwifi: fw: make dump_start callback void (bsc#1202131).
iwlwifi: fw: remove dead error log code (bsc#1202131).
iwlwifi: implement reset flow for Bz devices (bsc#1202131).
iwlwifi: iwl-eeprom-parse: mostly dvm only (bsc#1202131).
iwlwifi: make iwl_fw_lookup_cmd_ver() take a cmd_id (bsc#1202131).
iwlwifi: make iwl_txq_dyn_alloc_dma() return the txq (bsc#1202131).
iwlwifi: make some functions friendly to sparse (bsc#1202131).
iwlwifi: move symbols into a separate namespace (bsc#1202131).
iwlwifi: mvm/api: define system control command (bsc#1202131).
iwlwifi: mvm: Add RTS and CTS flags to iwl_tx_cmd_flags (bsc#1202131).
iwlwifi: mvm: Add list of OEMs allowed to use TAS (bsc#1202131).
iwlwifi: mvm: Add support for a new version of scan request command (bsc#1202131).
iwlwifi: mvm: Add support for new rate_n_flags in tx_cmd (bsc#1202131).
iwlwifi: mvm: Consider P2P GO operation during scan (bsc#1202131).
iwlwifi: mvm: Disable WiFi bands selectively with BIOS (bsc#1202131).
iwlwifi: mvm: Do not fail if PPAG isn't supported (bsc#1202131).
iwlwifi: mvm: Fix wrong documentation for scan request command (bsc#1202131).
iwlwifi: mvm: Passively scan non PSC channels only when requested so (bsc#1202131).
iwlwifi: mvm: Read acpi dsm to get channel activation bitmap (bsc#1202131).
iwlwifi: mvm: Remove antenna c references (bsc#1202131).
iwlwifi: mvm: Support new TX_RSP and COMPRESSED_BA_RES versions (bsc#1202131).
iwlwifi: mvm: Support new rate_n_flags for REPLY_RX_MPDU_CMD and RX_NO_DATA_NOTIF (bsc#1202131).
iwlwifi: mvm: Support new version of BEACON_TEMPLATE_CMD (bsc#1202131).
iwlwifi: mvm: Support new version of ranging response notification (bsc#1202131).
iwlwifi: mvm: Support version 3 of tlc_update_notif (bsc#1202131).
iwlwifi: mvm: Unify the scan iteration functions (bsc#1202131).
iwlwifi: mvm: Use all Rx chains for roaming scan (bsc#1202131).
iwlwifi: mvm: add US/CA to TAS block list if OEM isn't allowed (bsc#1202131).
iwlwifi: mvm: add a flag to reduce power command (bsc#1202131).
iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).
iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).
iwlwifi: mvm: add dbg_time_point to debugfs (bsc#1202131).
iwlwifi: mvm: add definitions for new rate & flags (bsc#1202131).
iwlwifi: mvm: add lmac/umac PC info in case of error (bsc#1202131).
iwlwifi: mvm: add missing min_size to kernel-doc (bsc#1202131).
iwlwifi: mvm: add some missing command strings (bsc#1202131).
iwlwifi: mvm: add support for 160Mhz in ranging measurements (bsc#1202131).
iwlwifi: mvm: add support for CT-KILL notification version 2 (bsc#1202131).
iwlwifi: mvm: add support for IMR based on platform (bsc#1202131).
iwlwifi: mvm: add support for OCE scan (bsc#1202131).
iwlwifi: mvm: add support for PHY context command v4 (bsc#1202131).
iwlwifi: mvm: add support for statistics update version 15 (bsc#1202131).
iwlwifi: mvm: allow enabling UHB TAS in the USA via ACPI setting (bsc#1202131).
iwlwifi: mvm: always remove the session protection after association (bsc#1202131).
iwlwifi: mvm: always store the PPAG table as the latest version (bsc#1202131).
iwlwifi: mvm: always use 4K RB size by default (bsc#1202131).
iwlwifi: mvm: change old-SN drop threshold (bsc#1202131).
iwlwifi: mvm: clean up indenting in iwl_mvm_tlc_update_notif() (bsc#1202131).
iwlwifi: mvm: convert old rate & flags to the new format (bsc#1202131).
iwlwifi: mvm: correct sta-state logic for TDLS (bsc#1202131).
iwlwifi: mvm: correctly set channel flags (bsc#1202131).
iwlwifi: mvm: correctly set schedule scan profiles (bsc#1202131).
iwlwifi: mvm: d3: move GTK rekeys condition (bsc#1202131).
iwlwifi: mvm: d3: support v12 wowlan status (bsc#1202131).
iwlwifi: mvm: d3: use internal data representation (bsc#1202131).
iwlwifi: mvm: demote non-compliant kernel-doc header (bsc#1202131).
iwlwifi: mvm: do not get address of mvm->fwrt just to dereference as a pointer (bsc#1202131).
iwlwifi: mvm: do not send BAID removal to the FW during hw_restart (bsc#1202131).
iwlwifi: mvm: do not trust hardware queue number (bsc#1202131).
iwlwifi: mvm: drop too short packets silently (bsc#1202131).
iwlwifi: mvm: extend session protection on association (bsc#1202131).
iwlwifi: mvm: fix WGDS table print in iwl_mvm_chub_update_mcc() (bsc#1202131).
iwlwifi: mvm: fix a stray tab (bsc#1202131).
iwlwifi: mvm: fix condition which checks the version of rate_n_flags (bsc#1202131).
iwlwifi: mvm: fix delBA vs. NSSN queue sync race (bsc#1202131).
iwlwifi: mvm: fix ieee80211_get_he_iftype_cap() iftype (bsc#1202131).
iwlwifi: mvm: fix off by one in iwl_mvm_stat_iterator_all_macs() (bsc#1202131).
iwlwifi: mvm: fw: clean up hcmd struct creation (bsc#1202131).
iwlwifi: mvm: handle RX checksum on Bz devices (bsc#1202131).
iwlwifi: mvm: improve log when processing CSA (bsc#1202131).
iwlwifi: mvm: isolate offload assist (checksum) calculation (bsc#1202131).
iwlwifi: mvm: make iwl_mvm_reconfig_scd() static (bsc#1202131).
iwlwifi: mvm: offload channel switch timing to FW (bsc#1202131).
iwlwifi: mvm: only enable HE DCM if we also support TX (bsc#1202131).
iwlwifi: mvm: optionally suppress assert log (bsc#1202131).
iwlwifi: mvm: parse firmware alive message version 6 (bsc#1202131).
iwlwifi: mvm: read 6E enablement flags from DSM and pass to FW (bsc#1202131).
iwlwifi: mvm: reduce WARN_ON() in TX status path (bsc#1202131).
iwlwifi: mvm: refactor iwl_mvm_sta_rx_agg() (bsc#1202131).
iwlwifi: mvm: refactor setting PPE thresholds in STA_HE_CTXT_CMD (bsc#1202131).
iwlwifi: mvm: remove card state notification code (bsc#1202131).
iwlwifi: mvm: remove cipher scheme support (bsc#1202131).
iwlwifi: mvm: remove csi from iwl_mvm_pass_packet_to_mac80211() (bsc#1202131).
iwlwifi: mvm: remove iwl_mvm_disable_txq() flags argument (bsc#1202131).
iwlwifi: mvm: remove session protection after auth/assoc (bsc#1202131).
iwlwifi: mvm: remove session protection on disassoc (bsc#1202131).
iwlwifi: mvm: remove session protection upon station removal (bsc#1202131).
iwlwifi: mvm: rfi: handle deactivation notification (bsc#1202131).
iwlwifi: mvm: rfi: update rfi table (bsc#1202131).
iwlwifi: mvm: rfi: use kmemdup() to replace kzalloc + memcpy (bsc#1202131).
iwlwifi: mvm: scrub key material in firmware dumps (bsc#1202131).
iwlwifi: mvm: set BT-coex high priority for 802.1X/4-way-HS (bsc#1202131).
iwlwifi: mvm: set inactivity timeouts also for PS-poll (bsc#1202131).
iwlwifi: mvm: starting from 22000 we have 32 Rx AMPDU sessions (bsc#1202131).
iwlwifi: mvm: support Bz TX checksum offload (bsc#1202131).
iwlwifi: mvm: support RLC configuration command (bsc#1202131).
iwlwifi: mvm: support new BAID allocation command (bsc#1202131).
iwlwifi: mvm: support revision 1 of WTAS table (bsc#1202131).
iwlwifi: mvm: support v3 of station HE context command (bsc#1202131).
iwlwifi: mvm: update BAID allocation command again (bsc#1202131).
iwlwifi: mvm: update RFI TLV (bsc#1202131).
iwlwifi: mvm: update definitions due to new rate & flags (bsc#1202131).
iwlwifi: mvm: update rate scale in moving back to assoc state (bsc#1202131).
iwlwifi: mvm: use a define for checksum flags mask (bsc#1202131).
iwlwifi: mvm: use debug print instead of WARN_ON() (bsc#1202131).
iwlwifi: nvm: Correct HE capability (bsc#1202131).
iwlwifi: parse debug exclude data from firmware file (bsc#1202131).
iwlwifi: parse error tables from debug TLVs (bsc#1202131).
iwlwifi: pcie: Adapt rx queue write pointer for Bz family (bsc#1202131).
iwlwifi: pcie: add jacket bit to device configuration parsing (bsc#1202131).
iwlwifi: pcie: add support for MS devices (bsc#1202131).
iwlwifi: pcie: adjust to Bz completion descriptor (bsc#1202131).
iwlwifi: pcie: fix SW error MSI-X mapping (bsc#1202131).
iwlwifi: pcie: fix constant-conversion warning (bsc#1202131).
iwlwifi: pcie: fix killer name matching for AX200 (bsc#1202131).
iwlwifi: pcie: iwlwifi: fix device id 7F70 struct (bsc#1202131).
iwlwifi: pcie: make sure iwl_rx_packet_payload_len() will not underflow (bsc#1202131).
iwlwifi: pcie: refactor dev_info lookup (bsc#1202131).
iwlwifi: pcie: remove duplicate entry (bsc#1202131).
iwlwifi: pcie: remove two duplicate PNJ device entries (bsc#1202131).
iwlwifi: pcie: retake ownership after reset (bsc#1202131).
iwlwifi: pcie: simplify iwl_pci_find_dev_info() (bsc#1202131).
iwlwifi: pcie: support Bz suspend/resume trigger (bsc#1202131).
iwlwifi: pcie: try to grab NIC access early (bsc#1202131).
iwlwifi: pcie: update sw error interrupt for BZ family (bsc#1202131).
iwlwifi: pnvm: print out the version properly (bsc#1202131).
iwlwifi: prefer WIDE_ID() over iwl_cmd_id() (bsc#1202131).
iwlwifi: propagate (const) type qualifier (bsc#1202131).
iwlwifi: recognize missing PNVM data and then log filename (bsc#1202131).
iwlwifi: remove MODULE_AUTHOR() statements (bsc#1202131).
iwlwifi: remove command ID argument from queue allocation (bsc#1202131).
iwlwifi: remove contact information (bsc#1202131).
iwlwifi: remove deprecated broadcast filtering feature (bsc#1202131).
iwlwifi: remove redundant iwl_finish_nic_init() argument (bsc#1202131).
iwlwifi: remove unused DC2DC_CONFIG_CMD definitions (bsc#1202131).
iwlwifi: remove unused iwlax210_2ax_cfg_so_hr_a0 structure (bsc#1202131).
iwlwifi: remove unused macros (bsc#1202131).
iwlwifi: rename CHANNEL_SWITCH_NOA_NOTIF to CHANNEL_SWITCH_START_NOTIF (bsc#1202131).
iwlwifi: rename GEO_TX_POWER_LIMIT to PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1202131).
iwlwifi: rs: add support for TLC config command ver 4 (bsc#1202131).
iwlwifi: scan: Modify return value of a function (bsc#1202131).
iwlwifi: support 4-bits in MAC step value (bsc#1202131).
iwlwifi: support SAR GEO Offset Mapping override via BIOS (bsc#1202131).
iwlwifi: support new queue allocation command (bsc#1202131).
iwlwifi: swap 1650i and 1650s killer struct names (bsc#1202131).
iwlwifi: tlc: Add logs in rs_fw_rate_init func to print TLC configuration (bsc#1202131).
iwlwifi: use 4k queue size for Bz A-step (bsc#1202131).
iwlwifi: yoyo: Avoid using dram data if allocation failed (bsc#1202131).
iwlwifi: yoyo: add IMR DRAM dump support (bsc#1202131).
iwlwifi: yoyo: disable IMR DRAM region if IMR is disabled (bsc#1202131).
iwlwifi: yoyo: dump IMR DRAM only for HW and FW error (bsc#1202131).
iwlwifi: yoyo: fix DBGC allocation flow (bsc#1202131).
iwlwifi: yoyo: fix DBGI_SRAM ini dump header (bsc#1202131).
iwlwifi: yoyo: fix issue with new DBGI_SRAM region read (bsc#1202131).
iwlwifi: yoyo: fw debug config from context info and preset (bsc#1202131).
iwlwifi: yoyo: send hcmd to fw after dump collection completes (bsc#1202131).
iwlwifi: yoyo: support TLV-based firmware reset (bsc#1202131).
iwlwifi: yoyo: support dump policy for the dump size (bsc#1202131).
iwlwifi: yoyo: support for DBGC4 for dram (bsc#1202131).
iwlwifi: yoyo: support for ROM usniffer (bsc#1202131).
jbd2: export jbd2_journal_[grab|put]_journal_head (bsc#1202775).
jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted (bsc#1202716).
jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() (bsc#1202715).
kABI: scsi: libiscsi: fix removal of iscsi_create_conn (bsc#1198410).
kabi/severities: Exclude ppc kvm
kabi/severities: add Qlogic qed symbols
kabi/severities: add drivers/scsi/hisi_sas for bsc#1202471
kabi/severities: add hisilicon hns3 symbols
kabi/severities: add microchip dsa drivers
kabi/severities: ignore kABI changes in mwifiex drivers Those symbols are used only locally in mwifiex (sub-)modules.
kabi/severities: octeontx2 driver (jsc#SLE-24682)
kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).
kbuild: fix the modules order between drivers and libs (git-fixes).
kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) (git-fixes).
kcm: fix strp_init() order and cleanup (git-fies).
kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages
kfifo: fix kfifo_to_user() return type (git-fixes).
kselftest/cgroup: fix test_stress.sh to use OUTPUT dir (git-fixes).
kselftest/vm: fix tests build with old libc (git-fixes).
kselftest: Fix vdso_test_abi return status (git-fixes).
kselftest: signal all child processes (git-fixes).
kvm: selftests: do not use bitfields larger than 32-bits for PTEs (git-fixes).
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu (git-fixes).
landlock: Add clang-format exceptions (git-fixes).
landlock: Change landlock_add_rule(2) argument check ordering (git-fixes).
landlock: Change landlock_restrict_self(2) check ordering (git-fixes).
landlock: Create find_rule() from unmask_layers() (git-fixes).
landlock: Define access_mask_t to enforce a consistent access mask size (git-fixes).
landlock: Fix landlock_add_rule(2) documentation (git-fixes).
landlock: Fix same-layer rule unions (git-fixes).
landlock: Format with clang-format (git-fixes).
landlock: Reduce the maximum number of layers to 16 (git-fixes).
landlock: Use square brackets around 'landlock-ruleset' (git-fixes).
lib/list_debug.c: Detect uninitialized lists (git-fixes).
lib/raid6/test: fix multiple definition linking error (git-fixes).
lib/smp_processor_id: fix imbalanced instrumentation_end() call (git-fixes).
lkdtm: Disable return thunks in rodata.c (bsc#1190497).
lockdep: Correct lock_classes index mapping (git-fixes).
locking/lockdep: Avoid potential access of invalid memory in lock_class (git-fixes).
locking/lockdep: Fix lockdep_init_map_*() confusion (git-fixes).
locking/lockdep: Iterate lock_classes directly when reading lockdep files (git-fixes).
loop: Check for overflow while configuring loop (git-fies).
loop: Use pr_warn_once() for loop_control_remove() warning (git-fixes).
loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
mac80211: fix a memory leak where sta_info is not freed (git-fixes).
mac80211: introduce channel switch disconnect function (bsc#1202131).
macsec: always read MACSEC_SA_ATTR_PN as a u64 (git-fixes).
macsec: fix NULL deref in macsec_add_rxsa (git-fixes).
macsec: fix error message in macsec_add_rxsa and _txsa (git-fixes).
macsec: limit replay window size with XPN (git-fixes).
marvell: octeontx2: build error: unknown type name 'u64' (jsc#SLE-24682).
mbcache: add functions to delete entry if unused (bsc#1198971).
mbcache: do not reclaim used entries (bsc#1198971).
md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
md/raid0: Ignore RAID0 layout if the second zone has only one device (git-fixes).
md/raid1: fix missing bitmap update w/o WriteMostly devices (bsc#1203036).
media: [PATCH] pci: atomisp_cmd: fix three missing checks on list iterator (git-fixes).
media: atmel: atmel-sama7g5-isc: fix warning in configs without OF (git-fixes).
media: cedrus: h265: Fix flag name (git-fixes).
media: cedrus: hevc: Add check for invalid timestamp (git-fixes).
media: driver/nxp/imx-jpeg: fix a unexpected return value problem (git-fixes).
media: hantro: postproc: Fix motion vector space size (git-fixes).
media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
media: hevc: Embedded indexes in RPS (git-fixes).
media: imx-jpeg: Add pm-runtime support for imx-jpeg (git-fixes).
media: imx-jpeg: use NV12M to represent non contiguous NV12 (git-fixes).
media: pvrusb2: fix memory leak in pvr_probe (git-fixes).
media: tw686x: Fix memory leak in tw686x_video_init (git-fixes).
media: tw686x: Register the irq at the end of probe (git-fixes).
media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set (git-fixes).
mediatek: mt76: eeprom: fix missing of_node_put() in mt76_find_power_limits_node() (git-fixes).
mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() (git-fixes).
memstick/ms_block: Fix a memory leak (git-fixes).
memstick/ms_block: Fix some incorrect memory allocation (git-fixes).
meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).
mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).
mfd: t7l66xb: Drop platform disable callback (git-fixes).
minix: fix bug when opening a file with O_DIRECT (git-fixes).
misc: fastrpc: fix memory corruption on open (git-fixes).
misc: fastrpc: fix memory corruption on probe (git-fixes).
misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).
mkspec: eliminate @NOSOURCE@ macro This should be alsways used with @SOURCES@, just include the content there.
mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes).
mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).
mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).
mm: pagewalk: Fix race between unmap and page walker (git-fixes, bsc#1203159).
mmc: block: Add single read for 4k sector cards (git-fixes).
mmc: cavium-octeon: Add of_node_put() when breaking out of loop (git-fixes).
mmc: cavium-thunderx: Add of_node_put() when breaking out of loop (git-fixes).
mmc: core: Fix UHS-I SD 1.8V workaround branch (git-fixes).
mmc: meson-gx: Fix an error handling path in meson_mmc_probe() (git-fixes).
mmc: mxcmmc: Silence a clang warning (git-fixes).
mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).
mmc: pxamci: Fix another error handling path in pxamci_probe() (git-fixes).
mmc: renesas_sdhi: Get the reset handle early in the probe (git-fixes).
mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).
mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (git-fixes).
mmc: tmio: avoid glitches when resetting (git-fixes).
msft-hv-2570-hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
mt76: mt7615: do not update pm stats in case of error (git-fixes).
mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg (git-fixes).
mt76: mt7921: enlarge maximum VHT MPDU length to 11454 (git-fixes).
mt76: mt7921: fix aggregation subframes setting to HE max (git-fixes).
mtd: dataflash: Add SPI ID table (git-fixes).
mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).
mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).
mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset (git-fixes).
mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).
mtd: rawnand: arasan: Fix clock rate in NV-DDR (git-fixes).
mtd: rawnand: arasan: Update NAND bus clock instead of system clock (git-fixes).
mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times (git-fixes).
mtd: rawnand: gpmi: validate controller clock rate (git-fixes).
mtd: rawnand: meson: Fix a potential double free issue (git-fixes).
mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release (git-fixes).
mtd: spi-nor: fix spi_nor_spimem_setup_op() call in spi_nor_erase_{sector,chip}() (git-fixes).
mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path (git-fixes).
musb: fix USB_MUSB_TUSB6010 dependency (git-fixes).
mwifiex: Ignore BTCOEX events from the 88W8897 firmware (git-fixes).
n_gsm: remove unused parameters from gsm_error() (git-fixes).
net: asix: fix 'can't send until first packet is send' issue (git-fixes).
net: bcmgenet: Use stronger register read/writes to assure ordering (git-fixes).
net: dsa: b53: Add SPI ID table (git-fixes).
net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering (git-fixes).
net: dsa: felix: purge skb from TX timestamping queue if it cannot be sent (git-fies).
net: dsa: hellcreek: Add STP forwarding rule (git-fixes).
net: dsa: hellcreek: Add missing PTP via UDP rules (git-fixes).
net: dsa: hellcreek: Allow PTP P2P measurements on blocked ports (git-fixes).
net: dsa: hellcreek: Fix insertion of static FDB entries (git-fixes).
net: dsa: microchip: implement multi-bridge support (git-fixes).
net: dsa: mv88e6xxx: Add fix for erratum 5.2 of 88E6393X family (git-fixes).
net: dsa: mv88e6xxx: Drop unnecessary check in mv88e6393x_serdes_erratum_4_6() (git-fixes).
net: dsa: mv88e6xxx: Enable port policy support on 6097 (git-fixes).
net: dsa: mv88e6xxx: Fix application of erratum 4.8 for 88E6393X (git-fixes).
net: dsa: mv88e6xxx: Fix inband AN for 2500base-x on 88E6393X family (git-fixes).
net: dsa: mv88e6xxx: Link in pcs_get_state() if AN is bypassed (git-fixes).
net: dsa: mv88e6xxx: Save power by disabling SerDes trasmitter and receiver (git-fixes).
net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down() (git-fixes).
net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports (git-fixes).
net: dsa: mv88e6xxx: error handling for serdes_power functions (git-fixes).
net: dsa: mv88e6xxx: fix 'do not use PHY_DETECT on internal PHY's' (git-fixes).
net: dsa: ocelot: seville: utilize of_mdiobus_register (git-fixes).
net: dsa: qca8k: fix MTU calculation (git-fixes).
net: dsa: seville: register the mdiobus under devres (git-fixes).
net: dsa: tag_ocelot_8021q: break circular dependency with ocelot switch lib (git-fies).
net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).
net: hns3: clean residual vf config after disable sriov (git-fixes).
net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() (git-fixes).
net: marvell: prestera: fix incorrect structure access (git-fixes).
net: mscc: ocelot: correctly report the timestamping RX filters in ethtool (git-fixes).
net: mscc: ocelot: create a function that replaces an existing VCAP filter (git-fixes).
net: mscc: ocelot: do not dereference NULL pointers with shared tc filters (git-fixes).
net: mscc: ocelot: do not downgrade timestamping RX filters in SIOCSHWTSTAMP (git-fixes).
net: mscc: ocelot: fix incorrect balancing with down LAG ports (git-fixes).
net: mscc: ocelot: set up traps for PTP packets (git-fixes).
net: openvswitch: do not send internal clone attribute to the userspace (git-fixes).
net: openvswitch: fix leak of nested actions (git-fixes).
net: openvswitch: fix misuse of the cached connection on tuple changes (git-fixes).
net: openvswitch: fix parsing of nw_proto for IPv6 fragments (git-fixes).
net: phy: Do not WARN for PHY_READY state in mdio_bus_phy_resume() (git-fixes).
net: phy: Warn about incorrect mdio_bus_phy_resume() state (git-fixes).
net: phy: smsc: Disable Energy Detect Power-Down in interrupt mode (git-fixes).
net: ptp: add a definition for the UDP port for IEEE 1588 general messages (git-fixes).
net: rose: fix netdev reference changes (git-fixes).
net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes).
net: stmmac: clean up impossible condition (git-fixes).
net: stmmac: disable Split Header (SPH) for Intel platforms (bsc#1194904).
net: stmmac: dwc-qos: Disable split header for Tegra194 (bsc#1194904).
net: stmmac: fix off-by-one error in sanity check (git-fixes).
net: usb: Correct PHY handling of smsc95xx (git-fixes).
net: usb: Correct reset handling of smsc95xx (git-fixes).
net: usb: ax88179_178a needs FLAG_SEND_ZLP (git-fixes).
net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).
net: usb: make USB_RTL8153_ECM non user configurable (git-fixes).
net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (bsc#1200431).
net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (bsc#1200431).
net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c (bsc#1200431).
net:enetc: allocate CBD ring data memory using DMA coherent methods (git-fixes).
net_sched: cls_route: disallow handle of 0 (bsc#1202393).
nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout (git-fixes).
nfsd: fix use-after-free due to delegation race (git-fixes).
nilfs2: fix incorrect masking of permission flags for symlinks (git-fixes).
nilfs2: fix lockdep warnings during disk space reclamation (git-fixes).
nilfs2: fix lockdep warnings in page operations for btree nodes (git-fixes).
nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() (bnc#1189999 (Scheduler functional and performance backports)).
nouveau/svm: Fix to migrate all requested pages (git-fixes).
nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf (git-fies).
ntb_hw_amd: Add NTB PCI ID for new gen CPU (bsc#1202113).
nvme-auth: align to pre-upstream FFDHE implementation (bsc#1202265).
nvme-auth: retry command if DNR bit is not set (bsc#1201675).
nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).
nvme-rdma: Handle number of queue changes (bsc#1201865).
nvme-tcp: Handle number of queue changes (bsc#1201865).
nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).
nvme: consider also host_iface when checking ip options (bsc#1199670).
nvme: fix RCU hole that allowed for endless looping in multipath round robin (bsc#1202636).
nvme: implement In-Band authentication (jsc#SLE-20183).
nvme: kabi fixes for in-band authentication (bsc#1199086).
nvmet-auth: expire authentication sessions (jsc#SLE-20183).
nvmet: Expose max queues to configfs (bsc#1201865).
nvmet: implement basic In-Band Authentication (jsc#SLE-20183).
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (bsc#1202778).
ocfs2: fix a deadlock when commit trans (bsc#1202776).
octeontx2-af: Add KPU changes to parse NGIO as separate layer (jsc#SLE-24682).
octeontx2-af: Add PTP device id for CN10K and 95O silcons (jsc#SLE-24682).
octeontx2-af: Add SDP interface support (jsc#SLE-24682).
octeontx2-af: Add debug messages for failures (jsc#SLE-24682).
octeontx2-af: Add external ptp input clock (jsc#SLE-24682).
octeontx2-af: Add free rsrc count mbox msg (jsc#SLE-24682).
octeontx2-af: Add mbox to retrieve bandwidth profile free count (jsc#SLE-24682).
octeontx2-af: Add support to flush full CPT CTX cache (jsc#SLE-24682).
octeontx2-af: Adjust LA pointer for cpt parse header (jsc#SLE-24682).
octeontx2-af: Allocate low priority entries for PF (jsc#SLE-24682).
octeontx2-af: Allow to configure flow tag LSB byte as RSS adder (jsc#SLE-24682).
octeontx2-af: Change the order of queue work and interrupt disable (jsc#SLE-24682).
octeontx2-af: Do not enable Pause frames by default (jsc#SLE-24682).
octeontx2-af: Enable CPT HW interrupts (jsc#SLE-24682).
octeontx2-af: Enhance mailbox trace entry (jsc#SLE-24682).
octeontx2-af: Fix LBK backpressure id count (jsc#SLE-24682).
octeontx2-af: Fix inconsistent license text (jsc#SLE-24682).
octeontx2-af: Fix interrupt name strings (jsc#SLE-24682).
octeontx2-af: Fix spelling mistake 'Makesure' -> 'Make sure' (jsc#SLE-24682).
octeontx2-af: Fix uninitialized variable val (jsc#SLE-24682).
octeontx2-af: Flow control resource management (jsc#SLE-24682).
octeontx2-af: Handle return value in block reset (jsc#SLE-24682).
octeontx2-af: Hardware configuration for inline IPsec (jsc#SLE-24682).
octeontx2-af: Increase link credit restore polling timeout (jsc#SLE-24682).
octeontx2-af: Increase number of reserved entries in KPU (jsc#SLE-24682).
octeontx2-af: Increment ptp refcount before use (jsc#SLE-24682).
octeontx2-af: Limit KPU parsing for GTPU packets (jsc#SLE-24682).
octeontx2-af: Modify install flow error codes (jsc#SLE-24682).
octeontx2-af: Optimize KPU1 processing for variable-length headers (jsc#SLE-24682).
octeontx2-af: Perform cpt lf teardown in non FLR path (jsc#SLE-24682).
octeontx2-af: Priority flow control configuration support (jsc#SLE-24682).
octeontx2-af: Remove channel verification while installing MCAM rules (jsc#SLE-24682).
octeontx2-af: Remove redundant initialization of variable blkaddr (jsc#SLE-24682).
octeontx2-af: Remove redundant initialization of variable pin (jsc#SLE-24682).
octeontx2-af: Reset PTP config in FLR handler (jsc#SLE-24682).
octeontx2-af: Retry until RVU block reset complete (jsc#SLE-24682).
octeontx2-af: Use DMA_ATTR_FORCE_CONTIGUOUS attribute in DMA alloc (jsc#SLE-24682).
octeontx2-af: Use NDC TX for transmit packet data (jsc#SLE-24682).
octeontx2-af: Use ptp input clock info from firmware data (jsc#SLE-24682).
octeontx2-af: Wait for TX link idle for credits change (jsc#SLE-24682).
octeontx2-af: add proper return codes for AF mailbox handlers (jsc#SLE-24682).
octeontx2-af: cn10K: Get NPC counters value (jsc#SLE-24682).
octeontx2-af: cn10K: support for sched lmtst and other features (jsc#SLE-24682).
octeontx2-af: cn10k: DWRR MTU configuration (jsc#SLE-24682).
octeontx2-af: cn10k: RPM hardware timestamp configuration (jsc#SLE-24682).
octeontx2-af: cn10k: Set cache lines for NPA batch alloc (jsc#SLE-24682).
octeontx2-af: cn10k: Use appropriate register for LMAC enable (jsc#SLE-24682).
octeontx2-af: cn10k: add workaround for ptp errata (jsc#SLE-24682).
octeontx2-af: cn10k: debugfs for dumping LMTST map table (jsc#SLE-24682).
octeontx2-af: configure npc for cn10k to allow packets from cpt (jsc#SLE-24682).
octeontx2-af: debugfs: Add channel and channel mask (jsc#SLE-24682).
octeontx2-af: debugfs: Minor changes (jsc#SLE-24682).
octeontx2-af: debugfs: do not corrupt user memory (jsc#SLE-24682).
octeontx2-af: debugfs: fix error return of allocations (jsc#SLE-24682).
octeontx2-af: enable tx shaping feature for 96xx C0 (jsc#SLE-24682).
octeontx2-af: fix array bound error (jsc#SLE-24682).
octeontx2-af: fix error code in is_valid_offset() (jsc#SLE-24682).
octeontx2-af: initialize action variable (jsc#SLE-24682).
octeontx2-af: nix and lbk in loop mode in 98xx (jsc#SLE-24682).
octeontx2-af: remove redudant second error check on variable err (jsc#SLE-24682).
octeontx2-af: use swap() to make code cleaner (jsc#SLE-24682).
octeontx2-af: verify CQ context updates (jsc#SLE-24682).
octeontx2-nic: fix mixed module build (jsc#SLE-24682).
octeontx2-nicvf: Add PTP hardware clock support to NIX VF (jsc#SLE-24682).
octeontx2-nicvf: Free VF PTP resources (jsc#SLE-24682).
octeontx2-pf: Add TC feature for VFs (jsc#SLE-24682).
octeontx2-pf: Add XDP support to netdev PF (jsc#SLE-24682).
octeontx2-pf: Add check for non zero mcam flows (jsc#SLE-24682).
octeontx2-pf: Add support for adaptive interrupt coalescing (jsc#SLE-24682).
octeontx2-pf: Add vlan-etype to ntuple filters (jsc#SLE-24682).
octeontx2-pf: Allow VLAN priority also in ntuple filters (jsc#SLE-24682).
octeontx2-pf: CN10K: Hide RPM stats over ethtool (jsc#SLE-24682).
octeontx2-pf: Do not mask out supported link modes (jsc#SLE-24682).
octeontx2-pf: Enable NETIF_F_RXALL support for VF driver (jsc#SLE-24682).
octeontx2-pf: Fix inconsistent license text (jsc#SLE-24682).
octeontx2-pf: Ntuple filters support for VF netdev (jsc#SLE-24682).
octeontx2-pf: PFC config support with DCBx (jsc#SLE-24682).
octeontx2-pf: Remove unnecessary synchronize_irq() before free_irq() (jsc#SLE-24682).
octeontx2-pf: Simplify the receive buffer size calculation (jsc#SLE-24682).
octeontx2-pf: Sort the allocated MCAM entry indices (jsc#SLE-24682).
octeontx2-pf: Unify flow management variables (jsc#SLE-24682).
octeontx2-pf: Use hardware register for CQE count (jsc#SLE-24682).
octeontx2-pf: cn10K: Reserve LMTST lines per core (jsc#SLE-24682).
octeontx2-pf: cn10k: Config DWRR weight based on MTU (jsc#SLE-24682).
octeontx2-pf: cn10k: Ensure valid pointers are freed to aura (jsc#SLE-24682).
octeontx2-pf: cn10k: add support for new ptp timestamp format (jsc#SLE-24682).
octeontx2-pf: devlink params support to set mcam entry count (jsc#SLE-24682).
octeontx2-pf: replace bitmap_weight with bitmap_empty where appropriate (jsc#SLE-24682).
octeontx2-pf: select CONFIG_NET_DEVLINK (jsc#SLE-24682).
octeontx2-vf: Add support for adaptive interrupt coalescing (jsc#SLE-24682).
octeontx2: Move devlink registration to be last devlink command (jsc#SLE-24682).
openvswitch: Fix setting ipv6 fields causing hw csum failure (git-fixes).
openvswitch: Fixed nd target mask field in the flow dump (git-fixes).
openvswitch: always update flow key after nat (git-fixes).
optee: add error checks in optee_ffa_do_call_with_arg() (git-fixes).
perf bench futex: Fix memory leak of perf_cpu_map__new() (git-fixes).
phy: samsung: phy-exynos-pcie: sanitize init/power_on callbacks (git-fixes).
phy: stm32: fix error return in stm32_usbphyc_phy_init (git-fixes).
pinctrl: amd: Do not save/restore interrupt status and wake status bits (git-fixes).
pinctrl: armada-37xx: Convert to use dev_err_probe() (git-fixes).
pinctrl: armada-37xx: Make use of the devm_platform_ioremap_resource() (git-fixes).
pinctrl: armada-37xx: Use temporary variable for struct device (git-fixes).
pinctrl: intel: Check against matching data instead of ACPI companion (git-fixes).
pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map (git-fixes).
pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).
pinctrl: qcom: sm8250: Fix PDC map (git-fixes).
pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).
platform/chrome: cros_ec: Always expose last resume result (git-fixes).
platform/chrome: cros_ec_proto: do not show MKBP version if unsupported (git-fixes).
platform/olpc: Fix uninitialized data in debugfs write (git-fixes).
platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).
platform/x86: pmc_atom: Match all Lex BayTrail boards with critclk_systems DMI table (git-fixes).
powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable (bsc#1156395).
powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).
powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729).
powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729).
powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
powerpc/pseries: Interface to represent PAPR firmware attributes (bsc#1200465 ltc#197256 jsc#SLE-18130).
powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1200465 ltc#197256 jsc#SLE-18130).
powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1200465 ltc#197256 jsc#SLE-18130).
powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).
powerpc: Avoid discarding flags in system_call_exception() (bsc#1194869).
powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).
proc: fix a dentry lock race between release_task and lookup (git-fixes).
proc: fix dentry/inode overinstantiating under /proc/${pid}/net (git-fixes).
profiling: fix shift too large makes kernel panic (git-fixes).
pwm: lpc18xx-sct: Reduce number of devm memory allocations (git-fixes).
pwm: lpc18xx-sct: Simplify driver by not using pwm_[gs]et_chip_data() (git-fixes).
pwm: lpc18xx: Fix period handling (git-fixes).
qed: validate and restrict untrusted VFs vlan promisc mode (git-fixes).
r8152: fix the RX FIFO settings when suspending (git-fixes).
r8152: fix the units of some registers for RTL8156A (git-fixes).
random: remove useless header comment (git-fixes).
ratelimit: Fix data-races in ___ratelimit() (git-fixes).
regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (git-fixes).
regulator: pca9450: Remove restrictions for regulator-name (git-fixes).
regulator: qcom_smd: Fix pm8916_pldo range (git-fixes).
remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init (git-fixes).
remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init (git-fixes).
remoteproc: qcom: pas: Check if coredump is enabled (git-fixes).
remoteproc: qcom: pas: Mark devices as wakeup capable (git-fixes).
remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config (git-fixes).
remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).
remoteproc: sysmon: Wait for SSCTL service to come up (git-fixes).
rose: check NULL rose_loopback_neigh->loopback (git-fixes).
rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)
rpmsg: char: Add mutex protection for rpmsg_eptdev_open() (git-fixes).
rpmsg: mtk_rpmsg: Fix circular locking dependency (git-fixes).
rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge (git-fixes).
s390/cpumf: Handle events cycles and instructions identical (git-fixes).
s390/crash: fix incorrect number of bytes to copy to user space (git-fixes).
s390/crash: make copy_oldmem_page() return number of bytes copied (git-fixes).
s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages (git-fixes).
s390/hypfs: avoid error message under KVM (bsc#1032323).
s390/kexec: handle R_390_PLT32DBL rela in arch_kexec_apply_relocations_add() (git-fixes).
s390/mm: do not trigger write fault when vma does not allow VM_WRITE (git-fixes).
s390/mm: use non-quiescing sske for KVM switch to keyed guest (git-fixes).
s390/qeth: cache link_info for ethtool (bsc#1202262 LTC#199322).
s390/stp: clock_delta should be signed (git-fixes).
s390/zcore: fix race when reading from hardware system area (git-fixes).
samples/landlock: Add clang-format exceptions (git-fixes).
samples/landlock: Fix path_list memory leak (git-fixes).
samples/landlock: Format with clang-format (git-fixes).
sched/core: Always flush pending blk_plug (bnc#1189999 (Scheduler functional and performance backports)).
sched/deadline: Fix BUG_ON condition for deboosted tasks (git-fixes)
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (bnc#1189999 (Scheduler functional and performance backports)).
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq -kabi (git fixes (sched/fair)).
sched/fair: Remove redundant word ' *' (bnc#1189999 (Scheduler functional and performance backports)).
sched/uclamp: Fix iowait boost escaping uclamp restriction (git-fixes)
sched/uclamp: Fix rq->uclamp_max not set on first enqueue (git-fixes)
sched: Allow newidle balancing to bail out of load_balance (bnc#1189999 (Scheduler functional and performance backports)).
sched: Fix the check of nr_running at queue wakelist (bnc#1189999 (Scheduler functional and performance backports)).
sched: Remove the limitation of WF_ON_CPU on wakelist if wakee cpu is idle (bnc#1189999 (Scheduler functional and performance backports)). Refresh
sched: Remove unused function group_first_cpu() (bnc#1189999 (Scheduler functional and performance backports)).
scripts/dtc: Call pkg-config POSIXly correct (git-fixes).
scripts/faddr2line: Fix vmlinux detection on arm64 (git-fixes).
scripts/gdb: change kernel config dumping method (git-fixes).
scripts: sphinx-pre-install: Fix ctex support on Debian (git-fixes).
scripts: sphinx-pre-install: add required ctex dependency (git-fixes).
scsi: hisi_sas: Keep controller active between ISR of phyup and the event being processed (bsc#1202471).
scsi: hisi_sas: Use autosuspend for the host controller (bsc#1202471).
scsi: libiscsi: Add iscsi_cls_conn to sysfs after initialization (bsc#1198410).
scsi: lpfc: Add warning notification period to CMF_SYNC_WQE (bsc#1203063).
scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).
scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).
scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).
scsi: lpfc: Fix attempted FA-PWWN usage after feature disable (bsc#1201956).
scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test (bsc#1201956).
scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID (bsc#1203063).
scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE (bsc#1201956).
scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb() (bsc#1201956).
scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT discovery (bsc#1203063).
scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input (bsc#1201956).
scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into lpfc_sli_prep_abort_xri() (bsc#1201956).
scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
scsi: lpfc: Remove SANDiags related code (bsc#1203063).
scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID (bsc#1201956).
scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration (bsc#1201956).
scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).
scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb (bsc#1201956).
scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).
scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).
scsi: megaraid: Clear READ queue map's nr_queues (git-fixes).
scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown (git-fixes).
scsi: qla2xxx: Check correct variable in qla24xx_async_gffid() (bsc#1201958).
scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).
scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).
scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1201958).
scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
scsi: qla2xxx: Update manufacturer details (bsc#1201958).
scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).
scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
scsi: sg: Allow waiting for commands to complete on removed device (git-fixes).
scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).
scsi: ufs: core: Fix another task management completion race (git-fixes).
scsi: ufs: core: Fix task management completion timeout race (git-fixes).
scsi: zfcp: Fix missing auto port scan and thus missing target ports (git-fixes).
seccomp: Invalidate seccomp mode to catch death failures (git-fixes).
selftest/net/forwarding: declare NETIFS p9 p10 (git-fixes).
selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465 ltc#197256 jsc#SLE-18130).
selftest/vm: fix map_fixed_noreplace test failure (git-fixes).
selftest/vm: verify mmap addr in mremap_test (git-fixes).
selftest/vm: verify remap destination address in mremap_test (git-fixes).
selftests, x86: fix how check_cc.sh is being invoked (git-fixes).
selftests/exec: Add non-regular to TEST_GEN_PROGS (git-fixes).
selftests/exec: Remove pipe from TEST_GEN_FILES (git-fixes).
selftests/fib_tests: Rework fib_rp_filter_test() (git-fixes).
selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT (git-fixes).
selftests/ftrace: make kprobe profile testcase description unique (git-fixes).
selftests/landlock: Add clang-format exceptions (git-fixes).
selftests/landlock: Add tests for O_PATH (git-fixes).
selftests/landlock: Add tests for unknown access rights (git-fixes).
selftests/landlock: Extend access right tests to directories (git-fixes).
selftests/landlock: Extend tests for minimal valid attribute size (git-fixes).
selftests/landlock: Format with clang-format (git-fixes).
selftests/landlock: Fully test file rename with 'remove' access (git-fixes).
selftests/landlock: Make tests build with old libc (git-fixes).
selftests/landlock: Normalize array assignment (git-fixes).
selftests/landlock: Test landlock_create_ruleset(2) argument check ordering (git-fixes).
selftests/memfd: clean up mapping in mfd_fail_write (git-fixes).
selftests/memfd: remove unused variable (git-fixes).
selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test (git-fixes).
selftests/net: so_txtime: fix parsing of start time stamp on 32 bit systems (git-fixes).
selftests/net: so_txtime: usage(): fix documentation of default clock (git-fixes).
selftests/net: timestamping: Fix bind_phc check (git-fixes).
selftests/net: udpgso_bench_tx: fix dst ip argument (git-fixes).
selftests/powerpc/spectre_v2: Return skip code when miss_percent is high (git-fixes).
selftests/powerpc: Add a test of sigreturning to the kernel (git-fixes).
selftests/resctrl: Fix null pointer dereference on open failed (git-fixes).
selftests/rseq: Change type of rseq_offset to ptrdiff_t (git-fixes).
selftests/rseq: Fix ppc32 missing instruction selection 'u' and 'x' for load/store (git-fixes).
selftests/rseq: Fix ppc32 offsets by using long rather than off_t (git-fixes).
selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big endian (git-fixes).
selftests/rseq: Fix warnings about #if checks of undefined tokens (git-fixes).
selftests/rseq: Fix: work-around asm goto compiler bugs (git-fixes).
selftests/rseq: Introduce rseq_get_abi() helper (git-fixes).
selftests/rseq: Introduce thread pointer getters (git-fixes).
selftests/rseq: Remove arm/mips asm goto compiler work-around (git-fixes).
selftests/rseq: Remove useless assignment to cpu variable (git-fixes).
selftests/rseq: Remove volatile from __rseq_abi (git-fixes).
selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35 (git-fixes).
selftests/rseq: introduce own copy of rseq uapi header (git-fixes).
selftests/rseq: remove ARRAY_SIZE define from individual tests (git-fixes).
selftests/rseq: x86-32: use %gs segment selector for accessing rseq thread area (git-fixes).
selftests/rseq: x86-64: use %fs segment selector for accessing rseq thread area (git-fixes).
selftests/seccomp: Do not call read() on TTY from background pgrp (git-fixes).
selftests/seccomp: Fix compile warning when CC=clang (git-fixes).
selftests/seccomp: Fix seccomp failure by adding missing headers (git-fixes).
selftests/sgx: Treat CC as one argument (git-fixes).
selftests/vm/transhuge-stress: fix ram size thinko (git-fixes).
selftests/vm: make charge_reserved_hugetlb.sh work with existing cgroup setting (git-fixes).
selftests/x86: Add validity check and allow field splitting (git-fixes).
selftests/zram01.sh: Fix compression ratio calculation (git-fixes).
selftests/zram: Adapt the situation that /dev/zram0 is being used (git-fixes).
selftests/zram: Skip max_comp_streams interface on newer kernel (git-fixes).
selftests: Add duplicate config only for MD5 VRF tests (git-fixes).
selftests: Fix IPv6 address bind tests (git-fixes).
selftests: Fix raw socket bind tests with VRF (git-fixes).
selftests: add ping test with ping_group_range tuned (git-fixes).
selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644 (git-fixes).
selftests: cgroup: Test open-time cgroup namespace usage for migration checks (git-fixes).
selftests: cgroup: Test open-time credential usage for migration checks (git-fixes).
selftests: clone3: clone3: add case CLONE3_ARGS_NO_TEST (git-fixes).
selftests: fixup build warnings in pidfd / clone3 tests (git-fixes).
selftests: forwarding: fix error message in learning_test (git-fixes).
selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT (git-fixes).
selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT (git-fixes).
selftests: futex: Use variable MAKE instead of make (git-fixes).
selftests: gpio: fix gpio compiling error (git-fixes).
selftests: harness: avoid false negatives if test has no ASSERTs (git-fixes).
selftests: icmp_redirect: pass xfail=0 to log_test() (git-fixes).
selftests: kvm: set rax before vmcall (git-fixes).
selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational (git-fixes).
selftests: mlxsw: resource_scale: Fix return value (git-fixes).
selftests: mlxsw: tc_police_scale: Make test more robust (git-fixes).
selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets (git-fixes).
selftests: mptcp: add csum mib check for mptcp_connect (git-fixes).
selftests: mptcp: fix diag instability (git-fixes).
selftests: mptcp: fix ipv6 routing setup (git-fixes).
selftests: mptcp: more stable diag tests (git-fixes).
selftests: net: Correct case name (git-fixes).
selftests: net: Correct ping6 expected rc from 2 to 1 (git-fixes).
selftests: net: Fix a typo in udpgro_fwd.sh (git-fixes).
selftests: net: tls: remove unused variable and code (git-fixes).
selftests: net: udpgro_fwd.sh: explicitly checking the available ping feature (git-fixes).
selftests: net: using ping6 for IPv6 in udpgro_fwd.sh (git-fixes).
selftests: netfilter: add a vrf+conntrack testcase (git-fixes).
selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh (git-fixes).
selftests: netfilter: disable rp_filter on router (git-fixes).
selftests: netfilter: fix exit value for nft_concat_range (git-fixes).
selftests: nft_concat_range: add test for reload with no element add/del (git-fixes).
selftests: ocelot: tc_flower_chains: specify conform-exceed action for policer (git-fixes).
selftests: openat2: Add missing dependency in Makefile (git-fixes).
selftests: openat2: Print also errno in failure messages (git-fixes).
selftests: openat2: Skip testcases that fail with EOPNOTSUPP (git-fixes).
selftests: pmtu.sh: Kill nettest processes launched in subshell (git-fixes).
selftests: pmtu.sh: Kill tcpdump processes launched by subshell (git-fixes).
selftests: rtc: Increase test timeout so that all tests run (git-fixes).
selftests: skip mincore.check_file_mmap when fs lacks needed support (git-fixes).
selftests: test_vxlan_under_vrf: Fix broken test case (git-fixes).
selftests: timers: clocksource-switch: fix passing errors from child (git-fixes).
selftests: timers: valid-adjtimex: build fix for newer toolchains (git-fixes).
selftests: vm: Makefile: rename TARGETS to VMTARGETS (git-fixes).
selftests: vm: fix clang build error multiple output files (git-fixes).
selftests: x86: fix [-Wstringop-overread] warn in test_process_vm_readv() (git-fixes).
selinux: Add boundary check in put_entry() (git-fixes).
selinux: access superblock_security_struct in LSM blob way (git-fixes).
selinux: check return value of sel_make_avc_files (git-fixes).
selinux: fix bad cleanup on error in hashtab_duplicate() (git-fixes).
selinux: fix double free of cond_list on error paths (git-fixes).
selinux: fix memleak in security_read_state_kernel() (git-fixes).
selinux: fix misuse of mutex_is_locked() (git-fixes).
selinux: use correct type for context length (git-fixes).
serial: 8250: Add proper clock handling for OxSemi PCIe devices (git-fixes).
serial: 8250: Export ICR access helpers for internal use (git-fixes).
serial: 8250: Fold EndRun device support into OxSemi Tornado code (git-fixes).
serial: 8250_bcm7271: Save/restore RTS in suspend/resume (git-fixes).
serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() (git-fixes).
serial: 8250_fsl: Do not report FE, PE and OE twice (git-fixes).
serial: 8250_pci: Refactor the loop in pci_ite887x_init() (git-fixes).
serial: 8250_pci: Replace dev_*() by pci_*() macros (git-fixes).
serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).
serial: mvebu-uart: uart2 error bits clearing (git-fixes).
smsc95xx: Ignore -ENODEV errors when device is unplugged (git-fixes).
soc: amlogic: Fix refcount leak in meson-secure-pwrc.c (git-fixes).
soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs (git-fixes).
soc: fsl: guts: machine variable might be unset (git-fixes).
soc: fsl: select FSL_GUTS driver for DPIO (git-fixes).
soc: imx: gpcv2: Assert reset before ungating clock (git-fixes).
soc: qcom: Make QCOM_RPMPD depend on PM (git-fixes).
soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register (git-fixes).
soc: qcom: ocmem: Fix refcount leak in of_get_ocmem (git-fixes).
soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values (git-fixes).
soundwire: bus_type: fix remove and shutdown support (git-fixes).
soundwire: qcom: Check device status before reading devid (git-fixes).
soundwire: qcom: fix device status array range (git-fixes).
spi: Fix incorrect cs_setup delay handling (git-fixes).
spi: Fix simplification of devm_spi_register_controller (git-fixes).
spi: dt-bindings: cadence: add missing 'required' (git-fixes).
spi: dt-bindings: zynqmp-qspi: add missing 'required' (git-fixes).
spi: meson-spicc: add local pow2 clock ops to preserve rate between messages (git-fixes).
spi: spi-altera-dfl: Fix an error handling path (git-fixes).
spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).
spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).
spi: tegra20-slink: fix UAF in tegra_slink_remove() (git-fixes).
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes).
staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback (git-fixes).
staging: rtl8712: fix use after free bugs (git-fixes).
tee: optee: do not check memref size on return from Secure World (git-fixes).
tee: tee_get_drvdata(): fix description of return value (git-fixes).
testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set (git-fixes).
testing: nvdimm: asm/mce.h is not needed in nfit.c (git-fixes).
testing: nvdimm: iomap: make __nfit_test_ioremap a macro (git-fixes).
tests: fix idmapped mount_setattr test (git-fixes).
thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR (bsc#1201308).
thermal/tools/tmon: Include pthread and time headers in tmon.h (git-fixes).
thermal: sysfs: Fix cooling_device_stats_setup() error code path (git-fixes).
thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).
tools include UAPI: Sync sound/asound.h copy with the kernel sources (git-fixes).
tools/nolibc: fix incorrect truncation of exit code (git-fixes).
tools/nolibc: i386: fix initial stack alignment (git-fixes).
tools/nolibc: x86-64: Fix startup code bug (git-fixes).
tools/testing/scatterlist: add missing defines (git-fixes).
tools/thermal: Fix possible path truncations (git-fixes).
tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH (git-fixes).
trace/osnoise: Add migrate-disabled field to the osnoise header (git-fixes).
trace/timerlat: Add migrate-disabled field to the timerlat header (git-fixes).
tracing/histograms: Fix memory leak problem (git-fixes).
tracing/kprobes: Check whether get_kretprobe() returns NULL in kretprobe_dispatcher() (git-fixes).
tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).
tracing: Add ustring operation to filtering string pointers (git-fixes).
tracing: Fix sleeping while atomic in kdb ftdump (git-fixes).
tracing: Have filter accept 'common_cpu' to be consistent (git-fixes).
tracing: Use a struct alignof to determine trace event field alignment (git-fixes).
tty: 8250: Add support for Brainboxes PX cards (git-fixes).
tty: n_gsm: Delete gsm_disconnect when config requester (git-fixes).
tty: n_gsm: Delete gsmtty open SABM frame when config requester (git-fixes).
tty: n_gsm: Modify CR,PF bit printk info when config requester (git-fixes).
tty: n_gsm: Modify CR,PF bit when config requester (git-fixes).
tty: n_gsm: Modify cr bit value when config requester (git-fixes).
tty: n_gsm: Modify gsmtty driver register method when config requester (git-fixes).
tty: n_gsm: Save dlci address open status when config requester (git-fixes).
tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (git-fixes).
tty: n_gsm: avoid call of sleeping functions from atomic context (git-fixes).
tty: n_gsm: clean up dead code in gsm_queue() (git-fixes).
tty: n_gsm: clean up implicit CR bit encoding in address field (git-fixes).
tty: n_gsm: clean up indenting in gsm_queue() (git-fixes).
tty: n_gsm: fix DM command (git-fixes).
tty: n_gsm: fix broken virtual tty handling (git-fixes).
tty: n_gsm: fix buffer over-read in gsm_dlci_data() (git-fixes).
tty: n_gsm: fix deadlock and link starvation in outgoing data path (git-fixes).
tty: n_gsm: fix decoupled mux resource (git-fixes).
tty: n_gsm: fix encoding of command/response bit (git-fixes).
tty: n_gsm: fix flow control handling in tx path (git-fixes).
tty: n_gsm: fix frame reception handling (git-fixes).
tty: n_gsm: fix incorrect UA handling (git-fixes).
tty: n_gsm: fix insufficient txframe size (git-fixes).
tty: n_gsm: fix invalid gsmtty_write_room() result (git-fixes).
tty: n_gsm: fix invalid use of MSC in advanced option (git-fixes).
tty: n_gsm: fix malformed counter for out of frame data (git-fixes).
tty: n_gsm: fix missing corner cases in gsmld_poll() (git-fixes).
tty: n_gsm: fix missing explicit ldisc flush (git-fixes).
tty: n_gsm: fix missing mux reset on config change at responder (git-fixes).
tty: n_gsm: fix missing timer to handle stalled links (git-fixes).
tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (git-fixes).
tty: n_gsm: fix missing update of modem controls after DLCI open (git-fixes).
tty: n_gsm: fix mux activation issues in gsm_config() (git-fixes).
tty: n_gsm: fix mux cleanup after unregister tty device (git-fixes).
tty: n_gsm: fix non flow control frames during mux flow off (git-fixes).
tty: n_gsm: fix packet re-transmission without open control channel (git-fixes).
tty: n_gsm: fix race condition in gsmld_write() (git-fixes).
tty: n_gsm: fix reset fifo race condition (git-fixes).
tty: n_gsm: fix resource allocation order in gsm_activate_mux() (git-fixes).
tty: n_gsm: fix restart handling via CLD command (git-fixes).
tty: n_gsm: fix software flow control handling (git-fixes).
tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (git-fixes).
tty: n_gsm: fix tty registration before control channel open (git-fixes).
tty: n_gsm: fix user open not possible at responder until initiator open (git-fixes).
tty: n_gsm: fix wrong DLCI release order (git-fixes).
tty: n_gsm: fix wrong T1 retry count handling (git-fixes).
tty: n_gsm: fix wrong command frame length field encoding (git-fixes).
tty: n_gsm: fix wrong command retry handling (git-fixes).
tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (git-fixes).
tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (git-fixes).
tty: n_gsm: fix wrong signal octets encoding in MSC (git-fixes).
tty: n_gsm: initialize more members at gsm_alloc_mux() (git-fixes).
tty: n_gsm: replace kicktimer with delayed_work (git-fixes).
tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).
tty: serial: fsl_lpuart: correct the count of break characters (git-fixes).
tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete (git-fixes).
tty: vt: initialize unicode screen buffer (git-fixes).
tun: avoid double free in tun_free_netdev (git-fixes).
tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() (git-fixes).
tuntap: add sanity checks about msg_controllen in sendmsg (git-fixes).
uaccess: fix type mismatch warnings from access_ok() (git-fixes).
ucounts: Base set_cred_ucounts changes on the real user (git-fixes).
ucounts: Fix rlimit max values check (git-fixes).
ucounts: Fix systemd LimitNPROC with private users regression (git-fixes).
ucounts: Handle wrapping in is_ucounts_overlimit (git-fixes).
ucounts: In set_cred_ucounts assume new->ucounts is non-NULL (git-fixes).
udf: Fix crash after seekdir (bsc#1194592).
udmabuf: Set the DMA mask for the udmabuf device (v2) (git-fixes).
udmabuf: add back sanity check (git-fixes).
usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() (git-fixes).
usb: cdns3 fix use-after-free at workaround 2 (git-fixes).
usb: cdns3: Do not use priv_dev uninitialized in cdns3_gadget_ep_enable() (git-fixes).
usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() (git-fixes).
usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC transfer (git-fixes).
usb: cdns3: fix issue with rearming ISO OUT endpoint (git-fixes).
usb: cdns3: fix random warning message when driver load (git-fixes).
usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).
usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch (git-fixes).
usb: dwc3: core: Deprecate GCTL.CORESOFTRESET (git-fixes).
usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup (git-fixes).
usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core (git-fixes).
usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API (git-fixes).
usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop (git-fixes).
usb: dwc3: gadget: fix high speed multiplier setting (git-fixes).
usb: dwc3: gadget: refactor dwc3_repare_one_trb (git-fixes).
usb: dwc3: qcom: Add helper functions to enable,disable wake irqs (git-fixes).
usb: dwc3: qcom: fix missing optional irq warnings (git-fixes).
usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup (git-fixes).
usb: gadget: f_uac2: clean up some inconsistent indenting (git-fixes).
usb: gadget: f_uac2: fix superspeed transfer (git-fixes).
usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (git-fixes).
usb: gadget: tegra-xudc: Fix error check in tegra_xudc_powerdomain_init() (git-fixes).
usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).
usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).
usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info (git-fixes).
usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).
usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).
usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
usb: renesas: Fix refcount leak bug (git-fixes).
usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles (git-fixes).
usb: typec: tcpm: Return ENOTSUPP for power supply prop writes (git-fixes).
usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion (git-fixes).
usb: xhci: tegra: Fix error check (git-fixes).
usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
usbnet: Run unregister_netdev() before unbind() again (git-fixes).
usbnet: smsc95xx: Avoid link settings race on interrupt reception (git-fixes).
usbnet: smsc95xx: Do not clear read-only PHY interrupt (git-fixes).
usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
usbnet: smsc95xx: Forward PHY interrupts to PHY driver to avoid polling (git-fixes).
userfaultfd/selftests: fix hugetlb area allocations (git-fixes).
vboxguest: Do not use devm for irq (git-fixes).
vdpa_sim: avoid putting an uninitialized iova_domain (git-fixes).
venus: pm_helpers: Fix warning in OPP during probe (git-fixes).
vfio/ccw: Do not change FSM state in subchannel event (git-fixes).
vfio/ccw: Remove UUID from s390 debug log (git-fixes).
vfio: Clear the caps->buf to NULL after free (git-fixes).
video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).
video: fbdev: arkfb: Check the size of screen before memset_io() (git-fixes).
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() (git-fixes).
video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).
video: fbdev: s3fb: Check the size of screen before memset_io() (git-fixes).
video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).
video: fbdev: vt8623fb: Check the size of screen before memset_io() (git-fixes).
virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).
virtio-net: fix the race between refill work and close (git-fixes).
virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).
vmxnet3: Implement ethtool's get_channels command (bsc#1200431).
vmxnet3: Record queue number to incoming packets (bsc#1200431).
vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).
vmxnet3: add command to set ring buffer sizes (bsc#1200431).
vmxnet3: add support for capability registers (bsc#1200431).
vmxnet3: add support for large passthrough BAR register (bsc#1200431).
vmxnet3: add support for out of order rx completion (bsc#1200431).
vmxnet3: disable overlay offloads if UPT device does not support (bsc#1200431).
vmxnet3: do not reschedule napi for rx processing (bsc#1200431).
vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).
vmxnet3: prepare for version 7 changes (bsc#1200431).
vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).
vmxnet3: update to version 7 (bsc#1200431).
vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).
vrf: do not run conntrack on vrf with !dflt qdisc (git-fixes).
vsock/virtio: enable VQs early on probe (git-fixes).
vsock/virtio: initialize vdev->priv before using VQs (git-fixes).
vsock/virtio: read the negotiated features before using VQs (git-fixes).
vsock: Fix memory leak in vsock_connect() (git-fixes).
vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() (git-fixes).
vsock: remove vsock from connected table when connect is interrupted by a signal (git-fixes).
watch-queue: remove spurious double semicolon (git-fixes).
watch_queue: Fix missing locking in add_watch_to_object() (git-fixes).
watch_queue: Fix missing rcu annotation (git-fixes).
watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() (git-fixes).
watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource (git-fixes).
watchqueue: make sure to serialize 'wqueue->defunct' properly (git-fixes).
wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (git-fixes).
wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).
wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (git-fixes).
wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).
wifi: mac80211: Do not finalize CSA in IBSS mode if state is disconnected (git-fixes).
wifi: mac80211: limit A-MSDU subframes for client too (git-fixes).
wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).
wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).
wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).
wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).
wifi: p54: add missing parentheses in p54_flush() (git-fixes).
wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() (git-fixes).
wifi: rtlwifi: remove always-true condition pointed out by GCC 12 (git-fies).
wifi: rtw88: check the return value of alloc_workqueue() (git-fixes).
wifi: rtw89: 8852a: rfk: fix div 0 exception (git-fixes).
wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() (git-fixes).
wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` (git-fixes).
wireguard: device: check for metadata_dst with skb_valid_dst() (git-fixes).
wireless: Remove redundant 'flush_workqueue()' calls (bsc#1202131).
x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM (bsc#1190497).
x86/olpc: fix 'logical not is only applied to the left hand side' (git-fixes).
x86/retbleed: Add fine grained Kconfig knobs (bsc#1190497).
x86/sev: Define the Linux-specific guest termination reasons (bsc#1190497).
x86/sev: Save the negotiated GHCB version (bsc#1190497).
xen/gntdev: fix unmap notification order (git-fixes).
xen/privcmd: fix error exit of privcmd_ioctl_dm_op() (git-fixes).
xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
xen: detect uninitialized xenbus in xenbus_init (git-fixes).
xen: do not continue xenstore initialization in case of errors (git-fixes).
xfs: Fix the free logic of state in xfs_attr_node_hasname (git-fixes).
xfs: check sb_meta_uuid for dabuf buffer recovery (git-fixes).
xfs: fix soft lockup via spinning in filestream ag selection loop (git-fixes).
xfs: fix use-after-free in xattr node block inactivation (git-fixes).
xfs: fold perag loop iteration logic into helper function (git-fixes).
xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).
xfs: only bother with sync_filesystem during readonly remount (git-fixes).
xfs: prevent UAF in xfs_log_item_in_current_chkpt (git-fixes).
xfs: prevent a UAF when log IO errors race with unmount (git-fixes).
xfs: remove incorrect ASSERT in xfs_rename (git-fixes).
xfs: rename the next_agno perag iteration variable (git-fixes).
xfs: reorder iunlink remove operation in xfs_ifree (git-fixes).
xfs: revert 'xfs: actually bump warning counts when we send warnings' (git-fixes).
xfs: terminate perag iteration reliably on agcount (git-fixes).
xfs: use invalidate_lock to check the state of mmap_lock (git-fixes).
xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).
xfs: use setattr_copy to set vfs inode attributes (git-fixes).
xhci: Set HCD flag to defer primary roothub registration (git-fixes).
xhci: dbc: Rename xhci_dbc_init and xhci_dbc_exit (git-fixes).
xhci: dbc: create and remove dbc structure in dbgtty driver (git-fixes).
xhci: dbc: refactor xhci_dbc_init() (git-fixes).
xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (git-fixes).
xprtrdma: treat all calls not a bcall when bc_serv is NULL (git-fixes).
zonefs: Clear inode information flags on inode creation (git-fixes).
zonefs: Fix management of open zones (git-fixes).
zonefs: add MODULE_ALIAS_FS (git-fixes).

Advisory ID	SUSE-RU-2022:3304-1
Released	Mon Sep 19 11:43:25 2022
Summary	Recommended update for libassuan
Type	recommended
Severity	moderate
References

Description:

This update for libassuan fixes the following issues:

Add a timeout for writing to a SOCKS5 proxy
Add workaround for a problem with LD_LIBRARY_PATH on newer systems
Fix issue in the logging code
Fix some build trivialities
Upgrade autoconf

Advisory ID	SUSE-SU-2022:3305-1
Released	Mon Sep 19 11:45:57 2022
Summary	Security update for libtirpc
Type	security
Severity	important
References	1201680,CVE-2021-46828

Description:

This update for libtirpc fixes the following issues:

CVE-2021-46828: Fixed denial of service vulnerability with lots of connections (bsc#1201680).

Advisory ID	SUSE-SU-2022:3307-1
Released	Mon Sep 19 13:26:51 2022
Summary	Security update for sqlite3
Type	security
Severity	moderate
References	1189802,1195773,1201783,CVE-2021-36690,CVE-2022-35737

Description:

This update for sqlite3 fixes the following issues:

CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API (bnc#1201783).
CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence (bsc#1189802).
Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773).

Advisory ID	SUSE-RU-2022:3316-1
Released	Tue Sep 20 11:12:14 2022
Summary	Recommended update for gnutls
Type	recommended
Severity	moderate
References	1190698,1191021,1202146

Description:

This update for gnutls fixes the following issues:

FIPS: Zeroize the calculated hmac and new_hmac in the check_binary_integrity() function. [bsc#1191021]

FIPS: Additional modifications to the SLI. [bsc#1190698]

* Mark CMAC and GMAC and non-approved in gnutls_pbkfd2(). * Mark HMAC keylength less than 112 bits as non-approved in gnutls_pbkfd2().

FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941]

* Add new dependency on jitterentropy

Advisory ID	SUSE-SU-2022:3327-1
Released	Wed Sep 21 12:47:17 2022
Summary	Security update for oniguruma
Type	security
Severity	important
References	1142847,1150130,1157805,1164550,1164569,1177179,CVE-2019-13224,CVE-2019-16163,CVE-2019-19203,CVE-2019-19204,CVE-2019-19246,CVE-2020-26159

Description:

This update for oniguruma fixes the following issues:

CVE-2019-19246: Fixed an out of bounds access during regular expression matching (bsc#1157805).
CVE-2019-19204: Fixed an out of bounds access when compiling a crafted regular expression (bsc#1164569).
CVE-2019-19203: Fixed an out of bounds access when performing a string search (bsc#1164550).
CVE-2019-16163: Fixed an uncontrolled recursion issue when compiling a crafted regular expression, which could lead to denial of service (bsc#1150130).
CVE-2020-26159: Fixed an off-by-one buffer overflow (bsc#1177179).
CVE-2019-13224: Fixed a potential use-after-free when handling multiple different encodings (bsc#1142847).

Advisory ID	SUSE-RU-2022:3328-1
Released	Wed Sep 21 12:48:56 2022
Summary	Recommended update for jitterentropy
Type	recommended
Severity	moderate
References	1202870

Description:

This update for jitterentropy fixes the following issues:

Hide the non-GNUC constructs that are library internal from the exported header, to make it usable in builds with strict C99 compliance. (bsc#1202870)

Advisory ID	SUSE-SU-2022:3353-1
Released	Fri Sep 23 15:23:40 2022
Summary	Security update for permissions
Type	security
Severity	moderate
References	1203018,CVE-2022-31252

Description:

This update for permissions fixes the following issues:

CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018).

Advisory ID	SUSE-RU-2022:3388-1
Released	Mon Sep 26 12:51:36 2022
Summary	Recommended update for google-guest-agent, google-guest-oslogin, google-osconfig-agent
Type	recommended
Severity	moderate
References	1191036,1194319,1195391,1202100,1202101,1202826

Description:

This update for google-guest-agent, google-guest-oslogin, google-osconfig-agent fixes the following issues:

Update to version 20220713.00 (bsc#1202100, bsc#1202101)
Use pam_moduledir (bsc#1191036)
Use install command in %post section to create state file (bsc#1202826)
Avoid bashim in post install scripts (bsc#1195391)
Don't restart daemon on package upgrade, create a state file instead (bsc#1194319)

Advisory ID	SUSE-RU-2022:3395-1
Released	Mon Sep 26 16:35:18 2022
Summary	Recommended update for ca-certificates-mozilla
Type	recommended
Severity	moderate
References	1181994,1188006,1199079,1202868

Description:

This update for ca-certificates-mozilla fixes the following issues:
Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868)

Added:

- Certainly Root E1 - Certainly Root R1 - DigiCert SMIME ECC P384 Root G5 - DigiCert SMIME RSA4096 Root G5 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3

Removed:

- Hellenic Academic and Research Institutions RootCA 2011
Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079)

Added:

- Autoridad de Certificacion Firmaprofesional CIF A62634068 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - GlobalSign ECC Root CA R4 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 - HiPKI Root CA - G1 - ISRG Root X2 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA

Removed:

- Cybertrust Global Root - DST Root CA X3 - DigiNotar PKIoverheid CA Organisatie - G2 - GlobalSign ECC Root CA R4 - GlobalSign Root CA R2 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4
Updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)

Added:

- HARICA Client ECC Root CA 2021 - HARICA Client RSA Root CA 2021 - HARICA TLS ECC Root CA 2021 - HARICA TLS RSA Root CA 2021 - TunTrust Root CA

Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994)

Added new root CAs:

- NAVER Global Root Certification Authority

Removed old root CAs:

- GeoTrust Global CA - GeoTrust Primary Certification Authority - GeoTrust Primary Certification Authority - G3 - GeoTrust Universal CA - GeoTrust Universal CA 2 - thawte Primary Root CA - thawte Primary Root CA - G2 - thawte Primary Root CA - G3 - VeriSign Class 3 Public Primary Certification Authority - G4 - VeriSign Class 3 Public Primary Certification Authority - G5

Advisory ID	SUSE-RU-2022:3435-1
Released	Tue Sep 27 14:55:38 2022
Summary	Recommended update for runc
Type	recommended
Severity	important
References	1202821

Description:

This update for runc fixes the following issues:

Fix mounting via wrong proc fd. When the user and mount namespaces are used, and the bind mount is followed by the cgroup mount in the spec, the cgroup was mounted using the bind mount's mount fd.
Fix 'permission denied' error from runc run on noexec fs
Fix regression causing a failed 'exec' error after systemctl daemon-reload (bsc#1202821)

Advisory ID	SUSE-RU-2022:3449-1
Released	Tue Sep 27 20:12:03 2022
Summary	Recommended update for perl-Bootloader
Type	recommended
Severity	moderate
References	1198197,1198828

Description:

This update for perl-Bootloader fixes the following issues:

Fix sysconfig parsing (bsc#1198828)
grub2/install: Reset error code when passing through recover code. (bsc#1198197)

Advisory ID	SUSE-RU-2022:3452-1
Released	Wed Sep 28 12:13:43 2022
Summary	Recommended update for glibc
Type	recommended
Severity	moderate
References	1201942

Description:

This update for glibc fixes the following issues:

Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
powerpc: Optimized memcmp for power10 (jsc#PED-987)

Advisory ID	SUSE-SU-2022:3489-1
Released	Sat Oct 1 13:35:24 2022
Summary	Security update for expat
Type	security
Severity	important
References	1203438,CVE-2022-40674

Description:

This update for expat fixes the following issues:

CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).

Advisory ID	SUSE-feature-2022:3520-1
Released	Tue Oct 4 14:18:34 2022
Summary	Feature update for dmidecode
Type	feature
Severity	moderate
References

Description:

This feature update for dmidecode fixes the following issues:
Update dmidecode from version 3.2 to version 3.4 (jsc#SLE-24502, jsc#SLE-24591, jsc#PED-411):

Add bios-revision, firmware-revision and system-sku-number to `-s` option
Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240
Decode system slot base bus width and peers
Document how the UUID fields are interpreted
Don't display the raw CPU ID in quiet mode
Don't use memcpy on /dev/mem on arm64
Fix OEM vendor name matching
Fix small typo in NEWS file
Improve the formatting of the manual pages
Present HPE type 240 attributes as a proper list instead of packing them on a single line. This makes it more readable overall, and will also scale better if the number of attributes increases
Skip details of uninstalled memory modules
Support for SMBIOS 3.4.0. This includes new memory device types, new processor upgrades, new slot types and characteristics, decoding of memor module extended speed, new system slot types, new processor characteristic and new format of Processor ID
Support for SMBIOS 3.5.0. This includes new processor upgrades, BIOS characteristics, new slot characteristics, new on-board device types, new pointing device interface types, and a new record type (type 45 - Firmware Inventory Information)
Use the most appropriate unit for cache size

Advisory ID	SUSE-RU-2022:3521-1
Released	Tue Oct 4 14:18:56 2022
Summary	Recommended update for lvm2
Type	recommended
Severity	critical
References	1198523

Description:

This update for lvm2 fixes the following issues:

Add additional check in the package to prevent removal of device-mapper library files during install (bsc#1198523)

Advisory ID	SUSE-SU-2022:3525-1
Released	Wed Oct 5 12:17:14 2022
Summary	Security update for cifs-utils
Type	security
Severity	moderate
References	1198976,CVE-2022-29869

Description:

This update for cifs-utils fixes the following issues:

Fix changelog to include Bugzilla and CVE tracker id numbers missing from previous update

Advisory ID	SUSE-SU-2022:3544-1
Released	Thu Oct 6 13:48:42 2022
Summary	Security update for python3
Type	security
Severity	important
References	1202624,CVE-2021-28861

Description:

This update for python3 fixes the following issues:

CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).

Advisory ID	SUSE-RU-2022:3551-1
Released	Fri Oct 7 17:03:55 2022
Summary	Recommended update for libgcrypt
Type	recommended
Severity	moderate
References	1182983,1190700,1191020,1202117

Description:

This update for libgcrypt fixes the following issues:

FIPS: Fixed gpg/gpg2 gets out of core handler in FIPS mode while typing Tab key to Auto-Completion. [bsc#1182983]

FIPS: Ported libgcrypt to use jitterentropy [bsc#1202117, jsc#SLE-24941]

* Enable the jitter based entropy generator by default in random.conf * Update the internal jitterentropy to version 3.4.0

FIPS: Get most of the entropy from rndjent_poll [bsc#1202117]
FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700]

* Consider approved keylength greater or equal to 112 bits.

FIPS: Zeroize buffer and digest in check_binary_integrity() [bsc#1191020]

Advisory ID	SUSE-RU-2022:3555-1
Released	Mon Oct 10 14:05:12 2022
Summary	Recommended update for aaa_base
Type	recommended
Severity	important
References	1199492

Description:

This update for aaa_base fixes the following issues:

The wrapper rootsh is not a restricted shell. (bsc#1199492)

Advisory ID	SUSE-RU-2022:3564-1
Released	Tue Oct 11 16:15:57 2022
Summary	Recommended update for libzypp, zypper
Type	recommended
Severity	critical
References	1189282,1201972,1203649

Description:

This update for libzypp, zypper fixes the following issues:
libzypp:

Enable 'zck' support for SUSE Linux Enterprise 15 Service Pack 4 and newer (bsc#1189282)
Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972)
Remove migration code that is no longer needed (bsc#1203649)
Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined

zypper:

Fix contradiction in the man page: `--download-in-advance` option is the default behavior
Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972)
Fix tests to use locale 'C.UTF-8' rather than 'en_US'
Make sure 'up' respects solver related CLI options (bsc#1201972)
Remove unneeded code to compute the PPP status because it is now auto established
Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined

SUSE-IU-2022:1067-1

Container Advisory ID	SUSE-IU-2022:1067-1
Container Tags	sles-15-sp4-chost-byos-v20220818-x86-64:20220818
Container Release

The following patches have been included in this update:

Advisory ID	SUSE-RU-2022:2469-1
Released	Thu Jul 21 04:38:31 2022
Summary	Recommended update for systemd
Type	recommended
Severity	important
References	1137373,1181658,1194708,1195157,1197570,1198732,1200170,1201276

Description:

This update for systemd fixes the following issues:

Make {/etc,/usr/lib}/systemd/network owned by both udev and systemd-network. The configuration files put in these directories are read by both udevd and systemd-networkd (bsc#1201276)
Allow control characters in environment variable values (bsc#1200170)
Fix issues with multipath setup (bsc#1137373, bsc#1181658, bsc#1194708, bsc#1195157, bsc#1197570)
Fix parsing error in s390 udev rules conversion script (bsc#1198732)
core/device: device_coldplug(): don't set DEVICE_DEAD
core/device: do not downgrade device state if it is already enumerated
core/device: drop unnecessary condition

Advisory ID	SUSE-RU-2022:2493-1
Released	Thu Jul 21 14:35:08 2022
Summary	Recommended update for rpm-config-SUSE
Type	recommended
Severity	moderate
References	1193282

Description:

This update for rpm-config-SUSE fixes the following issues:

Add SBAT values macros for other packages (bsc#1193282)

Advisory ID	SUSE-RU-2022:2494-1
Released	Thu Jul 21 15:16:42 2022
Summary	Recommended update for glibc
Type	recommended
Severity	important
References	1200855,1201560,1201640

Description:

This update for glibc fixes the following issues:

Remove tunables from static tls surplus patch which caused crashes (bsc#1200855)
i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788)

Advisory ID	SUSE-SU-2022:2520-1
Released	Thu Jul 21 18:34:49 2022
Summary	Security update for the Linux Kernel
Type	security
Severity	important
References	1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198410,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198829,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200813,1200815,1200816,1200820,1200821,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201080,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,1201381,1201471,1201524,CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1462,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated.
The following security bugs were fixed:

CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).
CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that could be used by a local attacker to escalate privileges (bnc#1201171).
CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).
CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).
CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829).
CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
CVE-2022-33743: Fixed a Denial of Service related to XDP (bsc#1200763).
CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bnc#1199487).
CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bnc#1200619).
CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
CVE-2022-1012: Fixed information leak caused by small table perturb size in the TCP source port generation algorithm (bsc#1199482).
CVE-2022-1998: Fixed a use after free in the file system notify functionality (bnc#1200284).
CVE-2022-1966: Fixed a use-after-free vulnerability in the Netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)
CVE-2022-1852: Fixed a null-ptr-deref in the kvm module which can lead to DoS. (bsc#1199875)
CVE-2022-1789: Fixed a NULL pointer dereference when shadow paging is enabled. (bnc#1199674)
CVE-2022-1508: Fixed an out-of-bounds read flaw that could cause the system to crash. (bsc#1198968)
CVE-2022-1671: Fixed a null-ptr-deref bugs in net/rxrpc/server_key.c, unprivileged users could easily trigger it via ioctl. (bsc#1199439)
CVE-2022-1651: Fixed a bug in ACRN Device Model emulates virtual NICs in VM. This flaw may allow a local privileged attacker to leak kernel unauthorized information and also cause a denial of service problem. (bsc#1199433)
CVE-2022-29582: Fixed a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (bnc#1198811)
CVE-2022-0494: Fixed a kernel information leak flaw in the scsi_ioctl function. This flaw allowed a local attacker with a special user privilege to create issues with confidentiality. (bnc#1197386)
CVE-2021-4204: Fixed a vulnerability that allows local attackers to escalate privileges on affected installations via ebpf. (bnc#1194111)
CVE-2022-23222: Fixed a bug that allowed local users to gain privileges. (bnc#1194765)
CVE-2022-0264: Fixed a vulnerability in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. (bnc#1194826)
CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)
CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)
CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).
CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019)
CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).
CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).
CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).
CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)
CVE-2022-21499: Reinforce the kernel lockdown feature, until now it's been trivial to break out of it with kgdb or kdb. (bsc#1199426)
CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)
CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).
CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830)
CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).

The following non-security bugs were fixed:

ACPI: APEI: fix return value of __setup handlers (git-fixes).
ACPI/APEI: Limit printable size of BERT table data (git-fixes).
ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).
ACPI: bus: Avoid using CPPC if not supported by firmware (bsc#1199793).
ACPICA: Avoid cache flush inside virtual machines (git-fixes).
ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).
ACPI: CPPC: Assume no transition latency if no PCCT (git-fixes).
ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).
ACPI: docs: enumeration: Amend PWM enumeration ASL example (git-fixes).
ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).
ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).
ACPI/IORT: Check node revision for PMCG resources (git-fixes).
ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (git-fixes).
ACPI: PM: Revert 'Only mark EC GPE for wakeup on Intel systems' (git-fixes).
ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE (git-fixes).
ACPI: processor idle: Allow playing dead in C3 state (git-fixes).
ACPI: processor: idle: Avoid falling back to C3 type C-states (git-fixes).
ACPI: processor idle: Check for architectural support for LPI (git-fixes).
ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40 (git-fixes).
ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).
ACPI: property: Release subnode properties with data nodes (git-fixes).
ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).
ACPI: video: Change how we determine if brightness key-presses are handled (git-fixes).
ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).
ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).
af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (git-fixes).
aio: Fix incorrect usage of eventfd_signal_allowed() (git-fixes).
ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
ALSA: core: Add snd_card_free_on_error() helper (git-fixes).
ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).
ALSA: ctxfi: Add SB046x PCI ID (git-fixes).
ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).
ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (git-fixes).
ALSA: hda: Add AlderLake-PS variant PCI ID (git-fixes).
ALSA: hda: Add PCI and HDMI IDs for Intel Raptor Lake (git-fixes).
ALSA: hda: Avoid unsol event during RPM suspending (git-fixes).
ALSA: hda/conexant - Fix loopback issue with CX20632 (git-fixes).
ALSA: hda/conexant: Fix missing beep setup (git-fixes).
ALSA: hda: Fix discovery of i915 graphics PCI device (bsc#1200611).
ALSA: hda: Fix driver index handling at re-binding (git-fixes).
ALSA: hda: Fix missing codec probe on Shenker Dock 15 (git-fixes).
ALSA: hda: Fix regression on forced probe mask option (git-fixes).
ALSA: hda: Fix signedness of sscanf() arguments (git-fixes).
ALSA: hda - fix unused Realtek function when PM is not enabled (git-fixes).
ALSA: hda/hdmi: fix warning about PCM count when used with SOF (git-fixes).
ALSA: hda/i915: Fix one too many pci_dev_put() (git-fixes).
ALSA: hda/i915 - skip acomp init if no matching display (git-fixes).
ALSA: hda: intel-dspcfg: use SOF for UpExtreme and UpExtreme11 boards (git-fixes).
ALSA: hda: intel-dsp-config: update AlderLake PCI IDs (git-fixes).
ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg (git-fixes).
ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).
ALSA: hda/realtek - Add HW8326 support (git-fixes).
ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks (git-fixes).
ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).
ALSA: hda/realtek - Add new type for ALC245 (git-fixes).
ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
ALSA: hda/realtek: Add quirk for ASUS GU603 (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo PD70PNT (git-fixes).
ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).
ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).
ALSA: hda/realtek: Add quirk for Legion Y9000X 2019 (git-fixes).
ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers (git-fixes).
ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).
ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes).
ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers (git-fixes).
ALSA: hda/realtek - ALC897 headset MIC no sound (git-fixes).
ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (git-fixes).
ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop (git-fixes).
ALSA: hda/realtek: Enable headset mic on Lenovo P360 (git-fixes).
ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 (git-fixes).
ALSA: hda/realtek: Fix deadlock by COEF mutex (bsc#1195913).
ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021 (git-fixes).
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (git-fixes).
ALSA: hda: realtek: Fix race at concurrent COEF updates (git-fixes).
ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes).
ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes).
ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows (git-fixes).
ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) (git-fixes).
ALSA: hda: Set max DMA segment size (git-fixes).
ALSA: hda: Skip codec shutdown in case the codec is not registered (git-fixes).
ALSA: hda/via: Fix missing beep setup (git-fixes).
ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).
ALSA: memalloc: Fix dma_need_sync() checks (bsc#1195913).
ALSA: memalloc: invalidate SG pages before sync (bsc#1195913).
ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).
ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
ALSA: pcm: Check for null pointer of pointer substream before dereferencing it (git-fixes).
ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (git-fixes).
ALSA: pcm: Fix races among concurrent prealloc proc writes (git-fixes).
ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls (git-fixes).
ALSA: pcm: Fix races among concurrent read/write and buffer changes (git-fixes).
ALSA: pcm: Test for 'silence' field in struct 'pcm_format_data' (git-fixes).
ALSA: spi: Add check for clk_enable() (git-fixes).
ALSA: usb-audio: add mapping for MSI MAG X570S Torpedo MAX (git-fixes).
ALSA: usb-audio: add mapping for new Corsair Virtuoso SE (git-fixes).
ALSA: usb-audio: Add missing ep_idx in fixed EP quirks (git-fixes).
ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).
ALSA: usb-audio: Add quirk bits for enabling/disabling generic implicit fb (git-fixes).
ALSA: usb-audio: Cancel pending work at closing a MIDI substream (git-fixes).
ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb (git-fixes).
ALSA: usb-audio: Clear MIDI port active flag after draining (git-fixes).
ALSA: usb-audio: Configure sync endpoints before data (git-fixes).
ALSA: usb-audio: Correct quirk for VF0770 (git-fixes).
ALSA: usb-audio: Do not abort resume upon errors (bsc#1195913).
ALSA: usb-audio: Do not get sample rate for MCT Trigger 5 USB-to-HDMI (git-fixes).
ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (git-fixes).
ALSA: usb-audio: Increase max buffer size (git-fixes).
ALSA: usb-audio: initialize variables that could ignore errors (git-fixes).
ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).
ALSA: usb-audio: Move generic implicit fb quirk entries into quirks.c (git-fixes).
ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).
ALSA: usb-audio: Restore Rane SL-1 quirk (git-fixes).
ALSA: usb-audio: revert to IMPLICIT_FB_FIXED_DEV for M-Audio FastTrack Ultra (git-fixes).
ALSA: usb-audio: Set up (implicit) sync for Saffire 6 (git-fixes).
ALSA: usb-audio: Skip generic sync EP parse for secondary EP (git-fixes).
ALSA: usb-audio: US16x08: Move overflow check before array access (git-fixes).
ALSA: usb-audio: Workaround for clock setup on TEAC devices (git-fixes).
ALSA: wavefront: Proper check of get_user() error (git-fixes).
ALSA: x86: intel_hdmi_audio: enable pm_runtime and set autosuspend delay (git-fixes).
ALSA: x86: intel_hdmi_audio: use pm_runtime_resume_and_get() (git-fixes).
alx: acquire mutex for alx_reinit in alx_change_mtu (git-fixes).
amd/display: set backlight only if required (git-fixes).
arch/arm64: Fix topology initialization for core scheduling (git-fixes).
arm64: Add Cortex-A510 CPU part definition (git-fixes).
arm64: Add part number for Arm Cortex-A78AE (git-fixes).
arm64: Add support for user sub-page fault probing (git-fixes)
arm64: alternatives: mark patch_alternative() as `noinstr` (git-fixes).
arm64: avoid fixmap race condition when create pud mapping (git-fixes).
arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (git-fixes).
arm64: Correct wrong label in macro __init_el2_gicv3 (git-fixes).
arm64: defconfig: build imx-sdma as a module (git-fixes).
arm64: do not abuse pfn_valid() to ensure presence of linear map (git-fixes).
arm64: Do not defer reserve_crashkernel() for platforms with no DMA memory zones (git-fixes).
arm64: Do not include __READ_ONCE() block in assembly files (git-fixes).
arm64: dts: agilex: use the compatible 'intel,socfpga-agilex-hsotg' (git-fixes).
arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias (git-fixes).
arm64: dts: broadcom: bcm4908: use proper TWD binding (git-fixes).
arm64: dts: broadcom: Fix sata nodename (git-fixes).
arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART3 (git-fixes).
arm64: dts: imx8mm-venice: fix spi2 pin configuration (git-fixes)
arm64: dts: imx8mn-beacon: Enable RTS-CTS on UART3 (git-fixes).
arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock (git-fixes)
arm64: dts: imx8mn: Fix SAI nodes (git-fixes)
arm64: dts: imx8mp-evk: correct eqos pad settings (git-fixes).
arm64: dts: imx8mp-evk: correct gpio-led pad settings (git-fixes).
arm64: dts: imx8mp-evk: correct I2C1 pad settings (git-fixes).
arm64: dts: imx8mp-evk: correct I2C3 pad settings (git-fixes).
arm64: dts: imx8mp-evk: correct mmc pad settings (git-fixes).
arm64: dts: imx8mp-evk: correct the uart2 pinctl value (git-fixes).
arm64: dts: imx8mp-evk: correct vbus pad settings (git-fixes).
arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings (git-fixes).
arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 & mmc settings (git-fixes).
arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings (git-fixes).
arm64: dts: imx8mq: fix lcdif port node (git-fixes).
arm64: dts: imx8qm: Correct SCU clock controller's compatible (git-fixes)
arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes (git-fixes).
arm64: dts: juno: Remove GICv2m dma-range (git-fixes).
arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus (git-fixes).
arm64: dts: ls1043a: Update i2c dma properties (git-fixes).
arm64: dts: ls1046a: Update i2c node dma properties (git-fixes).
arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 (git-fixes).
arm64: dts: marvell: espressobin-ultra: enable front USB3 port (git-fixes).
arm64: dts: marvell: espressobin-ultra: fix SPI-NOR config (git-fixes).
arm64: dts: meson-g12: add ATF BL32 reserved-memory region (git-fixes).
arm64: dts: meson-g12b-odroid-n2: fix typo 'dio2133' (git-fixes).
arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 (git-fixes).
arm64: dts: meson-gx: add ATF BL32 reserved-memory region (git-fixes).
arm64: dts: meson: remove CPU opps below 1GHz for G12B boards (git-fixes).
arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards (git-fixes).
arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO domain for GPIOE_2 (git-fixes).
arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO pin labeling for CON1 (git-fixes).
arm64: dts: meson-sm1-odroid: fix boot loop after reboot (git-fixes).
arm64: dts: meson-sm1-odroid: use correct enable-gpio pin for tf-io regulator (git-fixes).
arm64: dts: mt8192: Fix nor_flash status disable typo (git-fixes).
arm64: dts: ns2: Fix spi-cpol and spi-cpha property (git-fixes).
arm64: dts: qcom: ipq8074: fix the sleep clock frequency (git-fixes).
arm64: dts: qcom: msm8916-huawei-g7: Clarify installation instructions (git-fixes).
arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count (git-fixes).
arm64: dts: qcom: msm8994: Fix CPU6/7 reg values (git-fixes).
arm64: dts: qcom: msm8994: Fix the cont_splash_mem address (git-fixes).
arm64: dts: qcom: msm8996: Drop flags for mdss irqs (git-fixes).
arm64: dts: qcom: msm8996: remove snps,dw-pcie compatibles (git-fixes).
arm64: dts: qcom: pm8350c: stop depending on thermal_zones label (git-fixes).
arm64: dts: qcom: pmr735a: stop depending on thermal_zones label (git-fixes).
arm64: dts: qcom: qrb5165-rb5: Fix can-clock node name (git-fixes).
arm64: dts: qcom: sdm845-db845c: add wifi variant property (git-fixes).
arm64: dts: qcom: sdm845: Drop flags for mdss irqs (git-fixes).
arm64: dts: qcom: sdm845: fix microphone bias properties and values (git-fixes).
arm64: dts: qcom: sdm845: remove snps,dw-pcie compatibles (git-fixes).
arm64: dts: qcom: sdm845-xiaomi-beryllium: fix typo in panel's vddio-supply property (git-fixes).
arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc (git-fixes).
arm64: dts: qcom: sm8250: Drop flags for mdss irqs (git-fixes).
arm64: dts: qcom: sm8250: Fix MSI IRQ for PCIe1 and PCIe2 (git-fixes).
arm64: dts: qcom: sm8250: fix PCIe bindings to follow schema (git-fixes).
arm64: dts: qcom: sm8350: Correct TCS configuration for apps rsc (git-fixes).
arm64: dts: qcom: sm8350: Correct UFS symbol clocks (git-fixes).
arm64: dts: qcom: sm8350: Describe GCC dependency clocks (git-fixes).
arm64: dts: qcom: sm8350: Shorten camera-thermal-bottom name (git-fixes).
arm64: dts: renesas: Fix thermal bindings (git-fixes).
arm64: dts: renesas: ulcb-kf: fix wrong comment (git-fixes).
arm64: dts: rockchip: align pl330 node name with dtschema (git-fixes).
arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity (git-fixes).
arm64: dts: rockchip: fix rk3399-puma-haikou USB OTG mode (git-fixes).
arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly (git-fixes).
arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (git-fixes).
arm64: dts: rockchip: reorder rk3399 hdmi clocks (git-fixes).
arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).
arm64: dts: ti: j7200-main: Fix 'dtbs_check' serdes_ln_ctrl node (git-fixes).
arm64: dts: ti: j721e-main: Fix 'dtbs_check' in serdes_ln_ctrl node (git-fixes).
arm64: dts: ti: k3-am64: Fix gic-v3 compatible regs (git-fixes).
arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (git-fixes).
arm64: dts: ti: k3-am64-mcu: remove incorrect UART base clock rates (git-fixes).
arm64: dts: ti: k3-am65: Fix gic-v3 compatible regs (git-fixes).
arm64: dts: ti: k3-j7200: Fix gic-v3 compatible regs (git-fixes).
arm64: dts: ti: k3-j721e: Fix gic-v3 compatible regs (git-fixes).
arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs (git-fixes).
arm64: Ensure execute-only permissions are not allowed without EPAN (git-fixes)
arm64: fix clang warning about TRAMP_VALIAS (git-fixes).
arm64: fix types in copy_highpage() (git-fixes).
arm64: ftrace: consistently handle PLTs (git-fixes).
arm64: ftrace: fix branch range checks (git-fixes).
arm64: kasan: fix include error in MTE functions (git-fixes).
arm64: kvm: keep the field workaround_flags in structure kvm_vcpu_arch (git-fixes).
arm64: Mark start_backtrace() notrace and NOKPROBE_SYMBOL (git-fixes)
arm64: mm: Drop 'const' from conditional arm64_dma_phys_limit definition (git-fixes).
arm64: mm: fix p?d_leaf() (git-fixes).
arm64: module: remove (NOLOAD) from linker script (git-fixes).
arm64: mte: Ensure the cleared tags are visible before setting the PTE (git-fixes).
arm64: paravirt: Use RCU read locks to guard stolen_time (git-fixes).
arm64: patch_text: Fixup last cpu should be master (git-fixes).
arm64: prevent instrumentation of bp hardening callbacks (git-fixes).
arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes).
arm64: stackleak: fix current_top_of_stack() (git-fixes).
arm64: supported.conf: mark PHY_FSL_IMX8MQ_USB as supported (bsc#1199909)
arm64: tegra: Add missing DFLL reset on Tegra210 (git-fixes).
arm64: tegra: Adjust length of CCPLEX cluster MMIO region (git-fixes).
arm64: Update config files. (bsc#1199909) Add pfuze100 regulator as module
arm64: vdso: fix makefile dependency on vdso.so (git-fixes).
ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE (git-fixes).
ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).
ARM: 9187/1: JIVE: fix return value of __setup handler (git-fixes).
ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (git-fixes).
ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (git-fixes).
ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (git-fixes).
ARM: at91: fix soc detection for SAM9X60 SiPs (git-fixes).
ARM: at91: pm: use proper compatible for sama5d2's rtc (git-fixes).
ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt (git-fixes).
ARM: boot: dts: bcm2711: Fix HVS register range (git-fixes).
ARM: cns3xxx: Fix refcount leak in cns3xxx_init (git-fixes).
ARM: configs: multi_v5_defconfig: re-enable CONFIG_V4L_PLATFORM_DRIVERS (git-fixes).
ARM: configs: multi_v5_defconfig: re-enable DRM_PANEL and FB_xxx (git-fixes).
ARM: config: u8500: Re-enable AB8500 battery charging (git-fixes).
ARM: davinci: da850-evm: Avoid NULL pointer dereference (git-fixes).
ARM: Do not use NOCROSSREFS directive with ld.lld (git-fixes).
ARM: dts: am3517-evm: Fix misc pinmuxing (git-fixes).
ARM: dts: aspeed: Add ADC for AST2600 and enable for Rainier and Everest (git-fixes).
ARM: dts: aspeed: Add secure boot controller node (git-fixes).
ARM: dts: aspeed: Add video engine to g6 (git-fixes).
ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (git-fixes).
ARM: dts: aspeed: Fix AST2600 quad spi group (git-fixes).
ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group (git-fixes).
ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi (git-fixes).
ARM: dts: at91: fix pinctrl phandles (git-fixes).
ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek (git-fixes).
ARM: dts: at91: sam9x60ek: fix eeprom compatible and size (git-fixes).
ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (git-fixes).
ARM: dts: at91: sama5d2_icp: fix eeprom compatibles (git-fixes).
ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name (git-fixes).
ARM: dts: bcm2711: Add the missing L1/L2 cache information (git-fixes).
ARM: dts: bcm2711-rpi-400: Fix GPIO line names (git-fixes).
ARM: dts: bcm2835-rpi-b: Fix GPIO line names (git-fixes).
ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (git-fixes).
ARM: dts: bcm2837: Add the missing L1/L2 cache information (git-fixes).
ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (git-fixes).
ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (git-fixes).
ARM: dts: BCM5301X: update CRU block description (git-fixes).
ARM: dts: BCM5301X: Update pin controller node name (git-fixes).
ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks (git-fixes).
ARM: dts: dra7: Fix suspend warning for vpe powerdomain (git-fixes).
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (git-fixes).
ARM: dts: exynos: add missing HDMI supplies on SMDK5250 (git-fixes).
ARM: dts: exynos: add missing HDMI supplies on SMDK5420 (git-fixes).
ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (git-fixes).
ARM: dts: Fix boot regression on Skomer (git-fixes).
ARM: dts: Fix mmc order for omap3-gta04 (git-fixes).
ARM: dts: Fix OpenBMC flash layout label addresses (git-fixes).
ARM: dts: Fix timer regression for beagleboard revision c (git-fixes).
ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group (git-fixes).
ARM: dts: imx6dl-colibri: Fix I2C pinmuxing (git-fixes).
ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (git-fixes).
ARM: dts: imx6qdl: correct PU regulator ramp delay (git-fixes).
ARM: dts: imx6qdl-udoo: Properly describe the SD card detect (git-fixes).
ARM: dts: imx6ull-colibri: fix vqmmc regulator (git-fixes).
ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (git-fixes).
ARM: dts: imx7ulp: Fix 'assigned-clocks-parents' typo (git-fixes).
ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk (git-fixes).
ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC (git-fixes)
ARM: dts: imx: Add missing LVDS decoder on M53Menlo (git-fixes).
ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 (git-fixes).
ARM: dts: meson8b: Fix the UART device-tree schema validation (git-fixes).
ARM: dts: meson8: Fix the UART device-tree schema validation (git-fixes).
ARM: dts: meson: Fix the UART compatible strings (git-fixes).
ARM: dts: ox820: align interrupt controller node name with dtschema (git-fixes).
ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 (git-fixes).
ARM: dts: qcom: ipq4019: fix sleep clock (git-fixes).
ARM: dts: qcom: msm8974: Drop flags for mdss irqs (git-fixes).
ARM: dts: qcom: sdx55: fix IPA interconnect definitions (git-fixes).
ARM: dts: rockchip: fix a typo on rk3288 crypto-controller (git-fixes).
ARM: dts: rockchip: reorder rk322x hmdi clocks (git-fixes).
ARM: dts: s5pv210: align DMA channels with dtschema (git-fixes).
ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries (git-fixes).
ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (git-fixes).
ARM: dts: socfpga: align interrupt controller node name with dtschema (git-fixes).
ARM: dts: socfpga: change qspi to 'intel,socfpga-qspi' (git-fixes).
ARM: dts: spear1340: Update serial node properties (git-fixes).
ARM: dts: spear13xx: Update SPI dma properties (git-fixes).
ARM: dts: stm32: fix AV96 board SAI2 pin muxing on stm32mp15 (git-fixes).
ARM: dts: stm32: Fix PHY post-reset delay on Avenger96 (git-fixes).
ARM: dts: sun8i: v3s: Move the csi1 block to follow address order (git-fixes).
ARM: dts: suniv: F1C100: fix watchdog compatible (git-fixes).
ARM: dts: switch timer config to common devkit8000 devicetree (git-fixes).
ARM: dts: Use 32KiHz oscillator on devkit8000 (git-fixes).
ARM: exynos: Fix refcount leak in exynos_map_pmu (git-fixes).
ARM: fix build warning in proc-v7-bugs.c (git-fixes).
ARM: fix co-processor register typo (git-fixes).
ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).
ARM: Fix refcount leak in axxia_boot_secondary (git-fixes).
ARM: fix Thumb2 regression with Spectre BHB (git-fixes).
ARM: ftrace: avoid redundant loads or clobbering IP (git-fixes).
ARM: ftrace: ensure that ADR takes the Thumb bit into account (git-fixes).
ARM: hisi: Add missing of_node_put after of_find_compatible_node (git-fixes).
ARM: iop32x: offset IRQ numbers by 1 (git-fixes).
ARM: kprobes: Make space for instruction pointer on stack (bsc#1193277).
ARM: mediatek: select arch timer for mt7629 (git-fixes).
ARM: meson: Fix refcount leak in meson_smp_prepare_cpus (git-fixes).
ARM: mmp: Fix failure to remove sram device (git-fixes).
ARM: mstar: Select HAVE_ARM_ARCH_TIMER (git-fixes).
ARM: mxs_defconfig: Enable the framebuffer (git-fixes).
ARM: omap1: ams-delta: remove camera leftovers (git-fixes).
ARM: OMAP1: clock: Fix UART rate reporting algorithm (git-fixes).
ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of (git-fixes).
ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (git-fixes).
ARM: OMAP2+: hwmod: Add of_node_put() before break (git-fixes).
ARM: pxa: maybe fix gpio lookup tables (git-fixes).
ARM: socfpga: fix missing RESET_CONTROLLER (git-fixes).
ARM: Spectre-BHB: provide empty stub for non-config (git-fixes).
ARM: tegra: tamonten: Fix I2C3 pad setting (git-fixes).
ARM: vexpress/spc: Avoid negative array index when !SMP (git-fixes).
ASoC: amd: Fix reference to PCM buffer address (git-fixes).
ASoC: amd: vg: fix for pm resume callback sequence (git-fixes).
ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).
ASoC: atmel-classd: Remove endianness flag on class d component (git-fixes).
ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe (git-fixes).
ASoC: atmel: Fix error handling in snd_proto_probe (git-fixes).
ASoC: atmel-pdmic: Remove endianness flag on pdmic component (git-fixes).
ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek (git-fixes).
ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
ASoC: codecs: Check for error pointer after calling devm_regmap_init_mmio (git-fixes).
ASoC: codecs: lpass-rx-macro: fix sidetone register offsets (git-fixes).
ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type (git-fixes).
ASoC: codecs: rx-macro: fix accessing compander for aux (git-fixes).
ASoC: codecs: va-macro: fix accessing array out of bounds for enum type (git-fixes).
ASoC: codecs: wc938x: fix accessing array out of bounds for enum type (git-fixes).
ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).
ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use (git-fixes).
ASoC: codecs: wcd934x: fix kcontrol max values (git-fixes).
ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).
ASoC: codecs: wcd938x: fix return value of mixer put function (git-fixes).
ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name (git-fixes).
ASoC: cs35l36: Update digital volume TLV (git-fixes).
ASoC: cs4265: Fix the duplicated control name (git-fixes).
ASoC: cs42l51: Correct minimum value for SX volume control (git-fixes).
ASoC: cs42l52: Correct TLV for Bypass Volume (git-fixes).
ASoC: cs42l52: Fix TLV scales for mixer controls (git-fixes).
ASoC: cs42l56: Correct typo in minimum level for SX volume controls (git-fixes).
ASoC: cs53l30: Correct number of volume levels on SX controls (git-fixes).
ASoC: da7219: Fix change notifications for tone generator frequency (git-fixes).
ASoC: dapm: Do not fold register value changes into notifications (git-fixes).
ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).
ASoC: dmaengine: Restore NULL prepare_slave_config() callback (git-fixes).
ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
ASoC: es8328: Fix event generation for deemphasis control (git-fixes).
ASoC: fsi: Add check for clk_enable (git-fixes).
ASoC: fsl: Add missing error handling in pcm030_fabric_probe (git-fixes).
ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (git-fixes).
ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (git-fixes).
ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
ASoC: fsl: Use dev_err_probe() helper (git-fixes).
ASoC: hdmi-codec: Fix OOB memory accesses (git-fixes).
ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).
ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe (git-fixes).
ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408 (git-fixes).
ASoC: intel: skylake: Set max DMA segment size (git-fixes).
ASoC: Intel: soc-acpi: correct device endpoints for max98373 (git-fixes).
ASoC: Intel: sof_sdw: fix quirks for 2022 HP Spectre x360 13' (git-fixes).
ASoC: madera: Add dependencies on MFD (git-fixes).
ASoC: max9759: fix underflow in speaker_gain_control_put() (git-fixes).
ASoC: max98090: Generate notifications on changes for custom control (git-fixes).
ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() (git-fixes).
ASoC: max98090: Reject invalid values in custom control put() (git-fixes).
ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (git-fixes).
ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (git-fixes).
ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).
ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe (git-fixes).
ASoC: mediatek: use of_device_get_match_data() (git-fixes).
ASoC: meson: Fix event generation for AUI ACODEC mux (git-fixes).
ASoC: meson: Fix event generation for AUI CODEC mux (git-fixes).
ASoC: meson: Fix event generation for G12A tohdmi mux (git-fixes).
ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).
ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component (git-fixes).
ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).
ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (git-fixes).
ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
ASoC: nau8822: Add operation for internal PLL off and on (git-fixes).
ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() (git-fixes).
ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() (git-fixes).
ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_sx() (git-fixes).
ASoC: ops: Fix stereo change notifications in snd_soc_put_xr_sx() (git-fixes).
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (git-fixes).
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (git-fixes).
ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (git-fixes).
ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).
ASoC: ops: Validate input values in snd_soc_put_volsw_range() (git-fixes).
ASoC: qcom: Actually clear DMA interrupt register for HDMI (git-fixes).
ASoC: rk3328: fix disabling mclk on pclk probe failure (git-fixes).
ASoC: rk817: Fix missing clk_disable_unprepare() in rk817_platform_probe (git-fixes).
ASoC: rk817: Use devm_clk_get() in rk817_platform_probe (git-fixes).
ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in rockchip_i2s_probe (git-fixes).
ASoC: rsnd: care default case on rsnd_ssiu_busif_err_status_clear() (git-fixes).
ASoC: rsnd: care return value from rsnd_node_fixed_index() (git-fixes).
ASoC: rt1015p: remove dependency on GPIOLIB (git-fixes).
ASoC: rt5514: Fix event generation for 'DSP Voice Wake Up' control (git-fixes).
ASoC: rt5645: Fix errorenous cleanup order (git-fixes).
ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).
ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).
ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).
ASoC: samsung: Fix refcount leak in aries_audio_probe (git-fixes).
ASoC: samsung: Use dev_err_probe() helper (git-fixes).
ASoC: simple-card: fix probe failure on platform component (git-fixes).
ASoC: simple-card-utils: Set sysclk on all components (git-fixes).
ASoC: soc-compress: Change the check for codec_dai (git-fixes).
ASoC: soc-compress: prevent the potentially use of null pointer (git-fixes).
ASoC: soc-core: skip zero num_dai component in searching dai name (git-fixes).
ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).
ASoC: soc-ops: fix error handling (git-fixes).
ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (git-fixes).
ASoC: SOF: hda: Set max DMA segment size (git-fixes).
ASoC: SOF: Intel: enable DMI L1 for playback streams (git-fixes).
ASoC: SOF: Intel: Fix build error without SND_SOC_SOF_PCI_DEV (git-fixes).
ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM (git-fixes).
ASoC: SOF: Intel: match sdw version on link_slaves_found (git-fixes).
ASoC: SOF: topology: remove redundant code (git-fixes).
ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
ASoC: tas2770: Insert post reset delay (git-fixes).
ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* (git-fixes).
ASoC: topology: Allow TLV control to be either read or write (git-fixes).
ASoC: topology: Correct error handling in soc_tplg_dapm_widget_create() (git-fixes).
ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).
ASoC: tscs454: Add endianness flag in snd_soc_component_driver (git-fixes).
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (git-fixes).
ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
ASoC: wm8958: Fix change notifications for DSP controls (git-fixes).
ASoC: wm8962: Fix suspend while playing music (git-fixes).
ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put() (git-fixes).
ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes (git-fixes).
assoc_array: Fix BUG_ON during garbage collect (git-fixes).
asus-wmi: Add dgpu disable method (bsc#1198058).
asus-wmi: Add egpu enable method (bsc#1198058).
asus-wmi: Add panel overdrive functionality (bsc#1198058).
asus-wmi: Add support for platform_profile (bsc#1198058).
ata: libata: add qc->flags in ata_qc_complete_template tracepoint (git-fixes).
ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs (git-fixes).
ata: libata-core: Disable TRIM on M88V29 (git-fixes).
ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (git-fixes).
ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (git-fixes).
ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).
ata: pata_hpt37x: fix PCI clock detection (git-fixes).
ata: pata_marvell: Check the 'bmdma_addr' beforing reading (git-fixes).
ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (git-fixes).
ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).
ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).
ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
ath10k: skip ath10k_halt during suspend for driver state RESTARTING (git-fixes).
ath11k: acquire ab->base_lock in unassign when finding the peer by addr (git-fixes).
ath11k: disable spectral scan during spectral deinit (git-fixes).
ath11k: Do not check arvif->is_started before sending management frames (git-fixes).
ath11k: fix kernel panic during unload/load ath11k modules (git-fixes).
ath11k: mhi: use mhi_sync_power_up() (git-fixes).
ath11k: pci: fix crash on suspend if board file is not found (git-fixes).
ath11k: set correct NL80211_FEATURE_DYNAMIC_SMPS for WCN6855 (git-fixes).
ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).
ath9k: fix ar9003_get_eepmisc (git-fixes).
ath9k: fix QCA9561 PA bias level (git-fixes).
ath9k: Fix usage of driver-private space in tx_info (git-fixes).
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (git-fixes).
ath9k_htc: fix uninit value bugs (git-fixes).
ath9k: Properly clear TX status area before reporting to mac80211 (git-fixes).
atl1c: fix tx timeout after link flap on Mikrotik 10/25G NIC (git-fixes).
atm: eni: Add check for dma_map_single (git-fixes).
atm: firestream: check the return value of ioremap() in fs_init() (git-fixes).
atomics: Fix atomic64_{read_acquire,set_release} fallbacks (git-fixes).
audit: ensure userspace is penalized the same as the kernel when under pressure (git-fixes).
audit: improve audit queue handling when 'audit=1' on cmdline (git-fixes).
audit: improve robustness of the audit queue handling (git-fixes).
auxdisplay: lcd2s: Fix lcd2s_redefine_char() feature (git-fixes).
auxdisplay: lcd2s: Fix memory leak in ->remove() (git-fixes).
auxdisplay: lcd2s: Use proper API to free the instance of charlcd object (git-fixes).
ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
ax25: improve the incomplete fix to avoid UAF and NPD bugs (git-fixes).
b43: Fix assigning negative value to unsigned variable (git-fixes).
b43legacy: Fix assigning negative value to unsigned variable (git-fixes).
bareudp: use ipv6_mod_enabled to check if IPv6 enabled (git-fixes).
batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).
batman-adv: Do not skb_split skbuffs with frag_list (git-fixes).
batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).
batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).
bcache: avoid journal no-space deadlock by reserving 1 journal bucket (git-fixes).
bcache: avoid unnecessary soft lockup in kworker update_writeback_rate() (bsc#1197362).
bcache: fixup multiple threads crash (git-fixes).
bcache: fix use-after-free problem in bcache_device_free() (git-fixes).
bcache: improve multithreaded bch_btree_check() (git-fixes).
bcache: improve multithreaded bch_sectors_dirty_init() (git-fixes).
bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (git-fixes).
bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (git-fixes).
bfq: Allow current waker to defend against a tentative one (bsc#1195915).
bfq: Avoid false marking of bic as stably merged (bsc#1197926).
bfq: Avoid merging queues with different parents (bsc#1197926).
bfq: Do not let waker requests skip proper accounting (bsc#1184318).
bfq: Drop pointless unlock-lock pair (bsc#1197926).
bfq: Fix warning in bfqq_request_over_limit() (bsc#1200812).
bfq: Get rid of __bio_blkcg() usage (bsc#1197926).
bfq: Limit number of requests consumed by each cgroup (bsc#1184318).
bfq: Limit waker detection in time (bsc#1184318).
bfq: Make sure bfqg for which we are queueing requests is online (bsc#1197926).
bfq: Relax waker detection for shared queues (bsc#1184318).
bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).
bfq: Split shared queues on move between cgroups (bsc#1197926).
bfq: Store full bitmap depth in bfq_data (bsc#1184318).
bfq: Track number of allocated requests in bfq_entity (bsc#1184318).
bfq: Track whether bfq_group is still online (bsc#1197926).
bfq: Update cgroup information before merging bio (bsc#1197926).
binfmt_flat: do not stop relocating GOT entries prematurely on riscv (git-fixes).
bitfield: add explicit inclusions to the example (git-fixes).
blkcg: Remove extra blkcg_bio_issue_init (bsc#1194585).
blk-cgroup: move blkcg_{get,set}_fc_appid out of line (bsc#1200045).
blk-cgroup: set blkg iostat after percpu stat aggregation (bsc#1198018).
blk-iolatency: Fix inflight count imbalances and IO hangs on offline (bsc#1200825).
blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() (bsc#1198034).
blk-mq: do not touch ->tagset in blk_mq_get_sq_hctx (bsc#1200824).
blk-mq: do not update io_ticks with passthrough requests (bsc#1200816).
blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263).
blktrace: fix use after free for struct blk_trace (bsc#1198017).
block: assign bi_bdev for cloned bios in blk_rq_prep_clone (bsc#1198016).
block: avoid to quiesce queue in elevator_init_mq (bsc#1198013).
block, bfq: fix UAF problem in bfqg_stats_init() (bsc#1194583).
block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).
block: Check ADMIN before NICE for IOPRIO_CLASS_RT (bsc#1198012).
block: do not delete queue kobject before its children (bsc#1198019).
block: do not merge across cgroup boundaries if blkcg is enabled (bsc#1198020).
block: fix async_depth sysfs interface for mq-deadline (bsc#1198015).
block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (bsc#1200259).
block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (git-fixes).
block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586).
block: Fix the maximum minor value is blk_alloc_ext_minor() (bsc#1198021).
block: Fix up kabi after blkcg merge fix (bsc#1198020).
block: Hold invalidate_lock in BLKRESETZONE ioctl (bsc#1198010).
block: limit request dispatch loop duration (bsc#1198022).
block/mq-deadline: Improve request accounting further (bsc#1198009).
block: Provide blk_mq_sched_get_icq() (bsc#1184318).
block: update io_ticks when io hang (bsc#1197817).
block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).
Bluetooth: btintel: Fix WBS setting for Intel legacy ROM products (git-fixes).
Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).
Bluetooth: btusb: Add another Realtek 8761BU (git-fixes).
Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).
Bluetooth: btusb: Add one more Bluetooth part for the Realtek RTL8852AE (git-fixes).
Bluetooth: btusb: Whitespace fixes for btusb_setup_csr() (git-fixes).
Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed (git-fixes).
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (git-fixes).
Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg} (git-fixes).
Bluetooth: Fix the creation of hdev->name (git-fixes).
Bluetooth: Fix use after free in hci_send_acl (git-fixes).
Bluetooth: hci_qca: Use del_timer_sync() before freeing (git-fixes).
Bluetooth: hci_serdev: call init_rwsem() before p->open() (git-fixes).
Bluetooth: use hdev lock for accept_list and reject_list in conn req (git-fixes).
Bluetooth: use hdev lock in activate_scan for hci_is_adv_monitoring (git-fixes).
Bluetooth: use memset avoid memory leaks (git-fixes).
bnx2x: fix napi API usage sequence (bsc#1198217).
bnxt_en: Do not destroy health reporters during reset (bsc#1199736).
bnxt_en: Eliminate unintended link toggle during FW reset (bsc#1199736).
bnxt_en: Fix active FEC reporting to ethtool (git-fixes).
bnxt_en: Fix devlink fw_activate (jsc#SLE-18978).
bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).
bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).
bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).
bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag (git-fixes).
bnxt_en: Fix unnecessary dropping of RX packets (git-fixes).
bnxt_en: Increase firmware message response DMA wait time (git-fixes).
bnxt_en: Prevent XDP redirect from running when stopping TX queue (git-fixes).
bnxt_en: reserve space inside receive page for skb_shared_info (git-fixes).
bnxt_en: Restore the resets_reliable flag in bnxt_open() (jsc#SLE-18978).
bnxt_en: Synchronize tx when xdp redirects happen on same ring (git-fixes).
bonding: fix data-races around agg_select_timer (git-fixes).
bonding: force carrier update when releasing slave (git-fixes).
bonding: pair enable_port with slave_arr_updates (git-fixes).
bpf: Add check_func_arg_reg_off function (git-fixes).
bpf: add config to allow loading modules with BTF mismatches (bsc#1194501).
bpf: Avoid races in __bpf_prog_run() for 32bit arches (git-fixes).
bpf: Disallow negative offset in check_ptr_off_reg (git-fixes).
bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg (git-fixes).
bpf: Fix PTR_TO_BTF_ID var_off check (git-fixes).
bpf: Fix UAF due to race between btf_try_get_module and load_module (git-fixes).
bpf: Mark PTR_TO_FUNC register initially with zero offset (git-fixes).
bpf: Resolve to prog->aux->dst_prog->type only for BPF_PROG_TYPE_EXT (git-fixes).
bpf: selftests: adapt bpf_iter_task_vma to get_inode_dev() (bsc#1198585).
bpf, selftests: Fix racing issue in btf_skc_cls_ingress test (git-fixes).
bpf, selftests: Update test case for atomic cmpxchg on r0 with pointer (git-fixes).
bpftool: Fix memory leak in prog_dump() (git-fixes).
bpftool: Remove inclusion of utilities.mak from Makefiles (git-fixes).
bpftool: Remove unused includes to bpf/bpf_gen_internal.h (git-fixes).
bpftool: Remove useless #include to perf-sys.h from map_perf_ring.c (git-fixes).
brcmfmac: firmware: Allocate space for default boardrev in nvram (git-fixes).
brcmfmac: firmware: Fix crash in brcm_alt_fw_path (git-fixes).
brcmfmac: pcie: Declare missing firmware files in pcie.c (git-fixes).
brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).
brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path (git-fixes).
brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio (git-fixes).
brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (git-fixes).
btrfs: add a BTRFS_FS_ERROR helper (bsc#1197915).
btrfs: add btrfs_set_item_*_nr() helpers (bsc#1197915).
btrfs: add helper to truncate inode items when logging inode (bsc#1197915).
btrfs: add missing run of delayed items after unlink during log replay (bsc#1197915).
btrfs: add ro compat flags to inodes (bsc#1197915).
btrfs: always update the logged transaction when logging new names (bsc#1197915).
btrfs: assert that extent buffers are write locked instead of only locked (bsc#1197915).
btrfs: avoid attempt to drop extents when logging inode for the first time (bsc#1197915).
btrfs: avoid expensive search when dropping inode items from log (bsc#1197915).
btrfs: avoid expensive search when truncating inode items from the log (bsc#1197915).
btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page (git-fixes)
btrfs: avoid search for logged i_size when logging inode if possible (bsc#1197915).
btrfs: avoid unnecessarily logging directories that had no changes (bsc#1197915).
btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1197915).
btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1197915).
btrfs: change error handling for btrfs_delete_*_in_log (bsc#1197915).
btrfs: change handle_fs_error in recover_log_trees to aborts (bsc#1197915).
btrfs: check if a log tree exists at inode_logged() (bsc#1197915).
btrfs: constify and cleanup variables in comparators (bsc#1197915).
btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1197915).
btrfs: do not log new dentries when logging that a new name exists (bsc#1197915).
btrfs: do not pin logs too early during renames (bsc#1197915).
btrfs: drop the _nr from the item helpers (bsc#1197915).
btrfs: eliminate some false positives when checking if inode was logged (bsc#1197915).
btrfs: factor out the copying loop of dir items from log_dir_items() (bsc#1197915).
btrfs: fix lost prealloc extents beyond eof after full fsync (bsc#1197915).
btrfs: fix lzo_decompress_bio() kmap leakage (bsc#1193852).
btrfs: fix memory leak in __add_inode_ref() (bsc#1197915).
btrfs: fix missing last dir item offset update when logging directory (bsc#1197915).
btrfs: fix re-dirty process of tree-log nodes (bsc#1197915).
btrfs: improve the batch insertion of delayed items (bsc#1197915).
btrfs: insert items in batches when logging a directory when possible (bsc#1197915).
btrfs: introduce btrfs_lookup_match_dir (bsc#1197915).
btrfs: introduce item_nr token variant helpers (bsc#1197915).
btrfs: keep track of the last logged keys when logging a directory (bsc#1197915).
btrfs: loop only once over data sizes array when inserting an item batch (bsc#1197915).
btrfs: make btrfs_file_extent_inline_item_len take a slot (bsc#1197915).
btrfs: only copy dir index keys when logging a directory (bsc#1197915).
btrfs: remove no longer needed checks for NULL log context (bsc#1197915).
btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1197915).
btrfs: remove no longer needed logic for replaying directory deletes (bsc#1197915).
btrfs: remove redundant log root assignment from log_dir_items() (bsc#1197915).
btrfs: remove root argument from add_link() (bsc#1197915).
btrfs: remove root argument from btrfs_log_inode() and its callees (bsc#1197915).
btrfs: remove root argument from btrfs_unlink_inode() (bsc#1197915).
btrfs: remove root argument from check_item_in_log() (bsc#1197915).
btrfs: remove root argument from drop_one_dir_item() (bsc#1197915).
btrfs: remove the btrfs_item_end() helper (bsc#1197915).
btrfs: remove unnecessary list head initialization when syncing log (bsc#1197915).
btrfs: remove unneeded return variable in btrfs_lookup_file_extent (bsc#1197915).
btrfs: rename btrfs_item_end_nr to btrfs_item_data_end (bsc#1197915).
btrfs: stop doing GFP_KERNEL memory allocations in the ref verify tool (bsc#1197915).
btrfs: unexport setup_items_for_insert() (bsc#1197915).
btrfs: unify lookup return value when dir entry is missing (bsc#1197915).
btrfs: update comment at log_conflicting_inodes() (bsc#1197915).
btrfs: use btrfs_item_size_nr/btrfs_item_offset_nr everywhere (bsc#1197915).
btrfs: use btrfs_next_leaf instead of btrfs_next_item when slots > nritems (bsc#1197915).
btrfs: use single bulk copy operations when logging directories (bsc#1197915).
bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (git-fixes).
bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (git-fixes).
bus: ti-sysc: Fix warnings for unbind for serial (git-fixes).
bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific (git-fixes).
caif_virtio: fix race between virtio_device_ready() and ndo_open() (git-fixes).
can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).
can: etas_es58x: change opened_channel_cnt's type from atomic_t to u8 (git-fixes).
can: etas_es58x: es58x_fd_rx_event_msg(): initialize rx_event_msg before calling es58x_check_msg_len() (git-fixes).
can: grcan: grcan_close(): fix deadlock (git-fixes).
can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (git-fixes).
can: grcan: only use the NAPI poll budget for RX (git-fixes).
can: grcan: use ofdev->dev when allocating DMA memory (git-fixes).
can: gs_usb: change active_channels's type from atomic_t to u8 (git-fixes).
can: isotp: fix error path in isotp_sendmsg() to unlock wait queue (git-fixes).
can: isotp: fix potential CAN frame reception race in isotp_rcv() (git-fixes).
can: isotp: restore accidentally removed MSG_PEEK feature (git-fixes).
can: isotp: return -EADDRNOTAVAIL when reading from unbound socket (git-fixes).
can: isotp: set default value for N_As to 50 micro seconds (git-fixes).
can: isotp: stop timeout monitoring when no first frame was sent (git-fixes).
can: isotp: support MSG_TRUNC flag when reading from socket (git-fixes).
can: m_can: m_can_tx_handler(): fix use after free of skb (git-fixes).
can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).
can: mcba_usb: properly check endpoint type (git-fixes).
can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix return of error value (git-fixes).
can: mcp251xfd: silence clang's -Wunaligned-access warning (git-fixes).
can: rcar_canfd: add __maybe_unused annotation to silence warning (git-fixes).
can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).
can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).
can: xilinx_can: mark bit timing constants as const (git-fixes).
carl9170: fix missing bit-wise or operator for tx_params (git-fixes).
carl9170: tx: fix an incorrect use of list iterator (git-fixes).
CDC-NCM: avoid overflow in sanity checking (git-fixes).
ceph: fix setting of xattrs on async created inodes (bsc#1199611).
certs/blacklist_hashes.c: fix const confusion in certs blacklist (git-fixes).
cfg80211: declare MODULE_FIRMWARE for regulatory.db (git-fixes).
cfg80211: do not add non transmitted BSS to 6GHz scanned channels (git-fixes).
cfg80211: fix race in netlink owner interface destruction (git-fixes).
cfg80211: hold bss_lock while updating nontrans_list (git-fixes).
cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug (bsc#1196869).
cgroup/cpuset: Fix 'suspicious RCU usage' lockdep warning (bsc#1196868).
cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1199839).
cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).
char: tpm: cr50_i2c: Suppress duplicated error message in .remove() (git-fixes).
char: xillybus: fix a refcount leak in cleanup_dev() (git-fixes).
cifs: add WARN_ON for when chan_count goes below minimum (bsc#1193629).
cifs: adjust DebugData to use chans_need_reconnect for conn status (bsc#1193629).
cifs: alloc_path_with_tree_prefix: do not append sep. if the path is empty (bsc#1193629).
cifs: avoid parallel session setups on same channel (bsc#1193629).
cifs: avoid race during socket reconnect between send and recv (bsc#1193629).
cifs: call cifs_reconnect when a connection is marked (bsc#1193629).
cifs: call helper functions for marking channels for reconnect (bsc#1193629).
cifs: change smb2_query_info_compound to use a cached fid, if available (bsc#1193629).
cifs: check for smb1 in open_cached_dir() (bsc#1193629).
cifs: check reconnects for channels of active tcons too (bsc#1193629).
cifs: Check the IOCB_DIRECT flag, not O_DIRECT (bsc#1193629).
cifs: cifs_ses_mark_for_reconnect should also update reconnect bits (bsc#1193629).
cifs: clean up an inconsistent indenting (bsc#1193629).
cifs: convert the path to utf16 in smb2_query_info_compound (bsc#1193629).
cifs: destage any unwritten data to the server before calling copychunk_write (bsc#1193629).
cifs: do not build smb1ops if legacy support is disabled (bsc#1193629).
cifs: do not call cifs_dfs_query_info_nonascii_quirk() if nodfs was set (bsc#1193629).
cifs: do not skip link targets when an I/O fails (bsc#1194625).
cifs: do not use tcpStatus after negotiate completes (bsc#1193629).
cifs: do not use uninitialized data in the owner/group sid (bsc#1193629).
cifs: fix bad fids sent over wire (bsc#1197157).
cifs: fix confusing unneeded warning message on smb2.1 and earlier (bsc#1193629).
cifs: fix double free race when mount fails in cifs_get_root() (bsc#1193629).
cifs: fix FILE_BOTH_DIRECTORY_INFO definition (bsc#1193629).
cifs: fix handlecache and multiuser (bsc#1193629).
cifs: fix hang on cifs_get_next_mid() (bsc#1193629).
cifs: fix incorrect use of list iterator after the loop (bsc#1193629).
cifs: fix minor compile warning (bsc#1193629).
cifs: fix NULL ptr dereference in refresh_mounts() (bsc#1193629).
cifs: fix potential deadlock in direct reclaim (bsc#1193629).
cifs: fix potential double free during failed mount (bsc#1193629).
cifs: fix potential race with cifsd thread (bsc#1193629).
cifs: fix set of group SID via NTSD xattrs (bsc#1193629).
cifs: fix signed integer overflow when fl_end is OFFSET_MAX (bsc#1193629).
cifs: Fix smb311_update_preauth_hash() kernel-doc comment (bsc#1193629).
cifs: fix the cifs_reconnect path for DFS (bsc#1193629).
cifs: fix the connection state transitions with multichannel (bsc#1193629).
cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share (bsc#1193629).
cifs: fix workstation_name for multiuser mounts (bsc#1193629).
cifs: force new session setup and tcon for dfs (bsc#1193629).
cifs: free ntlmsspblob allocated in negotiate (bsc#1193629).
cifs: maintain a state machine for tcp/smb/tcon sessions (bsc#1193629).
cifs: make status checks in version independent callers (bsc#1193629).
cifs: mark sessions for reconnection in helper function (bsc#1193629).
cifs: modefromsids must add an ACE for authenticated users (bsc#1193629).
cifs: move definition of cifs_fattr earlier in cifsglob.h (bsc#1193629).
cifs: move superblock magic defitions to magic.h (bsc#1193629).
cifs: potential buffer overflow in handling symlinks (bsc#1193629).
cifs: print TIDs as hex (bsc#1193629).
cifs: protect all accesses to chan_* with chan_lock (bsc#1193629).
cifs: quirk for STATUS_OBJECT_NAME_INVALID returned for non-ASCII dfs refs (bsc#1193629).
cifs: reconnect only the connection and not smb session where possible (bsc#1193629).
cifs: release cached dentries only if mount is complete (bsc#1193629).
cifs: remove check of list iterator against head past the loop body (bsc#1193629).
cifs: remove redundant assignment to pointer p (bsc#1193629).
cifs: remove repeated debug message on cifs_put_smb_ses() (bsc#1193629).
cifs: remove repeated state change in dfs tree connect (bsc#1193629).
cifs: remove unused variable ses_selected (bsc#1193629).
cifs: return ENOENT for DFS lookup_cache_entry() (bsc#1193629).
cifs: return the more nuanced writeback error on close() (bsc#1193629).
cifs: serialize all mount attempts (bsc#1193629).
cifs: set the CREATE_NOT_FILE when opening the directory in use_cached_dir() (bsc#1193629).
cifs: skip trailing separators of prefix paths (bsc#1193629).
cifs: smbd: fix typo in comment (bsc#1193629).
cifs: Split the smb3_add_credits tracepoint (bsc#1193629).
cifs: take cifs_tcp_ses_lock for status checks (bsc#1193629).
cifs: track individual channel status using chans_need_reconnect (bsc#1193629).
cifs: unlock chan_lock before calling cifs_put_tcp_session (bsc#1193629).
cifs: update internal module number (bsc#1193629).
cifs: update tcpStatus during negotiate and sess setup (bsc#1193629).
cifs: use a different reconnect helper for non-cifsd threads (bsc#1193629).
cifs: use correct lock type in cifs_reconnect() (bsc#1193629).
cifs: Use kzalloc instead of kmalloc/memset (bsc#1193629).
cifs: use new enum for ses_status (bsc#1193629).
cifs: use the chans_need_reconnect bitmap for reconnect status (bsc#1193629).
cifs: verify that tcon is valid before dereference in cifs_kill_sb (bsc#1193629).
cifs: version operations for smb20 unneeded when legacy support disabled (bsc#1193629).
cifs: we do not need a spinlock around the tree access during umount (bsc#1193629).
cifs: when extending a file with falloc we should make files not-sparse (bsc#1193629).
cifs: writeback fix (bsc#1193629).
clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
clk: at91: generated: consider range when calculating best rate (git-fixes).
clk: at91: sama7g5: fix parents of PDMCs' GCLK (git-fixes).
clk: bcm2835: fix bcm2835_clock_choose_div (git-fixes).
clk: bcm2835: Remove unused variable (git-fixes).
clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
clk: Enforce that disjoints limits are invalid (git-fixes).
clk: Fix clk_hw_get_clk() when dev is NULL (git-fixes).
clk: hisilicon: Terminate clk_div_table with sentinel element (git-fixes).
clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
clk: imx8mp: fix usb_root_clk parent (git-fixes).
clk: imx: Add check for kcalloc (git-fixes).
clk: imx: off by one in imx_lpcg_parse_clks_from_dt() (git-fixes).
clk: imx: scu: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).
clk: Initialize orphan req_rate (git-fixes).
clk: jz4725b: fix mmc0 clock gating (git-fixes).
clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).
clk: nxp: Remove unused variable (git-fixes).
clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).
clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
clk: qcom: ipq8074: fix PCI-E clock oops (git-fixes).
clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
clk: renesas: r9a06g032: Fix the RTC hclock description (git-fixes).
clk: rockchip: drop CLK_SET_RATE_PARENT from dclk_vop* on rk3568 (git-fixes).
clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).
clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (git-fixes).
clk: tegra: Add missing reset deassertion (git-fixes).
clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).
clk: ti: Preserve node in ti_dt_clocks_register() (git-fixes).
clk: uniphier: Fix fixed-rate initialization (git-fixes).
clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
clocksource/drivers/exynos_mct: Handle DTS with higher number of interrupts (git-fixes).
clocksource/drivers/exynos_mct: Refactor resources allocation (git-fixes).
clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (git-fixes).
clocksource/drivers/sp804: Avoid error on multiple instances (git-fixes).
clocksource/drivers/timer-microchip-pit64b: Use notrace (git-fixes).
clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).
clocksource/drivers/timer-ti-dm: Fix regression from errata i940 fix (git-fixes).
clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() (bsc#1201218).
comedi: drivers: ni_routes: Use strcmp() instead of memcmp() (git-fixes).
comedi: vmk80xx: fix expression for tx buffer size (git-fixes).
copy_process(): Move fd_install() out of sighand->siglock critical section (bsc#1199626).
cpufreq: intel_pstate: Add Ice Lake server to out-of-band IDs (bsc#1201228).
cpufreq: qcom-cpufreq-nvmem: fix reading of PVS Valid fuse (git-fixes).
cpuidle,intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE (git-fixes).
cpuidle: intel_idle: Update intel_idle() kerneldoc comment (git-fixes).
cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).
cputime, cpuacct: Include guest time in user time in (git-fixes)
crypto: amlogic - call finalize with bh disabled (git-fixes).
crypto: api - Move cryptomgr soft dependency into algapi (git-fixes).
crypto: arm/aes-neonbs-cbc - Select generic cbc and aes (git-fixes).
crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).
crypto: caam - fix i.MX6SX entropy delay value (git-fixes).
crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).
crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
crypto: ccree - Fix use after free in cc_cipher_exit() (git-fixes).
crypto: ccree - use fine grained DMA mapping dir (git-fixes).
crypto: cryptd - Protect per-CPU resource by disabling BH (git-fixes).
crypto: ecrdsa - Fix incorrect use of vli_cmp (git-fixes).
crypto: engine - check if BH is disabled during completion (git-fixes).
crypto: gemini - call finalize with bh disabled (git-fixes).
crypto: hisilicon/qm - cleanup warning in qm_vf_read_qos (git-fixes).
crypto: hisilicon/sec - fix the aead software fallback for engine (git-fixes).
crypto: hisilicon/sec - not need to enable sm4 extra mode at HW V3 (git-fixes).
crypto: marvell/cesa - ECB does not IV (git-fixes).
crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
crypto: octeontx2 - remove CONFIG_DM_CRYPT check (git-fixes).
crypto: qat - disable registration of algorithms (git-fixes).
crypto: qat - do not cast parameter in bit operations (git-fixes).
crypto: qcom-rng - ensure buffer for generate is completely filled (git-fixes).
crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ (git-fixes).
crypto: rockchip - ECB does not need IV (git-fixes).
crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).
crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).
crypto: rsa-pkcs1pad - only allow with rsa (git-fixes).
crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
crypto: stm32 - fix reference leak in stm32_crc_remove (git-fixes).
crypto: sun8i-ce - call finalize with bh disabled (git-fixes).
crypto: sun8i-ss - call finalize with bh disabled (git-fixes).
crypto: sun8i-ss - handle zero sized sg (git-fixes).
crypto: sun8i-ss - really disable hash on A80 (git-fixes).
crypto: sun8i-ss - rework handling of IV (git-fixes).
crypto: vmx - add missing dependencies (git-fixes).
crypto: x86/chacha20 - Avoid spurious jumps to other functions (git-fixes).
crypto: x86 - eliminate anonymous module_init and module_exit (git-fixes).
crypto: xts - Add softdep on ecb (git-fixes).
dax: fix cache flush on PMD-mapped pages (bsc#1200830).
devlink: Add 'enable_iwarp' generic device param (bsc#1200502).
dim: initialize all struct fields (git-fixes).
display/amd: decrease message verbosity about watermarks table failure (git-fixes).
dma: at_xdmac: fix a missing check on list iterator (git-fixes).
dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (git-fixes).
dma-buf: heaps: Fix potential spectre v1 gadget (git-fixes).
dma-debug: fix return value of __setup handlers (git-fixes).
dma-direct: avoid redundant memory sync for swiotlb (git-fixes).
dmaengine: dw-edma: Fix unaligned 64bit access (git-fixes).
dmaengine: hisi_dma: fix MSI allocate fail when reload hisi_dma (git-fixes).
dmaengine: idxd: add missing callback function to support DMA_INTERRUPT (git-fixes).
dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).
dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).
dmaengine: idxd: check GENCAP config support for gencfg register (git-fixes).
dmaengine: idxd: fix device cleanup on disable (git-fixes).
dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (git-fixes).
dmaengine: idxd: restore traffic class defaults after wq reset (git-fixes).
dmaengine: idxd: set DMA_INTERRUPT cap bit (git-fixes).
dmaengine: idxd: skip clearing device context when device is read-only (git-fixes).
dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).
dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources (git-fixes).
dmaengine: ptdma: fix concurrency issue with multiple dma transfer (jsc#SLE-21315).
dmaengine: ptdma: Fix the error handling path in pt_core_init() (git-fixes).
dmaengine: ptdma: handle the cases based on DMA is complete (jsc#SLE-21315).
dmaengine: Revert 'dmaengine: shdma: Fix runtime PM imbalance on error' (git-fixes).
dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).
dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size (git-fixes).
dmaengine: sh: rcar-dmac: Check for error num after setting mask (git-fixes).
dmaengine: stm32-dmamux: Fix PM disable depth imbalance in stm32_dmamux_probe (git-fixes).
dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (git-fixes).
dmaengine: stm32-mdma: remove GISR1 register (git-fixes).
dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (git-fixes).
dma-mapping: remove bogus test for pfn_valid from dma_map_resource (git-fixes).
dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).
dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).
dm: fix use-after-free in dm_cleanup_zoned_dev() (git-fixes).
dm integrity: fix error code in dm_integrity_ctr() (git-fixes).
dm integrity: set journal entry unused when shrinking device (git-fixes).
dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).
dm mpath: only use ktime_get_ns() in historical selector (git-fixes).
dm verity: set DM_TARGET_IMMUTABLE feature flag (git-fixes).
doc/ip-sysctl: add bc_forwarding (git-fixes).
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (git-fixes).
Documentation: add link to stable release candidate tree (git-fixes).
Documentation: dd: Use ReST lists for return values of driver_deferred_probe_check_state() (git-fixes).
Documentation: Fix duplicate statement about raw_spinlock_t type (git-fixes).
Documentation: update stable tree link (git-fixes).
do not call utsname() after ->nsproxy is NULL (bsc#1201196).
drbd: fix an invalid memory access caused by incorrect use of list iterator (git-fixes).
drbd: fix duplicate array initializer (git-fixes).
drbd: Fix five use after free bugs in get_initial_state (git-fixes).
drbd: remove assign_p_sizes_qlim (git-fixes).
drbd: use bdev_alignment_offset instead of queue_alignment_offset (git-fixes).
drbd: use bdev based limit helpers in drbd_send_sizes (git-fixes).
driver base: fix an unlikely reference counting issue in __add_memory_block() (git-fixes).
driver base: fix compaction sysfs file leak (git-fixes).
driver: base: fix UAF when driver_attach failed (git-fixes).
driver core: dd: fix return value of __setup handler (git-fixes).
driver core: fix deadlock in __device_attach (git-fixes).
driver core: Fix wait_for_device_probe() and deferred_probe_timeout interaction (git-fixes).
driver core: Free DMA range map when device is released (git-fixes).
driver: hv: Compare cpumasks and not their weights in init_vp_index() (git-fixes).
driver: hv: log when enabling crash_kexec_post_notifiers (git-fixes).
driver: hv: Rename 'alloced' to 'allocated' (git-fixes).
driver: hv: utils: Make use of the helper macro LIST_HEAD() (git-fixes).
driver: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (git-fixes).
driver: hv: vmbus: Fix potential crash on module unload (git-fixes).
driver: hv: vmbus: Use struct_size() helper in kmalloc() (git-fixes).
driver: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (git-fixes).
driver: net: xgene: Fix regression in CRC stripping (git-fixes).
drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c (git-fixes).
drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit (git-fixes).
drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle() (git-fixes).
drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (git-fixes).
drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (git-fixes).
drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() (git-fixes).
drivers: tty: serial: Fix deadlock in sa1100_set_termios() (git-fixes).
drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
drm: add a locked version of drm_is_current_master (git-fixes).
drm: Add orientation quirk for GPD Win Max (git-fixes).
drm/amd: Add USBC connector ID (git-fixes).
drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (git-fixes).
drm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled (git-fixes).
drm/amd: Check if ASPM is enabled from PCIe subsystem (git-fixes).
drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).
drm/amd/display: Add pstate verification and recovery for DCN31 (git-fixes).
drm/amd/display: Add signal type check when verify stream backends same (git-fixes).
drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT (git-fixes).
drm/amd/display: Cap OLED brightness per max frame-average luminance (git-fixes).
drm/amd/display: Cap pflip irqs per max otg number (git-fixes).
drm/amd/display: Check if modulo is 0 before dividing (git-fixes).
drm/amd/display: DCN3.1: do not mark as kernel-doc (git-fixes).
drm/amd/display: Disabling Z10 on DCN31 (git-fixes).
drm/amd/display: do not ignore alpha property on pre-multiplied mode (git-fixes).
drm/amd/display: Do not reinitialize DMCUB on s0ix resume (git-fixes).
drm/amd/display: Enable power gating before init_pipes (git-fixes).
drm/amd/display: FEC check in timing validation (git-fixes).
drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).
drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (git-fixes).
drm/amd/display: fix audio format not updated after edid updated (git-fixes).
drm/amd/display: Fix memory leak (git-fixes).
drm/amd/display: Fix memory leak in dcn21_clock_source_create (bsc#1190786)
drm/amd/display: Fix OLED brightness control on eDP (git-fixes).
drm/amd/display: Fix p-state allow debug index on dcn31 (git-fixes).
drm/amd/display: fix yellow carp wm clamping (git-fixes).
drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15' Apple Retina panels (git-fixes).
drm/amd/display: For vblank_disable_immediate, check PSR is really used (git-fixes).
drm/amd/display: Protect update_bw_bounding_box FPU code (git-fixes).
drm/amd/display: Read Golden Settings Table from VBIOS (git-fixes).
drm/amd/display: Remove vupdate_int_entry definition (git-fixes).
drm/amd/display: Revert FEC check in validation (git-fixes).
drm/amd/display: Update VTEM Infopacket definition (git-fixes).
drm/amd/display: Update watermark values for DCN301 (git-fixes).
drm/amd/display: Use adjusted DCN301 watermarks (git-fixes).
drm/amd/display: Use PSR version selected during set_psr_caps (git-fixes).
drm/amd/display: watermark latencies is not enough on DCN31 (git-fixes).
drm/amdgpu: add beige goby PCI ID (git-fixes).
drm/amdgpu: bypass tiling flag check in virtual display case (v2) (git-fixes).
drm/amdgpu: check vm ready by amdgpu_vm->evicting flag (git-fixes).
drm/amdgpu: conduct a proper cleanup of PDB bo (git-fixes).
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (git-fixes).
drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).
drm/amdgpu/display: add support for multiple backlights (git-fixes).
drm/amdgpu: do not do resets on APUs which do not support it (git-fixes).
drm/amdgpu: do not enable asic reset for raven2 (git-fixes).
drm/amdgpu: do not set s3 and s0ix at the same time (git-fixes).
drm/amdgpu: do not use BACO for reset in S3 (git-fixes).
drm/amdgpu: do not use passthrough mode in Xen dom0 (git-fixes).
drm/amdgpu: Drop inline from amdgpu_ras_eeprom_max_record_count (git-fixes).
drm/amdgpu: Enable gfxoff quirk on MacBook Pro (git-fixes).
drm/amdgpu: Ensure HDA function is suspended before ASIC reset (git-fixes).
drm/amdgpu: explicitly check for s0ix when evicting resources (git-fixes).
drm/amdgpu: fix amdgpu_ras_block_late_init error handler (bsc#1190497)
drm/amdgpu: fix logic inversion in check (git-fixes).
drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).
drm/amdgpu: Fix recursive locking warning (git-fixes).
drm/amdgpu: fix suspend/resume hang regression (git-fixes).
drm/amdgpu/sdma: Fix incorrect calculations of the wptr of the doorbells (git-fixes).
drm/amdgpu: skipping SDMA hw_init and hw_fini for S0ix (git-fixes).
drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).
drm/amdgpu: suppress the warning about enum value 'AMD_IP_BLOCK_TYPE_NUM' (git-fixes).
drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (git-fixes).
drm/amdgpu: unify BO evicting method in amdgpu_ttm (git-fixes).
drm/amdgpu: update VCN codec support for Yellow Carp (git-fixes).
drm/amdgpu/vcn: Fix the register setting for vcn1 (git-fixes).
drm/amdgpu/vcn: improve vcn dpg stop procedure (git-fixes).
drm/amdgpu: vi: disable ASPM on Intel Alder Lake based systems (bsc#1190786)
drm/amdkfd: add pinned BOs to kfd_bo_list (git-fixes).
drm/amdkfd: Check for potential null return of kmalloc_array() (git-fixes).
drm/amdkfd: Create file descriptor after client is added to smi_clients list (git-fixes).
drm/amdkfd: Do not take process mutex for svm ioctls (git-fixes).
drm/amdkfd: Fix GWS queue count (bsc#1190786)
drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).
drm/amdkfd: make CRAT table missing message informational only (git-fixes).
drm/amdkfd: remove unused function (git-fixes).
drm/amdkfd: Separate pinned BOs destruction from general routine (bsc#1195287).
drm/amdkfd: Use mmget_not_zero in MMU notifier (git-fixes).
drm/amd/pm: correct the MGpuFanBoost support for Beige Goby (git-fixes).
drm/amd/pm: correct the sequence of sending gpu reset msg (git-fixes).
drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby (git-fixes).
drm/amd/pm: enable pm sysfs write for one VF mode (git-fixes).
drm/amd/pm: fix hwmon node of power1_label create issue (git-fixes).
drm/amd/pm: Fix missing thermal throttler status (git-fixes).
drm/amd/pm: fix some OEM SKU specific stability issues (git-fixes).
drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).
drm/amd/pm: update smartshift powerboost calc for smu12 (git-fixes).
drm/amd/pm: update smartshift powerboost calc for smu13 (git-fixes).
drm/amd/pm: use bitmap_{from,to}_arr32 where appropriate (git-fixes).
drm/ast: Create threshold values for AST2600 (bsc#1190786)
drm/atomic: Do not pollute crtc_state->mode_blob with error pointers (git-fixes).
drm/atomic: Force bridge self-refresh-exit on CRTC switch (git-fixes).
drm: avoid circular locks in drm_mode_getconnector (git-fixes).
drm/blend: fix typo in the comment (git-fixes).
drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe (git-fixes).
drm/bridge: Add missing pm_runtime_put_sync (git-fixes).
drm/bridge: adv7511: clean up CEC adapter when probe fails (git-fixes).
drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (git-fixes).
drm/bridge: analogix_dp: Support PSR-exit to disable transition (git-fixes).
drm/bridge: anx7625: Fix overflow issue on reading EDID (git-fixes).
drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt (git-fixes).
drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).
drm/bridge: Fix error handling in analogix_dp_probe (git-fixes).
drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev (git-fixes).
drm: bridge: fix unmet dependency on DRM_KMS_HELPER for DRM_PANEL_BRIDGE (git-fixes).
drm: bridge: icn6211: Fix HFP_HSW_HBP_HI and HFP_MIN handling (bsc#1190786)
drm: bridge: icn6211: Fix register layout (git-fixes).
drm: bridge: it66121: Fix the register page length (git-fixes).
drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).
drm/bridge: sn65dsi83: Fix an error handling path in (bsc#1190786)
drm/bridge: ti-sn65dsi83: Handle dsi_lanes == 0 as invalid (git-fixes).
drm/bridge: ti-sn65dsi86: Properly undo autosuspend (git-fixes).
drm/cma-helper: Set VM_DONTEXPAND for mmap (git-fixes).
drm/connector: Fix typo in output format (bsc#1190786)
drm/doc: overview before functions for drm_writeback.c (git-fixes).
drm/dp: Fix OOB read when handling Post Cursor2 register (bsc#1190786)
drm/edid: Always set RGB444 (git-fixes).
drm/edid: check basic audio support on CEA extension block (git-fixes).
drm/edid: Do not clear formats if using deep color (git-fixes).
drm/edid: fix CEA extension byte #3 parsing (bsc#1190786)
drm/edid: fix invalid EDID extension block filtering (git-fixes).
drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (git-fixes).
drm/fb-helper: Mark screen buffers in system memory with FBINFO_VIRTFB (git-fixes).
drm/fourcc: fix integer type usage in uapi header (git-fixes).
drm/i915/adlp: Fix TypeC PHY-ready status readout (git-fixes).
drm/i915: Allow !join_mbus cases for adlp+ dbuf configuration (bsc#1193640).
drm/i915: Check EDID for HDR static metadata when choosing blc (bsc#1190497)
drm/i915: Correctly populate use_sagv_wm for all pipes (git-fixes).
drm/i915/dg2: Print PHY name properly on calibration error (git-fixes).
drm/i915: Disable DRRS on IVB/HSW port != A (git-fixes).
drm/i915/display: Fix HPD short pulse handling for eDP (git-fixes).
drm/i915/display: Move DRRS code its own file (git-fixes).
drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_config_valid() fails (git-fixes).
drm/i915/display: split out dpt out of intel_display.c (git-fixes).
drm/i915/dmc: Add MMIO range restrictions (git-fixes).
drm/i915/dsi: fix VBT send packet port selection for ICL+ (git-fixes).
drm/i915: Fix bw atomic check when switching between SAGV vs. no SAGV (git-fixes).
drm/i915: Fix CFI violation with show_dynamic_id() (git-fixes).
drm/i915: Fix dbuf slice config lookup (git-fixes bsc#1193640).
drm/i915: Fix mbus join config lookup (git-fixes bsc#1193640).
drm/i915: Fix PSF GV point mask when SAGV is not possible (git-fixes).
drm/i915: Fix race in __i915_vma_remove_closed (bsc#1190497)
drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (bsc#1190497)
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (git-fixes).
drm/i915/gem: add missing boundary check in vm_access (git-fixes).
drm/i915/gem: add missing else (git-fixes).
drm/i915/guc/slpc: Correct the param count for unset param (git-fixes).
drm/i915/gvt: clean up kernel-doc in gtt.c (git-fixes).
drm/i915/gvt: Make DRM_I915_GVT depend on X86 (git-fixes).
drm/i915: Implement w/a 22010492432 for adl-s (git-fixes).
drm/i915: Keep gem ctx->vm alive until the final put (bsc#1190497)
drm/i915/opregion: check port number bounds for SWSCI display power state (git-fixes).
drm/i915/overlay: Prevent divide by zero bugs in scaling (git-fixes).
drm/i915: Populate pipe dbuf slices more accurately during readout (bsc#1193640).
drm/i915/reset: Fix error_state_read ptr + offset use (git-fixes).
drm/i915: s/JSP2/ICP2/ PCH (git-fixes).
drm/i915: Treat SAGV block time 0 as SAGV disabled (git-fixes).
drm/i915/ttm: ensure we unmap when purging (git-fixes).
drm/i915/ttm: tweak priority hint selection (git-fixes).
drm/i915: Widen the QGV point mask (git-fixes).
drm/i915: Workaround broken BIOS DBUF configuration on TGL/RKL (bsc#1193640).
drm/imx: dw_hdmi-imx: Fix bailout in error cases of probe (git-fixes).
drm: imx: fix compiler warning with gcc-12 (git-fixes).
drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).
drm/imx: imx-ldb: Check for null pointer after calling kmemdup (git-fixes).
drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).
drm/kmb: Fix for build errors with Warray-bounds (git-fixes).
drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (git-fixes).
drm/komeda: return early if drm_universal_plane_init() fails (git-fixes).
drm: mali-dp: potential dereference of null pointer (git-fixes).
drm/mediatek: Add vblank register/unregister callback functions (bsc#1190768)
drm/mediatek: dpi: Use mt8183 output formats for mt8192 (git-fixes).
drm/mediatek: Fix mtk_cec_mask() (git-fixes).
drm/mediatek: mtk_dsi: Reset the dsi0 hardware (git-fixes).
drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
drm/meson: Make use of the helper function devm_platform_ioremap_resourcexxx() (git-fixes).
drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).
drm/meson: split out encoder from meson_dw_hdmi (git-fixes).
drm/msm/a6xx: Fix missing ARRAY_SIZE() check (git-fixes).
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (git-fixes).
drm/msm: add missing include to msm_drv.c (git-fixes).
drm/msm: Add missing put_task_struct() in debugfs path (git-fixes).
drm/msm/disp: check the return value of kzalloc() (git-fixes).
drm/msm/disp/dpu1: set mdp clk to the maximum frequency in opp table (bsc#1190768)
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (git-fixes).
drm/msm/dp: add fail safe mode outside of event_mutex context (git-fixes).
drm/msm/dp: always add fail-safe mode into connector mode list (git-fixes).
drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (git-fixes).
drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (git-fixes).
drm/msm/dp: do not initialize phy until plugin interrupt received (bsc#1190497)
drm/msm/dp: do not stop transmitting phy test pattern during DP phy compliance test (git-fixes).
drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (git-fixes).
drm/msm/dp: fix error check return value of irq_of_parse_and_map() (git-fixes).
drm/msm/dp: fix event thread stuck in wait_event after kthread_stop() (git-fixes).
drm/msm/dp: force link training for display resolution change (git-fixes).
drm/msm/dp: Modify prototype of encoder based API (git-fixes).
drm/msm/dp: populate connector of struct dp_panel (git-fixes).
drm/msm/dp: remove fail safe mode related code (git-fixes).
drm/msm/dp: reset DP controller before transmit phy test pattern (git-fixes).
drm/msm/dp: stop event kernel thread when DP unbind (bsc#1190768)
drm/msm/dp: stop link training after link training 2 failed (git-fixes).
drm/msm/dp: tear down main link at unplug handle immediately (bsc#1190768)
drm/msm/dpu: add DSPP blocks teardown (git-fixes).
drm/msm/dpu: adjust display_v_end for eDP and DP (git-fixes).
drm/msm/dpu: fix dp audio condition (git-fixes).
drm/msm/dpu: fix error check return value of irq_of_parse_and_map() (bsc#1190768)
drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path (git-fixes).
drm/msm/dsi: fix address for second DSI PHY on SDM660 (git-fixes).
drm/msm/dsi: fix error checks and return values for DSI xmit functions (git-fixes).
drm/msm/dsi: Remove spurious IRQF_ONESHOT flag (git-fixes).
drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init() (git-fixes).
drm/msm/dsi: Use 'ref' fw clock instead of global name for VCO parent (git-fixes).
drm/msm: Fix double pm_runtime_disable() call (git-fixes).
drm: msm: fix error check return value of irq_of_parse_and_map() (git-fixes).
drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (git-fixes).
drm/msm: Fix range size vs end confusion (git-fixes).
drm/msm/hdmi: check return value after calling platform_get_resource_byname() (git-fixes).
drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (git-fixes).
drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (git-fixes).
drm/msm/mdp5: check the return of kzalloc() (git-fixes).
drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (git-fixes).
drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (git-fixes).
drm/msm: properly add and remove internal bridges (bsc#1190768)
drm/msm: remove unused plane_property field from msm_drm_private (bsc#1190768)
drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (git-fixes).
drm/msm: Switch ordering of runpm put vs devfreq_idle (git-fixes).
drm/msm: use for_each_sgtable_sg to iterate over scatterlist (git-fixes).
drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).
drm/nouveau/backlight: Just set all backlight types as RAW (git-fixes).
drm/nouveau/clk: Fix an incorrect NULL check on list iterator (git-fixes).
drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (git-fixes).
drm/nouveau: fix off by one in BIOS boundary checking (git-fixes).
drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (git-fixes).
drm/nouveau/pmu: Add missing callbacks for Tegra devices (git-fixes).
drm/nouveau/pmu/gm200-: use alternate falcon reset sequence (git-fixes).
drm/nouveau/subdev/bus: Ratelimit logging for fault errors (git-fixes).
drm/nouveau/tegra: Stop using iommu_present() (git-fixes).
drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer (git-fixes).
drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H (git-fixes).
drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised (git-fixes).
drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare (git-fixes).
drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01 (git-fixes).
drm/panel: simple: Assign data from panel_dpi_probe() correctly (git-fixes).
drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
drm/panfrost: Check for error num after setting mask (git-fixes).
drm/plane: Move range check for format_count earlier (git-fixes).
drm/radeon: fix a possible null pointer dereference (git-fixes).
drm/radeon: Fix backlight control on iMac 12,1 (git-fixes).
drm/rockchip: dw_hdmi: Do not leave clock enabled in error case (git-fixes).
drm/rockchip: vop: Correct RK3399 VOP register fields (git-fixes).
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (git-fixes).
drm/selftests/test-drm_dp_mst_helper: Fix memory leak in sideband_msg_req_encode_decode (git-fixes).
drm/simpledrm: Add 'panel orientation' property on non-upright mounted LCD panels (git-fixes).
drm: sti: do not use kernel-doc markers (git-fixes).
drm/sun4i: Fix crash during suspend after component bind failure (git-fixes).
drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
drm/sun4i: Remove obsolete references to PHYS_OFFSET (bsc#1190786)
drm/syncobj: flatten dma_fence_chains on transfer (git-fixes).
drm/tegra: Add back arm_iommu_detach_device() (git-fixes).
drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).
drm: use the lookup lock in drm_is_current_master (git-fixes).
drm/v3d/v3d_drv: Check for error num after setting mask (git-fixes).
drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
drm/vc4: Fix deadlock on DSI device attach error (git-fixes).
drm/vc4: hdmi: Add debugfs prefix (bsc#1199163).
drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd (git-fixes).
drm/vc4: hdmi: Fix build error for implicit function declaration (git-fixes).
drm/vc4: hdmi: Fix HPD GPIO detection (git-fixes).
drm/vc4: hdmi: Make sure the device is powered with CEC (git-fixes).
drm/vc4: hdmi: Split the CEC disable / enable functions in two (git-fixes).
drm/vc4: hvs: Fix frame count register readout (git-fixes).
drm/vc4: hvs: Reset muxes at probe time (git-fixes).
drm/vc4: txp: Do not set TXP_VSTART_AT_EOF (git-fixes).
drm/vc4: txp: Force alpha to be 0xff if it's disabled (git-fixes).
drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).
drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free() (git-fixes).
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (git-fixes).
drm/vmwgfx: Disable command buffers on svga3 without gbobjects (git-fixes).
drm/vmwgfx: Fix fencing on SVGAv3 (git-fixes).
drm/vmwgfx: Initialize drm_mode_fb_cmd2 (git-fixes).
drm/vmwgfx: Remove unused compile options (bsc#1190786)
drm/vmwgfx: validate the screen formats (git-fixes).
drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).
dt-bindings: arm: bcm: fix BCM53012 and BCM53016 SoC strings (git-fixes).
dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config (git-fixes).
dt-bindings: display: sitronix, st7735r: Fix backlight in example (git-fixes).
dt-bindings: gpio: altera: correct interrupt-cells (git-fixes).
dt-bindings: memory: mtk-smi: No need mediatek,larb-id for mt8167 (git-fixes).
dt-bindings: mtd: nand-controller: Fix a comment in the examples (git-fixes).
dt-bindings: mtd: nand-controller: Fix the reg property description (git-fixes).
dt-bindings: net: xgmac_mdio: Remove unsupported 'bus-frequency' (git-fixes).
dt-bindings: PCI: xilinx-cpm: Fix reg property order (git-fixes).
dt-bindings: phy: uniphier-usb3hs: Fix incorrect clock-names and reset-names (git-fixes).
dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group (git-fixes).
dt-bindings: pinctrl: pinctrl-microchip-sgpio: Fix example (git-fixes).
dt-bindings: spi: mxic: The interrupt property is not mandatory (git-fixes).
dt-bindings: usb: ehci: Increase the number of PHYs (git-fixes).
dt-bindings: usb: hcd: correct usb-device path (git-fixes).
dt-bindings: usb: ohci: Increase the number of PHYs (git-fixes).
dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7 (git-fixes).
e1000e: Correct NVM checksum verification flow (bsc#1191663).
e1000e: Fix possible HW unit hang after an s0ix exit (jsc#SLE-18382).
e1000e: Fix possible overflow in LTR decoding (git-fixes).
e1000e: Handshake with CSME starts from ADL platforms (git-fixes).
e1000e: Separate ADP board type from TGP (git-fixes).
EDAC/altera: Fix deferred probing (bsc#1190497).
EDAC/amd64: Add new register offset support and related changes (jsc#SLE-19026).
EDAC/amd64: Set memory type per DIMM (jsc#SLE-19026).
EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1190497).
EDAC/synopsys: Read the error count from the correct register (bsc#1190497).
EDAC/xgene: Fix deferred probing (bsc#1190497).
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX (git-fixes).
efi: Add missing prototype for efi_capsule_setup_info (git-fixes).
efi: Do not import certificates from UEFI Secure Boot for T2 Macs (git-fixes).
efi: fix return value of __setup handlers (git-fixes).
efivars: Respect 'block' flag in efivar_entry_set_safe() (git-fixes).
epic100: fix use after free on rmmod (git-fixes).
ethernet/sfc: remove redundant rc variable (bsc#1196306).
exec: Force single empty string when argv is empty (bsc#1200571).
ext2: correct max file size computing (bsc#1197820).
ext4: avoid trim error on fs with small groups (bsc#1191271).
ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal (bsc#1197917).
ext4: fix an use-after-free issue about data=journal writeback mode (bsc#1195482).
ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1200810).
ext4: fix bug_on in __es_tree_search (bsc#1200809).
ext4: fix ext4_fc_stats trace point (git-fixes).
ext4: fix race condition between ext4_write and ext4_convert_inline_data (bsc#1200807).
ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (bsc#1200806).
ext4: make variable 'count' signed (bsc#1200820).
ext4: reject the 'commit' option on ext2 filesystems (bsc#1200808).
extcon: Modify extcon device to be created after driver data is set (git-fixes).
extcon: ptn5150: Add queue work sync before driver release (git-fixes).
faddr2line: Fix overlapping text section failures, the sequel (git-fixes).
fbcon: Avoid 'cap' set but not used warning (bsc#1190786)
fbcon: Consistently protect deferred_takeover with console_lock() (git-fixes).
firewire: core: extend card->lock in fw_core_handle_bus_reset (git-fixes).
firewire: fix potential uaf in outbound_phy_packet_callback() (git-fixes).
firewire: remove check of list iterator against head past the loop body (git-fixes).
firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe (git-fixes).
firmware: arm_ffa: Remove incorrect assignment of driver_data (git-fixes).
firmware: arm_scmi: Fix list protocols enumeration in the base protocol (git-fixes).
firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).
firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).
firmware: arm_scmi: Validate BASE_DISCOVER_LIST_PROTOCOLS response (git-fixes).
firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (git-fixes).
firmware: google: Properly state IOMEM dependency (git-fixes).
firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).
firmware: stratix10-svc: add missing callback parameter on RSU (git-fixes).
firmware: stratix10-svc: fix a missing check on list iterator (git-fixes).
firmware: sysfb: fix platform-device leak in error path (git-fixes).
firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is not defined (git-fixes).
firmware: use kernel credentials when reading firmware (git-fixes).
fs: fd tables have to be multiples of BITS_PER_LONG (bsc#1200827).
fs: fix fd table size alignment properly (bsc#1200882).
fs: handle circular mappings correctly (bsc#1197918).
fsl_lpuart: Do not enable interrupts too early (git-fixes).
fsnotify: Do not insert unmergeable events in hashtable (bsc#1197922).
fsnotify: fix fsnotify hooks in pseudo filesystems (bsc#1195944 bsc#1195478).
fsnotify: fix wrong lockdep annotations (bsc#1200815).
ftrace: Clean up hash direct_functions on register failures (git-fixes).
fuse: fix fileattr op failure (bsc#1197292).
gen_init_cpio: fix short read file handling (bsc#1193289).
genirq/affinity: Consider that CPUs on nodes can be (git-fixes)
genirq: Synchronize interrupt thread startup (git-fixes)
gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
gma500: fix an incorrect NULL check on list iterator (git-fixes).
gpio: adp5588: Remove support for platform setup and teardown callbacks (git-fixes).
gpio: aggregator: Fix calling into sleeping GPIO controllers (git-fixes).
gpio: dwapb: Do not print error on -EPROBE_DEFER (git-fixes).
gpio: gpio-vf610: do not touch other bits when set the target bit (git-fixes).
gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).
gpiolib: acpi: use correct format characters (git-fixes).
gpiolib: Never return internal error codes to user space (git-fixes).
gpiolib: of: fix bounds check for 'gpio-reserved-ranges' (git-fixes).
gpio: mvebu: drop pwm base assignment (git-fixes).
gpio: mvebu/pwm: Refuse requests with inverted polarity (git-fixes).
gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) (git-fixes).
gpio: pca953x: use the correct register address to do regcache sync (git-fixes).
gpio: Return EPROBE_DEFER if gc->to_irq is NULL (git-fixes).
gpio: Revert regression in sysfs-gpio (gpiolib.c) (git-fixes).
gpio: sifive: use the correct register to read output values (git-fixes).
gpio: tegra186: Fix chip_data type confusion (git-fixes).
gpio: ts4900: Do not set DAT and OE together (git-fixes).
gpio: visconti: Fix fwnode of GPIO IRQ (git-fixes).
gpio: winbond: Fix error code in winbond_gpio_get() (git-fixes).
gpu: host1x: Fix a memory leak in 'host1x_remove()' (git-fixes).
gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).
gup: Turn fault_in_pages_{readable,writeable} into fault_in_{readable,writeable} (git-fixes).
gve: Fix GFP flags when allocing pages (git-fixes).
gve: fix the wrong AdminQ buffer queue index check (git-fixes).
habanalabs: Add check for pci_enable_device (git-fixes).
habanalabs: fix possible memory leak in MMU DR fini (git-fixes).
hamradio: fix macro redefine warning (git-fixes).
hex2bin: fix access beyond string end (git-fixes).
HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).
HID: add mapping for KEY_DICTATE (git-fixes).
HID: Add support for open wheel and no attachment to T300 (git-fixes).
HID:Add support for UGTABLET WP5540 (git-fixes).
HID: amd_sfh: Add illuminance mask to limit ALS max value (git-fixes).
HID: amd_sfh: Correct the structure field name (git-fixes).
HID: amd_sfh: Modify the bus name (git-fixes).
HID: amd_sfh: Modify the hid name (git-fixes).
HID: bigben: fix slab-out-of-bounds Write in bigben_probe (git-fixes).
hide appended member supports_dynamic_smps_6ghz (git-fixes).
HID: elan: Fix potential double free in elan_input_configured (git-fixes).
HID: hid-led: fix maximum brightness for Dream Cheeky (git-fixes).
HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts (git-fixes).
HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).
HID: intel-ish-hid: Use dma_alloc_coherent for firmware update (git-fixes).
HID: logitech-dj: add new lightspeed receiver id (git-fixes).
HID: multitouch: add quirks to enable Lenovo X12 trackpoint (git-fixes).
HID: multitouch: Add support for Google Whiskers Touchpad (git-fixes).
HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).
HID: vivaldi: fix sysfs attributes leak (git-fixes).
hinic: fix bug of wq out of bound access (git-fixes).
hv_balloon: rate-limit 'Unhandled message' warning (git-fixes).
hv_netvsc: Add check for kvmalloc_array (git-fixes).
hv_utils: Add comment about max VMbus packet size in VSS driver (git-fixes).
hwmon: (dell-smm) Speed up setting of fan speed (git-fixes).
hwmon: (f71882fg) Fix negative temperature (git-fixes).
hwmon: Handle failure to register sensor with thermal zone correctly (git-fixes).
hwmon: (ibmaem) do not call platform_device_del() if platform_device_add() fails (git-fixes).
hwmon: (ltq-cputemp) restrict it to SOC_XWAY (git-fixes).
hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
hwmon: (pmbus) Add Vin unit off handling (git-fixes).
hwmon: (pmbus) Check PEC support before reading other registers (git-fixes).
hwmon: (pmbus) Clear pmbus fault/warning bits after read (git-fixes).
hwmon: (pmbus) disable PEC if not enabled (git-fixes).
hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).
hwmon: (tmp401) Add OF device ID table (git-fixes).
hwrng: atmel - disable trng on failure path (git-fixes).
hwrng: cavium - Check health status while reading random data (git-fixes).
hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER (git-fixes).
hwrng: nomadik - Change clk_disable to clk_disable_unprepare (git-fixes).
hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (git-fixes).
i2c: at91: Initialize dma_buf in at91_twi_xfer() (git-fixes).
i2c: at91: use dma safe buffers (git-fixes).
i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).
i2c: bcm2835: Fix the error handling in 'bcm2835_i2c_probe()' (git-fixes).
i2c: bcm2835: Use platform_get_irq() to get the interrupt (git-fixes).
i2c: brcmstb: fix support for DSL and CM variants (git-fixes).
i2c: cadence: Increase timeout per message if necessary (git-fixes).
i2c: designware: Use standard optional ref clock implementation (git-fixes).
i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).
i2c: ismt: prevent memory corruption in ismt_access() (git-fixes).
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (git-fixes).
i2c: meson: Fix wrong speed use from probe (git-fixes).
i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe() (git-fixes).
i2c: mux: demux-pinctrl: do not deactivate a master that is not active (git-fixes).
i2c: npcm7xx: Add check for platform_driver_register (git-fixes).
i2c: npcm: Correct register access width (git-fixes).
i2c: npcm: Fix timeout calculation (git-fixes).
i2c: npcm: Handle spurious interrupts (git-fixes).
i2c: piix4: Add EFCH MMIO support for SMBus port select (git-fixes).
i2c: piix4: Add EFCH MMIO support to region request and release (git-fixes).
i2c: piix4: Add EFCH MMIO support to SMBus base address detect (git-fixes).
i2c: piix4: Enable EFCH MMIO for Family 17h+ (git-fixes).
i2c: piix4: Move port I/O region request/release code into functions (git-fixes).
i2c: piix4: Move SMBus controller base address detect into function (git-fixes).
i2c: piix4: Move SMBus port selection into function (git-fixes).
i2c: piix4: Replace hardcoded memory map size with a #define (git-fixes).
i2c: qcom-cci: do not delete an unregistered adapter (git-fixes).
i2c: qcom-cci: do not put a device tree node before i2c_add_adapter() (git-fixes).
i2c: rcar: fix PM ref counts in probe error paths (git-fixes).
i2c: xiic: Make bus names unique (git-fixes).
i40e: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).
i40e: Fix for failed to init adminq while VF reset (git-fixes).
i40e: Fix issue when maximum queues is exceeded (git-fixes).
i40e: Fix queues reservation for XDP (git-fixes).
i40e: Fix reset bw limit when DCB enabled with 1 TC (git-fixes).
i40e: Fix reset path while removing the driver (git-fixes).
i40e: fix unsigned stat widths (git-fixes).
i40e: i40e_main: fix a missing check on list iterator (git-fixes).
i40e: Increase delay to 1 s after global EMP reset (git-fixes).
i40e: remove dead stores on XSK hotpath (jsc#SLE-18378).
i40e: respect metadata on XSK Rx to skb (git-fixes).
i40e: stop disabling VFs due to PF error responses (jsc#SLE-18378).
iavf: Add waiting so the port is initialized in remove (jsc#SLE-18385).
iavf: Fix deadlock in iavf_reset_task (jsc#SLE-18385).
iavf: Fix double free in iavf_reset_task (jsc#SLE-18385).
iavf: Fix handling of vlan strip virtual channel messages (jsc#SLE-18385).
iavf: Fix hang during reboot/shutdown (jsc#SLE-18385).
iavf: Fix __IAVF_RESETTING state usage (jsc#SLE-18385).
iavf: Fix init state closure on remove (jsc#SLE-18385).
iavf: Fix locking for VIRTCHNL_OP_GET_OFFLOAD_VLAN_V2_CAPS (jsc#SLE-18385).
iavf: Fix missing check for running netdev (git-fixes).
iavf: Fix race in init state (jsc#SLE-18385).
iavf: Rework mutexes for better synchronisation (jsc#SLE-18385 stable-5.14.6).
IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes).
IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes).
IB/cm: Release previously acquired reference counter in the cm_id_priv (git-fixes).
IB/hfi1: Allow larger MTU without AIP (git-fixes).
IB/hfi1: Fix AIP early init panic (git-fixes).
IB/hfi1: Fix alloc failure with larger txqueuelen (git-fixes).
IB/hfi1: Fix panic with larger ipoib send_queue_size (jsc#SLE-19242).
IB/hfi1: Fix tstats alloc and dealloc (git-fixes).
IB/mlx5: Expose NDR speed through MAD (bsc#1196930).
ibmvnic: do not release napi in __ibmvnic_open() (bsc#1195668 ltc#195811).
ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
ibmvnic: Properly dispose of all skbs during a failover (bsc#1200925).
ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).
IB/qib: Fix duplicate sysfs directory name (git-fixes).
IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (git-fixes).
IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).
ice: allow creating VFs for !CONFIG_NET_SWITCHDEV (jsc#SLE-18375).
ice: check the return of ice_ptp_gettimex64 (git-fixes).
ice: clear cmd_type_offset_bsz for TX rings (jsc#SLE-18375).
ice: Clear default forwarding VSI during VSI release (git-fixes).
ice: clear stale Tx queue settings before configuring (git-fixes).
ice: do not allow to run ice_send_event_to_aux() in atomic ctx (git-fixes).
ice: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).
ice: Do not use GFP_KERNEL in atomic context (git-fixes).
ice: enable parsing IPSEC SPI headers for RSS (git-fixes).
ice: fix an error code in ice_cfg_phy_fec() (git-fixes).
ice: fix concurrent reset and removal of VFs (git-fixes).
ice: fix crash in switchdev mode (jsc#SLE-18375).
ice: Fix curr_link_speed advertised speed (git-fixes).
ice: Fix incorrect locking in ice_vc_process_vf_msg() (jsc#SLE-18375).
ice: fix IPIP and SIT TSO offload (git-fixes).
ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() (jsc#SLE-18375).
ice: fix PTP stale Tx timestamps cleanup (git-fixes).
ice: fix setting l4 port flag when adding filter (jsc#SLE-18375).
ice: fix use-after-free when deinitializing mailbox snapshot (git-fixes).
ice: initialize local variable 'tlv' (git-fixes).
ice: kabi protect ice_pf (bsc#1200502).
ice: Protect vf_state check by cfg_lock in ice_vc_process_vf_msg() (jsc#SLE-18375).
ice: respect metadata on XSK Rx to skb (git-fixes).
ice: synchronize_rcu() when terminating rings (git-fixes).
ice: xsk: Fix indexing in ice_tx_xsk_pool() (jsc#SLE-18375).
ice: xsk: fix VSI state check in ice_xsk_wakeup() (git-fixes).
igb: refactor XDP registration (git-fixes).
igc: avoid kernel warning when changing RX ring parameters (git-fixes).
igc: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).
igc: Fix BUG: scheduling while atomic (git-fixes).
igc: Fix infinite loop in release_swfw_sync (git-fixes).
igc: Fix suspending when PTM is active (jsc#SLE-18377).
igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).
igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).
iio:accel:bma180: rearrange iio trigger get and register (git-fixes).
iio: accel: fxls8962af: add padding to regmap for SPI (git-fixes).
iio:accel:kxcjk-1013: rearrange iio trigger get and register (git-fixes).
iio: accel: mma8452: ignore the return value of reset operation (git-fixes).
iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).
iio:accel:mxc4005: rearrange iio trigger get and register (git-fixes).
iio: adc: ad7124: fix mask used for setting AIN_BUFP and AIN_BUFM bits (git-fixes).
iio: adc: ad7124: Remove shift from scan_type (git-fixes).
iio: adc: Add check for devm_request_threaded_irq (git-fixes).
iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (git-fixes).
iio: adc: axp288: Override TS pin bias current for some models (git-fixes).
iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).
iio: adc: sc27xx: Fine tune the scale calibration values (git-fixes).
iio: adc: sc27xx: fix read big scale voltage not right (git-fixes).
iio: adc: stm32: Fix ADCs iteration in irq handler (git-fixes).
iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (git-fixes).
iio: adc: stm32: fix maximum clock rate for stm32mp15x (git-fixes).
iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (git-fixes).
iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (git-fixes).
iio: adc: tsc2046: fix memory corruption by preventing array overflow (git-fixes).
iio: adc: vf610: fix conversion mode sysfs node name (git-fixes).
iio: afe: rescale: Fix boolean logic bug (git-fixes).
iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL (git-fixes).
iio:chemical:ccs811: rearrange iio trigger get and register (git-fixes).
iio: dac: ad5446: Fix read_raw not returning set value (git-fixes).
iio: dac: ad5592r: Fix the missing return value (git-fixes).
iio: dummy: iio_simple_dummy: check the return value of kstrdup() (git-fixes).
iio: Fix error handling for PM (git-fixes).
iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (git-fixes).
iio:humidity:hts221: rearrange iio trigger get and register (git-fixes).
iio:imu:adis16480: fix buffering for devices with no burst mode (git-fixes).
iio:imu:bmi160: disable regulator in error path (git-fixes).
iio: imu: inv_icm42600: Fix I2C init possible nack (git-fixes).
iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot (git-fixes).
iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
iio: inkern: apply consumer scale when no channel scale is available (git-fixes).
iio: inkern: make a best effort on offset calculation (git-fixes).
iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (git-fixes).
iio: magnetometer: yas530: Fix memchr_inv() misuse (git-fixes).
iio: mma8452: Fix probe failing when an i2c_device_id is used (git-fixes).
iio: mma8452: fix probe fail when device tree compatible is used (git-fixes).
iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (git-fixes).
iio: st_sensors: Add a local lock for protecting odr (git-fixes).
iio: trigger: sysfs: fix use-after-free on remove (git-fixes).
ima: Allow template selection with ima_template[_fmt]= after ima_hash= (git-fixes).
ima: Do not print policy rule with inactive LSM labels (git-fixes).
ima: fix reference leak in asymmetric_verify() (git-fixes).
ima: Remove ima_policy file before directory (git-fixes).
init: call time_init() before rand_initialize() (git-fixes).
init: Initialize noop_backing_dev_info early (bsc#1200822).
init/main.c: return 1 from handled __setup() functions (git-fixes).
initramfs: Check timestamp to prevent broken cpio archive (bsc#1193289).
inotify: show inotify mask flags in proc fdinfo (bsc#1200600).
Input: add bounds checking to input_set_capability() (git-fixes).
Input: aiptek - properly check endpoint type (git-fixes).
Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (git-fixes).
Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).
Input: elan_i2c: Add deny list for Lenovo Yoga Slim 7 (bsc#1193064).
Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).
Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).
Input: gpio-keys - cancel delayed work only in case of GPIO (git-fixes).
Input: ili210x - fix reset timing (git-fixes).
Input: omap4-keypad - fix pm_runtime_get_sync() error checking (git-fixes).
Input: samsung-keypad - properly state IOMEM dependency (git-fixes).
Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq (git-fixes).
Input: sparcspkr - fix refcount leak in bbc_beep_probe (git-fixes).
Input: stmfts - do not leave device disabled in stmfts_input_open (git-fixes).
Input: stmfts - fix reference leak in stmfts_input_open (git-fixes).
Input: synaptics - enable InterTouch on ThinkPad T14/P14s Gen 1 AMD (git-fixes).
Input: synaptics: retry query upon error (bsc#1194086).
Input: wm97xx: Simplify resource management (git-fixes).
Input: zinitix - do not report shadow fingers (git-fixes).
integrity: check the return value of audit_log_start() (git-fixes).
iocost: do not reset the inuse weight of under-weighted debtors (git-fixes).
iocost: Fix divide-by-zero on donation from low hweight cgroup (bsc#1198014).
iomap: iomap_write_failed fix (bsc#1200829).
iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (git-fixes).
iommu/amd: Increase timeout waiting for GA log enablement (bsc#1199052).
iommu/amd: Remove useless irq affinity notifier (git-fixes).
iommu/amd: Restore GA log/tail pointer on host resume (git-fixes).
iommu/amd: X2apic mode: mask/unmask interrupts on suspend/resume (git-fixes).
iommu/amd: X2apic mode: re-enable after resume (git-fixes).
iommu/amd: X2apic mode: setup the INTX registers on mask/unmask (git-fixes).
iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (bsc#1198826).
iommu/arm-smmu-qcom: Fix TTBR0 read (git-fixes).
iommu: Extend mutex lock scope in iommu_probe_device() (git-fixes).
iommu/ioasid: Introduce a helper to check for valid PASIDs (jsc#SLE-24350).
iommu/io-pgtable-arm: Fix table descriptor paddr formatting (git-fixes).
iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure (git-fixes).
iommu/iova: Fix race between FQ timeout and teardown (git-fixes).
iommu/sva: Assign a PASID to mm on PASID allocation and free it on mm exit (jsc#SLE-24350).
iommu/sva: Rename CONFIG_IOMMU_SVA_LIB to CONFIG_IOMMU_SVA (jsc#SLE-24350).
iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (git-fixes).
ionic: add FW_STOPPING state (git-fixes).
ionic: Allow flexibility for error reporting on dev commands (git-fixes).
ionic: better handling of RESET event (git-fixes).
ionic: catch transition back to RUNNING with fw_generation 0 (git-fixes).
ionic: Cleanups in the Tx hotpath code (git-fixes).
ionic: Correctly print AQ errors if completions are not received (git-fixes).
ionic: disable napi when ionic_lif_init() fails (git-fixes).
ionic: Do not send reset commands if FW isn't running (git-fixes).
ionic: fix missing pci_release_regions() on error in ionic_probe() (git-fixes).
ionic: fix type complaint in ionic_dev_cmd_clean() (git-fixes).
ionic: fix up printing of timeout error (git-fixes).
ionic: Prevent filter add/del err msgs when the device is not available (git-fixes).
ionic: Query FW when getting VF info via ndo_get_vf_config (git-fixes).
ionic: remove the dbid_inuse bitmap (git-fixes).
ionic: replace set_vf data with union (git-fixes).
ionic: start watchdog after all is setup (git-fixes).
ionic: stretch heartbeat detection (git-fixes).
io_uring: add more locking annotations for submit (bsc#1199011).
io_uring: avoid touching inode in rw prep (bsc#1199011).
io_uring: be smarter about waking multiple CQ ring waiters (bsc#1199011).
io_uring: cache __io_free_req()'d requests (bsc#1199011).
io_uring: clean io-wq callbacks (bsc#1199011).
io_uring: clean up tctx_task_work() (bsc#1199011).
io_uring: deduplicate open iopoll check (bsc#1199011).
io_uring: do not halt iopoll too early (bsc#1199011).
io_uring: drop exec checks from io_req_task_submit (bsc#1199011).
io_uring: extract a helper for ctx quiesce (bsc#1199011).
io_uring: Fix undefined-behaviour in io_issue_sqe (bsc#1199011).
io_uring: improve ctx hang handling (bsc#1199011).
io_uring: inline fixed part of io_file_get() (bsc#1199011).
io_uring: inline io_free_req_deferred (bsc#1199011).
io_uring: inline io_poll_remove_waitqs (bsc#1199011).
io_uring: inline struct io_comp_state (bsc#1199011).
io_uring: kill unused IO_IOPOLL_BATCH (bsc#1199011).
io_uring: move io_fallback_req_func() (bsc#1199011).
io_uring: move io_put_task() definition (bsc#1199011).
io_uring: move io_rsrc_node_alloc() definition (bsc#1199011).
io_uring: optimise io_cqring_wait() hot path (bsc#1199011).
io_uring: optimise putting task struct (bsc#1199011).
io_uring: refactor io_alloc_req (bsc#1199011).
io_uring: remove extra argument for overflow flush (bsc#1199011).
io_uring: remove file batch-get optimisation (bsc#1199011).
io_uring: remove IRQ aspect of io_ring_ctx completion lock (bsc#1199011).
io_uring: remove redundant args from cache_free (bsc#1199011).
io_uring: remove unnecessary PF_EXITING check (bsc#1199011).
io_uring: rename io_file_supports_async() (bsc#1199011).
io_uring: run linked timeouts from task_work (bsc#1199011).
io_uring: run regular file completions from task_work (bsc#1199011).
io_uring: run timeouts from task_work (bsc#1199011).
io_uring: use inflight_entry instead of compl.list (bsc#1199011).
io_uring: use kvmalloc for fixed files (bsc#1199011).
io-wq: get rid of FIXED worker flag (bsc#1199011).
io-wq: make worker creation resilient against signals (bsc#1199011).
io-wq: move nr_running and worker_refs out of wqe->lock protection (bsc#1199011).
io-wq: only exit on fatal signals (bsc#1199011).
io-wq: provide a way to limit max number of workers (bsc#1199011).
io-wq: split bounded and unbounded work into separate lists (bsc#1199011).
io-wq: wqe and worker locks no longer need to be IRQ safe (bsc#1199011).
ipc/sem: do not sleep with a spin lock held (bsc#1198412).
ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
ipmi: bail out if init_srcu_struct fails (git-fixes).
ipmi: Fix pr_fmt to avoid compilation issues (git-fixes).
ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).
ipmi:ssif: Check for NULL msg when handling events and messages (git-fixes).
ipvs: add sysctl_run_estimation to support disable estimation (bsc#1195504).
ipw2x00: Fix potential NULL dereference in libipw_xmit() (git-fixes).
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (git-fixes).
irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (git-fixes).
irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value (git-fixes).
irqchip/exiu: Fix acknowledgment of edge triggered interrupts (git-fixes).
irqchip/gic, gic-v3: Prevent GSI to SGI translations (git-fixes).
irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (git-fixes).
irqchip/gic-v3: Ensure pseudo-NMIs have an ISB between ack and handling (git-fixes).
irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (git-fixes).
irqchip/gic-v3: Fix GICR_CTLR.RWP polling (git-fixes).
irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (git-fixes).
irqchip/gic-v4: Wait for GICR_VPENDBASER.Dirty to clear before descheduling (git-fixes).
irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).
irqchip/nvic: Release nvic_base upon failure (git-fixes).
irqchip/qcom-pdc: Fix broken locking (git-fixes).
irqchip/realtek-rtl: Fix refcount leak in map_interrupts (git-fixes).
irqchip/realtek-rtl: Service all pending interrupts (git-fixes).
isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() (git-fixes).
ivtv: fix incorrect device_caps for ivtvfb (git-fixes).
iwlwifi: do not advertise TWT support (git-fixes).
iwlwifi: Fix -EIO error code that is never returned (git-fixes).
iwlwifi: fix use-after-free (git-fixes).
iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (git-fixes).
iwlwifi: mvm: align locking in D3 test debugfs (git-fixes).
iwlwifi: mvm: check debugfs_dir ptr before use (git-fixes).
iwlwifi: mvm: Correctly set fragmented EBS (git-fixes).
iwlwifi: mvm: Do not call iwl_mvm_sta_from_mac80211() with NULL sta (git-fixes).
iwlwifi: mvm: do not crash on invalid rate w/o STA (git-fixes).
iwlwifi: mvm: do not iterate unadded vifs when handling FW SMPS req (git-fixes).
iwlwifi: mvm: do not send SAR GEO command for 3160 devices (git-fixes).
iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).
iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).
iwlwifi: mvm: move only to an enabled channel (git-fixes).
iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
iwlwifi: yoyo: remove DBGI_SRAM address reset writing (git-fixes).
ixgbe: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).
ixgbe: ensure IPsec VF - PF compatibility (git-fixes).
ixgbe: respect metadata on XSK Rx to skb (git-fixes).
ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).
jbd2: Fake symbols defined under CONFIG_JBD2_DEBUG (bsc#1198971).
jfs: fix divide error in dbNextAG (bsc#1200828).
kABI: fix change of iscsi_host_remove() arguments (bsc#1198410).
kABI: Fix kABI after 'x86/mm/cpa: Generalize __set_memory_enc_pgtable()' (jsc#SLE-19924).
kABI fix of sysctl_run_estimation (git-fixes).
kABI: fix removal of iscsi_destroy_conn (bsc#1198410).
kABI: fix rndis_parameters locking (git-fixes).
kABI: ivtv: restore caps member (git-fixes).
kabi/severities: add exception for bcache symboles
kabi/severities: allow dropping a few invalid exported symbols (bsc#1201218)
kabi/severities: Ignore arch/x86/kvm except for kvm_x86_ops Handle this like in previous SLE kernels.
kABI workaround for fxls8962af iio accel drivers (git-fixes).
kABI workaround for pci quirks (git-fixes).
kconfig: fix failing to generate auto.conf (git-fixes).
kconfig: let 'shell' return enough output for deep path names (git-fixes).
kernel/fork: Initialize mm's PASID (jsc#SLE-24350).
kernel/resource: Introduce request_mem_region_muxed() (git-fixes).
kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (git-fixes).
KEYS: asymmetric: enforce that sig algo matches key algo (git-fixes).
KEYS: asymmetric: properly validate hash_algo and encoding (git-fixes).
KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).
KEYS: trusted: Avoid calling null function trusted_key_exit (git-fixes).
KEYS: trusted: Fix trusted key backends when building as module (git-fixes).
KEYS: trusted: tpm2: Fix migratable logic (git-fixes).
kprobes: Add kretprobe_find_ret_addr() for searching return address (bsc#1193277).
kprobes: Enable stacktrace from pt_regs in kretprobe handler (bsc#1193277).
kprobes: treewide: Cleanup the error messages for kprobes (bsc#1193277).
kprobes: treewide: Make it harder to refer kretprobe_trampoline directly (bsc#1193277).
kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler() (bsc#1193277).
kprobes: treewide: Replace arch_deref_entry_point() with dereference_symbol_descriptor() (bsc#1193277).
kprobes: treewide: Use 'kprobe_opcode_t *' for the code address in get_optimized_kprobe() (bsc#1193277).
kselftest/arm64: bti: force static linking (git-fixes).
kunit: tool: Import missing importlib.abc (git-fixes).
KVM: arm64: Avoid consuming a stale esr value when SError occur (git-fixes).
KVM: arm64: Drop unused workaround_flags vcpu field (git-fixes).
KVM: arm64: pkvm: Use the mm_ops indirection for cache maintenance (git-fixes).
KVM: arm64: Use shadow SPSR_EL1 when injecting exceptions on !VHE (git-fixes).
KVM: Clean up benign vcpu->cpu data races when kicking vCPUs (git-fixes).
KVM: Ensure local memslot copies operate on up-to-date arch-specific data (git-fixes).
KVM: fix wrong exception emulation in check_rdtsc (git-fixes).
KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (git-fixes).
KVM: nVMX: Abide to KVM_REQ_TLB_FLUSH_GUEST request on nested vmentry/vmexit (git-fixes).
KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault (git-fixes).
KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em (git-fixes).
KVM: nVMX: Emulate guest TLB flush on nested VM-Enter with new vpid12 (git-fixes).
KVM: nVMX: Ensure vCPU honors event request if posting nested IRQ fails (git-fixes).
KVM: nVMX: Flush current VPID (L1 vs. L2) for KVM_REQ_TLB_FLUSH_GUEST (git-fixes).
KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (git-fixes).
KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).
KVM: s390: Ensure kvm_arch_no_poll() is read once when blocking vCPU (git-fixes).
KVM: s390: pv: add macros for UVC CC values (git-fixes).
KVM: s390: pv: avoid stalls when making pages secure (git-fixes).
KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).
KVM: selftests: Do not skip L2's VMCALL in SMM test for SVM guest (bsc#1194523).
KVM: selftests: Re-enable access_tracking_perf_test (bsc#1194526).
KVM: SEV: accept signals in sev_lock_two_vms (bsc#1194526).
KVM: SEV: do not take kvm->lock when destroying (bsc#1194526).
KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary (bsc#1194526).
KVM: SEV: Mark nested locking of kvm->lock (bsc#1194526).
KVM: SEV: Return appropriate error codes if SEV-ES scratch setup fails (bsc#1194526).
KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (bsc#1193823).
KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure (bsc#1194526).
KVM: SVM: drop unnecessary code in svm_hv_vmcb_dirty_nested_enlightenments() (git-fixes).
KVM: SVM: Emulate #INIT in response to triple fault shutdown (git-fixes).
KVM: SVM: Fix kvm_cache_regs.h inclusions for is_guest_mode() (git-fixes).
KVM: SVM: hyper-v: Enable Enlightened MSR-Bitmap support for real (git-fixes).
KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests (git-fixes).
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak (git-fixes).
KVM: VMX: Do not unblock vCPU w/ Posted IRQ if IRQs are disabled in guest (git-fixes).
KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0() (git-fixes).
KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted guest (git-fixes).
KVM: VMX: Read Posted Interrupt 'control' exactly once per loop iteration (git-fixes).
KVM: VMX: Refresh list of user return MSRs after setting guest CPUID (git-fixes).
KVM: VMX: Remove defunct 'nr_active_uret_msrs' field (git-fixes).
KVM: VMX: Set failure code in prepare_vmcs02() (git-fixes).
KVM: VMX: Skip pointless MSR bitmap update when setting EFER (git-fixes).
KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU (git-fixes).
KVM: x86: Assume a 64-bit hypercall for guests with protected state (git-fixes).
kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (git-fixes).
KVM: x86: Do not force set BSP bit when local APIC is managed by userspace (git-fixes).
KVM: x86: Do not mark all registers as avail/dirty during RESET/INIT (git-fixes).
KVM: x86: do not print when fail to read/write pv eoi memory (git-fixes).
KVM: x86: Drop guest CPUID check for host initiated writes to MSR_IA32_PERF_CAPABILITIES (git-fixes).
KVM: x86: Drop WARNs that assert a triple fault never 'escapes' from L2 (git-fixes).
KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() (git-fixes).
KVM: X86: Ensure that dirty PDPTRs are loaded (git-fixes).
KVM: x86: Exit to userspace if emulation prepared a completion callback (git-fixes).
KVM: x86: Fix emulation in writing cr8 (git-fixes).
KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (git-fixes).
KVM: x86: Fix uninitialized eoi_exit_bitmap usage in vcpu_load_eoi_exitmap() (git-fixes).
KVM: x86: Handle 32-bit wrap of EIP for EMULTYPE_SKIP with flat code seg (git-fixes).
KVM: x86: hyper-v: Fix the maximum number of sparse banks for XMM fast TLB flush hypercalls (git-fixes).
KVM: x86: Ignore sparse banks size for an 'all CPUs', non-sparse IPI req (git-fixes).
KVM: x86: Mark all registers as avail/dirty at vCPU creation (git-fixes).
KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any BSP (git-fixes).
KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP MMU (git-fixes).
KVM: x86/mmu: Complete prefetch for trailing SPTEs for direct, legacy MMU (git-fixes).
KVM: x86/mmu: Fix TLB flush range when handling disconnected pt (git-fixes).
KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU (git-fixes).
KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (git-fixes).
KVM: x86/mmu: Pass parameter flush as false in kvm_tdp_mmu_zap_collapsible_sptes() (git-fixes).
KVM: x86/mmu: Remove spurious TLB flushes in TDP MMU zap collapsible path (git-fixes).
KVM: x86/mmu: Skip tlb flush if it has been done in zap_gfn_range() (git-fixes).
KVM: x86/mmu: Update number of zapped pages even if page list is stable (git-fixes).
KVM: x86/mmu: Use yield-safe TDP MMU root iter in MMU notifier unmapping (git-fixes).
KVM: x86: nSVM: restore the L1 host state prior to resuming nested guest on SMM exit (git-fixes).
KVM: x86: nSVM: skip eax alignment check for non-SVM instructions (git-fixes).
KVM: x86: nSVM: test eax for 4K alignment for GP errata workaround (git-fixes).
KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race (git-fixes).
KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register (git-fixes).
KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW (git-fixes).
KVM: x86: Register Processor Trace interrupt hook iff PT enabled in guest (git-fixes).
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs (git-fixes).
KVM: x86: SVM: do not set VMLOAD/VMSAVE intercepts on vCPU reset (git-fixes).
KVM: x86: SVM: fix avic spec based definitions again (bsc#1193823 jsc#SLE-24549).
KVM: x86: SVM: move avic definitions from AMD's spec to svm.h (bsc#1193823 jsc#SLE-24549).
KVM: X86: Synchronize the shadow pagetable before link it (git-fixes).
KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS (git-fixes).
KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB flush hypercall (git-fixes).
lib: bitmap: fix many kernel-doc warnings (git-fixes).
libbpf: Free up resources used by inner map definition (git-fixes).
lib/iov_iter: initialize 'flags' in new pipe_buffer (git-fixes).
libsubcmd: Fix use-after-free for realloc(..., 0) (git-fixes).
linux/dim: Fix divide by 0 in RDMA DIM (git-fixes).
list: fix a data-race around ep->rdllist (git-fixes).
list: introduce list_is_head() helper and re-use it in list.h (git-fixes).
list: test: Add a test for list_is_head() (git-fixes).
livepatch: Do not block removal of patches that are safe to unload (bsc#1071995).
locking: Make owner_on_cpu() into linux/sched.h (bsc#1190137 bsc#1189998).
locking: Remove rt_rwlock_is_contended() (bsc#1190137 bsc#1189998).
locking/rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable() (bsc#1190137 bsc#1189998).
locking/rtmutex: Squash self-deadlock check for ww_rt_mutex (bsc#1190137 bsc#1189998).
locking/rwlocks: introduce write_lock_nested (bsc#1189998).
LSM: general protection fault in legacy_parse_param (git-fixes).
lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).
mac80211: fix EAPoL rekey fail in 802.3 rx path (git-fixes).
mac80211: fix forwarded mesh frames AC and queue selection (git-fixes).
mac80211: fix potential double free on mesh join (git-fixes).
mac80211: fix rx reordering with non explicit / psmp ack policy (git-fixes).
mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (git-fixes).
mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).
mac80211_hwsim: report NOACK frames in tx_status (git-fixes).
mac80211: minstrel_ht: fix where rate stats are stored (fixes debugfs output) (git-fixes).
mac80211: mlme: check for null after calling kmemdup (git-fixes).
mac80211: refuse aggregations sessions before authorized (git-fixes).
mac80211: Remove a couple of obsolete TODO (git-fixes).
mac80211: Reset MBSSID parameters upon connection (git-fixes).
mac80211: treat some SAE auth steps as final (git-fixes).
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (git-fixes).
macvlan: Fix leaking skb in source mode with nodst option (git-fixes).
mailbox: change mailbox-mpfs compatible string (git-fixes).
mailbox: imx: fix crash in resume on i.mx8ulp (git-fixes).
mailbox: imx: fix wakeup failure from freeze mode (git-fixes).
mailbox: tegra-hsp: Flush whole channel (git-fixes).
maple: fix wrong return value of maple_bus_init() (git-fixes).
md: Do not set mddev private to NULL in raid0 pers->free (git-fixes).
md: fix an incorrect NULL check in does_sb_need_changing (git-fixes).
md: fix an incorrect NULL check in md_reload_sb (git-fixes).
md: fix double free of io_acct_set bioset (git-fixes).
md: fix update super 1.0 on rdev size change (git-fixes).
md: Move alloc/free acct bioset in to personality (git-fixes).
md/raid5: play nice with PREEMPT_RT (bsc#1189998).
media: aspeed: Correct value for h-total-pixels (git-fixes).
media: atmel: atmel-isc-base: report frame sizes as full supported range (git-fixes).
media: atmel: atmel-isc: Fix PM disable depth imbalance in atmel_isc_probe (git-fixes).
media: atmel: atmel-sama5d2-isc: fix wrong mask in YUYV format check (git-fixes).
media: atmel: atmel-sama7g5-isc: fix ispck leftover (git-fixes).
media: atomisp: fix bad usage at error handling logic (git-fixes).
media: atomisp: fix dummy_ptr check to avoid duplicate active_bo (git-fixes).
media: atomisp_gmin_platform: Add DMI quirk to not turn AXP ELDO2 regulator off on some boards (git-fixes).
media: bttv: fix WARNING regression on tunerless devices (git-fixes).
media: camss: csid-170: do not enable unused irqs (git-fixes).
media: camss: csid-170: fix non-10bit formats (git-fixes).
media: camss: csid-170: remove stray comment (git-fixes).
media: camss: csid-170: set the right HALT_CMD when disabled (git-fixes).
media: camss: vfe-170: fix 'VFE halt timeout' error (git-fixes).
media: ccs-core.c: fix failure to call clk_disable_unprepare (git-fixes).
media: cec-adap.c: fix is_configuring state (git-fixes).
media: cedrus: h264: Fix neighbour info buffer size (git-fixes).
media: cedrus: H265: Fix neighbour info buffer size (git-fixes).
media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).
media: cx25821: Fix the warning when removing the module (git-fixes).
media: cx88-mpeg: clear interrupt status register before streaming video (git-fixes).
media: davinci: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).
media: davinci: vpif: fix unbalanced runtime PM enable (git-fixes).
media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
media: davinci: vpif: fix use-after-free on driver unbind (git-fixes).
media: doc: pixfmt-rgb: Fix V4L2_PIX_FMT_BGR24 format description (git-fixes).
media: doc: pixfmt-yuv: Fix V4L2-PIX-FMT-Y10P format (git-fixes).
media: em28xx: initialize refcount before kref_get (git-fixes).
media: gpio-ir-tx: fix transmit with long spaces on Orange Pi PC (git-fixes).
media: hantro: Empty encoder capture buffers by default (git-fixes).
media: hantro: Fix overfill bottom register field name (git-fixes).
media: hantro: HEVC: Fix tile info buffer value computation (git-fixes).
media: hantro: HEVC: unconditionnaly set pps_{cb/cr}_qp_offset values (git-fixes).
media: hdpvr: initialize dev->worker at hdpvr_register_videodev (git-fixes).
media: i2c: max9286: fix kernel oops when removing module (git-fixes).
media: i2c: max9286: Use dev_err_probe() helper (git-fixes).
media: i2c: max9286: Use 'maxim,gpio-poc' property (git-fixes).
media: i2c: ov5648: Fix lockdep error (git-fixes).
media: i2c: ov5648: fix wrong pointer passed to IS_ERR() and PTR_ERR() (git-fixes).
media: i2c: rdacm2x: properly set subdev entity function (git-fixes).
media: imon: reorganize serialization (git-fixes).
media: imx-jpeg: fix a bug of accessing array out of bounds (git-fixes).
media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers (git-fixes).
media: iommu/mediatek: Add device_link between the consumer and the larb devices (git-fixes).
media: iommu/mediatek: Return ENODEV if the device is NULL (git-fixes).
media: iommu/mediatek-v1: Free the existed fwspec if the master dev already has (git-fixes).
media: ir_toy: free before error exiting (git-fixes).
media: media-entity.h: Fix documentation for media_create_intf_link (git-fixes).
media: mexon-ge2d: fixup frames size in registers (git-fixes).
media: mtk-vcodec: potential dereference of null pointer (git-fixes).
media: omap3isp: Use struct_group() for memcpy() region (git-fixes).
media: ov5640: Fix set format, v4l2_mbus_pixelcode not updated (git-fixes).
media: ov5648: Do not pack controls struct (git-fixes).
media: ov6650: Add try support to selection API operations (git-fixes).
media: ov6650: Fix crop rectangle affected by set format (git-fixes).
media: ov6650: Fix set format try processing path (git-fixes).
media: ov7670: remove ov7670_power_off from ov7670_remove (git-fixes).
media: pci: cx23885: Fix the error handling in cx23885_initdev() (git-fixes).
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (git-fixes).
media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).
media: rga: fix possible memory leak in rga_probe (git-fixes).
media: rkvdec: h264: Fix bit depth wrap in pps packet (git-fixes).
media: rkvdec: h264: Fix dpb_valid implementation (git-fixes).
media: rkvdec: Stop overclocking the decoder (git-fixes).
media: rockchip/rga: do proper error checking in probe (git-fixes).
media: saa7134: fix incorrect use to determine if list is empty (git-fixes).
media: staging: media: imx: imx7-mipi-csis: Make subdev name unique (git-fixes).
media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).
media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com (git-fixes).
media: staging: media: zoran: fix usage of vb2_dma_contig_set_max_seg_size (git-fixes).
media: staging: media: zoran: fix various V4L2 compliance errors (git-fixes).
media: staging: media: zoran: move videodev alloc (git-fixes).
media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).
media: ti-vpe: cal: Fix a NULL pointer dereference in cal_ctx_v4l2_init_formats() (git-fixes).
media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
media: uvcvideo: Fix missing check to determine if element is found in list (git-fixes).
media: v4l2-core: Initialize h264 scaling matrix (git-fixes).
media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls (git-fixes).
media: v4l: Avoid unaligned access warnings when printing 4cc modifiers (git-fixes).
media: venus: hfi: avoid null dereference in deinit (git-fixes).
media: venus: hfi_cmds: List HDR10 property as unsupported for v1 and v3 (git-fixes).
media: videobuf2: Fix the size printk format (git-fixes).
media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
media: vidtv: Check for null return of vzalloc (git-fixes).
mei: avoid iterator usage outside of list_for_each_entry (git-fixes).
mei: hbm: drop capability response on early shutdown (git-fixes).
mei: me: add Alder Lake N device id (git-fixes).
mei: me: add raptor lake point S DID (git-fixes).
mei: me: disable driver on the ign firmware (git-fixes).
memblock: fix memblock_phys_alloc() section mismatch error (git-fixes).
memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe (git-fixes).
memory: emif: Add check for setup_interrupts (git-fixes).
memory: emif: check the pointer temp in get_device_details() (git-fixes).
memory: fsl_ifc: populate child nodes of buses and mfd devices (git-fixes).
memory: mtk-smi: Add error handle for smi_probe (git-fixes).
memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode (git-fixes).
memory: renesas-rpc-if: fix platform-device leak in error path (git-fixes).
memory: samsung: exynos5422-dmc: Avoid some over memory allocation (git-fixes).
memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (git-fixes).
mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).
mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (git-fixes).
mfd: exynos-lpass: Drop unneeded syscon.h include (git-fixes).
mfd: ipaq-micro: Fix error check return value of platform_get_irq() (git-fixes).
mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).
mgag200 fix memmapsl configuration in GCTL6 register (git-fixes).
misc: alcor_pci: Fix an error handling path (git-fixes).
misc: atmel-ssc: Fix IRQ check in ssc_probe (git-fixes).
misc: fastrpc: avoid double fput() on failed usercopy (git-fixes).
misc: fastrpc: fix an incorrect NULL check on list iterator (git-fixes).
misc: ocxl: fix possible double free in ocxl_file_register_afu (git-fixes).
misc: rtsx: set NULL intfdata when probe fails (git-fixes).
misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
mISDN: Fix memory leak in dsp_pipeline_build() (git-fixes).
mlx5: kabi protect lag_mp (git-fixes).
mlxsw: spectrum: Protect driver from buggy firmware (git-fixes).
mm: Add fault_in_subpage_writeable() to probe at sub-page granularity (git-fixes)
mmc: block: Check for errors after write on SPI (git-fixes).
mmc: block: Fix CQE recovery reset success (git-fixes).
mmc: block: fix read single on recovery logic (git-fixes).
mmc: core: Allows to override the timeout value for ioctl() path (git-fixes).
mmc: core: Fixup support for writeback-cache for eMMC and SD (git-fixes).
mmc: core: Set HS clock speed before sending HS CMD13 (git-fixes).
mmc: core: Wait for command setting 'Power Off Notification' bit to complete (git-fixes).
mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
mm: Change CONFIG option for mm->pasid field (jsc#SLE-24350).
mmc: host: Return an error when ->enable_sdio_irq() ops is missing (git-fixes).
mmc: jz4740: Apply DMA engine limits to maximum segment size (git-fixes).
mm/cma: provide option to opt out from exposing pages on activation failure (bsc#1195099 ltc#196102).
mmc: mediatek: wait dma stop bit reset to 0 (git-fixes).
mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).
mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is complete (git-fixes).
mmc: rtsx: add 74 Clocks in power on flow (git-fixes).
mmc: rtsx: Fix build errors/warnings for unused variable (git-fixes).
mmc: rtsx: Let MMC core handle runtime PM (git-fixes).
mmc: rtsx: Use pm_runtime_{get,put}() to handle runtime PM (git-fixes).
mmc: sdhci_am654: Fix the driver data of AM64 SoC (git-fixes).
mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC (git-fixes).
mmc: sdhci-of-esdhc: Check for error num after setting mask (git-fixes).
mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (git-fixes).
mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits (git-fixes).
mm: fs: fix lru_cache_disabled race in bh_lru (bsc#1197761).
mm: Fully initialize invalidate_lock, amend lock class later (bsc#1197921).
mm: memcg: synchronize objcg lists with a dedicated spinlock (bsc#1198402).
mm/page_alloc: always attempt to allocate at least one page during bulk allocation (git fixes (mm/pgalloc)).
mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).
mm, page_alloc: fix build_zonerefs_node() (git-fixes).
mm/scatterlist: replace the !preemptible warning in sg_miter_stop() (bsc#1189998).
mm/slub: add missing TID updates on slab deactivation (git-fixes).
mm, thp: fix incorrect unmap behavior for private pages (bsc#1198024).
mm, thp: lock filemap when truncating page cache (bsc#1198023).
mm/vmalloc: fix comments about vmap_area struct (git-fixes).
mm_zone: add function to check if managed dma zone exists (bsc#1197501).
modpost: fix removing numeric suffixes (git-fixes).
modpost: fix section mismatch check for exported init/exit sections (git-fixes).
modpost: fix undefined behavior of is_arm_mapping_symbol() (git-fixes).
modpost: restore the warning message for missing symbol versions (git-fixes).
mptcp: add missing documented NL params (git-fixes).
mt76: connac: fix sta_rec_wtbl tag len (git-fixes).
mt76: dma: initialize skip_unmap in mt76_dma_rx_fill (git-fixes).
mt76: do not attempt to reorder received 802.3 packets without agg session (git-fixes).
mt76: fix encap offload ethernet type check (git-fixes).
mt76: fix monitor mode crash with sdio driver (git-fixes).
mt76: Fix undefined behavior due to shift overflowing the constant (git-fixes).
mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update (git-fixes).
mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update (git-fixes).
mt76: mt7615: fix a leftover race in runtime-pm (git-fixes).
mt76: mt7615: Fix assigning negative values to unsigned variable (git-fixes).
mt76: mt7915: fix injected MPDU transmission to not use HW A-MSDU (git-fixes).
mt76: mt7915: use proper aid value in mt7915_mcu_sta_basic_tlv (git-fixes).
mt76: mt7915: use proper aid value in mt7915_mcu_wtbl_generic_tlv in sta mode (git-fixes).
mt76: mt7921: accept rx frames with non-standard VHT MCS10-11 (git-fixes).
mt76: mt7921e: fix possible probe failure after reboot (bsc#1198835).
mt76: mt7921: fix a leftover race in runtime-pm (git-fixes).
mt76: mt7921: fix crash when startup fails (git-fixes).
mt76: mt7921: fix mt7921_queues_acq implementation (git-fixes).
mt76: mt7921: Fix the error handling path of mt7921_pci_probe() (git-fixes).
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (git-fixes).
mtd: mchp23k256: Add SPI ID table (git-fixes).
mtd: mchp48l640: Add SPI ID table (git-fixes).
mtd: onenand: Check for error irq (git-fixes).
mtd: parsers: qcom: Fix kernel panic on skipped partition (git-fixes).
mtd: parsers: qcom: Fix missing free for pparts in cleanup (git-fixes).
mtd: phram: Prevent divide by zero bug in phram_setup() (git-fixes).
mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (git-fixes).
mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status (git-fixes).
mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() (git-fixes).
mtd: rawnand: denali: Use managed device resources (git-fixes).
mtd: rawnand: fix ecc parameters for mt7622 (git-fixes).
mtd: rawnand: Fix return value check of wait_for_completion_timeout (git-fixes).
mtd: rawnand: gpmi: do not leak PM reference in error path (git-fixes).
mtd: rawnand: gpmi: fix controller timings setting (git-fixes).
mtd: rawnand: gpmi: Fix setting busy timeout setting (git-fixes).
mtd: rawnand: ingenic: Fix missing put_device in ingenic_ecc_get (git-fixes).
mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() (git-fixes).
mtd: rawnand: pl353: Set the nand chip node as the flash node (git-fixes).
mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() (git-fixes).
mtd: rawnand: qcom: fix memory corruption that causes panic (git-fixes).
mtd: spinand: gigadevice: fix Quad IO for GD5F1GQ5UExxG (git-fixes).
mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check() (git-fixes).
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (git-fixes).
n64cart: convert bi_disk to bi_bdev->bd_disk fix build (git-fixes).
natsemi: sonic: stop calling netdev_boot_setup_check (git-fixes).
net: asix: add proper error handling of usb read errors (git-fixes).
net: atlantic: Avoid out-of-bounds indexing (git-fixes).
net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (git-fixes).
net: axienet: setup mdio unconditionally (git-fixes).
net: bnxt_ptp: fix compilation error (bsc#1199736).
net: dev: Always serialize on Qdisc::busylock in __dev_xmit_skb() on PREEMPT_RT (bsc#1189998).
net: dev: Change the order of the arguments for the contended condition (bsc#1189998).
net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove (git-fixes).
net: dpaa_eth: remove dead select in menuconfig FSL_DPAA_ETH (git-fixes).
net: dsa: be compatible with masters which unregister on shutdown (git-fixes).
net: dsa: hellcreek: be compatible with masters which unregister on shutdown (git-fixes).
net: dsa: microchip: ksz8863: be compatible with masters which unregister on shutdown (git-fixes).
net: dsa: xrs700x: be compatible with masters which unregister on shutdown (git-fixes).
net: ethernet: lantiq_etop: fix build errors/warnings (git-fixes).
net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init() (git-fixes).
net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (git-fixes).
net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (git-fixes).
net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks (git-fixes).
netfilter: conntrack: move synack init code to helper (bsc#1199035).
netfilter: conntrack: re-init state for retransmitted syn-ack (bsc#1199035).
netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options (bsc#1199035).
netfilter: nf_conntrack_tcp: re-init for syn packets only (bsc#1199035).
net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() (git-fixes).
net: hns3: add NULL pointer check for hns3_set/get_ringparam() (git-fixes).
net: hns3: add return value for mailbox handling in PF (bsc#1190336).
net: hns3: add validity check for message data length (git-fixes).
net: hns3: add vlan list lock to protect vlan list (git-fixes).
net: hns3: align the debugfs output to the left (git-fixes).
net: hns3: clear inited state and stop client after failed to register netdev (git-fixes).
net: hns3: fix bug when PF set the duplicate MAC address for VFs (git-fixes).
net: hns3: fix phy can not link up when autoneg off and reset (git-fixes).
net: hns3: fix port base vlan add fail when concurrent with reset (git-fixes).
net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware (git-fixes).
net: hns3: handle empty unknown interrupt for VF (git-fixes).
net: hns3: modify the return code of hclge_get_ring_chain_from_mbx (git-fixes).
net: hns3: refine the process when PF set VF VLAN (git-fixes).
net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).
net/ice: Add support for enable_iwarp and enable_roce devlink param (bsc#1200502).
net/ice: Fix boolean assignment (bsc#1200502).
net/ice: Remove unused enum (bsc#1200502).
net: ipa: disable HOLB drop when updating timer (git-fixes).
net: ipa: HOLB register sometimes must be written twice (git-fixes).
net/ipa: ipa_resource: Fix wrong for loop range (git-fixes).
net: ipv6: unexport __init-annotated seg6_hmac_init() (bsc#1201218).
net: ipv6: unexport __init-annotated seg6_hmac_net_init() (bsc#1201218).
net: macb: Align the dma and coherent dma masks (git-fixes).
net: mana: Add counter for packet dropped by XDP (bsc#1195651).
net: mana: Add counter for XDP_TX (bsc#1195651).
net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).
net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651).
net: mana: Reuse XDP dropped page (bsc#1195651).
net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651).
net: marvell: mvpp2: increase MTU limit when XDP enabled (git-fixes).
net: marvell: prestera: fix double free issue on err path (git-fixes).
net: mdio: do not defer probe forever if PHY IRQ provider is missing (git-fixes).
net: mdio: unexport __init-annotated mdio_bus_init() (bsc#1201218).
net/mlx5: Avoid double clear or set of sync reset requested (git-fixes).
net/mlx5: Bridge, ensure dev_name is null-terminated (git-fixes).
net/mlx5: Bridge, Fix devlink deadlock on net namespace deletion (git-fixes).
net/mlx5: Bridge, take rtnl lock in init error handler (git-fixes).
net/mlx5: DR, Cache STE shadow memory (git-fixes).
net/mlx5: DR, Do not allow match on IP w/o matching on full ethertype/ip_version (git-fixes).
net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte (jsc#SLE-19253).
net/mlx5: DR, Fix the threshold that defines when pool sync is initiated (git-fixes).
net/mlx5e: Add missing increment of count (jsc#SLE-19253).
net/mlx5e: Avoid field-overflowing memcpy() (git-fixes).
net/mlx5e: Avoid implicit modify hdr for decap drop rule (jsc#SLE-19253).
net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release (git-fixes).
net/mlx5e: Do not treat small ceil values as unlimited in HTB offload (git-fixes).
net/mlx5e: Fix broken SKB allocation in HW-GRO (jsc#SLE-19253).
net/mlx5e: Fix handling of wrong devices during bond netevent (git-fixes).
net/mlx5e: Fix module EEPROM query (git-fixes).
net/mlx5e: Fix the calling of update_buffer_lossy() API (git-fixes).
net/mlx5e: Fix trust state reset in reload (git-fixes).
net/mlx5e: Fix wrong calculation of header index in HW_GRO (jsc#SLE-19253).
net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).
net/mlx5e: Fix wrong source vport matching on tunnel rule (jsc#SLE-19253).
net/mlx5e: IPsec: Fix crypto offload for non TCP/UDP encapsulated traffic (git-fixes).
net/mlx5e: IPsec: Fix tunnel mode crypto offload for non TCP/UDP traffic (git-fixes).
net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (git-fixes).
net/mlx5e: Lag, Do not skip fib events on current dst (git-fixes).
net/mlx5e: Lag, Fix fib_info pointer assignment (git-fixes).
net/mlx5e: Lag, Fix use-after-free in fib event handler (git-fixes).
net/mlx5e: Lag, Only handle events from highest priority multipath entry (git-fixes).
net/mlx5e: MPLSoUDP decap, fix check for unsupported matches (git-fixes).
net/mlx5e: SHAMPO, reduce TIR indication (jsc#SLE-19253).
net/mlx5: E-Switch, Fix uninitialized variable modact (git-fixes).
net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).
net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).
net/mlx5e: Use struct_group() for memcpy() region (git-fixes).
net/mlx5: Fix a race on command flush flow (git-fixes).
net/mlx5: Fix deadlock in sync reset flow (git-fixes).
net/mlx5: Fix matching on inner TTC (jsc#SLE-19253).
net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE (jsc#SLE-19253).
net/mlx5: Fix possible deadlock on rule deletion (git-fixes).
net/mlx5: Fix size field in bufferx_reg struct (git-fixes).
net/mlx5: Fix slab-out-of-bounds while reading resource dump menu (git-fixes).
net/mlx5: Fix tc max supported prio for nic mode (git-fixes).
net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).
net/mlx5: Update the list of the PCI supported devices (git-fixes).
net/mlx5: Use del_timer_sync in fw reset flow of halting poll (git-fixes).
net: mvmdio: fix compilation warning (git-fixes).
net: netvsc: remove break after return (git-fixes).
net: phy: ax88772a: fix lost pause advertisement configuration (git-fixes).
net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
net: phy: correct spelling error of media in documentation (git-fixes).
net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).
net: phy: dp83867: retrigger SGMII AN when link change (git-fixes).
net: phy: Fix race condition on link status change (git-fixes).
net: phy: marvell10g: fix return value on error (git-fixes).
net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).
net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs (git-fixes).
net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs (git-fixes).
net: phy: mediatek: remove PHY mode check on MT7531 (git-fixes).
net: phy: meson-gxl: fix interrupt handling in forced mode (git-fixes).
net: phy: meson-gxl: improve link-up behavior (git-fixes).
net: phy: micrel: Allow probing without .driver_data (git-fixes).
net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (git-fixes).
net: phy: micrel: Pass .probe for KS8737 (git-fixes).
net: phy: mscc: Add MODULE_FIRMWARE macros (git-fixes).
net: phy: mscc-miim: reject clause 45 register accesses (git-fixes).
net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (git-fixes).
net: rose: fix UAF bugs caused by timer handler (git-fixes).
net: sfc: add missing xdp queue reinitialization (git-fixes).
net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (git-fixes).
net: sfc: fix memory leak due to ptp channel (git-fixes).
net: sfc: fix using uninitialized xdp tx_queue (git-fixes).
net/smc: Avoid warning of possible recursive locking (git-fixes).
net/smc: fix connection leak (git-fixes).
net/smc: fixes for converting from 'struct smc_cdc_tx_pend **' to 'struct smc_wr_tx_pend_priv *' (git-fixes).
net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (git-fixes).
net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server (git-fixes).
net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client (git-fixes).
net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (git-fixes).
net/smc: postpone sk_refcnt increment in connect() (git-fixes).
net/smc: remove redundant re-assignment of pointer link (git-fixes).
net/smc: Remove unused function declaration (git-fixes).
net/smc: Reset conn->lgr when link group registration fails (git-fixes).
net/smc: set ini->smcrv2.ib_dev_v2 to NULL if SMC-Rv2 is unavailable (git-fixes).
net/smc: sync err code when tcp connection was refused (git-fixes).
net/smc: Transfer remaining wait queue entries during fallback (git-fixes).
net/smc: Transitional solution for clcsock race issue (git-fixes).
net/smc: Use a mutex for locking 'struct smc_pnettable' (git-fixes).
net/smc: use memcpy instead of snprintf to avoid out of bounds read (git-fixes).
net: stmmac: fix gcc-10 -Wrestrict warning (git-fixes).
net: stmmac: Fix signed/unsigned wreckage (git-fixes).
net: stmmac: socfpga: add runtime suspend/resume callback for stratix10 platform (git-fixes).
net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).
net: usb: asix: do not force pause frames support (git-fixes).
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (git-fixes).
net: usb: ax88179_178a: Fix packet receiving (git-fixes).
net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).
net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).
Netvsc: Call hv_unmap_memory() in the netvsc_device_remove() (bsc#1183682).
net/x25: Fix null-ptr-deref caused by x25_disconnect (git-fixes).
net: xfrm: unexport __init-annotated xfrm4_protocol_init() (bsc#1201218).
nfc: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (git-fixes).
nfc: nci: add flush_workqueue to prevent uaf (git-fixes).
nfc: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (git-fixes).
nfc: netlink: fix sleep in atomic bug when firmware download timeout (git-fixes).
nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (git-fixes).
nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (git-fixes).
nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (git-fixes).
nfc: NULL out the dev->rfkill to prevent UAF (git-fixes).
NFC: nxp-nci: Do not issue a zero length i2c_master_read() (git-fixes).
nfc: pn533: Fix buggy cleanup order (git-fixes).
nfc: port100: fix use-after-free in port100_send_complete (git-fixes).
nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION (git-fixes).
nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).
nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (git-fixes).
nfp: checking parameter process for rx-usecs/tx-usecs is invalid (git-fixes).
nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).
nfp: flower: fix ida_idx not being released (git-fixes).
NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
NFSD: allow delegation state ids to be revoked and then freed (bsc#1192483).
NFSD: allow lock state ids to be revoked and then freed (bsc#1192483).
NFSD: allow open state ids to be revoked and then freed (bsc#1192483).
nfsd: destroy percpu stats counters after reply cache shutdown (git-fixes).
NFSD: do not admin-revoke NSv4.0 state ids (bsc#1192483).
NFSD: Fix a write performance regression (bsc#1197016).
NFSD: fix crash on COPY_NOTIFY with special stateid (git-fixes).
NFSD: Fix nsfd startup race (again) (git-fixes).
nfsd: Fix null-ptr-deref in nfsd_fill_super() (git-fixes).
NFSD: Fix READDIR buffer overflow (git-fixes).
NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1195957).
NFSD: Fix verifier returned in stable WRITEs (git-fixes).
NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).
NFSD: more robust allocation failure handling in nfsd_file_cache_init (git-fixes).
NFSD: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).
NFS: Do not loop forever in nfs_do_recoalesce() (git-fixes).
NFS: Do not overfill uncached readdir pages (git-fixes).
NFS: Do not report EINTR/ERESTARTSYS as mapping errors (git-fixes).
NFS: Do not report ENOSPC write errors twice (git-fixes).
NFS: Do not report errors from nfs_pageio_complete() more than once (git-fixes).
NFS: Do not report flush errors in nfs_write_end() (git-fixes).
NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
NFS: do not store 'struct cred *' in struct nfs_access_entry (git-fixes).
NFSD: prepare for supporting admin-revocation of state (bsc#1192483).
NFSD: Replace use of rwsem with errseq_t (bsc#1196960).
NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).
NFS: Ensure the server had an up to date ctime before renaming (git-fixes).
NFS: fix broken handling of the softreval mount option (git-fixes).
NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (git-fixes).
NFS: Further fixes to the writeback error handling (git-fixes).
NFS: limit use of ACCESS cache for negative responses (bsc#1196570).
NFS: Memory allocation failures are not server fatal errors (git-fixes).
NFS: NFSv2/v3 clients should never be setting NFS_CAP_XATTR (git-fixes).
NFS: pass cred explicitly for access tests (git-fixes).
NFS: Remove an incorrect revalidation in nfs4_update_changeattr_locked() (git-fixes).
NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
NFSv4.1 mark qualified async operations as MOVEABLE tasks (git-fixes).
NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).
NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).
NFSv4: Do not invalidate inode attributes on delegation return (git-fixes).
NFSv4: Fix another issue with a list iterator pointing to the head (git-fixes).
NFSv4: fix open failure with O_ACCMODE flag (git-fixes).
NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).
NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (git-fixes).
nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size (git-fixes).
nl80211: fix locking in nl80211_set_tx_bitrate_mask() (git-fixes).
nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).
nl80211: show SSID for P2P_GO interfaces (git-fixes).
nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
nl80211: validate S1G channel width (git-fixes).
ntb_hw_switchtec: Fix bug with more than 32 partitions (git-fixes).
ntb_hw_switchtec: Fix pff ioread to read into mmio_part_cfg_all (git-fixes).
ntb: intel: fix port config status offset for SPR (git-fixes).
n_tty: wake up poll(POLLRDNORM) on receiving data (git-fixes).
nvme: add verbose error logging (bsc#1200567). Update config files.
nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (git-fixes).
nvme: do not return an error from nvme_configure_metadata (git-fixes).
nvme: expose cntrltype and dctype through sysfs (jsc#SLE-23643).
nvme: fix a possible use-after-free in controller reset during load (git-fixes).
nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).
nvme: send uevent on connection up (jsc#SLE-23643).
objtool: Add frame-pointer-specific function ignore (bsc#1193277).
objtool: Fix code relocs vs weak symbols (git-fixes).
objtool: Fix type of reloc::addend (git-fixes).
objtool: Ignore unwind hints for ignored functions (bsc#1193277).
ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).
octeontx2-af: Add a 'rvu_free_bitmap()' function (gix-fixes).
octeontx2-af: Fix some memory leaks in the error handling path of 'cgx_lmac_init()' (git-fixes).
of: base: Fix phandle argument length mismatch error message (git-fixes).
of: base: Improve argument length mismatch error (git-fixes).
of/fdt: Do not worry about non-memory region overlap for no-map (git-fixes).
of: overlay: do not break notify on NOTIFY_{OK|STOP} (git-fixes).
of: Support more than one crash kernel regions for kexec -s (git-fixes).
of: unittest: 64 bit dma address test requires arch support (git-fixes).
of: unittest: fix warning on PowerPC frame size warning (git-fixes).
of: unittest: update text of expected warnings (git-fixes).
pahole 1.22 required for full BTF features. also recommend pahole for kernel-source to make the kernel buildable with standard config
PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2 registers on emulated bridge (git-fixes).
PCI: aardvark: Add support for ERR interrupt on emulated bridge (git-fixes).
PCI: aardvark: Add support for masking MSI interrupts (git-fixes).
PCI: aardvark: Add support for PME interrupts (git-fixes).
PCI: aardvark: Assert PERST# when unbinding driver (git-fixes).
PCI: aardvark: Clear all MSIs at setup (git-fixes).
PCI: aardvark: Comment actions in driver remove method (git-fixes).
PCI: aardvark: Disable bus mastering when unbinding driver (git-fixes).
PCI: aardvark: Disable common PHY when unbinding driver (git-fixes).
PCI: aardvark: Disable link training when unbinding driver (git-fixes).
PCI: aardvark: Do not mask irq when mapping (git-fixes).
PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy() (git-fixes).
PCI: aardvark: Enable MSI-X support (git-fixes).
PCI: aardvark: Fix memory leak in driver unbind (git-fixes).
PCI: aardvark: Fix reading MSI interrupt number (git-fixes).
PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge (git-fixes).
PCI: aardvark: Fix setting MSI address (git-fixes).
PCI: aardvark: Fix support for MSI interrupts (git-fixes).
PCI: aardvark: Fix support for PME requester on emulated bridge (git-fixes).
PCI: aardvark: Make msi_domain_info structure a static driver structure (git-fixes).
PCI: aardvark: Make MSI irq_chip structures static driver structures (git-fixes).
PCI: aardvark: Mask all interrupts when unbinding driver (git-fixes).
PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on emulated bridge (git-fixes).
PCI: aardvark: Refactor unmasking summary MSI interrupt (git-fixes).
PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts (git-fixes).
PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_* (git-fixes).
PCI: aardvark: Rewrite IRQ code to chained IRQ handler (git-fixes).
PCI: aardvark: Update comment about link going down after link-up (git-fixes).
PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev->of_node) (git-fixes).
PCI: aardvark: Use separate INTA interrupt for emulated root bridge (git-fixes).
PCI/ACPI: Allow D3 only if Root Port can signal and wake from D3 (git-fixes).
PCI: Add ACS quirk for Pericom PI7C9X2G switches (bsc#1199390).
PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
PCI: Avoid broken MSI on SB600 USB devices (git-fixes).
PCI: cadence: Fix find_first_zero_bit() limit (git-fixes).
PCI: dwc: Fix setting error return on MSI DMA mapping failure (git-fixes).
PCI: endpoint: Fix alignment fault error in copy tests (git-fixes).
PCI: endpoint: Fix misused goto label (git-fixes).
PCI: fu740: Force 2.5GT/s for initial device probe (git-fixes).
PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (git-fixes).
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).
PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).
PCI: imx6: Fix PERST# start-up sequence (git-fixes).
PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken (git-fixes).
PCI: microchip: Fix potential race in interrupt handling (git-fixes).
PCI: mvebu: Fix configuring secondary bus of PCIe Root Port via emulated bridge (git-fixes).
PCI: mvebu: Fix device enumeration regression (git-fixes).
PCI: mvebu: Fix support for bus mastering and PCI_COMMAND on emulated bridge (git-fixes).
PCI: mvebu: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge (git-fixes).
PCI: mvebu: Setup PCIe controller to Root Complex mode (git-fixes).
PCI: pci-bridge-emul: Add definitions for missing capabilities registers (git-fixes).
PCI: pci-bridge-emul: Add description for class_revision field (git-fixes).
PCI: pciehp: Add Qualcomm quirk for Command Completed erratum (git-fixes).
PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
PCI/PM: Power up all devices during runtime resume (git-fixes).
PCI: qcom: Fix runtime PM imbalance on probe errors (git-fixes).
PCI: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
PCI: rockchip: Fix find_first_zero_bit() limit (git-fixes).
PCI/switchtec: Add Gen4 automotive device IDs (git-fixes).
PCI: Work around Intel I210 ROM BAR overlap defect (git-fixes).
pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (git-fixes).
perf: Copy perf_event_attr::sig_data on modification (git fixes).
perf/core: Do not pass task around when ctx sched in (git-fixes).
perf/core: Fix address filter parser for multiple filters (git fixes).
perf/core: Fix cgroup event list management (git fixes).
perf/core: Fix perf_cgroup_switch() (git fixes).
perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled (git fixes).
perf: Fix list corruption in perf_cgroup_switch() (git fixes).
perf/x86/intel/pt: Fix address filter config for 32-bit kernel (git fixes).
perf/x86/intel/pt: Fix crash with stop filters in single-range mode (git fixes).
perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (bsc#1197304).
perf/x86/intel: Update the FRONTEND MSR mask on Sapphire Rapids (git fixes).
phy: amlogic: fix error path in phy_g12a_usb3_pcie_probe() (git-fixes).
phy: amlogic: meson8b-usb2: fix shared reset control use (git-fixes).
phy: amlogic: meson8b-usb2: Use dev_err_probe() (git-fixes).
phy: amlogic: phy-meson-gxl-usb2: fix shared reset controller use (git-fixes).
phy: aquantia: Fix AN when higher speeds than 1G are not advertised (git-fixes).
phy: broadcom: Kconfig: Fix PHY_BRCM_USB config option (git-fixes).
phy: dphy: Correct clk_pre parameter (git-fixes).
phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure}) (git-fixes).
phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe (git-fixes).
phy: phy-brcm-usb: fixup BCM4908 support (git-fixes).
phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (git-fixes).
phy: qcom-qmp: fix reset-controller leak on probe errors (git-fixes).
phy: qcom-qmp: fix struct clk leak on probe errors (git-fixes).
phy: samsung: exynos5250-sata: fix missing device put in probe error paths (git-fixes).
phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (git-fixes).
phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() (git-fixes).
phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe (git-fixes).
phy: ti: Fix missing sentinel for clk_div_table (git-fixes).
phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks (git-fixes).
phy: usb: Leave some clocks running during suspend (git-fixes).
phy: xilinx: zynqmp: Fix bus width setting for SGMII (git-fixes).
pinctrl: bcm2835: Fix a few error paths (git-fixes).
pinctrl: bcm63xx: fix unmet dependency on REGMAP for GPIO_REGMAP (git-fixes).
pinctrl: fix loop in k210_pinconf_get_drive() (git-fixes).
pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line (git-fixes).
pinctrl: intel: fix unexpected interrupt (git-fixes).
pinctrl: k210: Fix bias-pull-up (git-fixes).
pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).
pinctrl: mediatek: moore: Fix build error (git-fixes).
pinctrl: mediatek: mt8195: enable driver on mtk platforms (git-fixes).
pinctrl: mediatek: mt8365: fix IES control pins (git-fixes).
pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).
pinctrl: mediatek: paris: Fix PIN_CONFIG_BIAS_* readback (git-fixes).
pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).
pinctrl: mediatek: paris: Skip custom extra pin config dump for virtual GPIOs (git-fixes).
pinctrl: microchip-sgpio: lock RMW access (git-fixes).
pinctrl: microchip sgpio: use reset driver (git-fixes).
pinctrl: mvebu: Fix irq_of_parse_and_map() return value (git-fixes).
pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).
pinctrl: npcm: Fix broken references to chip->parent_device (git-fixes).
pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).
pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl (git-fixes).
pinctrl: pistachio: fix use of irq_of_parse_and_map() (git-fixes).
pinctrl: renesas: checker: Fix miscalculation of number of states (git-fixes).
pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).
pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel (git-fixes).
pinctrl: renesas: r8a779a0: Fix GPIO function on I2C-capable pins (git-fixes).
pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).
pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).
pinctrl: rockchip: fix RK3308 pinmux bits (git-fixes).
pinctrl: samsung: drop pin banks references on error paths (git-fixes).
pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config (git-fixes).
pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI (git-fixes).
pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested (git-fixes).
pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).
pinctrl: sunxi: Fix H616 I2S3 pin data (git-fixes).
pinctrl: sunxi: Use unique lockdep classes for IRQs (git-fixes).
pinctrl: tegra: tegra194: drop unused pin groups (git-fixes).
pinctrl: tigerlake: Revert 'Add Alder Lake-M ACPI ID' (git-fixes).
ping: fix the sk_bound_dev_if match in ping_lookup (bsc#1195826).
ping: remove pr_err from ping_lookup (bsc#1195826).
pipe: Fix missing lock in pipe_resize_ring() (git-fixes).
platform/chrome: cros_ec_debugfs: detach log reader wq from devm (git-fixes).
platform/chrome: cros_ec: fix error handling in cros_ec_register() (git-fixes).
platform/chrome: cros_ec_typec: Check for EC device (git-fixes).
platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls (git-fixes).
platform: finally disallow IRQ0 in platform_get_irq() and its ilk (git-fixes).
platform/surface: aggregator: Fix initialization order when compiling as builtin module (git-fixes).
platform/surface: surface3-wmi: Simplify resource management (git-fixes).
platform/x86: Add Intel Software Defined Silicon driver (jsc#SLE-18938).
platform/x86: asus-wmi: Add support for custom fan curves (bsc#1198058).
platform/x86: asus-wmi: Delete impossible condition (bsc#1198058).
platform/x86: asus-wmi: Fix driver not binding when fan curve control probe fails (git-fixes).
platform/x86: asus-wmi: Fix regression when probing for fan curve control (bsc#1198058).
platform/x86: asus-wmi: Fix 'unsigned 'retval' is never less than zero' smatch warning (bsc#1198058).
platform/x86: asus-wmi: Potential buffer overflow in asus_wmi_evaluate_method_buf() (git-fixes).
platform/x86: gigabyte-wmi: Add support for B450M DS3H-CF (git-fixes).
platform/x86: gigabyte-wmi: Add Z690M AORUS ELITE AX DDR4 support (git-fixes).
platform/x86: huawei-wmi: check the return value of device_create_file() (git-fixes).
platform/x86: intel-hid: fix _DSM function index handling (git-fixes).
platform/x86/intel/sdsi: Fix bug in multi packet reads (jsc#SLE-18901).
platform/x86/intel/sdsi: Handle leaky bucket (jsc#SLE-18901).
platform/x86/intel/sdsi: Poll on ready bit for writes (jsc#SLE-18901).
platform/x86: panasonic-laptop: de-obfuscate button codes (git-fixes).
platform/x86: panasonic-laptop: do not report duplicate brightness key-presses (git-fixes).
platform/x86: panasonic-laptop: filter out duplicate volume up/down/mute keypresses (git-fixes).
platform/x86: panasonic-laptop: revert 'Resolve hotkey double trigger bug' (git-fixes).
platform/x86: panasonic-laptop: sort includes alphabetically (git-fixes).
platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (git-fixes).
platform/x86: touchscreen_dmi: Add info for the RWC NANOTE P8 AY07J 2-in-1 (git-fixes).
PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).
PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (git-fixes).
PM / devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).
PM: domains: Fix initialization of genpd's next_wakeup (git-fixes).
PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() (git-fixes).
PM: hibernate: fix __setup handler error handling (git-fixes).
PM: hibernate: Remove register_nosave_region_late() (git-fixes).
PM: s2idle: ACPI: Fix wakeup interrupts handling (git-fixes).
PM: suspend: fix return value of __setup handler (git-fixes).
PM: wakeup: simplify the output logic of pm_show_wakelocks() (git-fixes).
pNFS: Avoid a live lock condition in pnfs_update_layout() (git-fixes).
pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).
powerpc/64: Move paca allocation later in boot (bsc#1190812).
powerpc/64s: Add CPU_FTRS_POWER10 to ALWAYS mask (jsc#SLE-13521 git-fixes).
powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask (bsc#1061840 git-fixes).
powerpc/64s: Do not use DSISR for SLB faults (bsc#1194869).
powerpc/64s/radix: Fix huge vmap false positive (bsc#1156395).
powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).
powerpc/bpf: Update ldimm64 instructions during extra pass (bsc#1194869).
powerpc: Do not select HAVE_IRQ_EXIT_ON_IRQ_STACK (bsc#1194869).
powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117 ltc#159753).
powerpc/fadump: fix PT_LOAD segment for boot memory area (bsc#1103269 ltc#169948 git-fixes).
powerpc/fadump: opt out from freeing pages on cma activation failure (bsc#1195099 ltc#196102).
powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).
powerpc/idle: Fix return value of __setup() handler (bsc#1065729).
powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
powerpc/mce: Modify the real address error logging messages (jsc#SLE-18194).
powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).
powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).
powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106, git-fixes).
powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending (bsc#1156395).
powerpc/perf: Fix the threshold compare group constraint for power10 (bsc#1194869).
powerpc/perf: Fix the threshold compare group constraint for power9 (bsc#1065729).
powerpc/powernv: Add __init attribute to eligible functions (bsc#1188885 ltc#193722 git-fixes).
powerpc/powernv: Get L1D flush requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).
powerpc/powernv: Get STF barrier requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).
powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes (bsc#1188885 ltc#193722 git-fixes).
powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
powerpc/pseries: Parse control memory access error (jsc#SLE-18194).
powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).
powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (bsc#1200343 ltc#198477).
powerpc: Set crashkernel offset to mid of RMA region (bsc#1190812).
powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).
powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
powerpc/vdso: Fix incorrect CFI in gettimeofday.S (bsc#1199173 ltc#197388).
powerpc/vdso: Remove cvdso_call_time macro (bsc#1199173 ltc#197388).
powerpc/xive: Add a debugfs file to dump EQs (bsc#1194409 ltc#195810).
powerpc/xive: Add some error handling code to 'xive_spapr_init()' (git-fixes).
powerpc/xive: Change the debugfs file 'xive' into a directory (bsc#1194409 ltc#195810).
powerpc/xive: Export XIVE IPI information for online-only processors (bsc#1194409 ltc#195810).
powerpc/xive: Fix refcount leak in xive_spapr_init (git-fixes).
powerpc/xive: fix return value of __setup handler (bsc#1065729).
powerpc/xive: Introduce an helper to print out interrupt characteristics (bsc#1194409 ltc#195810).
powerpc/xive: Introduce xive_core_debugfs_create() (bsc#1194409 ltc#195810).
powerpc/xive: Rename the 'cpus' debugfs file to 'ipis' (bsc#1194409 ltc#195810).
power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe (git-fixes).
power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init (git-fixes).
power: supply: axp20x_battery: properly report current when discharging (git-fixes).
power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).
power: supply: axp288_fuel_gauge: Drop BIOS version check from 'T3 MRD' DMI quirk (git-fixes).
power: supply: axp288_fuel_gauge: Fix battery reporting on the One Mix 1 (git-fixes).
power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return (git-fixes).
power: supply: sbs-charger: Do not cancel work that is not initialized (git-fixes).
power: supply: wm8350-power: Add missing free in free_charger_irq (git-fixes).
power: supply: wm8350-power: Handle error for wm8350_register_irq (git-fixes).
pps: clients: gpio: Propagate return value from pps_gpio_probe (git-fixes).
printk: Add panic_in_progress helper (bsc#1197894).
printk: disable optimistic spin during panic (bsc#1197894).
proc: bootconfig: Add null pointer check (git-fixes).
proc: fix documentation and description of pagemap (git-fixes).
procfs: prevent unprivileged processes accessing fdinfo dir (git-fixes).
psi: fix 'defined but not used' warnings when (git-fixes)
ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (bsc#1198413).
pvpanic: Fix typos in the comments (git-fixes).
pwm: lp3943: Fix duty calculation in case period was clamped (git-fixes).
pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).
pwm: raspberrypi-poe: Fix endianness in firmware struct (git-fixes).
qed: display VF trust config (git-fixes).
qede: confirm skb is allocated before using (git-fixes).
qed: fix ethtool register dump (jsc#SLE-19001).
qed: return status of qed_iov_get_link (git-fixes).
qla2xxx: add ->map_queues support for nvme (bsc#1195823).
qlcnic: dcb: default to returning -EOPNOTSUPP (git-fixes).
raid5: introduce MD_BROKEN (git-fixes).
random: check for signal_pending() outside of need_resched() check (git-fixes).
random: wake up /dev/random writers after zap (git-fixes).
random: wire up fops->splice_{read,write}_iter() (git-fixes).
ray_cs: Check ioremap return value (git-fixes).
RDMA/cma: Do not change route.addr.src_addr outside state checks (git-fixes).
RDMA/cma: Use correct address when leaving multicast group (git-fixes).
RDMA/core: Fix ib_qp_usecnt_dec() called when error (jsc#SLE-19249).
RDMA/core: Set MR type in ib_reg_user_mr (git-fixes).
RDMA/hfi1: Fix use-after-free bug for mm struct (git-fixes).
RDMA/ib_srp: Fix a deadlock (git-fixes).
RDMA/irdma: Fix netdev notifications for vlan's (git-fixes).
RDMA/irdma: Fix Passthrough mode in VM (git-fixes).
RDMA/irdma: Fix possible crash due to NULL netdev in notifier (git-fixes).
RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state (git-fixes).
RDMA/irdma: Prevent some integer underflows (git-fixes).
RDMA/irdma: Reduce iWARP QP destroy time (git-fixes).
RDMA/irdma: Remove incorrect masking of PD (git-fixes).
RDMA/irdma: Set protocol based on PF rdma_mode flag (bsc#1200502).
RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).
RDMA/mlx5: Add a missing update of cache->last_add (git-fixes).
RDMA/mlx5: Do not remove cache MRs when a delay is needed (git-fixes).
RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes).
RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR (git-fixes).
RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() (jsc#SLE-19249).
RDMA/rtrs-clt: Fix possible double free in error case (git-fixes).
RDMA/rtrs-clt: Move free_permit from free_clt to rtrs_clt_close (git-fixes).
RDMA/rxe: Change variable and function argument to proper type (jsc#SLE-19249).
RDMA/rxe: Check the last packet by RXE_END_MASK (git-fixes).
RDMA/rxe: Fix ref error in rxe_av.c (jsc#SLE-19249).
RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes).
RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).
RDMA/siw: Fix refcounting leak in siw_create_qp() (jsc#SLE-19249).
RDMA/ucma: Protect mc during concurrent multicast leaves (git-fixes).
regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (git-fixes).
regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (git-fixes).
regmap-irq: Update interrupt clear register for proper reset (git-fixes).
regulator: atc260x: Fix missing active_discharge_on setting (git-fixes).
regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (git-fixes).
regulator: core: fix false positive in regulator_late_cleanup() (git-fixes).
regulator: da9121: Fix uninit-value in da9121_assign_chip_model() (git-fixes).
regulator: mt6315: Enforce regulator-compatible, not name (git-fixes).
regulator: mt6315-regulator: fix invalid allowed mode (git-fixes).
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (git-fixes).
regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
regulator: qcom_smd: Fix up PM8950 regulator configuration (git-fixes).
regulator: rpi-panel: Handle I2C errors/timing to the Atmel (git-fixes).
regulator: scmi: Fix refcount leak in scmi_regulator_probe (git-fixes).
regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).
remoteproc: Fix count check in rproc_coredump_write() (git-fixes).
remoteproc: imx_rproc: Ignore create mem entry for resource table (git-fixes).
remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).
remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (git-fixes).
remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).
reset: tegra-bpmp: Restore Handle errors in BPMP response (git-fixes).
Revert 'drm/amd/display: Fix DCN3 B0 DP Alt Mapping' (git-fixes).
Revert 'drm/amdgpu/display: set vblank_disable_immediate for DC' (git-fixes).
Revert 'svm: Add warning message for AVIC IPI invalid target' (git-fixes).
rfkill: make new event layout opt-in (git-fixes).
rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (git-fixes).
riscv: Fix fill_callchain return value (git fixes).
rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (git-fixes).
rpmsg: qcom_smd: Fix redundant channel->registered assignment (git-fixes).
rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (git-fixes).
rpmsg: virtio: Fix possible double free in rpmsg_probe() (git-fixes).
rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (git-fixes).
rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (git-fixes).
rtc: check if __rtc_read_time was successful (git-fixes).
rtc: fix use-after-free on device removal (git-fixes).
rtc: ftrtc010: Fix error handling in ftrtc010_rtc_probe (git-fixes).
rtc: ftrtc010: Use platform_get_irq() to get the interrupt (git-fixes).
rtc: mc146818-lib: fix locking in mc146818_set_time (git-fixes).
rtc: mc146818-lib: Fix the AltCentury for AMD platforms (git-fixes).
rtc: mt6397: check return value after calling platform_get_resource() (git-fixes).
rtc: mxc: Silence a clang warning (git-fixes).
rtc: pcf2127: fix bug when reading alarm registers (git-fixes).
rtc: pl031: fix rtc features null pointer dereference (git-fixes).
rtc: sun6i: Fix time overflow handling (git-fixes).
rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).
rtl818x: Prevent using not initialized queues (git-fixes).
rtlwifi: Use pr_warn instead of WARN_ONCE (git-fixes).
rtw88: 8821c: fix debugfs rssi value (git-fixes).
rtw88: 8821c: support RFE type4 wifi NIC (git-fixes).
rtw88: Disable PCIe ASPM while doing NAPI poll on 8821CE (git-fixes).
rtw88: rtw8821c: enable rfe 6 devices (git-fixes).
s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).
s390/ctcm: fix potential memory leak (git-fixes).
s390/ctcm: fix variable dereferenced before check (git-fixes).
s390/dasd: fix data corruption for ESE devices (git-fixes).
s390/dasd: Fix read for ESE with blksize 4k (git-fixes).
s390/dasd: Fix read inconsistency for ESE DASD devices (git-fixes).
s390/dasd: prevent double format of tracks for ESE devices (git-fixes).
s390/entry: fix duplicate tracking of irq nesting level (git-fixes).
s390/extable: fix exception table sorting (git-fixes).
s390/kexec_file: fix error handling when applying relocations (git-fixes).
s390/kexec: fix memory leak of ipl report buffer (git-fixes).
s390/kexec: fix return code handling (git-fixes).
s390/lcs: fix variable dereferenced before check (git-fixes).
s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag (git-fixes).
s390/module: fix loading modules with a lot of relocations (git-fixes).
s390/nmi: handle guarded storage validity failures for KVM guests (git-fixes).
s390/nmi: handle vector validity failures for KVM guests (git-fixes).
s390/perf: obtain sie_block from the right address (bsc#1200315 LTC#198473).
s390/setup: avoid reserving memory above identity mapping (git-fixes).
s390/smp: sort out physical vs virtual pointers usage (git-fixes).
sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (git-fixes).
sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (git-fixes).
sc16is7xx: Fix for incorrect data being transmitted (git-fixes).
sched/core: Export pelt_thermal_tp (git-fixes)
sched/core: Fix forceidle balancing (git-fixes)
sched/core: Mitigate race (git-fixes)
sched/cpuacct: Fix charge percpu cpuusage (git-fixes)
sched/cpuacct: Fix user/system in shown cpuacct.usage* (git-fixes)
sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)
sched: Define and initialize a flag to identify valid PASID in the task (jsc#SLE-24350).
sched/fair: Consider CPU affinity when allowing NUMA imbalance in find_idlest_group() (bnc#1193431).
sched/fair: Fix fault in reweight_entity (git fixes (sched/core)).
sched/fair: Revise comment about lb decision matrix (git-fixes)
sched: Fix balance_push() vs __sched_setscheduler() (git-fixes)
sched: Fix yet more sched_fork() races (git fixes (sched/core)).
sched/membarrier: Fix membarrier-rseq fence command missing (git-fixes)
sched/numa: Adjust imb_numa_nr to a better approximation of memory channels (bnc#1193431).
sched/numa: Apply imbalance limitations consistently (bnc#1193431).
sched/numa: Do not swap tasks between nodes when spare capacity is available (bnc#1193431).
sched/numa: Initialise numa_migrate_retry (bnc#1193431).
sched/pasid: Add a kABI workaround (jsc#SLE-24350).
sched/pelt: Fix attach_entity_load_avg() corner case (git-fixes)
sched/pelt: Relax the sync of util_sum with util_avg (git-fixes)
sched/psi: report zeroes for CPU full at the system level (git-fixes)
sched/rt: Plug rt_mutex_setprio() vs push_rt_task() race (git-fixes)
sched/rt: Try to restart rt period timer when rt runtime (git-fixes)
sched/scs: Reset task stack state in bringup_cpu() (git-fixes)
sched/sugov: Ignore 'busy' filter when rq is capped by (git-fixes)
sched: Teach the forced-newidle balancer about CPU affinity (git-fixes)
scripts/faddr2line: Fix overlapping text section failures (git-fixes).
scsi: block: pm: Always set request queue runtime active in blk_post_runtime_resume() (bsc#1198802).
scsi: block: PM fix blk_post_runtime_resume() args (bsc#1198802).
scsi: core: Query VPD size before getting full page (git-fixes).
scsi: dc395x: Fix a missing check on list iterator (git-fixes).
scsi: elx: efct: Do not use GFP_KERNEL under spin lock (git-fixes).
scsi: fnic: Fix a tracing statement (git-fixes).
scsi: fnic: Replace DMA mask of 64 bits with 47 bits (bsc#1199631).
scsi: hisi_sas: Add more logs for runtime suspend/resume (bsc#1198802).
scsi: hisi_sas: Change permission of parameter prot_mask (git-fixes).
scsi: hisi_sas: Fix rescan after deleting a disk (git-fixes).
scsi: hisi_sas: Fix some issues related to asd_sas_port->phy_list (bsc#1198802).
scsi: hisi_sas: Increase debugfs_dump_index after dump is completed (bsc#1198806).
scsi: hisi_sas: Initialise devices in .slave_alloc callback (bsc#1198802).
scsi: hisi_sas: Limit users changing debugfs BIST count value (bsc#1198803).
scsi: hisi_sas: Remove unused variable and check in hisi_sas_send_ata_reset_each_phy() (git-fixes).
scsi: hisi_sas: Wait for phyup in hisi_sas_control_phy() (bsc#1198802).
scsi: ibmvfc: Allocate/free queue resource only during probe/remove (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
scsi: ibmvfc: Store vhost pointer during subcrq allocation (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
scsi: iscsi: Add helper functions to manage iscsi_cls_conn (bsc#1198410).
scsi: iscsi: Add helper to remove a session from the kernel (bsc#1198410).
scsi: iscsi: Allow iscsi_if_stop_conn() to be called from kernel (bsc#1198410).
scsi: iscsi: Clean up bound endpoints during shutdown (bsc#1198410).
scsi: iscsi: Fix HW conn removal use after free (bsc#1198410).
scsi: iscsi: Fix session removal on shutdown (bsc#1198410).
scsi: libiscsi: Teardown iscsi_cls_conn gracefully (bsc#1198410).
scsi: libsas: Add flag SAS_HA_RESUMING (bsc#1198802).
scsi: libsas: Add spin_lock/unlock() to protect asd_sas_port->phy_list (bsc#1198802).
scsi: libsas: Defer works of new phys during suspend (bsc#1198802).
scsi: libsas: Do not always drain event workqueue for HA resume (bsc#1198802).
scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands (git-fixes).
scsi: libsas: Insert PORTE_BROADCAST_RCVD event for resuming host (bsc#1198802).
scsi: libsas: Keep host active while processing events (bsc#1198802).
scsi: libsas: Refactor sas_queue_deferred_work() (bsc#1198802).
scsi: libsas: Resume host while sending SMP I/Os (bsc#1198802).
scsi: lpfc: Add more logging of cmd and cqe information for aborted NVMe cmds (bsc#1201193).
scsi: lpfc: Address NULL pointer dereference after starget_to_rport() (bsc#1201193).
scsi: lpfc: Add support for ATTO Fibre Channel devices (bsc#1201193).
scsi: lpfc: Add support for VMID tagging of NVMe I/Os (bsc#1201193).
scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion (bsc#1201193).
scsi: lpfc: Alter FPIN stat accounting logic (bsc#1200045).
scsi: lpfc: Change FA-PWWN detection methodology (bsc#1200045).
scsi: lpfc: Change VMID registration to be based on fabric parameters (bsc#1200045).
scsi: lpfc: Clear fabric topology flag before initiating a new FLOGI (bsc#1200045).
scsi: lpfc: Commonize VMID code location (bsc#1201193).
scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
scsi: lpfc: Copyright updates for 14.2.0.2 patches (bsc#1200045).
scsi: lpfc: Correct BDE DMA address assignment for GEN_REQ_WQE (bsc#1200045).
scsi: lpfc: Correct BDE type for XMIT_SEQ64_WQE in lpfc_ct_reject_event() (bsc#1201193).
scsi: lpfc: Correct CRC32 calculation for congestion stats (bsc#1200045).
scsi: lpfc: Decrement outstanding gidft_inp counter if lpfc_err_lost_link() (bsc#1200045).
scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
scsi: lpfc: Expand setting ELS_ID field in ELS_REQUEST64_WQE (bsc#1200045).
scsi: lpfc: Fill in missing ndlp kref puts in error paths (bsc#1200045).
scsi: lpfc: Fix additional reference counting in lpfc_bsg_rport_els() (bsc#1200045).
scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1200045).
scsi: lpfc: Fix diagnostic fw logging after a function reset (bsc#1200045).
scsi: lpfc: Fix dmabuf ptr assignment in lpfc_ct_reject_event() (bsc#1200045).
scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4() (bsc#1200045).
scsi: lpfc: Fix field overload in lpfc_iocbq data structure (bsc#1200045).
scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
scsi: lpfc: Fix ndlp put following a LOGO completion (bsc#1200045).
scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1200045).
scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (bsc#1201193).
scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).
scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1200045).
scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1200045).
scsi: lpfc: Fix split code for FLOGI on FCoE (bsc#1200045).
scsi: lpfc: Fix typos in comments (bsc#1197675).
scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).
scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).
scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1200045).
scsi: lpfc: Introduce FC_RSCN_MEMENTO flag for tracking post RSCN completion (bsc#1200045).
scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1200045).
scsi: lpfc: Move MI module parameter check to handle dynamic disable (bsc#1200045).
scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1200045).
scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
scsi: lpfc: Refactor cleanup of mailbox commands (bsc#1200045).
scsi: lpfc: Register for Application Services FC-4 type in Fabric topology (bsc#1200045).
scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
scsi: lpfc: Remove false FDMI NVMe FC-4 support for NPIV ports (bsc#1200045).
scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).
scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
scsi: lpfc: Remove redundant lpfc_sli_prep_wqe() call (bsc#1200045).
scsi: lpfc: Remove unnecessary null ndlp check in lpfc_sli_prep_wqe() (bsc#1200045).
scsi: lpfc: Remove unnecessary NULL pointer assignment for ELS_RDF path (bsc#1200045).
scsi: lpfc: Remove unneeded variable (bsc#1200045).
scsi: lpfc: Requeue SCSI I/O to upper layer when fw reports link down (bsc#1200045).
scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1201193).
scsi: lpfc: Resolve some cleanup issues following abort path refactoring (bsc#1201193).
scsi: lpfc: Resolve some cleanup issues following SLI path refactoring (bsc#1201193).
scsi: lpfc: Revise FDMI reporting of supported port speed for trunk groups (bsc#1200045).
scsi: lpfc: Rework FDMI initialization after link up (bsc#1200045).
scsi: lpfc: Rework lpfc_vmid_get_appid() to be protocol independent (bsc#1201193).
scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).
scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).
scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).
scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
scsi: lpfc: Transition to NPR state upon LOGO cmpl if link down or aborted (bsc#1200045).
scsi: lpfc: Tweak message log categories for ELS/FDMI/NVMe rescan (bsc#1200045).
scsi: lpfc: Update fc_prli_sent outstanding only after guaranteed IOCB submit (bsc#1200045).
scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
scsi: lpfc: Update lpfc version to 14.2.0.2 (bsc#1200045).
scsi: lpfc: Update lpfc version to 14.2.0.3 (bsc#1200045).
scsi: lpfc: Update lpfc version to 14.2.0.4 (bsc#1201193).
scsi: lpfc: Update stat accounting for READ_STATUS mbox command (bsc#1200045).
scsi: lpfc: Use fc_block_rport() (bsc#1197675).
scsi: lpfc: Use irq_set_affinity() (bsc#1197675).
scsi: lpfc: Use kcalloc() (bsc#1197675).
scsi: lpfc: Use list_for_each_entry_safe() in rscn_recovery_check() (bsc#1200045).
scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
scsi: lpfc: Use sg_dma_address() and sg_dma_len() macros for NVMe I/O (bsc#1200045).
scsi: lpfc: Zero SLI4 fcp_cmnd buffer's fcpCntl0 field (bsc#1200045).
scsi: mpt3sas: Fix incorrect 4GB boundary check (git-fixes).
scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() (git-fixes).
scsi: mpt3sas: Page fault in reply q processing (git-fixes).
scsi: mpt3sas: Use cached ATA Information VPD page (git-fixes).
scsi: mvsas: Add spin_lock/unlock() to protect asd_sas_port->phy_list (bsc#1198802).
scsi: nvme-fc: Add new routine nvme_fc_io_getuuid() (bsc#1201193).
scsi: pm8001: Fix abort all task initialization (git-fixes).
scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() (git-fixes).
scsi: pm8001: Fix command initialization in pm80XX_send_read_log() (git-fixes).
scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() (git-fixes).
scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() (git-fixes).
scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() (git-fixes).
scsi: pm8001: Fix NCQ NON DATA command completion handling (git-fixes).
scsi: pm8001: Fix NCQ NON DATA command task initialization (git-fixes).
scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() (git-fixes).
scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() (git-fixes).
scsi: pm80xx: Enable upper inbound, outbound queues (git-fixes).
scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63 (git-fixes).
scsi: qedi: Fix ABBA deadlock in qedi_process_tmf_resp() and qedi_process_cmd_cleanup_resp() (git-fixes).
scsi: qedi: Use QEDI_MODE_NORMAL for error handling (bsc#1198410).
scsi: qla2xxx: Add a new v2 dport diagnostic feature (bsc#1201160).
scsi: qla2xxx: Add debug prints in the device remove path (bsc#1201160).
scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).
scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).
scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).
scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).
scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).
scsi: qla2xxx: edif: Add bsg interface to read doorbell events (bsc#1201160).
scsi: qla2xxx: edif: Add retry for ELS passthrough (bsc#1201160).
scsi: qla2xxx: edif: bsg refactor (bsc#1201160).
scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).
scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).
scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription (bsc#1201160).
scsi: qla2xxx: edif: Fix n2n discovery issue with secure target (bsc#1201160).
scsi: qla2xxx: edif: Fix n2n login retry for secure device (bsc#1201160).
scsi: qla2xxx: edif: Fix no login after app start (bsc#1201160).
scsi: qla2xxx: edif: Fix no logout on delete for N2N (bsc#1201160).
scsi: qla2xxx: edif: Fix potential stuck session in sa update (bsc#1201160).
scsi: qla2xxx: edif: Fix session thrash (bsc#1201160).
scsi: qla2xxx: edif: Fix slow session teardown (bsc#1201160).
scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).
scsi: qla2xxx: edif: Reduce disruption due to multiple app start (bsc#1201160).
scsi: qla2xxx: edif: Reduce Initiator-Initiator thrashing (bsc#1201160).
scsi: qla2xxx: edif: Reduce N2N thrashing at app_start time (bsc#1201160).
scsi: qla2xxx: edif: Remove old doorbell interface (bsc#1201160).
scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200046).
scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).
scsi: qla2xxx: edif: Send LOGO for unexpected IKE message (bsc#1201160).
scsi: qla2xxx: edif: Synchronize NPIV deletion with authentication application (bsc#1201160).
scsi: qla2xxx: edif: Tear down session if keys have been removed (bsc#1201160).
scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).
scsi: qla2xxx: edif: Wait for app to ack on sess down (bsc#1201160).
scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (bsc#1201160).
scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).
scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection (bsc#1201160).
scsi: qla2xxx: Fix excessive I/O error messages by default (bsc#1201160).
scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).
scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests (bsc#1201160).
scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os (bsc#1201160).
scsi: qla2xxx: Fix losing target when it reappears during delete (bsc#1201160).
scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).
scsi: qla2xxx: Fix missed DMA unmap for aborted commands (bsc#1200046).
scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).
scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).
scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).
scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).
scsi: qla2xxx: Fix typos in comments (bsc#1197661).
scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).
scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).
scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).
scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).
scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).
scsi: qla2xxx: Remove a declaration (bsc#1195823).
scsi: qla2xxx: Remove free_sg command flag (bsc#1200046).
scsi: qla2xxx: Remove setting of 'req' and 'rsp' parameters (bsc#1201160).
scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200046).
scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).
scsi: qla2xxx: Remove unused 'ql_dm_tgt_ex_pct' parameter (bsc#1201160).
scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).
scsi: qla2xxx: Turn off multi-queue for 8G adapters (bsc#1201160).
scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).
scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).
scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
scsi: qla2xxx: Update version to 10.02.07.500-k (bsc#1201160).
scsi: qla2xxx: Update version to 10.02.07.600-k (bsc#1201160).
scsi: qla2xxx: Update version to 10.02.07.700-k (bsc#1201160).
scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).
scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
scsi: qla2xxx: Wind down adapter after PCIe error (bsc#1201160).
scsi: scsi_transport_fc: Fix FPIN Link Integrity statistics counters (git-fixes).
scsi: sr: Do not leak information in ioctl (git-fixes).
scsi: ufs: core: Exclude UECxx from SFR dump list (git-fixes).
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (git-fixes).
scsi: ufs: qcom: Fix ufs_qcom_resume() (git-fixes).
scsi: virtio-scsi: Eliminate anonymous module_init and module_exit (git-fixes).
scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() (git-fixes).
selftest: KVM: Add open sev dev helper (bsc#1194526).
selftests/bpf: Remove unused variable in tc_tunnel prog (git-fixes).
selftests: firmware: Fix the request_firmware_into_buf() test for XZ format (git-fixes).
selftests: firmware: Use smaller dictionary for XZ compression (git-fixes).
selftests: fix check for circular KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM (bsc#1194526).
selftests: KVM: Add /x86_64/sev_migrate_tests to .gitignore (bsc#1194526).
selftests: KVM: Fix check for !POLLIN in demand_paging_test (bsc#1194526).
selftests: kvm: Remove absent target file (git-fixes).
selftests: KVM: sev_migrate_tests: Fix sev_ioctl() (bsc#1194526).
selftests: kvm/x86: Fix the warning in lib/x86_64/processor.c (bsc#1194526).
selftests/powerpc: Add test for real address error handling (jsc#SLE-18194).
serial: 8250: Also set sticky MCR bits in console restoration (git-fixes).
serial: 8250_aspeed_vuart: add PORT_ASPEED_VUART port type (git-fixes).
serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (git-fixes).
serial: 8250: core: Remove unneeded linux/pm_runtime.h (git-fixes).
serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (git-fixes).
serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (git-fixes).
serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
serial: 8250: fix XOFF/XON sending when DMA is used (git-fixes).
serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).
serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
serial: 8250_mtk: Fix register address for XON/XOFF character (git-fixes).
serial: 8250_mtk: Fix UART_EFR register address (git-fixes).
serial: 8250: pxa: Remove unneeded linux/pm_runtime.h (git-fixes).
serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).
serial: cpm_uart: Fix build error without CONFIG_SERIAL_CPM_CONSOLE (git-fixes).
serial: digicolor-usart: Do not allow CS5-6 (git-fixes).
serial: imx: fix overrun interrupts in DMA mode (git-fixes).
serial: meson: acquire port->lock in startup() (git-fixes).
serial: msm_serial: disable interrupts in __msm_console_write() (git-fixes).
serial: pch: do not overwrite xmit->buf[0] by x_char (git-fixes).
serial: rda-uart: Do not allow CS5-6 (git-fixes).
serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() (git-fixes).
serial: sh-sci: Do not allow CS5-6 (git-fixes).
serial: sifive: Report actual baud base rather than fixed 115200 (git-fixes).
serial: sifive: Sanitize CSIZE and c_iflag (git-fixes).
serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (git-fixes).
serial: stm32-usart: Correct CSIZE, bits, and parity (git-fixes).
serial: txx9: Do not allow CS5-6 (git-fixes).
sfc: Do not free an empty page_ring (git-fixes).
sfc: fallback for lack of xdp tx queues (bsc#1196306).
sfc: last resort fallback for lack of xdp tx queues (bsc#1196306).
sfc: Use swap() instead of open coding it (bsc#1196306).
sfc: use swap() to make code cleaner (bsc#1196306).
skbuff: fix coalescing for page_pool fragment recycling (bsc#1190336).
slimbus: qcom: Fix IRQ check in qcom_slim_probe (git-fixes).
slip: fix macro redefine warning (git-fixes).
smb3: add mount parm nosparse (bsc#1193629).
smb3: add trace point for lease not found issue (bsc#1193629).
smb3: add trace point for oplock not found (bsc#1193629).
smb3: check for null tcon (bsc#1193629).
smb3: cleanup and clarify status of tree connections (bsc#1193629).
smb3: do not set rc when used and unneeded in query_info_compound (bsc#1193629).
SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (bsc#1193629).
smb3: fix incorrect session setup check for multiuser mounts (bsc#1193629).
smb3: fix ksmbd bigendian bug in oplock break, and move its struct to smbfs_common (bsc#1193629).
smb3: fix snapshot mount option (bsc#1193629).
smb3 improve error message when mount options conflict with posix (bsc#1193629).
smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common (bsc#1193629).
smb3: move defines for query info and query fsinfo to smbfs_common (bsc#1193629).
smb3 move more common protocol header definitions to smbfs_common (bsc#1193629).
smb3: send NTLMSSP version information (bsc#1193629).
smp: Fix offline cpu check in flush_smp_call_function_queue() (git-fixes).
smsc911x: allow using IRQ0 (git-fixes).
soc: aspeed: lpc-ctrl: Block error printing on probe defer cases (git-fixes).
soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (git-fixes).
soc: bcm: Check for NULL return of devm_kzalloc() (git-fixes).
soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).
soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).
soc: fsl: guts: Add a missing memory allocation failure check (git-fixes).
soc: fsl: guts: Revert commit 3c0d64e867ed (git-fixes).
soc: fsl: qe: Check of ioremap return value (git-fixes).
soc: mediatek: pm-domains: Add wakeup capacity support in power domain (git-fixes).
soc: qcom: aoss: Expose send for generic usecase (git-fixes).
soc: qcom: aoss: Fix missing put_device call in qmp_get (git-fixes).
soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
soc: qcom: llcc: Add MODULE_DEVICE_TABLE() (git-fixes).
soc: qcom: ocmem: Fix missing put_device() call in of_get_ocmem (git-fixes).
soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (git-fixes).
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (git-fixes).
soc: rockchip: Fix refcount leak in rockchip_grf_init (git-fixes).
soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc (git-fixes).
soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
sound/oss/dmasound: fix build when drivers are mixed =y/=m (git-fixes).
sound/oss/dmasound: fix 'dmasound_setup' defined but not used (git-fixes).
soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
soundwire: intel: prevent pm_runtime resume prior to system suspend (git-fixes).
soundwire: qcom: adjust autoenumeration timeout (git-fixes).
speakup-dectlk: Restore pitch setting (git-fixes).
spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller (git-fixes).
spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() (git-fixes).
spi: cadence-quadspi: fix incorrect supports_op() return value (git-fixes).
spi: cadence-quadspi: fix protocol setup for non-1-1-X operations (git-fixes).
spi: core: add dma_map_dev for __spi_unmap_msg() (git-fixes).
spi: Fix erroneous sgs value with min_t() (git-fixes).
spi: Fix invalid sgs value (git-fixes).
spi: Fix Tegra QSPI example (git-fixes).
spi: img-spfi: Fix pm_runtime_get_sync() error checking (git-fixes).
spi: mxic: Fix the transmit path (git-fixes).
spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
spi: qcom-qspi: Add minItems to interconnect-names (git-fixes).
spi: rockchip: Fix error in getting num-cs property (git-fixes).
spi: rockchip: fix missing error on unsupported SPI_CS_HIGH (git-fixes).
spi: rockchip: Preset cs-high and clk polarity in setup progress (git-fixes).
spi: rockchip: Stop spi slave dma receiver when cs inactive (git-fixes).
spi: rockchip: terminate dma transmission when slave abort (git-fixes).
spi: spi-cadence: Fix kernel-doc format for resume/suspend (git-fixes).
spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() (git-fixes).
spi: spi-mtk-nor: initialize spi controller after resume (git-fixes).
spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (git-fixes).
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (git-fixes).
spi: spi-zynqmp-gqspi: Handle error for dma_set_mask (git-fixes).
spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).
spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).
spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
spi: tegra20: Use of_device_get_match_data() (git-fixes).
spi: tegra210-quad: Fix missin IRQ check in tegra_qspi_probe (git-fixes).
sr9700: sanity check for packet length (bsc#1196836).
staging: fbtft: fb_st7789v: reset display before initialization (git-fixes).
staging: fbtft: Fix error path in fbtft_driver_module_init() (git-fixes).
staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (git-fixes).
staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).
staging: most: dim2: force fcnt=3 on Renesas GEN3 (git-fixes).
staging: most: dim2: use device release method (git-fixes).
staging: most: dim2: use if statements instead of ?: expressions (git-fixes).
staging: mt7621-dts: fix formatting (git-fixes).
staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree (git-fixes).
staging: mt7621-dts: fix pinctrl-0 items to be size-1 items on ethernet (git-fixes).
staging: mt7621-dts: fix pinctrl properties for ethernet (git-fixes).
staging: rtl8712: fix a potential memory leak in r871xu_drv_init() (git-fixes).
staging: rtl8712: fix uninit-value in r871xu_drv_init() (git-fixes).
staging: rtl8712: fix uninit-value in usb_read8() and friends (git-fixes).
staging: rtl8723bs: Fix access-point mode deadlock (git-fixes).
staging: vc04_services: shut up out-of-range warning (git-fixes).
staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances (git-fixes).
staging: vchiq_core: handle NULL result of find_service_by_handle (git-fixes).
staging: vchiq: Move certain declarations to vchiq_arm.h (git-fixes).
staging: vchiq: Move vchiq char driver to its own file (git-fixes).
staging: vchiq: Refactor vchiq cdev code (git-fixes).
staging: wfx: fix an error handling in wfx_init_common() (git-fixes).
stddef: Introduce DECLARE_FLEX_ARRAY() helper (git-fixes).
stm: ltdc: fix two incorrect NULL checks on list iterator (bsc#1190786)
SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
SUNRPC: Do not dereference non-socket transports in sysfs (git-fixes).
SUNRPC: Do not dereference non-socket transports in sysfs - kabi fix (git-fixes).
SUNRPC do not resend a task on an offlined transport (git-fixes).
SUNRPC: Ensure gss-proxy connects on setup (git-fixes).
SUNRPC: Ensure that the gssproxy client can start in a connected state (git-fixes).
SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (git-fixes).
SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).
SUNRPC: Handle low memory situations in call_status() (git-fixes).
SUNRPC release the transport of a relocated task with an assigned transport (git-fixes).
SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec() (git-fixes).
SUNRPC: Trap RDMA segment overflows (git-fixes).
SUNRPC: use different lock keys for INET6 and LOCAL (git-fixes).
supported.conf: add intel_sdsi
supported.conf: mark pfuze100 regulator as supported (bsc#1199909)
supported.conf: Support TPM TIS SPI driver (jsc#SLE-24093)
surface: surface3_power: Fix battery readings on batteries without a serial number (git-fixes).
swiotlb: max mapping size takes min align mask into account (bsc#1197303).
sysrq: do not omit current cpu when showing backtrace of all active CPUs (git-fixes).
thermal/core: Fix memory leak in __thermal_cooling_device_register() (git-fixes).
thermal: core: Fix TZ_GET_TRIP NULL pointer dereference (git-fixes).
thermal: devfreq_cooling: use local ops instead of global ops (git-fixes).
thermal/drivers/bcm2711: Do not clamp temperature at zero (git-fixes).
thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (git-fixes).
thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe (git-fixes).
thermal/drivers/int340x: Improve the tcc offset saving for suspend/resume (git-fixes).
thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
thermal: int340x: Fix attr.show callback prototype (git-fixes).
thermal: int340x: fix memory leak in int3400_notify() (git-fixes).
thermal: int340x: Increase bitmap size (git-fixes).
thunderbolt: Use different lane for second DisplayPort tunnel (git-fixes).
tick/nohz: unexport __init-annotated tick_nohz_full_setup() (bsc#1201218).
tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (bsc#1190786)
timekeeping: Mark NMI safe time accessors as notrace (git-fixes)
timers: Fix warning condition in __run_timers() (git-fixes)
TOMOYO: fix __setup handlers return values (git-fixes).
tools arch x86: Add Intel SDSi provisiong tool (jsc#SLE-18938).
tools: bpftool: Complete metrics list in 'bpftool prog profile' doc (git-fixes).
tools: bpftool: Document and add bash completion for -L, -B options (git-fixes).
tools: bpftool: Update and synchronise option list in doc and help msg (git-fixes).
tpm: Fix buffer access in tpm2_get_tpm_pt() (git-fixes).
tpm: Fix error handling in async work (git-fixes).
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (bsc#1065729).
tpm: use try_get_ops() in tpm-space.c (git-fixes).
tps6598x: clear int mask on probe failure (git-fixes).
tracing: Do not inc err_log entry count if entry allocation fails (git-fixes).
tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).
tracing: Fix potential double free in create_var_ref() (git-fixes).
tracing: Fix return value of __setup handlers (git-fixes).
tracing: Fix return value of trace_pid_write() (git-fixes).
tracing: Fix smatch warning for null glob in event_hist_trigger_parse() (git-fixes).
tracing: Have trace event string test handle zero length strings (git-fixes).
tracing: Have traceon and traceoff trigger honor the instance (git-fixes).
tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).
tracing/histogram: Fix sorting on old 'cpu' value (git-fixes).
tracing/osnoise: Force quiescent states while tracing (git-fixes).
tracing: Propagate is_signed to expression (git-fixes).
tracing: Show kretprobe unknown indicator only for kretprobe_trampoline (bsc#1193277).
tty: Fix a possible resource leak in icom_probe (git-fixes).
tty: fix deadlock caused by calling printk() under tty_port->lock (git-fixes).
tty: goldfish: Fix free_irq() on remove (git-fixes).
tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (git-fixes).
tty: goldfish: Use tty_port_destroy() to destroy port (git-fixes).
tty: n_gsm: Debug output allocation must use GFP_ATOMIC (git-fixes).
tty: n_gsm: Do not ignore write return value in gsmld_output() (git-fixes).
tty: n_gsm: fix deadlock in gsmtty_open() (git-fixes).
tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).
tty: n_gsm: fix NULL pointer access due to DLCI release (git-fixes).
tty: n_gsm: Fix packet data hex dump output (git-fixes).
tty: n_gsm: fix proper link termination after failed open (git-fixes).
tty: n_gsm: fix wrong modem processing in convergence layer type 2 (git-fixes).
tty: n_gsm: fix wrong tty control line for flow control (git-fixes).
tty: n_tty: do not look ahead for EOL character past the end of the buffer (git-fixes).
tty: n_tty: Restore EOF push handling behavior (git-fixes).
tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (git-fixes).
tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (git-fixes).
tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (git-fixes).
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (git-fixes).
u64_stats: Disable preemption on 32bit UP+SMP PREEMPT_RT during updates (bsc#1189998).
uapi/linux/stddef.h: Add include guards (jsc#SLE-18978).
ucounts: Enforce RLIMIT_NPROC not RLIMIT_NPROC+1 (bsc#1194191).
udmabuf: validate ubuf->pagecount (git-fixes).
udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).
usb: cdc-wdm: fix reading stuck on device close (git-fixes).
usb: cdns3: Fix issue for clear halt endpoint (git-fixes).
usb: cdnsp: fix cdnsp_decode_trb function to properly handle ret value (git-fixes).
usb: cdnsp: Fixed setting last_trb incorrectly (git-fixes).
usb: chipidea: udc: check request status before setting device address (git-fixes).
usb: core: Do not hold the device lock while sleeping in do_proc_control() (git-fixes).
usb: core: hcd: Add support for deferring roothub registration (git-fixes).
usb: dwc2: drd: fix soft connect when gadget is unconfigured (git-fixes).
usb: dwc2: Fix memory leak in dwc2_hcd_init (git-fixes).
usb: dwc2: gadget: do not reset gadget's driver->bus (git-fixes).
usb: dwc2: gadget: do not try to disable ep0 in dwc2_hsotg_suspend (git-fixes).
usb: dwc3: core: Fix tx/rx threshold settings (git-fixes).
usb: dwc3: core: Only handle soft-reset in DCTL (git-fixes).
usb: dwc3: Decouple USB 2.0 L1 & L2 events (git-fixes).
usb: dwc3: gadget: Change to dev_dbg() when queuing to inactive gadget/ep (git-fixes).
usb: dwc3: gadget: ep_queue simplify isoc start condition (git-fixes).
usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes).
usb: dwc3: gadget: Give some time to schedule isoc (git-fixes).
usb: dwc3: gadget: Ignore Update Transfer cmd params (git-fixes).
usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).
usb: dwc3: gadget: move cmd_endtransfer to extra function (git-fixes).
usb: dwc3: gadget: Move null pinter check to proper place (git-fixes).
usb: dwc3: gadget: Prevent core from processing stale TRBs (git-fixes).
usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes).
usb: dwc3: gadget: Return proper request status (git-fixes).
usb: dwc3: gadget: Skip checking Update Transfer status (git-fixes).
usb: dwc3: gadget: Skip reading GEVNTSIZn (git-fixes).
usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue (git-fixes).
usb: dwc3: Issue core soft reset before enabling run/stop (git-fixes).
usb: dwc3: omap: fix 'unbalanced disables for smps10_out1' on omap5evm (git-fixes).
usb: dwc3: pci: Add 'snps,dis_u2_susphy_quirk' for Intel Bay Trail (git-fixes).
usb: dwc3: pci: add support for the Intel Meteor Lake-P (git-fixes).
usb: dwc3: pci: add support for the Intel Raptor Lake-S (git-fixes).
usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).
usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (git-fixes).
usb: dwc3: pci: Set the swnode from inside dwc3_pci_quirks() (git-fixes).
usb: dwc3: Try usb-role-switch first in dwc3_drd_init (git-fixes).
usb: dwc3: xilinx: fix uninitialized return value (git-fixes).
usb: ehci: add pci device support for Aspeed platforms (git-fixes).
usb: ehci-omap: drop unused ehci_read() function (git-fixes).
usb: f_fs: Fix use-after-free for epfile (git-fixes).
usb: Fix xhci event ring dequeue pointer ERDP update issue (git-fixes).
usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (git-fixes).
usb: gadget: eliminate anonymous module_init and module_exit (git-fixes).
usb: gadget: f_fs: change ep->ep safe in ffs_epfile_io() (git-fixes).
usb: gadget: f_fs: change ep->status safe in ffs_epfile_io() (git-fixes).
USB: gadget: Fix double-free bug in raw_gadget driver (git-fixes).
usb: gadget: Fix non-unique driver names in raw-gadget driver (git-fixes).
usb: gadget: fix race when gadget driver register via ioctl (git-fixes).
usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).
usb: gadget: f_uac2: Define specific wTerminalType (git-fixes).
usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (git-fixes).
usb: gadget: rndis: add spinlock for rndis response list (git-fixes).
usb: gadget: rndis: check size of RNDIS_MSG_SET command (git-fixes).
usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).
usb: gadget: tegra-xudc: Do not program SPARAM (git-fixes).
usb: gadget: tegra-xudc: Fix control endpoint's definitions (git-fixes).
usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition (git-fixes).
usb: gadget: u_ether: fix regression in setting fixed MAC address (git-fixes).
usb: gadget: uvc: allow for application to cleanly shutdown (git-fixes).
usb: gadget: uvc: Fix crash when encoding data for usb request (git-fixes).
usb: gadget: uvc: rename function to be more consistent (git-fixes).
usb: gadget: validate endpoint index for xilinx udc (git-fixes).
usb: gadget: validate interface OS descriptor requests (git-fixes).
USB: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).
usb: hcd-pci: Use PCI_STD_NUM_BARS when checking standard BARs (git-fixes).
USB: host: isp116x: check return value after calling platform_get_resource() (git-fixes).
usb: isp1760: Fix out-of-bounds array access (git-fixes).
usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).
usb: mtu3: fix USB 3.0 dual-role-switch from device to host (git-fixes).
usb: musb: Fix missing of_node_put() in omap2430_probe (git-fixes).
usbnet: fix memory allocation in helpers (git-fixes).
USB: new quirk for Dell Gen 2 devices (git-fixes).
usb: phy: generic: Get the vbus supply (git-fixes).
usb: quirks: add a Realtek card reader (git-fixes).
usb: quirks: add STRING quirk for VCOM device (git-fixes).
usb: raw-gadget: fix handling of dual-direction-capable endpoints (git-fixes).
usb: serial: ch341: add support for GW Instek USB2.0-Serial devices (git-fixes).
usb: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes).
usb: serial: cp210x: add NCR Retail IO box id (git-fixes).
usb: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (git-fixes).
usb: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (git-fixes).
USB: serial: io_ti: add Agilent E5805A support (git-fixes).
usb: serial: option: add Fibocom L610 modem (git-fixes).
usb: serial: option: add Fibocom MA510 modem (git-fixes).
USB: serial: option: add Quectel BG95 modem (git-fixes).
USB: serial: option: add Quectel EM05-G modem (git-fixes).
USB: serial: option: add Quectel RM500K module support (git-fixes).
USB: serial: option: add support for Cinterion MV31 with new baseline (git-fixes).
usb: serial: option: add support for Cinterion MV32-WA/MV32-WB (git-fixes).
usb: serial: option: add support for DW5829e (git-fixes).
usb: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (git-fixes).
USB: serial: option: add Telit LE910Cx 0x1250 composition (git-fixes).
usb: serial: option: add Telit LE910R1 compositions (git-fixes).
usb: serial: option: add ZTE MF286D modem (git-fixes).
usb: serial: pl2303: add device id for HP LM930 Display (git-fixes).
usb: serial: pl2303: add IBM device IDs (git-fixes).
USB: serial: pl2303: add support for more HXN (G) types (git-fixes).
usb: serial: pl2303: fix GS type detection (git-fixes).
usb: serial: pl2303: fix type detection for odd device (git-fixes).
usb: serial: qcserial: add support for Sierra Wireless EM7590 (git-fixes).
usb: serial: simple: add Nokia phone driver (git-fixes).
usb: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (git-fixes).
usb: storage: karma: fix rio_karma_init return (git-fixes).
usb: storage: ums-realtek: fix error code in rts51x_read_mem() (git-fixes).
usb: typec: mux: Check dev_set_name() return value (git-fixes).
usb: typec: tcpci: Do not skip cleanup in .remove() on error (git-fixes).
usb: typec: tcpci_mt6360: Update for BMC PHY setting (git-fixes).
usb: typec: tipd: Forward plug orientation to typec subsystem (git-fixes).
usb: typec: ucsi: Fix reuse of completion structure (git-fixes).
usb: typec: ucsi: Fix role swapping (git-fixes).
usb: ulpi: Call of_node_put correctly (git-fixes).
usb: ulpi: Move of_node_put to ulpi_dev_release (git-fixes).
usb: usbip: add missing device lock on tweak configuration cmd (git-fixes).
usb: usbip: eliminate anonymous module_init and module_exit (git-fixes).
usb: usbip: fix a refcount leak in stub_probe() (git-fixes).
usb: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c (git-fixes).
usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
usb: xhci: tegra:Fix PM usage reference leak of tegra_xusb_unpowergate_partitions (git-fixes).
usb: zaurus: support another broken Zaurus (git-fixes).
use jobs not processors in the constraints jobs is the number of vcpus available to the build, while processors is the total processor count of the machine the VM is running on.
vdpasim: allow to enable a vq repeatedly (git-fixes).
veth: Ensure eth header is in skb's linear part (git-fixes).
veth: fix races around rq->rx_notify_masked (git-fixes).
vfio/ccw: Remove unneeded GFP_DMA (git-fixes).
vhost_vdpa: do not setup irq offloading when irq_num 0 (git-fixes).
vhost/vsock: do not check owner in vhost_vsock_stop() while releasing (git-fixes).
vhost/vsock: fix incorrect used length reported to the guest (git-fixes).
video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).
video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).
video: fbdev: cirrusfb: check pixclock to avoid divide by zero (git-fixes).
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (git-fixes).
video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow (git-fixes).
video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit (git-fixes).
video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).
video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() (git-fixes).
video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() (git-fixes).
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (git-fixes).
video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).
video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).
video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
video: fbdev: udlfb: properly check endpoint type (bsc#1190497)
video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit (git-fixes).
video: fbdev: w100fb: Reset global state (git-fixes).
virtio-blk: Do not use MAX_DISCARD_SEGMENTS if max_discard_seg is zero (git-fixes).
virtio_blk: eliminate anonymous module_init and module_exit (git-fixes).
virtio_blk: fix the discard_granularity and discard_alignment queue limits (git-fixes).
virtio_console: break out of buf poll on remove (git-fixes).
virtio_console: eliminate anonymous module_init and module_exit (git-fixes).
virtio: fix virtio transitional ids (git-fixes).
virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (git-fixes).
virtio-net: fix for skb_over_panic inside big mode (git-fixes).
virtio-net: fix race between ndo_open() and virtio_device_ready() (git-fixes).
virtio_net: fix wrong buf address calculation when using xdp (git-fixes).
virtio_net: fix xdp_rxq_info bug after suspend/resume (git-fixes).
virtio-net: realign page_to_skb() after merges (git-fixes).
virtio: pci: Fix an error handling path in vp_modern_probe() (git-fixes).
virtio-pci: Remove wrong address verification in vp_del_vqs() (git-fixes).
VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
vringh: Fix loop descriptors check in the indirect cases (git-fixes).
vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
vsprintf: Fix potential unaligned access (bsc#1198379).
vt_ioctl: add array_index_nospec to VT_ACTIVATE (git-fixes).
vt_ioctl: fix array_index_nospec in vt_setactivate (git-fixes).
vxcan: enable local echo for sent CAN frames (git-fixes).
w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).
watchdog: rti-wdt: Add missing pm_runtime_disable() in probe function (git-fixes).
watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking (git-fixes).
Watchdog: sp5100_tco: Add initialization using EFCH MMIO (bsc#1199260).
watchdog: sp5100_tco: Add support for get_timeleft (bsc#1199260).
Watchdog: sp5100_tco: Enable Family 17h+ CPUs (bsc#1199260).
Watchdog: sp5100_tco: Move timer initialization into function (bsc#1199260).
Watchdog: sp5100_tco: Refactor MMIO base address initialization (bsc#1199260).
watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (git-fixes).
watchdog: wdat_wdt: Stop watchdog when rebooting the system (git-fixes).
watch_queue: Actually free the watch (git-fixes).
watch_queue: Fix NULL dereference in error cleanup (git-fixes).
watch_queue: Free the page array when watch_queue is dismantled (git-fixes).
wcn36xx: Differentiate wcn3660 from wcn3620 (git-fixes).
wifi: mac80211: fix use-after-free in chanctx code (git-fixes).
wilc1000: fix crash observed in AP mode with cfg80211_register_netdevice() (git-fixes).
wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
writeback: Avoid skipping inode writeback (bsc#1200813).
writeback: Fix inode->i_io_list not be protected by inode->i_lock error (bsc#1200821).
x86/boot: Add setup_indirect support in early_memremap_is_setup_data() (bsc#1190497).
x86/boot: Fix memremap of setup_indirect structures (bsc#1190497).
x86/cc: Move arch/x86/{kernel/cc_platform.c coco/core.c} (jsc#SLE-19924).
x86/coco: Add API to handle encryption mask (jsc#SLE-19924).
x86/coco: Explicitly declare type of confidential computing platform (jsc#SLE-19924).
x86/cpu: Add Xeon Icelake-D to list of CPUs that support PPIN (bsc#1190497).
x86/cpufeatures: Re-enable ENQCMD (jsc#SLE-24350).
x86/cpu: Load microcode during restore_processor_state() (bsc#1190497).
x86/entry: Remove skip_r11rcx (bsc#1201524).
x86/fpu: Clear PASID when copying fpstate (jsc#SLE-24350).
x86/ibt,xen: Sprinkle the ENDBR (bsc#1201471).
x86/kprobes: Add UNWIND_HINT_FUNC on kretprobe_trampoline() (bsc#1193277).
x86/kprobes: Fixup return address in generic trampoline handler (bsc#1193277).
x86/kprobes: Push a fake return address at kretprobe_trampoline (bsc#1193277).
x86/kvmclock: Fix Hyper-V Isolated VM s boot issue when vCPUs 64 (bsc#1183682).
x86/kvm: Do not waste memory if kvmclock is disabled (bsc#1183682).
x86/MCE/AMD: Allow thresholding interface updates after init (bsc#1190497).
x86/mm/cpa: Generalize __set_memory_enc_pgtable() (jsc#SLE-19924).
x86/module: Fix the paravirt vs alternative order (bsc#1190497).
x86/pm: Save the MSR validity status at context setup (bsc#1190497).
x86/ptrace: Fix xfpregs_set() incorrect xmm clearing (bsc#1190497).
x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1190497).
x86/traps: Demand-populate PASID MSR via #GP (jsc#SLE-24350).
x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1190497).
x86/tsx: Use MSR_TSX_CTRL to clear CPUID bits (bsc#1190497).
x86/unwind: kABI workaround for unwind_state changes (bsc#1193277).
x86/unwind: Recover kretprobe trampoline entry (bsc#1193277).
xen/blkfront: fix comment for need_copy (git-fixes).
xen: fix is_xen_pmu() (git-fixes).
xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381).
xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (bsc#1201218).
xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1193556).
xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1193556).
xfs: drop async cache flushes from CIL commits (bsc#1195669).
xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI (git-fixes).
xhci: Enable runtime PM on second Alderlake controller (git-fixes).
xhci: fix garbage USBSTS being logged in some cases (git-fixes).
xhci: fix runtime PM imbalance in USB2 resume (git-fixes).
xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() (git-fixes).
xhci: increase usb U3 U0 link resume timeout from 100ms to 500ms (git-fixes).
xhci: make xhci_handshake timeout for xhci_reset() adjustable (git-fixes).
xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (git-fixes).
xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (git-fixes).
xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).
xhci: re-initialize the HC during resume if HCE was set (git-fixes).
xhci: stop polling roothubs after shutdown (git-fixes).
xhci: turn off port power in shutdown (git-fixes).
xsk: Do not write NULL in SW ring at allocation failure (jsc#SLE-18375).
zsmalloc: decouple class actions from zspage works (bsc#1189998).
zsmalloc: introduce obj_allocated (bsc#1189998).
zsmalloc: introduce some helper functions (bsc#1189998).
zsmalloc: move huge compressed obj from page to zspage (bsc#1189998).
zsmalloc: remove zspage isolation for migration (bsc#1189998).
zsmalloc: rename zs_stat_type to class_stat_type (bsc#1189998).
zsmalloc: replace get_cpu_var with local_lock (bsc#1189998).
zsmalloc: replace per zpage lock with poolmigrate_lock (bsc#1189998).
zsmalloc: Stop using slab fields in struct page (bsc#1189998 bsc#1190208).

Advisory ID	SUSE-SU-2022:2546-1
Released	Mon Jul 25 14:43:22 2022
Summary	Security update for gpg2
Type	security
Severity	important
References	1196125,1201225,CVE-2022-34903

Description:

This update for gpg2 fixes the following issues:

CVE-2022-34903: Fixed a status injection vulnerability (bsc#1201225).
Use AES as default cipher instead of 3DES when we are in FIPS mode. (bsc#1196125)

Advisory ID	SUSE-SU-2022:2552-1
Released	Tue Jul 26 14:55:40 2022
Summary	Security update for libxml2
Type	security
Severity	important
References	1196490,1199132,CVE-2022-23308,CVE-2022-29824

Description:

This update for libxml2 fixes the following issues:
Update to 2.9.14:

CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132).

Update to version 2.9.13:

CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes. (bsc#1196490)

Advisory ID	SUSE-SU-2022:2566-1
Released	Wed Jul 27 15:04:49 2022
Summary	Security update for pcre2
Type	security
Severity	important
References	1199235,CVE-2022-1587

Description:

This update for pcre2 fixes the following issues:

CVE-2022-1587: Fixed out-of-bounds read due to bug in recursions (bsc#1199235).

Advisory ID	SUSE-RU-2022:2573-1
Released	Thu Jul 28 04:24:19 2022
Summary	Recommended update for libzypp, zypper
Type	recommended
Severity	moderate
References	1194550,1197684,1199042

Description:

This update for libzypp, zypper fixes the following issues:
libzypp:

appdata plugin: Pass path to the repodata/ directory inside the cache (bsc#1197684)
zypp-rpm: flush rpm script output buffer before sending endOfScriptTag
PluginRepoverification: initial version hooked into repo::Downloader and repo refresh
Immediately start monitoring the download.transfer_timeout. Do not wait until the first data arrived (bsc#1199042)
singletrans: no dry-run commit if doing just download-only
Work around cases where sat repo.start points to an invalid solvable. May happen if (wrong arch) solvables were removed at the beginning of the repo.
Fix misplaced #endif SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER

zypper:

Basic JobReport for 'cmdout/monitor'
versioncmp: if verbose, also print the edition 'parts' which are compared
Make sure MediaAccess is closed on exception (bsc#1194550)
Display plus-content hint conditionally
Honor the NO_COLOR environment variable when auto-detecting whether to use color
Define table columns which should be sorted natural [case insensitive]
lr/ls: Use highlight color on name and alias as well

Advisory ID	SUSE-SU-2022:2597-1
Released	Fri Jul 29 16:12:04 2022
Summary	Security update for xen
Type	security
Severity	important
References	1027519,1199965,1199966,1200549,1201394,1201469,CVE-2022-21123,CVE-2022-21125,CVE-2022-21166,CVE-2022-23816,CVE-2022-23825,CVE-2022-26362,CVE-2022-26363,CVE-2022-26364,CVE-2022-29900,CVE-2022-33745

Description:

This update for xen fixes the following issues:

CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (XSA-402) (bsc#1199966).
CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 (XSA-404) (bsc#1200549).
CVE-2022-26362: Fixed a race condition in typeref acquisition (XSA-401) (bsc#1199965).
CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) (bsc#1201394).
CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulnerability, arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469).

Fixed several upstream bugs (bsc#1027519).

Advisory ID	SUSE-RU-2022:2625-1
Released	Tue Aug 2 12:15:42 2022
Summary	Recommended update for dracut
Type	recommended
Severity	important
References	1177461,1184970,1187654,1195047,1195508,1195604,1196267,1197635,1197967,1200236,1200251,1200360

Description:

This update for dracut fixes the following issues:

fix(bluetooth): accept compressed firmwares in inst_multiple (bsc#1200236)
fix(bluetooth): make hostonly configuration files optional (bsc#1195047)
fix(convertfs): ignore commented lines in fstab (bsc#1200251)
fix(crypt): remove quotes from cryptsetupopts (bsc#1197635)
fix(dracut-install): copy files preserving ownership attributes (bsc#1197967)
fix(dracut-systemd): do not require vconsole-setup.service (bsc#1195508)
fix(integrity): do not display any error if there is no IMA certificate (bsc#1187654)
fix(iscsi): remove unneeded iscsi NOP-disable code (bsc#1196267)
fix(lvm): restore setting LVM_MD_PV_ACTIVATED (bsc#1195604)
fix(network-legacy): support rd.net.timeout.dhcp (bsc#1200360)
fix(nfs): /var is not mounted during the transactional-update run (bsc#1184970)
fix(nfs): give /run/rpcbind ownership to rpc user (bsc#1177461)

Advisory ID	SUSE-SU-2022:2632-1
Released	Wed Aug 3 09:51:00 2022
Summary	Security update for permissions
Type	security
Severity	important
References	1198720,1200747,1201385

Description:

This update for permissions fixes the following issues:

apptainer: fix starter-suid location (bsc#1198720)
static permissions: remove deprecated bind / named chroot entries (bsc#1200747)
postfix: add postlog setgid for maildrop binary (bsc#1201385)

Advisory ID	SUSE-RU-2022:2640-1
Released	Wed Aug 3 10:43:44 2022
Summary	Recommended update for yaml-cpp
Type	recommended
Severity	moderate
References	1160171,1178331,1178332,1200624

Description:

This update for yaml-cpp fixes the following issue:

Version 0.6.3 changed ABI without changing SONAME. Re-add symbol from the old ABI to prevent ABI breakage and crash of applications compiled with 0.6.1 (bsc#1200624, bsc#1178332, bsc#1178331, bsc#1160171).

Advisory ID	SUSE-SU-2022:2659-1
Released	Wed Aug 3 21:05:25 2022
Summary	Security update for ldb, samba
Type	security
Severity	important
References	1196224,1198255,1199247,1199734,1200556,1200964,1201490,1201492,1201493,1201495,1201496,CVE-2022-2031,CVE-2022-32742,CVE-2022-32744,CVE-2022-32745,CVE-2022-32746

Description:

This update for ldb, samba fixes the following issues:

CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490).
CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request (bsc#1201492).
CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495).
CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496).
CVE-2022-32744: Fixed an arbitrary password change request for any AD user (bsc#1201493).

The following non-security bug were fixed:
ldb was updated to version 2.4.3:

Fix build problems, waf produces incorrect names for python extensions; (bso#15071);

samba was updated to 4.15.8:

Use pathref fd instead of io fd in vfs_default_durable_cookie; (bso#15042);
Setting fruit:resource = stream in vfs_fruit causes a panic; (bso#15099);
Add support for bind 9.18; (bso#14986);
logging dsdb audit to specific files does not work; (bso#15076);
vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted; (bso#15069);
netgroups support removed; (bso#15087); (bsc#1199247);
net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); (bsc#1199734);
waf produces incorrect names for python extensions with Python 3.11; (bso#15071);
smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556);
vfs_gpfs recalls=no option prevents listing files; (bso#15055);
waf produces incorrect names for python extensions with Python 3.11; (bso#15071);
Compile error in source3/utils/regedit_hexedit.c; (bso#15091);
ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link; (bso#15108);
smbd doesn't handle UPNs for looking up names; (bso#15054);
Out-by-4 error in smbd read reply max_send clamp; (bso#14443);

Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255);
Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979);
Fix smbclient commands del & deltree failing with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556).

Advisory ID	SUSE-RU-2022:2677-1
Released	Fri Aug 5 04:00:59 2022
Summary	Recommended update for hwinfo
Type	recommended
Severity	important
References	1199948

Description:

This update for hwinfo fixes the following issues:

Keep NVMe's namespace output consistency when the option `nvme_core.multipath=1` (bsc#1199948)

Advisory ID	SUSE-SU-2022:2713-1
Released	Tue Aug 9 12:38:05 2022
Summary	Security update for bind
Type	security
Severity	important
References	1192146,1197135,1197136,1199044,1200685,CVE-2021-25219,CVE-2021-25220,CVE-2022-0396

Description:

This update for bind fixes the following issues:

CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance (bsc#1192146).
CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders (bsc#1197135).
CVE-2022-0396: Fixed a incorrect handling of TCP connection slots time frame leading to deny of service (bsc#1197136).

The following non-security bugs were fixed:

Update to release 9.16.31 (jsc#SLE-24600).
Logrotation broken since dropping chroot (bsc#1200685).
A non-existent initialization script (eg a leftorver 'createNamedConfInclude' in /etc/sysconfig/named) may cause named not to start. A warning message is printed in named.prep and the fact is ignored. Also, the return value of a failed script was not handled properly causing a failed script to not prevent named to start. This is now fixed properly. [bsc#1199044, vendor-files.tar.bz2]

Advisory ID	SUSE-SU-2022:2717-1
Released	Tue Aug 9 12:54:16 2022
Summary	Security update for ncurses
Type	security
Severity	moderate
References	1198627,CVE-2022-29458

Description:

This update for ncurses fixes the following issues:

CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c (bsc#1198627).

Advisory ID	SUSE-RU-2022:2735-1
Released	Wed Aug 10 04:31:41 2022
Summary	Recommended update for tar
Type	recommended
Severity	moderate
References	1200657

Description:

This update for tar fixes the following issues:

Fix race condition while creating intermediate subdirectories (bsc#1200657)

Advisory ID	SUSE-SU-2022:2803-1
Released	Fri Aug 12 16:29:17 2022
Summary	Security update for the Linux Kernel
Type	security
Severity	important
References	1190256,1190497,1199291,1199356,1199665,1201258,1201323,1201391,1201458,1201592,1201593,1201595,1201596,1201635,1201651,1201691,1201705,1201726,1201846,1201930,1202094,CVE-2021-33655,CVE-2022-21505,CVE-2022-2585,CVE-2022-26373,CVE-2022-29581

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).
CVE-2022-2585: Fixed use-after-free in POSIX CPU timer (bnc#1202094).
CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy (bsc#1201458).
CVE-2022-26373: Fixed CPU info leak via post-barrier RSB predictions (bsc#1201726).
CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665).

The following non-security bugs were fixed:

ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (git-fixes).
ACPI: video: Fix acpi_video_handles_brightness_key_presses() (git-fixes).
ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model (git-fixes).
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes).
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 (git-fixes).
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).
ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).
ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0) (git-fixes).
ALSA: usb-audio: Add quirk for Fiero SC-01 (git-fixes).
ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices (git-fixes).
ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD (git-fixes).
ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle (git-fixes).
ARM: 9210/1: Mark the FDT_FIXED sections as shareable (git-fixes).
ARM: 9213/1: Print message about disabled Spectre workarounds only once (git-fixes).
ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction (git-fixes).
ARM: dts: at91: sama5d2: Fix typo in i2s1 node (git-fixes).
ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count (git-fixes).
ARM: dts: stm32: use the correct clock source for CEC on stm32mp151 (git-fixes).
ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero (git-fixes).
ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array (git-fixes).
ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() (git-fixes).
ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering problem (git-fixes).
ASoC: Intel: sof_sdw: handle errors on card registration (git-fixes).
ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on remove (git-fixes).
ASoC: Remove unused hw_write_t type (git-fixes).
ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow (git-fixes).
ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues in probe (git-fixes).
ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in .set_jack_detect (git-fixes).
ASoC: cs47l15: Fix event generation for low power mux control (git-fixes).
ASoC: dapm: Initialise kcontrol data for mux/demux controls (git-fixes).
ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
ASoC: madera: Fix event generation for rate controls (git-fixes).
ASoC: ops: Fix off by one in range control validation (git-fixes).
ASoC: rt5682: Avoid the unexpected IRQ event during going to suspend (git-fixes).
ASoC: rt5682: Fix deadlock on resume (git-fixes).
ASoC: rt5682: Re-detect the combo jack after resuming (git-fixes).
ASoC: rt5682: fix an incorrect NULL check on list iterator (git-fixes).
ASoC: rt5682: move clk related code to rt5682_i2c_probe (git-fixes).
ASoC: rt7*-sdw: harden jack_detect_handler (git-fixes).
ASoC: rt711-sdca-sdw: fix calibrate mutex initialization (git-fixes).
ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver (git-fixes).
ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error (git-fixes).
ASoC: rt711: Add endianness flag in snd_soc_component_driver (git-fixes).
ASoC: rt711: fix calibrate mutex initialization (git-fixes).
ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
ASoC: tas2764: Add post reset delays (git-fixes).
ASoC: tas2764: Correct playback volume range (git-fixes).
ASoC: tas2764: Fix amp gain register offset & default (git-fixes).
ASoC: tas2764: Fix and extend FSYNC polarity handling (git-fixes).
ASoC: wcd938x: Fix event generation for some controls (git-fixes).
ASoC: wm5110: Fix DRE control (git-fixes).
Bluetooth: btusb: Add the new support IDs for WCN6855 (git-fixxes).
Input: cpcap-pwrbutton - handle errors from platform_get_irq() (git-fixes).
Input: i8042 - Apply probe defer to more ASUS ZenBook models (bsc#1190256).
NFC: nxp-nci: do not print header length mismatch on i2c error (git-fixes).
VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291, jsc#SLE-24635).
VMCI: Fix some error handling paths in vmci_guest_probe_device() (bsc#1199291, jsc#SLE-24635).
VMCI: Release notification_bitmap in error path (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: allocate send and receive buffers for DMA datagrams (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: detect DMA datagram capability (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: register dummy IRQ handlers for DMA datagrams (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
VMCI: dma dg: whitespace formatting change for vmci register defines (bsc#1199291, jsc#SLE-24635).
arm64: Add HWCAP for self-synchronising virtual counter (git-fixes)
arm64: Add cavium_erratum_23154_cpus missing sentinel (jsc#SLE-24682).
arm64: cpufeature: add HWCAP for FEAT_AFP (git-fixes)
arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot (git-fixes).
arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes)
arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes).
arm64: dts: rockchip: Assign RK3399 VDU clock rate (git-fixes).
arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA transfer (git-fixes)
batman-adv: Use netif_rx() (git-fixes).
bcmgenet: add WOL IRQ check (git-fixes).
be2net: Fix buffer overflow in be_get_module_eeprom (bsc#1201323).
blk-mq: add one API for waiting until quiesce is done (bsc#1201651).
blk-mq: fix kabi support concurrent queue quiesce unquiesce (bsc#1201651).
blk-mq: support concurrent queue quiesce/unquiesce (bsc#1201651).
can: bcm: use call_rcu() instead of costly synchronize_rcu() (git-fixes).
can: grcan: grcan_probe(): remove extra of_node_get() (git-fixes).
can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
can: m_can: m_can_chip_config(): actually enable internal timestamping (git-fixes).
can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling for mcp2517fd (git-fixes).
can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken CRC on TBC register (git-fixes).
ceph: fix up non-directory creation in SGID directories (bsc#1201595).
cpufreq: mediatek: Unregister platform device on exit (git-fixes).
cpufreq: mediatek: Use module_init and add module_exit (git-fixes).
cpufreq: pmac32-cpufreq: Fix refcount leak bug (git-fixes).
cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)
crypto: hisilicon/qm - modify the uacce mode check (bsc#1201391).
crypto: octeontx2 - Avoid stack variable overflow (jsc#SLE-24682).
crypto: octeontx2 - CN10K CPT to RNM workaround (jsc#SLE-24682).
crypto: octeontx2 - Use swap() instead of swap_engines() (jsc#SLE-24682).
crypto: octeontx2 - add apis for custom engine groups (jsc#SLE-24682).
crypto: octeontx2 - add synchronization between mailbox accesses (jsc#SLE-24682).
crypto: octeontx2 - fix missing unlock (jsc#SLE-24682).
crypto: octeontx2 - increase CPT HW instruction queue length (jsc#SLE-24682).
crypto: octeontx2 - out of bounds access in otx2_cpt_dl_custom_egrp_delete() (jsc#SLE-24682).
crypto: octeontx2 - parameters for custom engine groups (jsc#SLE-24682).
crypto: octeontx2 - select CONFIG_NET_DEVLINK (jsc#SLE-24682).
crypto: octeontx2 - use swap() to make code cleaner (jsc#SLE-24682).
crypto: qat - fix memory leak in RSA (git-fixes).
crypto: qat - remove dma_free_coherent() for DH (git-fixes).
crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
crypto: qat - set CIPHER capability for DH895XCC (git-fixes).
crypto: qat - set to zero DH parameters before free (git-fixes).
crypto: testmgr - allow ecdsa-nist in FIPS mode (jsc#SLE-21132,bsc#1201258).
device property: Add fwnode_irq_get_byname (jsc#SLE-24569)
dm: do not stop request queue after the dm device is suspended (bsc#1201651).
dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (git-fixes).
dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
dmaengine: lgm: Fix an error handling path in intel_ldma_probe() (git-fixes).
dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).
dmaengine: qcom: bam_dma: fix runtime PM underflow (git-fixes).
dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (git-fixes).
dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (git-fixes).
docs: firmware-guide: ACPI: Add named interrupt doc (jsc#SLE-24569)
docs: net: dsa: add more info about the other arguments to get_tag_protocol (git-fixes).
docs: net: dsa: delete port_mdb_dump (git-fixes).
docs: net: dsa: document change_tag_protocol (git-fixes).
docs: net: dsa: document port_fast_age (git-fixes).
docs: net: dsa: document port_setup and port_teardown (git-fixes).
docs: net: dsa: document the shutdown behavior (git-fixes).
docs: net: dsa: document the teardown method (git-fixes).
docs: net: dsa: re-explain what port_fdb_dump actually does (git-fixes).
docs: net: dsa: remove port_vlan_dump (git-fixes).
docs: net: dsa: rename tag_protocol to get_tag_protocol (git-fixes).
docs: net: dsa: update probing documentation (git-fixes).
dpaa2-eth: Initialize mutex used in one step timestamping path (git-fixes).
dpaa2-eth: destroy workqueue at the end of remove function (git-fixes).
dpaa2-eth: unregister the netdev before disconnecting from the PHY (git-fixes).
drbd: fix potential silent data corruption (git-fixes).
drivers: net: smc911x: Check for error irq (git-fixes).
drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw (git-fixes).
drm/amd/display: Only use depth 36 bpp linebuffers on DCN display engines (git-fixes).
drm/amd/display: Set min dcfclk if pipe count is 0 (git-fixes).
drm/amd/vcn: fix an error msg on vcn 3.0 (git-fixes).
drm/amdgpu: To flush tlb for MMHUB of RAVEN series (git-fixes).
drm/i915/dg2: Add Wa_22011100796 (git-fixes).
drm/i915/gt: Serialize GRDOM access between multiple engine resets (git-fixes).
drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).
drm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist() (git-fixes).
drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).
drm/i915/uc: correctly track uc_fw init failure (git-fixes).
drm/i915: Fix a race between vma / object destruction and unbinding (git-fixes).
drm/i915: Require the vm mutex for i915_vma_bind() (git-fixes).
drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() (git-fixes).
drm/imx/dcss: Add missing of_node_put() in fail path (git-fixes).
drm/mediatek: Detect CMDQ execution timeout (git-fixes).
drm/mediatek: Remove the pointer of struct cmdq_client (git-fixes).
drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb (git-fixes).
drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).
drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error (git-fixes).
drm/ttm: fix locking in vmap/vunmap TTM GEM helpers (git-fixes).
dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo (git-fixes).
dt-bindings: gpio: Add Tegra241 support (jsc#SLE-24571)
dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC (git-fixes).
dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible (git-fixes).
e1000e: Enable GPT clock before sending message to CSME (git-fixes).
efi/x86: use naked RET on mixed mode call wrapper (git-fixes).
ethernet: Fix error handling in xemaclite_of_probe (git-fixes).
ethtool: Fix get module eeprom fallback (bsc#1201323).
fbcon: Disallow setting font bigger than screen size (git-fixes).
fbcon: Prevent that screen size is smaller than font size (git-fixes).
fbdev: fbmem: Fix logo center image dx issue (git-fixes).
fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
fjes: Check for error irq (git-fixes).
fsl/fman: Check for null pointer after calling devm_ioremap (git-fixes).
fsl/fman: Fix missing put_device() call in fman_port_probe (git-fixes).
fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201593).
fuse: make sure reclaim does not write the inode (bsc#1201592).
gpio: gpio-xilinx: Fix integer overflow (git-fixes).
gpio: pca953x: only use single read/write for No AI mode (git-fixes).
gpio: pca953x: use the correct range when do regmap sync (git-fixes).
gpio: pca953x: use the correct register address when regcache sync during init (git-fixes).
gpio: tegra186: Add IRQ per bank for Tegra241 (jsc#SLE-24571)
gpio: tegra186: Add support for Tegra241 (jsc#SLE-24571)
gve: Recording rx queue before sending to napi (git-fixes).
hwmon: (occ) Prevent power cap command overwriting poll response (git-fixes).
hwmon: (occ) Remove sequence numbering and checksum calculation (git-fixes).
hwrng: cavium - fix NULL but dereferenced coccicheck error (jsc#SLE-24682).
i2c: cadence: Change large transfer count reset logic to be unconditional (git-fixes).
i2c: cadence: Unregister the clk notifier in error path (git-fixes).
i2c: mlxcpld: Fix register setting for 400KHz frequency (git-fixes).
i2c: piix4: Fix a memory leak in the EFCH MMIO support (git-fixes).
i2c: smbus: Check for parent device before dereference (git-fixes).
i2c: smbus: Use device_*() functions instead of of_*() (jsc#SLE-24569)
i2c: tegra: Add SMBus block read function (jsc#SLE-24569)
i2c: tegra: Add the ACPI support (jsc#SLE-24569)
i2c: tegra: use i2c_timings for bus clock freq (jsc#SLE-24569)
ice: Avoid RTNL lock when re-creating auxiliary device (git-fixes).
ice: Fix error with handling of bonding MTU (git-fixes).
ice: Fix race condition during interface enslave (git-fixes).
ice: stop disabling VFs due to PF error responses (git-fixes).
ida: do not use BUG_ON() for debugging (git-fixes).
ima: Fix a potential integer overflow in ima_appraise_measurement (git-fixes).
ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
ima: force signature verification when CONFIG_KEXEC_SIG is configured (git-fixes).
irqchip/gic-v3: Workaround Marvell erratum 38545 when reading IAR (jsc#SLE-24682).
irqchip: or1k-pic: Undefine mask_ack for level triggered hardware (git-fixes).
ixgbevf: Require large buffers for build_skb on 82599VF (git-fixes).
kABI workaround for phy_device changes (git-fixes).
kABI workaround for rtsx_usb (git-fixes).
kABI workaround for snd-soc-rt5682-* (git-fixes).
kABI: fix adding field to scsi_device (git-fixes).
kABI: fix adding field to ufs_hba (git-fixes).
kABI: i2c: smbus: restore of_ alert variant (jsc#SLE-24569). kABI fix for 'i2c: smbus: Use device_*() functions instead of of_*()'
kabi/severities: add intel ice
kabi/severities: add stmmac network driver local symbols
kabi/severities: ignore dropped symbol rt5682_headset_detect
kasan: fix tag for large allocations when using CONFIG_SLAB (git fixes (mm/kasan)).
kernel-obs-build: include qemu_fw_cfg (boo#1201705)
kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).
kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
libceph: fix potential use-after-free on linger ping and resends (bsc#1201596).
md: bcache: check the return value of kzalloc() in detached_dev_do_request() (git-fixes).
memcg: page_alloc: skip bulk allocator for __GFP_ACCOUNT (git fixes (mm/pgalloc)).
memregion: Fix memregion_free() fallback definition (git-fixes).
misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (git-fixes).
misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).
misc: rtsx_usb: use separate command and response buffers (git-fixes).
mm/large system hash: avoid possible NULL deref in alloc_large_system_hash (git fixes (mm/pgalloc)).
mm/secretmem: avoid letting secretmem_users drop to zero (git fixes (mm/secretmem)).
mm/vmalloc: fix numa spreading for large hash tables (git fixes (mm/vmalloc)).
mm/vmalloc: make sure to dump unpurged areas in /proc/vmallocinfo (git fixes (mm/vmalloc)).
mm/vmalloc: repair warn_alloc()s in __vmalloc_area_node() (git fixes (mm/vmalloc)).
mm: do not try to NUMA-migrate COW pages that have other uses (git fixes (mm/numa)).
mm: swap: get rid of livelock in swapin readahead (git fixes (mm/swap)).
mt76: mt7921: get rid of mt7921_mac_set_beacon_filter (git-fixes).
natsemi: xtensa: fix section mismatch warnings (git-fixes).
nbd: fix possible overflow on 'first_minor' in nbd_dev_add() (git-fixes).
net/fsl: xgmac_mdio: Add workaround for erratum A-009885 (git-fixes).
net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module (git-fixes).
net/qla3xxx: fix an error code in ql_adapter_up() (git-fixes).
net: ag71xx: Fix a potential double free in error handling paths (git-fixes).
net: altera: set a couple error code in probe() (git-fixes).
net: amd-xgbe: Fix skb data length underflow (git-fixes).
net: amd-xgbe: disable interrupts during pci removal (git-fixes).
net: amd-xgbe: ensure to reset the tx_timer_active flag (git-fixes).
net: annotate data-races on txq->xmit_lock_owner (git-fixes).
net: axienet: Fix TX ring slot available check (git-fixes).
net: axienet: Wait for PhyRstCmplt after core reset (git-fixes).
net: axienet: add missing memory barriers (git-fixes).
net: axienet: fix for TX busy handling (git-fixes).
net: axienet: fix number of TX ring slots for available check (git-fixes).
net: axienet: increase default TX ring size to 128 (git-fixes).
net: axienet: increase reset timeout (git-fixes).
net: axienet: limit minimum TX ring size (git-fixes).
net: bcm4908: Handle dma_set_coherent_mask error codes (git-fixes).
net: bcmgenet: Do not claim WOL when its not available (git-fixes).
net: bcmgenet: skip invalid partial checksums (git-fixes).
net: chelsio: cxgb3: check the return value of pci_find_capability() (git-fixes).
net: cpsw: Properly initialise struct page_pool_params (git-fixes).
net: cpsw: avoid alignment faults by taking NET_IP_ALIGN into account (git-fixes).
net: dsa: ar9331: register the mdiobus under devres (git-fixes).
net: dsa: bcm_sf2: do not use devres for mdiobus (git-fixes).
net: dsa: felix: do not use devres for mdiobus (git-fixes).
net: dsa: lan9303: add VLAN IDs to master device (git-fixes).
net: dsa: lan9303: fix reset on probe (git-fixes).
net: dsa: lantiq_gswip: do not use devres for mdiobus (git-fixes).
net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() (git-fixes).
net: dsa: mt7530: fix kernel bug in mdiobus_free() when unbinding (git-fixes).
net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY (git-fixes).
net: dsa: mv88e6xxx: do not use devres for mdiobus (git-fixes).
net: dsa: mv88e6xxx: fix use-after-free in mv88e6xxx_mdios_unregister (git-fixes).
net: dsa: mv88e6xxx: flush switchdev FDB workqueue before removing VLAN (git-fixes).
net: ethernet: lpc_eth: Handle error for clk_enable (git-fixes).
net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config() (git-fixes).
net: ethernet: mtk_eth_soc: fix return values and refactor MDIO ops (git-fixes).
net: ethernet: ti: cpts: Handle error for clk_enable (git-fixes).
net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() (git-fixes).
net: ieee802154: ca8210: Fix lifs/sifs periods (git-fixes).
net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
net: ieee802154: hwsim: Ensure proper channel selection at probe time (git-fixes).
net: ieee802154: mcr20a: Fix lifs/sifs periods (git-fixes).
net: ipa: add an interconnect dependency (git-fixes).
net: ipa: fix atomic update in ipa_endpoint_replenish() (git-fixes).
net: ipa: prevent concurrent replenish (git-fixes).
net: ipa: use a bitmap for endpoint replenish_enabled (git-fixes).
net: ks8851: Check for error irq (git-fixes).
net: lantiq_xrx200: fix statistics of received bytes (git-fixes).
net: ll_temac: check the return value of devm_kmalloc() (git-fixes).
net: macb: Fix lost RX packet wakeup race in NAPI receive (git-fixes).
net: macsec: Fix offload support for NETDEV_UNREGISTER event (git-fixes).
net: macsec: Verify that send_sci is on when setting Tx sci explicitly (git-fixes).
net: marvell: mvpp2: Fix the computation of shared CPUs (git-fixes).
net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr (git-fixes).
net: marvell: prestera: fix incorrect return of port_find (git-fixes).
net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (git-fixes).
net: mscc: ocelot: fix backwards compatibility with single-chain tc-flower offload (git-fixes).
net: mscc: ocelot: fix mutex lock error during ethtool stats read (git-fixes).
net: mscc: ocelot: fix using match before it is set (git-fixes).
net: mv643xx_eth: process retval from of_get_mac_address (git-fixes).
net: mvpp2: fix XDP rx queues registering (git-fixes).
net: phy: Do not trigger state machine while in suspend (git-fixes).
net: phylink: Force link down and retrigger resolve on interface change (git-fixes).
net: phylink: Force retrigger in case of latched link-fail indicator (git-fixes).
net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).
net: sfp: fix high power modules without diagnostic monitoring (git-fixes).
net: sfp: ignore disabled SFP node (git-fixes).
net: sparx5: Fix add vlan when invalid operation (git-fixes).
net: sparx5: Fix get_stat64 crash in tcpdump (git-fixes).
net: stmmac: Add platform level debug register dump feature (git-fixes).
net: stmmac: Avoid DMA_CHAN_CONTROL write if no Split Header support (git-fixes).
net: stmmac: configure PTP clock source prior to PTP initialization (git-fixes).
net: stmmac: dump gmac4 DMA registers correctly (git-fixes).
net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup (git-fixes).
net: stmmac: dwmac-visconti: Fix bit definitions for ETHER_CLK_SEL (git-fixes).
net: stmmac: dwmac-visconti: Fix clock configuration for RMII mode (git-fixes).
net: stmmac: dwmac-visconti: Fix value of ETHER_CLK_SEL_FREQ_SEL_2P5M (git-fixes).
net: stmmac: dwmac-visconti: No change to ETHER_CLOCK_SEL for unexpected speed request (git-fixes).
net: stmmac: ensure PTP time register reads are consistent (git-fixes).
net: stmmac: fix return value of __setup handler (git-fixes).
net: stmmac: fix tc flower deletion for VLAN priority Rx steering (git-fixes).
net: stmmac: properly handle with runtime pm in stmmac_dvr_remove() (git-fixes).
net: stmmac: ptp: fix potentially overflowing expression (git-fixes).
net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls (git-fixes).
net: stmmac: skip only stmmac_ptp_register when resume from suspend (git-fixes).
net: sxgbe: fix return value of __setup handler (git-fixes).
net: systemport: Add global locking for descriptor lifecycle (git-fixes).
net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
netdevsim: do not overwrite read only ethtool parms (git-fixes).
nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
nvme: add APIs for stopping/starting admin queue (bsc#1201651).
nvme: apply nvme API to quiesce/unquiesce admin queue (bsc#1201651).
nvme: loop: clear NVME_CTRL_ADMIN_Q_STOPPED after admin queue is reallocated (bsc#1201651).
nvme: paring quiesce/unquiesce (bsc#1201651).
nvme: prepare for pairing quiescing and unquiescing (bsc#1201651).
nvme: wait until quiesce is done (bsc#1201651).
octeontx2-af: Do not fixup all VF action entries (git-fixes).
octeontx2-af: Fix a memleak bug in rvu_mbox_init() (git-fixes).
octeontx2-af: cn10k: Do not enable RPM loopback for LPC interfaces (git-fixes).
octeontx2-pf: Forward error codes to VF (git-fixes).
page_alloc: fix invalid watemark check on a negative value (git fixes (mm/pgalloc)).
perf/amd/ibs: Add support for L3 miss filtering (jsc#SLE-24578).
perf/amd/ibs: Advertise zen4_ibs_extensions as pmu capability attribute (jsc#SLE-24578).
perf/amd/ibs: Cascade pmu init functions' return value (jsc#SLE-24578).
perf/amd/ibs: Use ->is_visible callback for dynamic attributes (jsc#SLE-24578).
pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() (git-fixes).
pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).
pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).
posix_cpu_timers: fix race between exit_itimers() and /proc/pid/timers (git-fixes).
power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe (git-fixes).
powerpc/mobility: wait for memory transfer to complete (bsc#1201846 ltc#198761).
powerpc/pseries/mobility: set NMI watchdog factor during an LPM (bsc#1201846 ltc#198761).
powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846 ltc#198761).
ppp: ensure minimum packet size in ppp_write() (git-fixes).
qede: validate non LSO skb length (git-fixes).
r8152: fix a WOL issue (git-fixes).
r8169: fix accessing unset transport header (git-fixes).
random: document add_hwgenerator_randomness() with other input functions (git-fixes).
random: fix typo in comments (git-fixes).
raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).
reset: Fix devm bulk optional exclusive control getter (git-fixes).
rocker: fix a sleeping in atomic bug (git-fixes).
rpm/modules.fips: add ecdsa_generic (jsc#SLE-21132,bsc#1201258).
sched/core: Do not requeue task on CPU excluded from cpus_mask (bnc#1199356).
scsi: avoid to quiesce sdev->request_queue two times (bsc#1201651).
scsi: core: sd: Add silence_suspend flag to suppress some PM messages (git-fixes).
scsi: iscsi: Exclude zero from the endpoint ID range (git-fixes).
scsi: lpfc: Fix mailbox command failure during driver initialization (git-fixes).
scsi: make sure that request queue queiesce and unquiesce balanced (bsc#1201651).
scsi: scsi_debug: Do not call kcalloc() if size arg is zero (git-fixes).
scsi: scsi_debug: Fix type in min_t to avoid stack OOB (git-fixes).
scsi: scsi_debug: Fix zone transition to full condition (git-fixes).
scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).
scsi: sd: Fix potential NULL pointer dereference (git-fixes).
scsi: sd: Fix sd_do_mode_sense() buffer length handling (git-fixes).
scsi: ufs: Fix a deadlock in the error handler (git-fixes).
scsi: ufs: Fix runtime PM messages never-ending cycle (git-fixes).
scsi: ufs: Remove dead code (git-fixes).
scsi: ufs: core: scsi_get_lba() error fix (git-fixes).
serial: 8250: Fix PM usage_count for console handover (git-fixes).
serial: 8250: fix return error code in serial8250_request_std_resource() (git-fixes).
serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).
serial: sc16is7xx: Clear RS485 bits in the shutdown (git-fixes).
serial: stm32: Clear prev values before setting RTS delays (git-fixes).
soc: ixp4xx/npe: Fix unused match warning (git-fixes).
spi: Add Tegra234 QUAD SPI compatible (jsc#SLE-24570)
spi: amd: Limit max transfer and message size (git-fixes).
spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers (git-fixes).
spi: tegra210-quad: add acpi support (jsc#SLE-24570)
spi: tegra210-quad: add new chips to compatible (jsc#SLE-24570)
spi: tegra210-quad: combined sequence mode (jsc#SLE-24570)
spi: tegra210-quad: use device_reset method (jsc#SLE-24570)
spi: tegra210-quad: use devm call for cdata memory (jsc#SLE-24570)
supported.conf: mark marvell octeontx2 crypto driver as supported (jsc#SLE-24682) Mark rvu_cptpf.ko and rvu_cptvf.ko as supported.
supported.conf: rvu_mbox as supported (jsc#SLE-24682)
sysctl: Fix data races in proc_dointvec() (git-fixes).
sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
sysctl: Fix data races in proc_douintvec() (git-fixes).
sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
sysctl: Fix data races in proc_doulongvec_minmax() (git-fixes).
sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).
sysctl: Fix data-races in proc_dou8vec_minmax() (git-fixes).
tee: fix put order in teedev_close_context() (git-fixes).
tty: serial: samsung_tty: set dma burst_size to 1 (git-fixes).
tun: fix bonding active backup with arp monitoring (git-fixes).
usb: dwc3: gadget: Fix event pending check (git-fixes).
usb: serial: ftdi_sio: add Belimo device ids (git-fixes).
usb: typec: add missing uevent when partner support PD (git-fixes).
usbnet: fix memory leak in error case (git-fixes).
veth: Do not record rx queue hint in veth_xmit (git-fixes).
veth: ensure skb entering GRO are not cloned (git-fixes).
video: of_display_timing.h: include errno.h (git-fixes).
virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
virtio_mmio: Restore guest page size on resume (git-fixes).
vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit (git-fixes).
vt: fix memory overlapping when deleting chars in the buffer (git-fixes).
watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).
wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).
wifi: mac80211_hwsim: set virtio device ready in probe() (git-fixes).
x86/bugs: Remove apostrophe typo (bsc#1190497).

Advisory ID	SUSE-RU-2022:2844-1
Released	Thu Aug 18 14:41:25 2022
Summary	Recommended update for tar
Type	recommended
Severity	important
References	1202436

Description:

This update for tar fixes the following issues:

A regression in a previous update lead to potential deadlocks when extracting an archive. (bsc#1202436)

SUSE-IU-2022:967-1

Container Advisory ID	SUSE-IU-2022:967-1
Container Tags	sles-15-sp4-chost-byos-v20220721-x86-64:20220721
Container Release

The following patches have been included in this update:

SUSE-IU-2022:955-1

Container Advisory ID	SUSE-IU-2022:955-1
Container Tags	sles-15-sp4-chost-byos-v20220718-x86-64:20220718
Container Release

The following patches have been included in this update:

Advisory ID	SUSE-SU-2022:2294-1
Released	Wed Jul 6 13:34:15 2022
Summary	Security update for expat
Type	security
Severity	important
References	1196025,1196026,1196168,1196169,1196171,1196784,CVE-2022-25235,CVE-2022-25236,CVE-2022-25313,CVE-2022-25314,CVE-2022-25315

Description:

This update for expat fixes the following issues:

CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).

Advisory ID	SUSE-SU-2022:2296-1
Released	Wed Jul 6 13:35:00 2022
Summary	Security update for xen
Type	security
Severity	important
References	1027519,1199965,1199966,CVE-2022-26362,CVE-2022-26363,CVE-2022-26364

Description:

This update for xen fixes the following issues:

CVE-2022-26362: Fixed race condition in typeref acquisition (bsc#1199965)
CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (bsc#1199966)

Advisory ID	SUSE-RU-2022:2300-1
Released	Wed Jul 6 13:36:19 2022
Summary	Recommended update for open-iscsi
Type	recommended
Severity	moderate
References	1198457,1199264

Description:

This update for open-iscsi fixes the following issues:

Set initiatorname in %post (at end of install), for cases where root is read-only at startup time (bsc#1198457)

Update to latest upstream, including: Added 'distclean' to Makefile targets. Ensure Makefile '.PHONY' targets set up correctly. Fix an iscsid logout bug generating a false error and cleanup logout error messages. Updated/fixed test script. Updated build system. Syntax error in ibft-rule-generator. (bsc#1199264)

Advisory ID	SUSE-SU-2022:2305-1
Released	Wed Jul 6 13:38:42 2022
Summary	Security update for curl
Type	security
Severity	important
References	1200734,1200735,1200736,1200737,CVE-2022-32205,CVE-2022-32206,CVE-2022-32207,CVE-2022-32208

Description:

This update for curl fixes the following issues:

CVE-2022-32205: Set-Cookie denial of service (bsc#1200734)
CVE-2022-32206: HTTP compression denial of service (bsc#1200735)
CVE-2022-32207: Unpreserved file permissions (bsc#1200736)
CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)

Advisory ID	SUSE-SU-2022:2307-1
Released	Wed Jul 6 14:04:19 2022
Summary	Security update for ldb, samba
Type	security
Severity	moderate
References	1080338,1118508,1173429,1195896,1196224,1196308,1196788,1197995,1198255,1199247,1199362,CVE-2021-3670

Description:

This update for ldb, samba fixes the following issues:
ldb was updated to version 2.4.2 to fix:

Fix for CVE-2021-3670, ensure that the LDB request has not timed out during filter processing as the LDAP server MaxQueryDuration is otherwise not honoured.

samba was updated to fix:

Revert NIS support removal; (bsc#1199247);

Use requires_eq macro to require the libldb2 version available at samba-dsdb-modules build time; (bsc#1199362);

Add missing samba-client requirement to samba-winbind package; (bsc#1198255);

Update to 4.15.7

Share and server swapped in smbget password prompt; (bso#14831);
Durable handles won't reconnect if the leased file is written to; (bso#15022);
rmdir silently fails if directory contains unreadable files and hide unreadable is yes; (bso#15023);
SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle; (bso#15038);
vfs_shadow_copy2 breaks 'smbd async dosmode' sync fallback; (bso#14957);
shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes; (bso#15035);
PAM Kerberos authentication incorrectly fails with a clock skew error; (bso#15046);
username map - samba erroneously applies unix group memberships to user account entries; (bso#15041);
NT_STATUS_ACCESS_DENIED translates into EPERM instead of EACCES in SMBC_server_internal; (bso#14983);
Simple bind doesn't work against an RODC (with non-preloaded users); (bso#13879);
Crash of winbind on RODC; (bso#14641);
uncached logon on RODC always fails once; (bso#14865);
KVNO off by 100000; (bso#14951);
LDAP simple binds should honour 'old password allowed period'; (bso#15001);
wbinfo -a doesn't work reliable with upn names; (bso#15003);
Simple bind doesn't work against an RODC (with non-preloaded users); (bso#13879);
Uninitialized litemask in variable in vfs_gpfs module; (bso#15027);
Regression: create krb5 conf = yes doesn't work with a single KDC; (bso#15016);

Add provides to samba-client-libs package to fix upgrades from previous versions; (bsc#1197995);

Add missing samba-libs requirement to samba-winbind package; (bsc#1198255);

Update to 4.15.6

Renaming file on DFS root fails with NT_STATUS_OBJECT_PATH_NOT_FOUND; (bso#14169);
Samba does not response STATUS_INVALID_PARAMETER when opening 2 objects with same lease key; (bso#14737);
NT error code is not set when overwriting a file during rename in libsmbclient; (bso#14938);
Fix ldap simple bind with TLS auditing; (bso#14996);
net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674);
Problem when winbind renews Kerberos; (bso#14979); (bsc#1196224);
pam_winbind will not allow gdm login if password about to expire; (bso#8691);
virusfilter_vfs_openat: Not scanned: Directory or special file; (bso#14971);
DFS fix for AIX broken; (bso#13631);
Solaris and AIX acl modules: wrong function arguments; (bso#14974);
Function aixacl_sys_acl_get_file not declared / coredump; (bso#7239);
Regression: Samba 4.15.2 on macOS segfaults intermittently during strcpy in tdbsam_getsampwnam; (bso#14900);
Fix a use-after-free in SMB1 server; (bso#14989);
smb2_signing_decrypt_pdu() may not decrypt with gnutls_aead_cipher_decrypt() from gnutls before 3.5.2; (bso#14968);
Changing the machine password against an RODC likely destroys the domain join; (bso#14984);
authsam_make_user_info_dc() steals memory from its struct ldb_message *msg argument; (bso#14993);
Use Heimdal 8.0 (pre) rather than an earlier snapshot; (bso#14995);
Samba autorid fails to map AD users if id rangesize fits in the id range only once; (bso#14967);

Other SUSE fixes:

Fix mismatched version of libldb2; (bsc#1196788).
Drop obsolete SuSEfirewall2 service files.
Drop obsolete Samba fsrvp v0->v1 state upgrade functionality; (bsc#1080338).
Fix ntlm authentications with 'winbind use default domain = yes'; (bso#13126); (bsc#1173429); (bsc#1196308).
Fix samba-ad-dc status warning notification message by disabling systemd notifications in bgqd; (bsc#1195896); (bso#14947).
libldb version mismatch in Samba dsdb component; (bsc#1118508);

Advisory ID	SUSE-SU-2022:2308-1
Released	Wed Jul 6 14:15:13 2022
Summary	Security update for openssl-1_1
Type	security
Severity	important
References	1185637,1199166,1200550,1201099,CVE-2022-1292,CVE-2022-2068,CVE-2022-2097

Description:

This update for openssl-1_1 fixes the following issues:

CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).
CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)
CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099).

Advisory ID	SUSE-RU-2022:2323-1
Released	Thu Jul 7 12:16:58 2022
Summary	Recommended update for systemd-presets-branding-SLE
Type	recommended
Severity	low
References

Description:

This update for systemd-presets-branding-SLE fixes the following issues:

Enable suseconnect-keepalive.timer for SUSEConnect (jsc#SLE-23312)

Advisory ID	SUSE-SU-2022:2341-1
Released	Fri Jul 8 16:09:12 2022
Summary	Security update for containerd, docker and runc
Type	security
Severity	important
References	1192051,1199460,1199565,1200088,1200145,CVE-2022-29162,CVE-2022-31030

Description:

This update for containerd, docker and runc fixes the following issues:
containerd:

CVE-2022-31030: Fixed denial of service via invocation of the ExecSync API (bsc#1200145)

docker:

Update to Docker 20.10.17-ce. See upstream changelog online at https://docs.docker.com/engine/release-notes/#201017. (bsc#1200145)

runc:
Update to runc v1.1.3.
Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.3.

Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on s390 and s390x. This solves the issue where syscalls the host kernel did not support would return `-EPERM` despite the existence of the `-ENOSYS` stub code (this was due to how s390x does syscall multiplexing).
Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as intended; this fix does not affect runc binary itself but is important for libcontainer users such as Kubernetes.
Inability to compile with recent clang due to an issue with duplicate constants in libseccomp-golang.
When using systemd cgroup driver, skip adding device paths that don't exist, to stop systemd from emitting warnings about those paths.
Socket activation was failing when more than 3 sockets were used.
Various CI fixes.
Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container.
Fixed issues with newer syscalls (namely faccessat2) on older kernels on s390(x) caused by that platform's syscall multiplexing semantics. (bsc#1192051 bsc#1199565)

Update to runc v1.1.2.
Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.2.
Security issue fixed:

CVE-2022-29162: A bug was found in runc where runc exec --cap executed processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment. (bsc#1199460)

`runc spec` no longer sets any inheritable capabilities in the created example OCI spec (`config.json`) file.

Update to runc v1.1.1.
Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.1.

runc run/start can now run a container with read-only /dev in OCI spec, rather than error out. (#3355)
runc exec now ensures that --cgroup argument is a sub-cgroup. (#3403) libcontainer systemd v2 manager no longer errors out if one of the files listed in /sys/kernel/cgroup/delegate do not exist in container's cgroup. (#3387, #3404)
Loosen OCI spec validation to avoid bogus 'Intel RDT is not supported' error. (#3406)
libcontainer/cgroups no longer panics in cgroup v1 managers if stat of /sys/fs/cgroup/unified returns an error other than ENOENT. (#3435)

Update to runc v1.1.0.
Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.0.

libcontainer will now refuse to build without the nsenter package being correctly compiled (specifically this requires CGO to be enabled). This should avoid folks accidentally creating broken runc binaries (and incorrectly importing our internal libraries into their projects). (#3331)

Update to runc v1.1.0~rc1.
Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.0-rc.1.

Add support for RDMA cgroup added in Linux 4.11.
runc exec now produces exit code of 255 when the exec failed. This may help in distinguishing between runc exec failures (such as invalid options, non-running container or non-existent binary etc.) and failures of the command being executed.
runc run: new --keep option to skip removal exited containers artefacts. This might be useful to check the state (e.g. of cgroup controllers) after the container hasexited.
seccomp: add support for SCMP_ACT_KILL_PROCESS and SCMP_ACT_KILL_THREAD (the latter is just an alias for SCMP_ACT_KILL).
seccomp: add support for SCMP_ACT_NOTIFY (seccomp actions). This allows users to create sophisticated seccomp filters where syscalls can be efficiently emulated by privileged processes on the host.
checkpoint/restore: add an option (--lsm-mount-context) to set a different LSM mount context on restore.
intelrdt: support ClosID parameter.
runc exec --cgroup: an option to specify a (non-top) in-container cgroup to use for the process being executed.
cgroup v1 controllers now support hybrid hierarchy (i.e. when on a cgroup v1 machine a cgroup2 filesystem is mounted to /sys/fs/cgroup/unified, runc run/exec now adds the container to the appropriate cgroup under it).
sysctl: allow slashes in sysctl names, to better match sysctl(8)'s behaviour.
mounts: add support for bind-mounts which are inaccessible after switching the user namespace. Note that this does not permit the container any additional access to the host filesystem, it simply allows containers to have bind-mounts configured for paths the user can access but have restrictive access control settings for other users.
Add support for recursive mount attributes using mount_setattr(2). These have the same names as the proposed mount(8) options -- just prepend r to the option name (such as rro).
Add runc features subcommand to allow runc users to detect what features runc has been built with. This includes critical information such as supported mount flags, hook names, and so on. Note that the output of this command is subject to change and will not be considered stable until runc 1.2 at the earliest. The runtime-spec specification for this feature is being developed in opencontainers/runtime-spec#1130.
system: improve performance of /proc/$pid/stat parsing.
cgroup2: when /sys/fs/cgroup is configured as a read-write mount, change the ownership of certain cgroup control files (as per /sys/kernel/cgroup/delegate) to allow for proper deferral to the container process.
runc checkpoint/restore: fixed for containers with an external bind mount which destination is a symlink.
cgroup: improve openat2 handling for cgroup directory handle hardening. runc delete -f now succeeds (rather than timing out) on a paused container.
runc run/start/exec now refuses a frozen cgroup (paused container in case of exec). Users can disable this using --ignore-paused.
Update version data embedded in binary to correctly include the git commit of the release.

Advisory ID	SUSE-SU-2022:2357-1
Released	Mon Jul 11 20:34:20 2022
Summary	Security update for python3
Type	security
Severity	important
References	1198511,CVE-2015-20107

Description:

This update for python3 fixes the following issues:

CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).

Advisory ID	SUSE-RU-2022:2358-1
Released	Tue Jul 12 04:21:59 2022
Summary	Recommended update for augeas
Type	recommended
Severity	moderate
References	1197443

Description:

This update for augeas fixes the following issues:

Fix handling of keywords in new sysctl.conf (bsc#1197443)

Advisory ID	SUSE-SU-2022:2360-1
Released	Tue Jul 12 12:01:39 2022
Summary	Security update for pcre2
Type	security
Severity	important
References	1199232,CVE-2022-1586

Description:

This update for pcre2 fixes the following issues:

CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

Advisory ID	SUSE-SU-2022:2361-1
Released	Tue Jul 12 12:05:01 2022
Summary	Security update for pcre
Type	security
Severity	important
References	1199232,CVE-2022-1586

Description:

This update for pcre fixes the following issues:

CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

Advisory ID	SUSE-SU-2022:2378-1
Released	Wed Jul 13 10:27:03 2022
Summary	Security update for cifs-utils
Type	security
Severity	important
References	1197216,CVE-2022-27239

Description:

This update for cifs-utils fixes the following issues:

CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).

Advisory ID	SUSE-SU-2022:2396-1
Released	Thu Jul 14 11:57:58 2022
Summary	Security update for logrotate
Type	security
Severity	important
References	1192449,1199652,1200278,1200802,CVE-2022-1348

Description:

This update for logrotate fixes the following issues:
Security issues fixed:

CVE-2022-1348: Fixed insecure permissions for state file creation (bsc#1199652).
Improved coredump handing for SUID binaries (bsc#1192449).

Non-security issues fixed:

Fixed 'logrotate emits unintended warning: keyword size not properly separated, found 0x3d' (bsc#1200278, bsc#1200802).

Advisory ID	SUSE-RU-2022:2406-1
Released	Fri Jul 15 11:49:01 2022
Summary	Recommended update for glibc
Type	recommended
Severity	moderate
References	1197718,1199140,1200334,1200855

Description:

This update for glibc fixes the following issues:

powerpc: Fix VSX register number on __strncpy_power9 (bsc#1200334)
Disable warnings due to deprecated libselinux symbols used by nss and nscd (bsc#1197718)
i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bsc#1197718)
rtld: Avoid using up static TLS surplus for optimizations (bsc#1200855, BZ #25051)

This readds the s390 32bit glibc and libcrypt1 libraries (glibc-32bit, glibc-locale-base-32bit, libcrypt1-32bit).

Advisory ID	SUSE-RU-2022:2426-1
Released	Mon Jul 18 09:27:51 2022
Summary	Recommended update for rsyslog
Type	recommended
Severity	moderate
References	1198939

Description:

This update for rsyslog fixes the following issues:

Remove inotify watch descriptor in imfile on inode change detected (bsc#1198939)

SUSE-IU-2022:741-1

Container Advisory ID	SUSE-IU-2022:741-1
Container Tags	sles-15-sp4-chost-byos-v20220620-x86-64:20220620
Container Release

The following patches have been included in this update:

Advisory ID	SUSE-RU-2018:1332-1
Released	Tue Jul 17 09:01:19 2018
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1073299,1093392

Description:

This update for timezone provides the following fixes:

North Korea switches back from +0830 to +09 on 2018-05-05.
Ireland's standard time is in the summer, with negative DST offset to standard time used in Winter. (bsc#1073299)
yast2-country is no longer setting TIMEZONE in /etc/sysconfig/clock and is calling systemd timedatectl instead. Do not set /etc/localtime on timezone package updates to avoid setting an incorrect timezone. (bsc#1093392)

Advisory ID	SUSE-SU-2018:1476-1
Released	Thu Aug 2 14:20:03 2018
Summary	Security update for cups
Type	security
Severity	moderate
References	1096405,1096406,1096407,1096408,CVE-2018-4180,CVE-2018-4181,CVE-2018-4182,CVE-2018-4183

Description:

This update for cups fixes the following issues:
The following security vulnerabilities were fixed:

Fixed a local privilege escalation to root and sandbox bypasses in the scheduler
CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405)
CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406)
CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407)
CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408)

Advisory ID	SUSE-RU-2018:1756-1
Released	Fri Aug 24 17:12:55 2018
Summary	Recommended update for growpart
Type	recommended
Severity	moderate
References	1097455,1098681

Description:

This update for growpart provides the following fix:

Support btrfs resize and handle ro setup in rootgrow. (bsc#1097455, bsc#1098681)

Advisory ID	SUSE-RU-2018:1804-1
Released	Fri Aug 31 13:02:24 2018
Summary	Recommended update for docker
Type	recommended
Severity	moderate
References	1065609,1073877,1099277,1100727

Description:

This update for docker fixes the following issues:

Build the client binary with -buildmode=pie to fix issues on POWER. (bsc#1100727)
Fix an issue where changed AppArmor profiles don't actually get applied on Docker daemon reboot. (bsc#1099277)
Update to AppArmor patch so that signal mediation also works for signals between in-container processes. (bsc#1073877)
Do not log incorrect warnings when attempting to inject non-existent host files. (bsc#1065609)

Advisory ID	SUSE-RU-2018:1999-1
Released	Tue Sep 25 08:20:35 2018
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1071321

Description:

This update for zlib provides the following fixes:

Speedup zlib on power8. (fate#325307)
Add safeguard against negative values in uInt. (bsc#1071321)

Advisory ID	SUSE-SU-2018:2340-1
Released	Fri Oct 19 16:05:53 2018
Summary	Security update for fuse
Type	security
Severity	moderate
References	1101797,CVE-2018-10906

Description:

This update for fuse fixes the following issues:

CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects (bsc#1101797)

Advisory ID	SUSE-RU-2018:2370-1
Released	Mon Oct 22 14:02:01 2018
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1102310,1104531

Description:

This update for aaa_base provides the following fixes:

Let bash.bashrc work even for (m)ksh. (bsc#1104531)
Fix an error at login if java system directory is empty. (bsc#1102310)

Advisory ID	SUSE-RU-2018:2463-1
Released	Thu Oct 25 14:48:34 2018
Summary	Recommended update for timezone, timezone-java
Type	recommended
Severity	moderate
References	1104700,1112310

Description:

This update for timezone, timezone-java fixes the following issues:
The timezone database was updated to 2018f:

Volgograd moves from +03 to +04 on 2018-10-28.
Fiji ends DST 2019-01-13, not 2019-01-20.
Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700)
Corrections to past timestamps of DST transitions
Use 'PST' and 'PDT' for Philippine time
minor code changes to zic handling of the TZif format
documentation updates

Other bugfixes:

Fixed a zic problem with the 1948-1951 DST transition in Japan (bsc#1112310)

Advisory ID	SUSE-RU-2018:2550-1
Released	Wed Oct 31 16:16:56 2018
Summary	Recommended update for timezone, timezone-java
Type	recommended
Severity	moderate
References	1113554

Description:

This update provides the latest time zone definitions (2018g), including the following change:

Morocco switched from +00/+01 to permanent +01 effective 2018-10-28 (bsc#1113554)

Advisory ID	SUSE-RU-2018:2569-1
Released	Fri Nov 2 19:00:18 2018
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1110700

Description:

This update for pam fixes the following issues:

Remove limits for nproc from /etc/security/limits.conf (bsc#1110700)

Advisory ID	SUSE-RU-2018:2607-1
Released	Wed Nov 7 15:42:48 2018
Summary	Optional update for gcc8
Type	recommended
Severity	low
References	1084812,1084842,1087550,1094222,1102564

Description:

The GNU Compiler GCC 8 is being added to the Development Tools Module by this update.
The update also supplies gcc8 compatible libstdc++, libgcc_s1 and other gcc derived libraries for the Basesystem module of SUSE Linux Enterprise 15.
Various optimizers have been improved in GCC 8, several of bugs fixed, quite some new warnings added and the error pin-pointing and fix-suggestions have been greatly improved.
The GNU Compiler page for GCC 8 contains a summary of all the changes that have happened:
https://gcc.gnu.org/gcc-8/changes.html
Also changes needed or common pitfalls when porting software are described on:
https://gcc.gnu.org/gcc-8/porting_to.html

Advisory ID	SUSE-RU-2018:2641-1
Released	Mon Nov 12 20:39:30 2018
Summary	Recommended update for nfsidmap
Type	recommended
Severity	moderate
References	1098217

Description:

This update for nfsidmap fixes the following issues:

Improve support for SAMBA with Active Directory. (bsc#1098217)

Advisory ID	SUSE-RU-2018:2742-1
Released	Thu Nov 22 13:28:36 2018
Summary	Recommended update for rpcbind
Type	recommended
Severity	moderate
References	969953

Description:

This update for rpcbind fixes the following issues:

Fix tool stack buffer overflow aborting (bsc#969953)

Advisory ID	SUSE-SU-2018:2825-1
Released	Mon Dec 3 15:35:02 2018
Summary	Security update for pam
Type	security
Severity	important
References	1115640,CVE-2018-17953

Description:

This update for pam fixes the following issue:
Security issue fixed:

CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified (bsc#1115640).

Advisory ID	SUSE-SU-2018:2861-1
Released	Thu Dec 6 14:32:01 2018
Summary	Security update for ncurses
Type	security
Severity	important
References	1103320,1115929,CVE-2018-19211

Description:

This update for ncurses fixes the following issues:
Security issue fixed:

CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).

Non-security issue fixed:

Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320).

Advisory ID	SUSE-SU-2018:2882-1
Released	Mon Dec 10 08:07:44 2018
Summary	Security update for cups
Type	security
Severity	important
References	1115750,CVE-2018-4700

Description:

This update for cups fixes the following issues:
Security issue fixed:

CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface (bsc#1115750).

Advisory ID	SUSE-SU-2018:3064-1
Released	Fri Dec 28 18:39:08 2018
Summary	Security update for containerd, docker and go
Type	security
Severity	important
References	1047218,1074971,1080978,1081495,1084533,1086185,1094680,1095817,1098017,1102522,1104821,1105000,1108038,1113313,1113978,1114209,1118897,1118898,1118899,1119634,1119706,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2018-7187

Description:

This update for containerd, docker and go fixes the following issues:
containerd and docker:

Add backport for building containerd (bsc#1102522, bsc#1113313)
Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce. (bsc#1102522)
Enable seccomp support on SLE12 (fate#325877)
Update to containerd v1.1.1, which is the required version for the Docker v18.06.0-ce upgrade. (bsc#1102522)
Put containerd under the podruntime slice (bsc#1086185)
3rd party registries used the default Docker certificate (bsc#1084533)
Handle build breakage due to missing 'export GOPATH' (caused by resolution of boo#1119634). I believe Docker is one of the only packages with this problem.

go:

golang: arbitrary command execution via VCS path (bsc#1081495, CVE-2018-7187)
Make profile.d/go.sh no longer set GOROOT=, in order to make switching between versions no longer break. This ends up removing the need for go.sh entirely (because GOPATH is also set automatically) (boo#1119634)
Fix a regression that broke go get for import path patterns containing '...' (bsc#1119706)

Additionally, the package go1.10 has been added.

Advisory ID	SUSE-RU-2019:32-1
Released	Tue Jan 8 13:03:20 2019
Summary	Recommended update for librdkafka
Type	recommended
Severity	moderate
References	1119963

Description:

This update ships librdkafka 0.11.6 to SUSE Linux Enterprise Server 15.
librdkafka is a C library implementation of the Apache Kafka protocol, containing both Producer and Consumer support.

Advisory ID	SUSE-RU-2019:44-1
Released	Tue Jan 8 13:07:32 2019
Summary	Recommended update for acl
Type	recommended
Severity	low
References	953659

Description:

This update for acl fixes the following issues:

test: Add helper library to fake passwd/group files.
quote: Escape literal backslashes. (bsc#953659)

Advisory ID	SUSE-RU-2019:82-1
Released	Fri Jan 11 17:16:48 2019
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1044232

Description:

This update for suse-build-key fixes the following issues:

Include the SUSE PTF GPG key in the key directory to avoid it being stripped via %doc stripping in CAASP. (bsc#1044232)

Advisory ID	SUSE-SU-2019:93-1
Released	Tue Jan 15 14:48:33 2019
Summary	Security update for wget
Type	security
Severity	important
References	1120382,CVE-2018-20483

Description:

This update for wget fixes the following issues:
Security issue fixed:

CVE-2018-20483: Fixed an information disclosure through file metadata (bsc#1120382)

Advisory ID	SUSE-RU-2019:102-1
Released	Tue Jan 15 18:02:58 2019
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1120402

Description:

This update for timezone fixes the following issues:

Update 2018i: São Tomé and Príncipe switches from +01 to +00 on 2019-01-01. (bsc#1120402)
Update 2018h: Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21 New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move Metlakatla, Alaska observes PST this winter only Guess Morocco will continue to adjust clocks around Ramadan Add predictions for Iran from 2038 through 2090

Advisory ID	SUSE-SU-2019:247-1
Released	Wed Feb 6 07:18:45 2019
Summary	Security update for lua53
Type	security
Severity	moderate
References	1123043,CVE-2019-6706

Description:

This update for lua53 fixes the following issues:
Security issue fixed:

CVE-2019-6706: Fixed a use-after-free bug in the lua_upvaluejoin function of lapi.c (bsc#1123043)

Advisory ID	SUSE-SU-2019:286-1
Released	Thu Feb 7 13:45:27 2019
Summary	Security update for docker
Type	security
Severity	moderate
References	1001161,1112980,1115464,1118897,1118898,1118899,1118990,1121412,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875

Description:

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues:
Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork:

CVE-2018-16873: cmd/go: remote command execution during 'go get -u' (bsc#1118897)
CVE-2018-16874: cmd/go: directory traversal in 'go get' via curly braces in import paths (bsc#1118898)
CVE-2018-16875: crypto/x509: CPU denial of service (bsc#1118899)

Non-security issues fixed for docker:

Disable leap based builds for kubic flavor (bsc#1121412)
Allow users to explicitly specify the NIS domainname of a container (bsc#1001161)
Update docker.service to match upstream and avoid rlimit problems (bsc#1112980)
Allow docker images larger then 23GB (bsc#1118990)
Docker version update to version 18.09.0-ce (bsc#1115464)

Advisory ID	SUSE-SU-2019:495-1
Released	Tue Feb 26 16:42:35 2019
Summary	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Type	security
Severity	important
References	1048046,1051429,1114832,1118897,1118898,1118899,1121967,1124308,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2019-5736

Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:
Security issues fixed:

CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).
CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).
CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).
CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container breakout (bsc#1121967).

Other changes and fixes:

Update shell completion to use Group: System/Shells.
Add daemon.json file with rotation logs configuration (bsc#1114832)
Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
Update go requirements to >= go1.10
Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).
Remove the usage of 'cp -r' to reduce noise in the build logs.

Advisory ID	SUSE-SU-2019:571-1
Released	Thu Mar 7 18:13:46 2019
Summary	Security update for file
Type	security
Severity	moderate
References	1096974,1096984,1126117,1126118,1126119,CVE-2018-10360,CVE-2019-8905,CVE-2019-8906,CVE-2019-8907

Description:

This update for file fixes the following issues:
The following security vulnerabilities were addressed:

CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974)
CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118)
CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119)
CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117)

Advisory ID	SUSE-RU-2019:608-1
Released	Wed Mar 13 15:21:02 2019
Summary	Recommended update for cups
Type	recommended
Severity	moderate
References	1118118

Description:

This update for cups fixes the following issues:

Fixed validation of UTF-8 filenames to avoid crashes (bsc#1118118)

Advisory ID	SUSE-RU-2019:732-1
Released	Mon Mar 25 14:10:04 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1088524,1118364,1128246

Description:

This update for aaa_base fixes the following issues:

Restore old position of ssh/sudo source of profile (bsc#1118364).
Update logic for JRE_HOME env variable (bsc#1128246)

Advisory ID	SUSE-SU-2019:788-1
Released	Thu Mar 28 11:55:06 2019
Summary	Security update for sqlite3
Type	security
Severity	moderate
References	1119687,CVE-2018-20346

Description:

This update for sqlite3 to version 3.27.2 fixes the following issue:
Security issue fixed:

CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687).

Release notes: https://www.sqlite.org/releaselog/3_27_2.html

Advisory ID	SUSE-RU-2019:790-1
Released	Thu Mar 28 12:06:17 2019
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1130557

Description:

This update for timezone fixes the following issues:
timezone was updated 2019a:

Palestine 'springs forward' on 2019-03-30 instead of 2019-03-23
Metlakatla 'fell back' to rejoin Alaska Time on 2019-01-20 at 02:00
Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25)
zic now has an -r option to limit the time range of output data

Advisory ID	SUSE-SU-2019:925-1
Released	Wed Apr 10 16:32:50 2019
Summary	Security update for wget
Type	security
Severity	important
References	1131493,CVE-2019-5953

Description:

This update for wget fixes the following issues:
Security issue fixed:

CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution (bsc#1131493).

Advisory ID	SUSE-SU-2019:926-1
Released	Wed Apr 10 16:33:12 2019
Summary	Security update for tar
Type	security
Severity	moderate
References	1120610,1130496,CVE-2018-20482,CVE-2019-9923

Description:

This update for tar fixes the following issues:
Security issues fixed:

CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).

Advisory ID	SUSE-RU-2019:1002-1
Released	Wed Apr 24 10:13:34 2019
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1110304,1129576

Description:

This update for zlib fixes the following issues:

Fixes a segmentation fault error (bsc#1110304, bsc#1129576)

Advisory ID	SUSE-SU-2019:1040-1
Released	Thu Apr 25 17:09:21 2019
Summary	Security update for samba
Type	security
Severity	important
References	1114407,1124223,1125410,1126377,1131060,1131686,CVE-2019-3880

Description:

This update for samba fixes the following issues:
Security issue fixed:

CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).

ldb was updated to version 1.2.4 (bsc#1125410 bsc#1131686):

Out of bound read in ldb_wildcard_compare
Hold at most 10 outstanding paged result cookies
Put 'results_store' into a doubly linked list
Refuse to build Samba against a newer minor version of ldb

Non-security issues fixed:

Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377).
Abide to the load_printers parameter in smb.conf (bsc#1124223).
Provide the 32bit samba winbind PAM module and its dependend 32bit libraries.

Advisory ID	SUSE-SU-2019:1127-1
Released	Thu May 2 09:39:24 2019
Summary	Security update for sqlite3
Type	security
Severity	moderate
References	1130325,1130326,CVE-2019-9936,CVE-2019-9937

Description:

This update for sqlite3 to version 3.28.0 fixes the following issues:
Security issues fixed:

CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix queries inside transaction (bsc#1130326).
CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in a single transaction with an fts5 virtual table (bsc#1130325).

Advisory ID	SUSE-SU-2019:1234-1
Released	Tue May 14 18:31:52 2019
Summary	Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Type	security
Severity	important
References	1114209,1114832,1118897,1118898,1118899,1121397,1121967,1123013,1128376,1128746,1134068,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2019-5736,CVE-2019-6486

Description:

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:
Security issues fixed:

CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).
CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).
CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).
CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).
CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).

Other changes and bug fixes:

Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).
Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).
Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).
docker-test: Improvements to test packaging (bsc#1128746).
Move daemon.json file to /etc/docker directory (bsc#1114832).
Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209).
Fix go build failures (bsc#1121397).

Advisory ID	SUSE-RU-2019:1312-1
Released	Wed May 22 12:19:12 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1096191

Description:

This update for aaa_base fixes the following issue:
* Shell detection in /etc/profile and /etc/bash.bashrc was broken within AppArmor-confined containers (bsc#1096191)

Advisory ID	SUSE-SU-2019:1368-1
Released	Tue May 28 13:15:38 2019
Summary	Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
Type	security
Severity	important
References	1134524,CVE-2019-5021

Description:

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues:

CVE-2019-5021: Include an invalidated root password by default, not an empty one (bsc#1134524)

Advisory ID	SUSE-SU-2019:1372-1
Released	Tue May 28 16:53:28 2019
Summary	Security update for libtasn1
Type	security
Severity	moderate
References	1105435,CVE-2018-1000654

Description:

This update for libtasn1 fixes the following issues:
Security issue fixed:

CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435).

Advisory ID	SUSE-SU-2019:1398-1
Released	Fri May 31 12:54:22 2019
Summary	Security update for libpng16
Type	security
Severity	low
References	1100687,1121624,1124211,CVE-2018-13785,CVE-2019-7317

Description:

This update for libpng16 fixes the following issues:
Security issues fixed:

CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free() was called under png_safe_execute (bsc#1124211).
CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in pngrutil.c, which could haved triggered and integer overflow and result in an divide-by-zero while processing a crafted PNG file, leading to a denial of service (bsc#1100687)

Advisory ID	SUSE-SU-2019:1457-1
Released	Tue Jun 11 10:09:14 2019
Summary	Security update for vim
Type	security
Severity	important
References	1137443,CVE-2019-12735

Description:

This update for vim fixes the following issue:
Security issue fixed:

CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).

Advisory ID	SUSE-SU-2019:1562-1
Released	Wed Jun 19 09:16:07 2019
Summary	Security update for docker
Type	security
Severity	moderate
References	1096726,CVE-2018-15664

Description:

This update for docker fixes the following issues:
Security issue fixed:

CVE-2018-15664: Fixed an issue which could make docker cp vulnerable to symlink-exchange race attacks (bsc#1096726).

Advisory ID	SUSE-RU-2019:1616-1
Released	Fri Jun 21 11:04:39 2019
Summary	Recommended update for rpcbind
Type	recommended
Severity	moderate
References	1134659

Description:

This update for rpcbind fixes the following issues:

Change rpcbind locking path from /var/run/rpcbind.lock to /run/rpcbind.lock. (bsc#1134659)
Change the order of socket/service in the %postun scriptlet to avoid an error from rpcbind.socket when rpcbind is running during package update.

Advisory ID	SUSE-RU-2019:1631-1
Released	Fri Jun 21 11:17:21 2019
Summary	Recommended update for xz
Type	recommended
Severity	low
References	1135709

Description:

This update for xz fixes the following issues:
Add SUSE-Public-Domain licence as some parts of xz utils (liblzma, xz, xzdec, lzmadec, documentation, translated messages, tests, debug, extra directory) are in public domain licence [bsc#1135709]

Advisory ID	SUSE-RU-2019:1815-1
Released	Thu Jul 11 07:47:55 2019
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1140016

Description:

This update for timezone fixes the following issues:

Timezone update 2019b. (bsc#1140016): - Brazil no longer observes DST. - 'zic -b slim' outputs smaller TZif files. - Palestine's 2019 spring-forward transition was on 03-29, not 03-30. - Add info about the Crimea situation.

Advisory ID	SUSE-RU-2019:2001-1
Released	Fri Jul 26 18:09:41 2019
Summary	Recommended update for docker
Type	recommended
Severity	important
References	1138920

Description:

This update for docker fixes the following issues:

Mark daemon.json as %config(noreplace) to not overwrite it during installation (bsc#1138920)

Advisory ID	SUSE-SU-2019:2117-1
Released	Tue Aug 13 14:56:55 2019
Summary	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type	security
Severity	important
References	1100331,1121967,1138920,1139649,1142160,1142413,1143409,CVE-2018-10892,CVE-2019-13509,CVE-2019-14271,CVE-2019-5736

Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker:

CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).

Advisory ID	SUSE-RU-2019:2134-1
Released	Wed Aug 14 11:54:56 2019
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1136717,1137624,1141059,SLE-5807

Description:

This update for zlib fixes the following issues:

Update the s390 patchset. (bsc#1137624)
Tweak zlib-power8 to have type of crc32_vpmsum conform to usage. (bsc#1141059)
Use FAT LTO objects in order to provide proper static library.
Do not enable the previous patchset on s390 but just s390x. (bsc#1137624)
Add patchset for s390 improvements. (jsc#SLE-5807, bsc#1136717)

Advisory ID	SUSE-RU-2019:2188-1
Released	Wed Aug 21 10:10:29 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1140647

Description:

This update for aaa_base fixes the following issues:

Make systemd detection cgroup oblivious. (bsc#1140647)

Advisory ID	SUSE-RU-2019:2218-1
Released	Mon Aug 26 11:29:57 2019
Summary	Recommended update for pinentry
Type	recommended
Severity	moderate
References	1141883

Description:

This update for pinentry fixes the following issues:

Fix a dangling pointer in qt/main.cpp that caused crashes. (bsc#1141883)

Advisory ID	SUSE-RU-2019:2357-1
Released	Wed Sep 11 13:26:14 2019
Summary	Recommended update for lmdb
Type	recommended
Severity	moderate
References	1136132

Description:

This update for lmdb fixes the following issues:

Fix occasional crash when freed pages landed on the dirty list twice (bsc#1136132).

Advisory ID	SUSE-RU-2019:2423-1
Released	Fri Sep 20 16:41:45 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1146866,SLE-9132

Description:

This update for aaa_base fixes the following issues:
Added sysctl.d/51-network.conf to tighten network security (bsc#1146866) (jira#SLE-9132)
Following settings have been tightened (and set to 0):

net.ipv4.conf.all.accept_redirects
net.ipv4.conf.default.accept_redirects
net.ipv4.conf.default.accept_source_route
net.ipv6.conf.all.accept_redirects
net.ipv6.conf.default.accept_redirects

Advisory ID	SUSE-SU-2019:2533-1
Released	Thu Oct 3 15:02:50 2019
Summary	Security update for sqlite3
Type	security
Severity	moderate
References	1150137,CVE-2019-16168

Description:

This update for sqlite3 fixes the following issues:
Security issue fixed:

CVE-2019-16168: Fixed improper validation of sqlite_stat1 field that could lead to denial of service (bsc#1150137).

Advisory ID	SUSE-RU-2019:2693-1
Released	Wed Oct 16 16:43:30 2019
Summary	Recommended update for rpcbind
Type	recommended
Severity	moderate
References	1142343

Description:

This update for rpcbind fixes the following issues:

Return correct IP address with multiple ip addresses in the same subnet. (bsc#1142343)

Advisory ID	SUSE-RU-2019:2722-1
Released	Mon Oct 21 11:14:20 2019
Summary	Recommended update for pciutils-ids
Type	recommended
Severity	moderate
References	1127840,1133581

Description:

This is a version update for pciutils-ids to version 20190830 (bsc#1133581, bsc#1127840)

Advisory ID	SUSE-SU-2019:2730-1
Released	Mon Oct 21 16:04:57 2019
Summary	Security update for procps
Type	security
Severity	important
References	1092100,1121753,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124,CVE-2018-1125,CVE-2018-1126

Description:

This update for procps fixes the following issues:
procps was updated to 3.3.15. (bsc#1092100)
Following security issues were fixed:

CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100).
CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100).
CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100).
CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100).

Also this non-security issue was fixed:

Fix CPU summary showing old data. (bsc#1121753)

The update to 3.3.15 contains the following fixes:

library: Increment to 8:0:1 No removals, no new functions Changes: slab and pid structures
library: Just check for SIGLOST and don't delete it
library: Fix integer overflow and LPE in file2strvec CVE-2018-1124
library: Use size_t for alloc functions CVE-2018-1126
library: Increase comm size to 64
pgrep: Fix stack-based buffer overflow CVE-2018-1125
pgrep: Remove >15 warning as comm can be longer
ps: Fix buffer overflow in output buffer, causing DOS CVE-2018-1123
ps: Increase command name selection field to 64
top: Don't use cwd for location of config CVE-2018-1122
update translations
library: build on non-glibc systems
free: fix scaling on 32-bit systems
Revert 'Support running with child namespaces'
library: Increment to 7:0:1 No changes, no removals New fuctions: numa_init, numa_max_node, numa_node_of_cpu, numa_uninit, xalloc_err_handler
doc: Document I idle state in ps.1 and top.1
free: fix some of the SI multiples
kill: -l space between name parses correctly
library: dont use vm_min_free on non Linux
library: don't strip off wchan prefixes (ps & top)
pgrep: warn about 15+ char name only if -f not used
pgrep/pkill: only match in same namespace by default
pidof: specify separator between pids
pkill: Return 0 only if we can kill process
pmap: fix duplicate output line under '-x' option
ps: avoid eip/esp address truncations
ps: recognizes SCHED_DEADLINE as valid CPU scheduler
ps: display NUMA node under which a thread ran
ps: Add seconds display for cputime and time
ps: Add LUID field
sysctl: Permit empty string for value
sysctl: Don't segv when file not available
sysctl: Read and write large buffers
top: add config file support for XDG specification
top: eliminated minor libnuma memory leak
top: show fewer memory decimal places (configurable)
top: provide command line switch for memory scaling
top: provide command line switch for CPU States
top: provides more accurate cpu usage at startup
top: display NUMA node under which a thread ran
top: fix argument parsing quirk resulting in SEGV
top: delay interval accepts non-locale radix point
top: address a wishlist man page NLS suggestion
top: fix potential distortion in 'Mem' graph display
top: provide proper multi-byte string handling
top: startup defaults are fully customizable
watch: define HOST_NAME_MAX where not defined
vmstat: Fix alignment for disk partition format
watch: Support ANSI 39,49 reset sequences

Advisory ID	SUSE-RU-2019:2762-1
Released	Thu Oct 24 07:08:44 2019
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1150451

Description:

This update for timezone fixes the following issues:

Fiji observes DST from 2019-11-10 to 2020-01-12.
Norfolk Island starts observing Australian-style DST.

Advisory ID	SUSE-RU-2019:2777-1
Released	Thu Oct 24 16:13:20 2019
Summary	Recommended update for fipscheck
Type	recommended
Severity	moderate
References	1149792

Description:

This update for fipscheck fixes the following issues:

Remove #include of unused fips.h to fix build with OpenSSL 1.1.1 (bsc#1149792)

Advisory ID	SUSE-SU-2019:2782-1
Released	Fri Oct 25 14:27:52 2019
Summary	Security update for nfs-utils
Type	security
Severity	moderate
References	1150733,CVE-2019-3689

Description:

This update for nfs-utils fixes the following issues:

CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. (bsc#1150733)

Advisory ID	SUSE-SU-2019:2810-1
Released	Tue Oct 29 14:56:44 2019
Summary	Security update for runc
Type	security
Severity	moderate
References	1131314,1131553,1152308,CVE-2019-16884

Description:

This update for runc fixes the following issues:
Security issue fixed:

CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308)

Non-security issues fixed:

Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553).

Advisory ID	SUSE-RU-2019:2870-1
Released	Thu Oct 31 08:09:14 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1051143,1138869,1151023

Description:

This update for aaa_base provides the following fixes:

Check if variables can be set before modifying them to avoid warnings on login with a restricted shell. (bsc#1138869)
Add s390x compressed kernel support. (bsc#1151023)
service: Check if there is a second argument before using it. (bsc#1051143)

Advisory ID	SUSE-SU-2019:2997-1
Released	Mon Nov 18 15:16:38 2019
Summary	Security update for ncurses
Type	security
Severity	moderate
References	1103320,1154036,1154037,CVE-2019-17594,CVE-2019-17595

Description:

This update for ncurses fixes the following issues:
Security issues fixed:

CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function (bsc#1154036).
CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037).

Non-security issue fixed:

Removed screen.xterm from terminfo database (bsc#1103320).

Advisory ID	SUSE-SU-2019:3030-1
Released	Thu Nov 21 19:11:25 2019
Summary	Security update for cups
Type	security
Severity	important
References	1146358,1146359,CVE-2019-8675,CVE-2019-8696

Description:

This update for cups fixes the following issues:

CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1_get_type function(bsc#1146358).
CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1_get_packed function (bsc#1146359).

Advisory ID	SUSE-SU-2019:3061-1
Released	Mon Nov 25 17:34:22 2019
Summary	Security update for gcc9
Type	security
Severity	moderate
References	1114592,1135254,1141897,1142649,1142654,1148517,1149145,CVE-2019-14250,CVE-2019-15847,SLE-6533,SLE-6536

Description:

This update includes the GNU Compiler Collection 9.
A full changelog is provided by the GCC team on:
https://www.gnu.org/software/gcc/gcc-9/changes.html

The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages.
To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 / CXX=g++-9 during configuration for using it.

Security issues fixed:

CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)
CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)

Non-security issues fixed:

Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)
Fixed miscompilation for vector shift on s390. (bsc#1141897)

Advisory ID	SUSE-SU-2019:3086-1
Released	Thu Nov 28 10:02:24 2019
Summary	Security update for libidn2
Type	security
Severity	moderate
References	1154884,1154887,CVE-2019-12290,CVE-2019-18224

Description:

This update for libidn2 to version 2.2.0 fixes the following issues:

CVE-2019-12290: Fixed an improper round-trip check when converting A-labels to U-labels (bsc#1154884).
CVE-2019-18224: Fixed a heap-based buffer overflow that was caused by long domain strings (bsc#1154887).

Advisory ID	SUSE-RU-2019:3166-1
Released	Wed Dec 4 11:24:42 2019
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1007715,1084934,1157278

Description:

This update for aaa_base fixes the following issues:

Use official key binding functions in inputrc that is replace up-history with previous-history, down-history with next-history and backward-delete-word with backward-kill-word. (bsc#1084934)
Add some missed key escape sequences for urxvt-unicode terminal as well. (bsc#1007715)
Clear broken ghost entry in patch which breaks 'readline'. (bsc#1157278)

Advisory ID	SUSE-RU-2019:3173-1
Released	Wed Dec 4 20:22:45 2019
Summary	Recommended update for growpart, growpart-rootgrow
Type	recommended
Severity	moderate
References	1154357,ECO-550

Description:

This update for growpart, growpart-rootgrow contains the following fixes:
growpart:

Removed rootgrow sub-package as it is a standalone package now. (bsc#1154357, jsc#ECO-550)

growpart-rootgrow:

Added growpart-rootgrow as a standalone package. (bsc#1154357, jsc#ECO-550)
Bump from version 1.0.0 to 1.0.1: - Fixed binary location in service unit file.

Advisory ID	SUSE-SU-2020:35-1
Released	Wed Jan 8 09:06:32 2020
Summary	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type	security
Severity	moderate
References	1122469,1143349,1150397,1152308,1153367,1158590,CVE-2019-16884

Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Security issue fixed:

CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308).

Bug fixes:

Update to Docker 19.03.5-ce (bsc#1158590).
Update to Docker 19.03.3-ce (bsc#1153367).
Update to Docker 19.03.2-ce (bsc#1150397).
Fixed default installation such that --userns-remap=default works properly (bsc#1143349).
Fixed nginx blocked by apparmor (bsc#1122469).

Advisory ID	SUSE-RU-2020:225-1
Released	Fri Jan 24 06:49:07 2020
Summary	Recommended update for procps
Type	recommended
Severity	moderate
References	1158830

Description:

This update for procps fixes the following issues:

Fix for 'ps -C' allowing to accept any arguments longer than 15 characters anymore. (bsc#1158830)

Advisory ID	SUSE-RU-2020:256-1
Released	Wed Jan 29 09:39:17 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1157794,1160970

Description:

This update for aaa_base fixes the following issues:

Improves the way how the Java path is created to fix an issue with sapjvm. (bsc#1157794)
Drop 'dev.cdrom.autoclose' = 0 from sysctl config. (bsc#1160970)

Advisory ID	SUSE-RU-2020:325-1
Released	Wed Feb 5 14:57:02 2020
Summary	Recommended update for dmidecode
Type	recommended
Severity	moderate
References	1153533,1158833

Description:

This update for dmidecode fixes the following issues:

Add enumerated values from SMBIOS 3.3.0 preventing incorrect report of new VGA card. (bsc#1153533, bsc#1158833, jsc#SLE-10875)
Only scan '/dev/mem' for entry point on x86 (fixes reboot on ARM64).
Fix formatting of TPM table output (missing newlines).
Fix displaying system slot information for PCIe SSD.

Advisory ID	SUSE-RU-2020:365-1
Released	Fri Feb 7 13:48:54 2020
Summary	Recommended update for lmdb
Type	recommended
Severity	moderate
References	1159086

Description:

This update for lmdb fixes the following issues:

Fix assert in LMBD during 'mdb_page_search_root'. (bsc#1159086).

Advisory ID	SUSE-RU-2020:480-1
Released	Tue Feb 25 17:38:22 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1160735

Description:

This update for aaa_base fixes the following issues:

Change 'rp_filter' to increase the default priority to ethernet over the wifi. (bsc#1160735)

Advisory ID	SUSE-RU-2020:521-1
Released	Thu Feb 27 18:08:56 2020
Summary	Recommended update for c-ares
Type	recommended
Severity	moderate
References	1125306,1159006

Description:

This update for c-ares fixes the following issues:
c-ares version update to 1.15.0:

Add ares_init_options() configurability for path to resolv.conf file
Ability to exclude building of tools (adig, ahost, acountry) in CMake
Report ARES_ENOTFOUND for .onion domain names as per RFC7686 (bsc#1125306)
Apply the IPv6 server blacklist to all nameserver sources
Prevent changing name servers while queries are outstanding
ares_set_servers_csv() on failure should not leave channel in a bad state
getaddrinfo - avoid infinite loop in case of NXDOMAIN
ares_getenv - return NULL in all cases
implement ares_getaddrinfo

Fixed a regression in DNS results that contain both A and AAAA answers.
Add netcfg as the build requirement and runtime requirement.

Advisory ID	SUSE-RU-2020:525-1
Released	Fri Feb 28 11:49:36 2020
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1164562

Description:

This update for pam fixes the following issues:

Add libdb as build-time dependency to enable pam_userdb module. Enable pam_userdb.so (jsc#sle-7258, bsc#1164562)

Advisory ID	SUSE-RU-2020:633-1
Released	Tue Mar 10 16:23:08 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1139939,1151023

Description:

This update for aaa_base fixes the following issues:

get_kernel_version: fix for current kernel on s390x (bsc#1151023, bsc#1139939)
added '-h'/'--help' to the command old
change feedback url from http://www.suse.de/feedback to https://github.com/openSUSE/aaa_base/issues

Advisory ID	SUSE-RU-2020:655-1
Released	Thu Mar 12 13:17:03 2020
Summary	Recommended update for growpart
Type	recommended
Severity	moderate
References	1164736

Description:

This update for growpart fixes the following issues:

Operation system disk is not automatically resized beyond 2TB on Azure hosts. (bsc#1164736)

Advisory ID	SUSE-RU-2020:689-1
Released	Fri Mar 13 17:09:01 2020
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1166510

Description:

This update for PAM fixes the following issue:

The license of libdb linked against pam_userdb is not always wanted, so we temporary disabled pam_userdb again. It will be published in a different package at a later time. (bsc#1166510)

Advisory ID	SUSE-RU-2020:690-1
Released	Fri Mar 13 17:09:28 2020
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1166334

Description:

This update for suse-build-key fixes the following issues:

created a new security@suse.de communication key (bsc#1166334)

Advisory ID	SUSE-RU-2020:917-1
Released	Fri Apr 3 15:02:25 2020
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1166510

Description:

This update for pam fixes the following issues:

Moved pam_userdb into a separate package pam-extra. (bsc#1166510)

Advisory ID	SUSE-RU-2020:934-1
Released	Tue Apr 7 03:46:20 2020
Summary	Recommended update for wget
Type	recommended
Severity	moderate
References	1167919

Description:

This update for wget fixes the following issues:
wget was updated to 1.20.3, fixing various bugs, including:

Fix for wget ignoring domains with leading '.' in environment variable 'no_proxy'. (bsc#1167919)

Advisory ID	SUSE-SU-2020:944-1
Released	Tue Apr 7 15:49:33 2020
Summary	Security update for runc
Type	security
Severity	moderate
References	1149954,1160452,CVE-2019-19921

Description:

This update for runc fixes the following issues:
runc was updated to v1.0.0~rc10

CVE-2019-19921: Fixed a mount race condition with shared mounts (bsc#1160452).
Fixed an issue where podman run hangs when spawned by salt-minion process (bsc#1149954).

Advisory ID	SUSE-SU-2020:948-1
Released	Wed Apr 8 07:44:21 2020
Summary	Security update for gmp, gnutls, libnettle
Type	security
Severity	moderate
References	1152692,1155327,1166881,1168345,CVE-2020-11501

Description:

This update for gmp, gnutls, libnettle fixes the following issues:
Security issue fixed:

CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345)

FIPS related bugfixes:

FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if input is shorter than block size. (bsc#1166881)
FIPS: Added Diffie Hellman public key verification test. (bsc#1155327)

Advisory ID	SUSE-SU-2020:693-1
Released	Wed Apr 8 14:11:14 2020
Summary	Security update for wireshark
Type	security
Severity	moderate
References	1093733,1094301,1101776,1101777,1101786,1101788,1101791,1101794,1101800,1101802,1101804,1101810,1106514,1111647,1117740,1121231,1121232,1121233,1121234,1121235,1127367,1127369,1127370,1131941,1131945,1136021,1141980,1150690,1156288,1158505,1161052,1165241,1165710,957624,CVE-2018-11354,CVE-2018-11355,CVE-2018-11356,CVE-2018-11357,CVE-2018-11358,CVE-2018-11359,CVE-2018-11360,CVE-2018-11361,CVE-2018-11362,CVE-2018-12086,CVE-2018-14339,CVE-2018-14340,CVE-2018-14341,CVE-2018-14342,CVE-2018-14343,CVE-2018-14344,CVE-2018-14367,CVE-2018-14368,CVE-2018-14369,CVE-2018-14370,CVE-2018-16056,CVE-2018-16057,CVE-2018-16058,CVE-2018-18225,CVE-2018-18226,CVE-2018-18227,CVE-2018-19622,CVE-2018-19623,CVE-2018-19624,CVE-2018-19625,CVE-2018-19626,CVE-2018-19627,CVE-2018-19628,CVE-2019-10894,CVE-2019-10895,CVE-2019-10896,CVE-2019-10897,CVE-2019-10898,CVE-2019-10899,CVE-2019-10900,CVE-2019-10901,CVE-2019-10902,CVE-2019-10903,CVE-2019-13619,CVE-2019-16319,CVE-2019-19553,CVE-2019-5716,CVE-2019-5717,CVE-2019-5718,CVE-2019-5719,CVE-2019-5721,CVE-2019-9208,CVE-2019-9209,CVE-2019-9214,CVE-2020-7044,CVE-2020-9428,CVE-2020-9429,CVE-2020-9430,CVE-2020-9431

Description:

This update for wireshark and libmaxminddb fixes the following issues:
Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).
New features include:

Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC
Improved support for existing protocols, like HTTP/2
Improved analytics and usability functionalities

Advisory ID	SUSE-SU-2020:1083-1
Released	Thu Apr 23 11:31:23 2020
Summary	Security update for cups
Type	security
Severity	important
References	1168422,CVE-2020-3898

Description:

This update for cups fixes the following issues:

CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption() (bsc#1168422).

Advisory ID	SUSE-RU-2020:1112-1
Released	Fri Apr 24 16:44:20 2020
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1170347

Description:

This update for suse-build-key fixes the following issues:

add a /usr/share/container-keys/ directory for GPG based Container verification.
Add the SUSE build key as 'suse-container-key.asc'. (PM-1845 bsc#1170347)

Advisory ID	SUSE-RU-2020:1181-1
Released	Tue May 5 12:02:39 2020
Summary	Recommended update for pciutils-ids
Type	recommended
Severity	moderate
References	1170160

Description:

This update for pciutils-ids fixes the following issues:

Update the PCI utilities database to 20200324. (bsc#1170160)

Advisory ID	SUSE-RU-2020:1226-1
Released	Fri May 8 10:51:05 2020
Summary	Recommended update for gcc9
Type	recommended
Severity	moderate
References	1149995,1152590,1167898

Description:

This update for gcc9 fixes the following issues:
This update ships the GCC 9.3 release.

Includes a fix for Internal compiler error when building HepMC (bsc#1167898)
Includes fix for binutils version parsing
Add libstdc++6-pp provides and conflicts to avoid file conflicts with same minor version of libstdc++6-pp from gcc10.
Add gcc9 autodetect -g at lto link (bsc#1149995)
Install go tool buildid for bootstrapping go

Advisory ID	SUSE-RU-2020:1266-1
Released	Wed May 13 10:20:54 2020
Summary	Recommended update for jq
Type	recommended
Severity	moderate
References	1170838

Description:

This update for jq fixes the following issues:
jq was updated to version 1.6:

Destructuring Alternation
many new builtins (see docs)
Add support for ASAN and UBSAN
Make it easier to use jq with shebangs
Add $ENV builtin variable to access environment
Add JQ_COLORS env var for configuring the output colors
change: Calling jq without a program argument now always assumes

'.' for the program, regardless of stdin/stdout

fix: Make sorting stable regardless of qsort.

Make jq depend on libjq1, so upgrading jq upgrades both

Advisory ID	SUSE-SU-2020:1294-1
Released	Mon May 18 07:38:36 2020
Summary	Security update for file
Type	security
Severity	moderate
References	1154661,1169512,CVE-2019-18218

Description:

This update for file fixes the following issues:
Security issues fixed:

CVE-2019-18218: Fixed a heap-based buffer overflow in cdf_read_property_info() (bsc#1154661).

Non-security issue fixed:

Fixed broken '--help' output (bsc#1169512).

Advisory ID	SUSE-RU-2020:1303-1
Released	Mon May 18 09:40:36 2020
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1169582

Description:

This update for timezone fixes the following issues:

timezone update 2020a. (bsc#1169582) * Morocco springs forward on 2020-05-31, not 2020-05-24. * Canada's Yukon advanced to -07 year-round on 2020-03-08. * America/Nuuk renamed from America/Godthab. * zic now supports expiration dates for leap second lists.

Advisory ID	SUSE-RU-2020:1328-1
Released	Mon May 18 17:16:04 2020
Summary	Recommended update for grep
Type	recommended
Severity	moderate
References	1155271

Description:

This update for grep fixes the following issues:

Update testsuite expectations, no functional changes (bsc#1155271)

Advisory ID	SUSE-SU-2020:1353-1
Released	Wed May 20 13:02:32 2020
Summary	Security update for freetype2
Type	security
Severity	moderate
References	1079603,1091109,CVE-2018-6942

Description:

This update for freetype2 to version 2.10.1 fixes the following issues:
Security issue fixed:

CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c (bsc#1079603).

Non-security issues fixed:

Update to version 2.10.1 * The bytecode hinting of OpenType variation fonts was flawed, since the data in the `CVAR' table wasn't correctly applied. * Auto-hinter support for Mongolian. * The handling of the default character in PCF fonts as introduced in version 2.10.0 was partially broken, causing premature abortion of charmap iteration for many fonts. * If `FT_Set_Named_Instance' was called with the same arguments twice in a row, the function returned an incorrect error code the second time. * Direct rendering using FT_RASTER_FLAG_DIRECT crashed (bug introduced in version 2.10.0). * Increased precision while computing OpenType font variation instances. * The flattening algorithm of cubic Bezier curves was slightly changed to make it faster. This can cause very subtle rendering changes, which aren't noticeable by the eye, however. * The auto-hinter now disables hinting if there are blue zones defined for a `style' (i.e., a certain combination of a script and its related typographic features) but the font doesn't contain any characters needed to set up at least one blue zone.
Add tarball signatures and freetype2.keyring

Update to version 2.10.0 * A bunch of new functions has been added to access and process COLR/CPAL data of OpenType fonts with color-layered glyphs. * As a GSoC 2018 project, Nikhil Ramakrishnan completely overhauled and modernized the API reference. * The logic for computing the global ascender, descender, and height of OpenType fonts has been slightly adjusted for consistency. * `TT_Set_MM_Blend' could fail if called repeatedly with the same arguments. * The precision of handling deltas in Variation Fonts has been increased.The problem did only show up with multidimensional designspaces. * New function `FT_Library_SetLcdGeometry' to set up the geometry of LCD subpixels. * FreeType now uses the `defaultChar' property of PCF fonts to set the glyph for the undefined character at glyph index 0 (as FreeType already does for all other supported font formats). As a consequence, the order of glyphs of a PCF font if accessed with FreeType can be different now compared to previous versions. This change doesn't affect PCF font access with cmaps. * `FT_Select_Charmap' has been changed to allow parameter value `FT_ENCODING_NONE', which is valid for BDF, PCF, and Windows FNT formats to access built-in cmaps that don't have a predefined `FT_Encoding' value. * A previously reserved field in the `FT_GlyphSlotRec' structure now holds the glyph index. * The usual round of fuzzer bug fixes to better reject malformed fonts. * `FT_Outline_New_Internal' and `FT_Outline_Done_Internal' have been removed.These two functions were public by oversight only and were never documented. * A new function `FT_Error_String' returns descriptions of error codes if configuration macro FT_CONFIG_OPTION_ERROR_STRINGS is defined. * `FT_Set_MM_WeightVector' and `FT_Get_MM_WeightVector' are new functions limited to Adobe MultiMaster fonts to directly set and get the weight vector.

Enable subpixel rendering with infinality config:

Re-enable freetype-config, there is just too many fallouts.

Update to version 2.9.1 * Type 1 fonts containing flex features were not rendered correctly (bug introduced in version 2.9). * CVE-2018-6942: Older FreeType versions can crash with certain malformed variation fonts. * Bug fix: Multiple calls to `FT_Get_MM_Var' returned garbage. * Emboldening of bitmaps didn't work correctly sometimes, showing various artifacts (bug introduced in version 2.8.1). * The auto-hinter script ranges have been updated for Unicode 11. No support for new scripts have been added, however, with the exception of Georgian Mtavruli.
freetype-config is now deprecated by upstream and not enabled by default.

Update to version 2.10.1 * The `ftmulti' demo program now supports multiple hidden axes with the same name tag. * `ftview', `ftstring', and `ftgrid' got a `-k' command line option to emulate a sequence of keystrokes at start-up. * `ftview', `ftstring', and `ftgrid' now support screen dumping to a PNG file. * The bytecode debugger, `ttdebug', now supports variation TrueType fonts; a variation font instance can be selected with the new `-d' command line option.
Add tarball signatures and freetype2.keyring

Update to version 2.10.0 * The `ftdump' demo program has new options `-c' and `-C' to display charmaps in compact and detailed format, respectively. Option `-V' has been removed. * The `ftview', `ftstring', and `ftgrid' demo programs use a new command line option `-d' to specify the program window's width, height, and color depth. * The `ftview' demo program now displays red boxes for zero-width glyphs. * `ftglyph' has limited support to display fonts with color-layered glyphs.This will be improved later on. * `ftgrid' can now display bitmap fonts also. * The `ttdebug' demo program has a new option `-f' to select a member of a TrueType collection (TTC). * Other various improvements to the demo programs.

Remove 'Supplements: fonts-config' to avoid accidentally pulling in Qt dependencies on some non-Qt based desktops.(bsc#1091109) fonts-config is fundamental but ft2demos seldom installs by end users. only fonts-config maintainers/debuggers may use ft2demos along to debug some issues.

Update to version 2.9.1 * No changelog upstream.

Advisory ID	SUSE-RU-2020:1370-1
Released	Thu May 21 19:06:00 2020
Summary	Recommended update for systemd-presets-branding-SLE
Type	recommended
Severity	moderate
References	1171656

Description:

This update for systemd-presets-branding-SLE fixes the following issues:
Cleanup of outdated autostart services (bsc#1171656):

Remove acpid.service. acpid is only available on SLE via openSUSE backports. In openSUSE acpid.service is *not* autostarted. I see no reason why it should be on SLE.
Remove spamassassin.timer. This timer never seems to have existed. Instead spamassassin ships a 'sa-update.timer'. But it is not default-enabled and nobody ever complained about this.
Remove snapd.apparmor.service: This service was proactively added a year ago, but snapd didn't even make it into openSUSE yet. There's no reason to keep this entry unless snapd actually enters SLE which is not foreseeable.

Advisory ID	SUSE-RU-2020:1404-1
Released	Mon May 25 15:32:34 2020
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1138793,1166260

Description:

This update for zlib fixes the following issues:

Including the latest fixes from IBM (bsc#1166260) IBM Z mainframes starting from version z15 provide DFLTCC instruction, which implements deflate algorithm in hardware with estimated compression and decompression performance orders of magnitude faster than the current zlib and ratio comparable with that of level 1.
Add SUSE specific fix to solve bsc#1138793. The fix will avoid to test if the app was linked with exactly same version of zlib like the one that is present on the runtime.

Advisory ID	SUSE-RU-2020:1506-1
Released	Fri May 29 17:22:11 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1087982,1170527

Description:

This update for aaa_base fixes the following issues:

Not all XTerm based emulators do have a terminfo entry. (bsc#1087982)
Better support of Midnight Commander. (bsc#1170527)

Advisory ID	SUSE-RU-2020:1542-1
Released	Thu Jun 4 13:24:37 2020
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1172055

Description:

This update for timezone fixes the following issue:

zdump --version reported 'unknown' (bsc#1172055)

Advisory ID	SUSE-SU-2020:1551-1
Released	Mon Jun 8 09:31:41 2020
Summary	Security update for vim
Type	security
Severity	moderate
References	1172225,CVE-2019-20807

Description:

This update for vim fixes the following issues:

CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces (bsc#1172225).

Advisory ID	SUSE-SU-2020:1657-1
Released	Thu Jun 18 10:49:53 2020
Summary	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type	security
Severity	moderate
References	1172377,CVE-2020-13401

Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13

CVE-2020-13401: Fixed an issue where an attacker with CAP_NET_RAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).

Advisory ID	SUSE-RU-2020:1852-1
Released	Mon Jul 6 16:50:21 2020
Summary	Recommended update for fontforge, ghostscript-fonts, ttf-converter, xorg-x11-fonts
Type	recommended
Severity	moderate
References	1169444

Description:

This update for fontforge, ghostscript-fonts, ttf-converter, xorg-x11-fonts fixes the following issues:
Changes in fontforge:

Support transforming bitmap glyphs from python. (bsc#1169444)
Allow python-Sphinx >= 3

Changes in ttf-converter:

Update from version 1.0 to version 1.0.6: * ftdump is now shipped additionally as new dependency for ttf-converter * Standardize output when converting vector and bitmap fonts * Add more subfamilies fixes (bsc#1169444) * Add --family and --subfamily arguments to force values on those fields * Add parameters to fix glyph unicode values --fix-glyph-unicode : Try to fix unicode points and glyph names based on glyph names containing hexadecimal codes (like '$0C00', 'char12345' or 'uni004F') --replace-unicode-values: When passed 2 comma separated numbers a,b the glyph with an unicode value of a is replaced with the unicode value b. Can be used more than once.

--shift-unicode-values: When passed 3 comma separated numbers a,b,c this shifts the unicode values of glyphs between a and b (both included) by adding c. Can be used more than once. * Add --bitmapTransform parameter to transform bitmap glyphs. (bsc#1169444) When used, all glyphs are modified with the transformation function and values passed as parameters. The parameter has three values separated by commas: fliph|flipv|rotate90cw|rotate90ccw|rotate180|skew|transmove,xoff,yoff * Add support to convert bitmap fonts (bsc#1169444) * Rename MediumItalic subfamily to Medium Italic * Show some more information when removing duplicated glyphs * Add a --force-monospaced argument instead of hardcoding font names * Convert `BoldCond` subfamily to `Bold Condensed` * Fixes for Monospaced fonts and force the Nimbus Mono L font to be Monospaced. (bsc#1169444 #c41) * Add a --version argument * Fix subfamily names so the converted font's subfamily match the original ones. (bsc#1169444 #c41)
Changes in xorg-x11-fonts:

Use ttf-converter 1.0.6 to build an Italic version of cu12.pcf.gz in the converted subpackage
Include the subfamily in the filename of converted fonts
Use ttf-converter's new bitmap font support to convert Schumacher Clean and Schumacher Clean Wide (bsc#1169444 #c41)
Replace some unicode values in cu-pua12.pcf.gz to fix them
Shift some unicode values in arabic24.pcf.gz and cuarabic12.pcf.gz so glyphs don't pretend to be latin characters when they're not.
Don't distribute converted fonts with wrong unicode values in their glyphs. (bsc#1169444) Bitstream-Charter-*.otb, Cursor.ttf,Sun-OPEN-LOOK-*.otb, MUTT-ClearlyU-Devangari-Extra-Regular, MUTT-ClearlyU-Ligature-Wide-Regular, and MUTT-ClearlyU-Devanagari-Regular

Changes in ghostscript-fonts:

Force the converted Nimbus Mono font to be monospaced. (bsc#1169444 #c41) Use the --force-monospaced argument of ttf-converter 1.0.3

Advisory ID	SUSE-RU-2020:1954-1
Released	Sat Jul 18 03:07:15 2020
Summary	Recommended update for cracklib
Type	recommended
Severity	moderate
References	1172396

Description:

This update for cracklib fixes the following issues:

Fixed a buffer overflow when processing long words.

Advisory ID	SUSE-RU-2020:2000-1
Released	Wed Jul 22 09:04:41 2020
Summary	Recommended update for efivar
Type	recommended
Severity	important
References	1100077,1101023,1120862,1127544

Description:

This update for efivar fixes the following issues:

fix logic that checks for UCS-2 string termination (bsc#1127544)
fix casting of IPv4 addresses
Don't require an EUI for NVMe (bsc#1100077)
Add support for ACPI Generic Container and Embedded Controller root nodes (bsc#1101023)
fix for compilation failures bsc#1120862

Advisory ID	SUSE-RU-2020:2082-1
Released	Thu Jul 30 09:49:35 2020
Summary	Recommended update for google-guest-agent, google-guest-configs, and google-guest-oslogin
Type	recommended
Severity	moderate
References	1174304,1174306

Description:

The python based packages google-compute-engine-init and google-compute-engine-oslogin were deprecated and are now replaced by the new Go based packages google-guest-agent, google-guest-configs, and google-guest-oslogin (jsc#ECO-2099)

Advisory ID	SUSE-RU-2020:2083-1
Released	Thu Jul 30 10:27:59 2020
Summary	Recommended update for diffutils
Type	recommended
Severity	moderate
References	1156913

Description:

This update for diffutils fixes the following issue:

Disable a sporadically failing test for ppc64 and ppc64le builds. (bsc#1156913)

Advisory ID	SUSE-RU-2020:2148-1
Released	Thu Aug 6 13:36:17 2020
Summary	Recommended update for ca-certificates-mozilla
Type	recommended
Severity	important
References	1174673

Description:

This update for ca-certificates-mozilla fixes the following issues:
Update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673)
Removed CAs:
* AddTrust External CA Root * AddTrust Class 1 CA Root * LuxTrust Global Root 2 * Staat der Nederlanden Root CA - G2 * Symantec Class 1 Public Primary Certification Authority - G4 * Symantec Class 2 Public Primary Certification Authority - G4 * VeriSign Class 3 Public Primary Certification Authority - G3
Added CAs:
* certSIGN Root CA G2 * e-Szigno Root CA 2017 * Microsoft ECC Root Certificate Authority 2017 * Microsoft RSA Root Certificate Authority 2017

Advisory ID	SUSE-RU-2020:2219-1
Released	Wed Aug 12 15:47:42 2020
Summary	Recommended update for supportutils-plugin-suse-public-cloud and python3-azuremetadata
Type	recommended
Severity	moderate
References	1170475,1170476,1173238,1173240,1173357,1174618,1174847

Description:

This update for supportutils-plugin-suse-public-cloud and python3-azuremetadata fixes the following issues:
supportutils-plugin-suse-public-cloud:

Fixes an error when supportutils-plugin-suse-public-cloud and supportutils-plugin-salt are installed at the same time (bsc#1174618)
Sensitive information like credentials (such as access keys) will be removed when the metadata is being collected (bsc#1170475, bsc#1170476)

python3-azuremetadata:

Added latest support for `--listapis` and `--api` (bsc#1173238, bsc#1173240)
Detects when the VM is running in ASM (Azure Classic) and does now handle the condition to generate the data without requiring access to the full IMDS available, only in ARM instances (bsc#1173357, bsc#1174847)

Advisory ID	SUSE-RU-2020:2256-1
Released	Mon Aug 17 15:08:46 2020
Summary	Recommended update for sysfsutils
Type	recommended
Severity	moderate
References	1155305

Description:

This update for sysfsutils fixes the following issue:

Fix cdev name comparison. (bsc#1155305)

Advisory ID	SUSE-RU-2020:2380-1
Released	Fri Aug 28 14:54:08 2020
Summary	Recommended update for supportutils-plugin-suse-public-cloud
Type	recommended
Severity	moderate
References	1175250,1175251

Description:

This update for supportutils-plugin-suse-public-cloud contains the following fix:

Update to version 1.0.5: (bsc#1175250, bsc#1175251) + Query for new GCE initialization code packages

Advisory ID	SUSE-RU-2020:2420-1
Released	Tue Sep 1 13:48:35 2020
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1174551,1174736

Description:

This update for zlib provides the following fixes:

Permit a deflateParams() parameter change as soon as possible. (bsc#1174736)
Fix DFLTCC not flushing EOBS when creating raw streams. (bsc#1174551)

Advisory ID	SUSE-RU-2020:2425-1
Released	Tue Sep 1 13:54:05 2020
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1174260

Description:

This update for nfs-utils fixes the following issues:

Fix a bug when concurrent 'gssd' requests arrive from kernel, causing hanging NFS mounts. (bsc#1174260)

Advisory ID	SUSE-RU-2020:2440-1
Released	Tue Sep 1 22:14:33 2020
Summary	Recommended update for libmaxminddb
Type	recommended
Severity	moderate
References	1175006

Description:

This update for libmaxminddb fixes the following issues:

update to 1.4.3: * Use of uninitialized memory in dump_entry_data_list() could have cause a heap buffer flow in mmdblookup [bsc#1175006]

Advisory ID	SUSE-RU-2020:2651-1
Released	Wed Sep 16 14:42:55 2020
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1175811,1175830,1175831

Description:

This update for zlib fixes the following issues:

Fix compression level switching (bsc#1175811, bsc#1175830, bsc#1175831)
Enable hardware compression on s390/s390x (jsc#SLE-13776)

Advisory ID	SUSE-RU-2020:2655-1
Released	Wed Sep 16 14:44:27 2020
Summary	Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin
Type	recommended
Severity	moderate
References	1174745,1175173,1175740,1175741

Description:

This update for google-guest-agent, google-guest-configs, google-guest-oslogin contains the following fixes:

Update to version 20200819.00. (bsc#1175740, bsc#1175741) * handle oslogin enable/disable cases (#70). (bsc#1175173) * add README (#69) * Fix metric for addIPForwardEntry (#68) * Correctly determine default route index (#67) * oslogin: dont add entry to pam.d/su (#66) * end group.conf with newline (#64) * Add source field in googet spec (#59) * Set route to metadata on interface with default route (#47) * fix typo in boto.cfg (#62)
Properly handle enabling of systemd services when upgrading from the old google-compute-engine-init package (bsc#1174745)

Update to version 20200626.00. (bsc#1175740, bsc#1175741) * Updates the udev rules for local SSD disks. (#9) * Fix tx affinity logic when number of CPUs is above 32 (#6)

Switch udev requires to pkgconfig to allow the build service to use the -mini package for build optimization

Update to version 20200819.00. (bsc#1175740, bsc#1175741) * deny non-2fa users (#37) * use asterisks instead (#39) * set passwords to ! (#38) * correct index 0 bug (#36) * Support security key generated OTP challenges. (#35)

No post action for ssh

Advisory ID	SUSE-RU-2020:2735-1
Released	Thu Sep 24 13:32:25 2020
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	moderate
References	1173034

Description:

This update for systemd-rpm-macros fixes the following issues:

Introduce macro '%service_del_postun_without_restart' to resolve blocking new releases based on this. (bsc#1173034)

Advisory ID	SUSE-RU-2020:2757-1
Released	Fri Sep 25 19:45:40 2020
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1173104

Description:

This update for nfs-utils fixes the following issue:

Some scripts are requiring Python2 while it is not installed by default and they can work with Python3. (bsc#1173104)

Advisory ID	SUSE-RU-2020:2782-1
Released	Tue Sep 29 11:40:22 2020
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	important
References	1176932

Description:

This update for systemd-rpm-macros fixes the following issues:

Backport missing macros of directory paths from upstream + %_environmentdir + %_modulesloaddir + %_modprobedir

Make sure %_restart_on_update_never and %_stop_on_removal_never don't expand to the empty string. (bsc#1176932) Otherwise sequences like the following code: if [ ... ]; then %_restart_on_update_never fi would result in the following incorrect shell syntax: if [ ... ]; then fi

Advisory ID	SUSE-RU-2020:2825-1
Released	Fri Oct 2 08:44:28 2020
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1170347,1176759

Description:

This update for suse-build-key fixes the following issues:

The SUSE Notary Container key is different from the build signing key, include this key instead as suse-container-key. (PM-1845 bsc#1170347)

The SUSE build key for SUSE Linux Enterprise 12 and 15 is extended by 4 more years. (bsc#1176759)

Advisory ID	SUSE-RU-2020:2863-1
Released	Tue Oct 6 09:28:41 2020
Summary	Recommended update for efivar
Type	recommended
Severity	moderate
References	1175989

Description:

This update for efivar fixes the following issues:

Fixed an issue when segmentation fault are caused on non-EFI systems. (bsc#1175989)

Advisory ID	SUSE-RU-2020:2869-1
Released	Tue Oct 6 16:13:20 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1011548,1153943,1153946,1161239,1171762

Description:

This update for aaa_base fixes the following issues:

DIR_COLORS (bug#1006973): - add screen.xterm-256color - add TERM rxvt-unicode-256color - sort and merge TERM entries in etc/DIR_COLORS
check for Packages.db and use this instead of Packages. (bsc#1171762)
Rename path() to _path() to avoid using a general name.
refresh_initrd call modprobe as /sbin/modprobe (bsc#1011548)
etc/profile add some missing ;; in case esac statements
profile and csh.login: on s390x set TERM to dumb on dumb terminal (bsc#1153946)
backup-rpmdb: exit if zypper is running (bsc#1161239)
Add color alias for ip command (jsc#sle-9880, jsc#SLE-7679, bsc#1153943)

Advisory ID	SUSE-SU-2020:2947-1
Released	Fri Oct 16 15:23:07 2020
Summary	Security update for gcc10, nvptx-tools
Type	security
Severity	moderate
References	1172798,1172846,1173972,1174753,1174817,1175168,CVE-2020-13844

Description:

This update for gcc10, nvptx-tools fixes the following issues:
This update provides the GCC10 compiler suite and runtime libraries.
The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants.
The new compiler variants are available with '-10' suffix, you can specify them via:
CC=gcc-10 CXX=g++-10
or similar commands.
For a detailed changelog check out https://gcc.gnu.org/gcc-10/changes.html
Changes in nvptx-tools:

Enable build on aarch64

Advisory ID	SUSE-RU-2020:2958-1
Released	Tue Oct 20 12:24:55 2020
Summary	Recommended update for procps
Type	recommended
Severity	moderate
References	1158830

Description:

This update for procps fixes the following issues:

Fixes an issue when command 'ps -C' does not allow anymore an argument longer than 15 characters. (bsc#1158830)

Advisory ID	SUSE-RU-2020:2983-1
Released	Wed Oct 21 15:03:03 2020
Summary	Recommended update for file
Type	recommended
Severity	moderate
References	1176123

Description:

This update for file fixes the following issues:

Fixes an issue when file displays broken 'ELF' interpreter. (bsc#1176123)

Advisory ID	SUSE-SU-2020:2995-1
Released	Thu Oct 22 10:03:09 2020
Summary	Security update for freetype2
Type	security
Severity	important
References	1177914,CVE-2020-15999

Description:

This update for freetype2 fixes the following issues:

CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps (bsc#1177914).

Advisory ID	SUSE-OU-2020:3026-1
Released	Fri Oct 23 15:35:49 2020
Summary	Optional update for the Public Cloud Module
Type	optional
Severity	moderate
References

Description:

This update adds the Google Cloud Storage packages to the Public Cloud module (jsc#ECO-2398). The following packages were included:

python3-grpcio
python3-protobuf
python3-google-api-core
python3-google-cloud-core
python3-google-cloud-storage
python3-google-resumable-media
python3-googleapis-common-protos
python3-grpcio-gcp
python3-mock (updated to version 3.0.5)

Advisory ID	SUSE-RU-2020:3058-1
Released	Wed Oct 28 06:11:14 2020
Summary	Recommended update for catatonit
Type	recommended
Severity	moderate
References	1176155

Description:

This update for catatonit fixes the following issues:

Fixes an issue when catatonit hangs when process dies in very specific way. (bsc#1176155)

Advisory ID	SUSE-RU-2020:3059-1
Released	Wed Oct 28 06:11:23 2020
Summary	Recommended update for sysconfig
Type	recommended
Severity	moderate
References	1173391,1176285,1176325

Description:

This update for sysconfig fixes the following issues:

Fix for 'netconfig' to run with a new library including fallback to the previous location. (bsc#1176285)
Fix for changing content of such files like '/etc/resolv.conf' to avoid linked applications re-read them and unnecessarily re-initializes themselves accordingly. (bsc#1176325)
Fix for 'chrony helper' calling in background. (bsc#1173391)
Fix for configuration file by creating a symlink for it to prevent false ownership on the file. (bsc#1159566)

Advisory ID	SUSE-RU-2020:3099-1
Released	Thu Oct 29 19:33:41 2020
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1177460

Description:

This update for timezone fixes the following issues:

timezone update 2020b (bsc#1177460) * Revised predictions for Morocco's changes starting in 2023. * Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08. * Macquarie Island has stayed in sync with Tasmania since 2011. * Casey, Antarctica is at +08 in winter and +11 in summer. * zic no longer supports -y, nor the TYPE field of Rules.

Advisory ID	SUSE-RU-2020:3123-1
Released	Tue Nov 3 09:48:13 2020
Summary	Recommended update for timezone
Type	recommended
Severity	important
References	1177460,1178346,1178350,1178353

Description:

This update for timezone fixes the following issues:

Generate 'fat' timezone files (was default before 2020b). (bsc#1178346, bsc#1178350, bsc#1178353)
Palestine ends DST earlier than predicted, on 2020-10-24. (bsc#1177460)
Fiji starts DST later than usual, on 2020-12-20. (bsc#1177460)

Advisory ID	SUSE-RU-2020:3157-1
Released	Wed Nov 4 15:37:05 2020
Summary	Recommended update for ca-certificates-mozilla
Type	recommended
Severity	moderate
References	1177864

Description:

This update for ca-certificates-mozilla fixes the following issues:
The SSL Root CA store was updated to the 2.44 state of the Mozilla NSS Certificate store (bsc#1177864)

Removed CAs:

- EE Certification Centre Root CA - Taiwan GRCA

Added CAs:

- Trustwave Global Certification Authority - Trustwave Global ECC P256 Certification Authority - Trustwave Global ECC P384 Certification Authority

Advisory ID	SUSE-RU-2020:3277-1
Released	Wed Nov 11 09:06:52 2020
Summary	Recommended update for google-osconfig-agent
Type	recommended
Severity	moderate
References	1176427,1178249

Description:

This update for google-osconfig-agent fixes the following issues:
This update ships the google-osconfig-agent in version 20200929.00 (bsc#1176427, bsc#1178249, jsc#ECO-2702, jsc#PM-2203)

Advisory ID	SUSE-RU-2020:3382-1
Released	Thu Nov 19 11:03:01 2020
Summary	Recommended update for dmidecode
Type	recommended
Severity	moderate
References	1174257

Description:

This update for dmidecode fixes the following issues:

Add partial support for SMBIOS 3.4.0. (bsc#1174257)
Skip details of uninstalled memory modules. (bsc#1174257)

Advisory ID	SUSE-RU-2020:3462-1
Released	Fri Nov 20 13:14:35 2020
Summary	Recommended update for pam and sudo
Type	recommended
Severity	moderate
References	1174593,1177858,1178727

Description:

This update for pam and sudo fixes the following issue:
pam:

pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858)
Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727)
Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593)

sudo:

Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593)

Advisory ID	SUSE-SU-2020:3478-1
Released	Mon Nov 23 09:33:17 2020
Summary	Security update for c-ares
Type	security
Severity	moderate
References	1178882,CVE-2020-8277

Description:

This update for c-ares fixes the following issues:

Version update to 1.17.0 * CVE-2020-8277: Fixed a Denial of Service through DNS request (bsc#1178882) * For further details see https://c-ares.haxx.se/changelog.html

Advisory ID	SUSE-OU-2020:3481-1
Released	Mon Nov 23 11:17:09 2020
Summary	Optional update for vim
Type	optional
Severity	low
References	1166602,1173256,1174564,1176549

Description:

This update for vim doesn't fix any user visible issues and it is optional to install.

Introduce vim-small package with reduced requirements for small installations (bsc#1166602).
Stop owning /etc/vimrc so the old, distro provided config actually gets removed.
Own some dirs in vim-data-common so installation of vim-small doesn't leave not owned directories. (bsc#1173256)
Add vi as slave to update-alternatives so that every package has a matching 'vi' symlink. (bsc#1174564, bsc#1176549)

Advisory ID	SUSE-RU-2020:3616-1
Released	Thu Dec 3 10:56:12 2020
Summary	Recommended update for c-ares
Type	recommended
Severity	moderate
References	1178882

Description:

Fixed incomplete c-ares-devel dependencies introduced by the privous update (bsc#1178882).

Advisory ID	SUSE-RU-2020:3620-1
Released	Thu Dec 3 17:03:55 2020
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References

Description:

This update for pam fixes the following issues:

Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720) - Check whether the password contains a substring of of the user's name of at least `` characters length in some form. This is enabled by the new parameter `usersubstr=`

Advisory ID	SUSE-RU-2020:3703-1
Released	Mon Dec 7 20:17:32 2020
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1179431

Description:

This update for aaa_base fixes the following issue:

Avoid semicolon within (t)csh login script on S/390. (bsc#1179431)

Advisory ID	SUSE-RU-2020:3791-1
Released	Mon Dec 14 17:39:19 2020
Summary	Recommended update for gzip
Type	recommended
Severity	moderate
References

Description:

This update for gzip fixes the following issue:

Enable `DFLTCC` (Deflate Conversion Call) compression for s390x for levels 1-6 to `CFLAGS`. (jsc#SLE-13775) Enable by adding `-DDFLTCC_LEVEL_MASK=0x7e` to `CFLAGS`.

Advisory ID	SUSE-OU-2020:3795-1
Released	Mon Dec 14 17:43:26 2020
Summary	Optional update for systemd-rpm-macros
Type	optional
Severity	low
References	1059627,1178481,1179020

Description:

This update for systemd-rpm-macros fixes the following issues:

Deprecate '-f'/'-n' options When used with %service_del_preun, support for these options will be dropped as DISABLE_STOP_ON_REMOVAL support will be removed on the next version of SLE (jsc#SLE-8968) When used with %service_del_postun, they should be replaced with their counterpart %service_del_postun_with_restart/%service_del_postun_without_restart
Introduced %service_del_postun_with_restart() It's the counterpart of %service_del_postun_without_restart() and replaces the '-f' option of %service_del_postun().
Does no longer apply presets when migrating from a disabled initscript (bsc#1178481)
Fix importing of %{_unitdir}

Advisory ID	SUSE-RU-2020:3619-1
Released	Tue Dec 15 13:41:16 2020
Summary	Recommended update for cloud-netconfig, google-guest-agent
Type	recommended
Severity	moderate
References	1159460,1178486,1179031,1179032

Description:

This update for cloud-netconfig, google-guest-agent fixes the following issues:
cloud-netconfig:

Update to version 1.5: + Add support for GCE (bsc#1159460, bsc#1178486, jsc#ECO-2800) + Improve default gateway determination

google-guest-agent:

Update to version 20201026.00 * remove old unused workflow files * fallback to IP for metadata * getPasswd: Check full prefix of line for username

dont_overwrite_ifcfg.patch: Do not overwrite existing ifcfg files to allow manual configuration and compatibility with cloud-netconfig. (bsc#1159460, bsc#1178486)

Update to version 20200929.00 * correct varname * don't call dhclient -x on network setup * add instance id dir override * update agent systemd service file * typo, change to noadjfile * add gaohannk to OWNERS * remove illfelder from OWNERS * Add all license files to packages

Advisory ID	SUSE-RU-2020:3942-1
Released	Tue Dec 29 12:22:01 2020
Summary	Recommended update for libidn2
Type	recommended
Severity	moderate
References	1180138

Description:

This update for libidn2 fixes the following issues:

The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later, adjusted the RPM license tags (bsc#1180138)

Advisory ID	SUSE-RU-2021:10-1
Released	Mon Jan 4 10:01:52 2021
Summary	Recommended update for dmidecode
Type	recommended
Severity	moderate
References	1174257

Description:

This update for dmidecode fixes the following issue:

Two missing commas in the data arrays cause 'OUT OF SPEC' messages during the index resolution. (bnc#1174257)

Advisory ID	SUSE-RU-2021:179-1
Released	Wed Jan 20 13:38:51 2021
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1177460

Description:

This update for timezone fixes the following issues:

timezone update 2020f (bsc#1177460) * 'make rearguard_tarballs' no longer generates a bad rearguard.zi, fixing a 2020e bug.

timezone update 2020e (bsc#1177460) * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

timezone update 2020f (bsc#1177460) * 'make rearguard_tarballs' no longer generates a bad rearguard.zi, fixing a 2020e bug.

timezone update 2020e (bsc#1177460) * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

Advisory ID	SUSE-RU-2021:220-1
Released	Tue Jan 26 14:00:51 2021
Summary	Recommended update for keyutils
Type	recommended
Severity	moderate
References	1180603

Description:

This update for keyutils fixes the following issues:

Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603)

Advisory ID	SUSE-SU-2021:285-1
Released	Tue Feb 2 13:08:54 2021
Summary	Security update for cups
Type	security
Severity	moderate
References	1170671,1180520,CVE-2019-8842,CVE-2020-10001

Description:

This update for cups fixes the following issues:

CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function (bsc#1180520).
CVE-2019-8842: Fixed an out-of-bounds read in an extension field (bsc#1170671).

Advisory ID	SUSE-RU-2021:293-1
Released	Wed Feb 3 12:52:34 2021
Summary	Recommended update for gmp
Type	recommended
Severity	moderate
References	1180603

Description:

This update for gmp fixes the following issues:

correct license statements of packages (library itself is no GPL-3.0) (bsc#1180603)

Advisory ID	SUSE-RU-2021:294-1
Released	Wed Feb 3 12:54:28 2021
Summary	Recommended update for libprotobuf
Type	recommended
Severity	moderate
References

Description:

libprotobuf was updated to fix:

ship the libprotobuf-lite15 on the basesystem module and the INSTALLER channel. (jsc#ECO-2911)

Advisory ID	SUSE-RU-2021:301-1
Released	Thu Feb 4 08:46:27 2021
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1177460

Description:

This update for timezone fixes the following issues:

timezone update 2021a (bsc#1177460) * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

timezone update 2021a (bsc#1177460) * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

Advisory ID	SUSE-OU-2021:339-1
Released	Mon Feb 8 13:16:07 2021
Summary	Optional update for pam
Type	optional
Severity	low
References

Description:

This update for pam fixes the following issues:

Added rpm macros for this package, so that other packages can make use of it

This patch is optional to be installed - it doesn't fix any bugs.

Advisory ID	SUSE-SU-2021:435-1
Released	Thu Feb 11 14:47:25 2021
Summary	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type	security
Severity	important
References	1174075,1176708,1178801,1178969,1180243,1180401,1181730,1181732,CVE-2020-15257,CVE-2021-21284,CVE-2021-21285

Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Security issues fixed:

CVE-2020-15257: Fixed a privilege escalation in containerd (bsc#1178969).
CVE-2021-21284: potential privilege escalation when the root user in the remapped namespace has access to the host filesystem (bsc#1181732)
CVE-2021-21285: pulling a malformed Docker image manifest crashes the dockerd daemon (bsc#1181730)

Non-security issues fixed:

Update Docker to 19.03.15-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. This update includes fixes for bsc#1181732 (CVE-2021-21284) and bsc#1181730 (CVE-2021-21285).

Only apply the boo#1178801 libnetwork patch to handle firewalld on openSUSE. It appears that SLES doesn't like the patch. (bsc#1180401)

Update to containerd v1.3.9, which is needed for Docker v19.03.14-ce and fixes CVE-2020-15257. bsc#1180243

Update to containerd v1.3.7, which is required for Docker 19.03.13-ce. bsc#1176708

Update to Docker 19.03.14-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2020-15257 bsc#1180243 https://github.com/docker/docker-ce/releases/tag/v19.03.14

Enable fish-completion

Add a patch which makes Docker compatible with firewalld with nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548 (bsc#1178801, SLE-16460)

Update to Docker 19.03.13-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1176708

Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

Emergency fix: %requires_eq does not work with provide symbols, only effective package names. Convert back to regular Requires.

Update to Docker 19.03.12-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
Use Go 1.13 instead of Go 1.14 because Go 1.14 can cause all sorts of spurrious errors due to Go returning -EINTR from I/O syscalls much more often (due to Go 1.14's pre-emptive goroutine support).
Add BuildRequires for all -git dependencies so that we catch missing dependencies much more quickly.

Update to libnetwork 55e924b8a842, which is required for Docker 19.03.14-ce. bsc#1180243

Add patch which makes libnetwork compatible with firewalld with nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548 (bsc#1178801, SLE-16460)

Advisory ID	SUSE-RU-2021:516-1
Released	Thu Feb 18 14:42:51 2021
Summary	Recommended update for docker, golang-github-docker-libnetwork
Type	recommended
Severity	moderate
References	1178801,1180401,1182168

Description:

This update for docker, golang-github-docker-libnetwork fixes the following issues:

A libnetwork firewalld integration enhancement was broken, disable it (bsc#1178801,bsc#1180401,bsc#1182168)

Advisory ID	SUSE-RU-2021:656-1
Released	Mon Mar 1 09:34:21 2021
Summary	Recommended update for protobuf
Type	recommended
Severity	moderate
References	1177127

Description:

This update for protobuf fixes the following issues:

Add missing dependency of python subpackages on python-six. (bsc#1177127)

Advisory ID	SUSE-RU-2021:707-1
Released	Thu Mar 4 09:19:36 2021
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	moderate
References	1177039

Description:

This update for systemd-rpm-macros fixes the following issues:

Bump to version 6

Make upstream '%systemd_{pre,post,preun,postun}' aliases to their SUSE counterparts. Packagers can now choose to use the upstream or the SUSE variants indifferently. For consistency the SUSE variants should be preferred since almost all SUSE packages already use them but the upstream versions might be usefull in certain cases where packages need to support multiple distros based on RPM.

Improve the logic used to apply the presets. (bsc#1177039) Before presests were applied at a) package installation b) new units introduced via a package update (but after making sure that it was not a SysV initscript being converted). The problem is that a) didn't handle package a renaming or split properly since the package with the new name is installed rather being updated and therefore the presets were applied even if they were already with the old name. We now cover this case (and the other ones) by applying presets only if the units are new and the services are not being migrated. This regardless of whether this happens during an install or an update.

Advisory ID	SUSE-RU-2021:784-1
Released	Mon Mar 15 11:19:08 2021
Summary	Recommended update for efivar
Type	recommended
Severity	moderate
References	1181967

Description:

This update for efivar fixes the following issues:

Fixed an issue with the NVME path parsing (bsc#1181967)

Advisory ID	SUSE-RU-2021:786-1
Released	Mon Mar 15 11:19:23 2021
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1176201

Description:

This update for zlib fixes the following issues:

Fixed hw compression on z15 (bsc#1176201)

Advisory ID	SUSE-RU-2021:795-1
Released	Tue Mar 16 10:28:02 2021
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	low
References	1182661,1183012,1183051

Description:

This update for systemd-rpm-macros fixes the following issues:

Added a %systemd_user_pre macro (bsc#1183051, bsc#1183012)
Fixed an issue with %systemd_user_post, where the --global parameter was treated like if it was another service (bsc#1183051, bsc#1182661)

Advisory ID	SUSE-RU-2021:924-1
Released	Tue Mar 23 10:00:49 2021
Summary	Recommended update for filesystem
Type	recommended
Severity	moderate
References	1078466,1146705,1175519,1178775,1180020,1180083,1180596,1181011,1181831,1183094

Description:

This update for filesystem the following issues:

Remove duplicate line due to merge error
Add fix for 'mesa' creating cache with perm 0700. (bsc#1181011)
Fixed an issue causing failure during installation/upgrade a failure. (rh#1548403) (bsc#1146705)
Allows to override config to add cleanup options of '/var/tmp'. (bsc#1078466)
Create config to cleanup '/tmp' regular required with 'tmpfs'. (bsc#1175519)

This update for systemd fixes the following issues:

Fix for a possible memory leak. (bsc#1180020)
Fix for a case when to a bind mounted directory results inactive mount units. (#7811) (bsc#1180596)
Fixed an issue when starting a container conflicts with another one. (bsc#1178775)
Drop most of the tmpfiles that deal with generic paths and avoid warnings. (bsc#1078466, bsc#1181831)
Don't use shell redirections when calling a rpm macro. (bsc#1183094)
'systemd' requires 'aaa_base' >= 13.2. (bsc#1180083)

Advisory ID	SUSE-RU-2021:926-1
Released	Tue Mar 23 13:20:24 2021
Summary	Recommended update for systemd-presets-common-SUSE
Type	recommended
Severity	moderate
References	1083473,1112500,1115408,1165780,1183012

Description:

This update for systemd-presets-common-SUSE fixes the following issues:

Add default user preset containing: - enable `pulseaudio.socket` (bsc#1083473) - enable `pipewire.socket` (bsc#1183012) - enable `pipewire-pulse.socket` (bsc#1183012) - enable `pipewire-media-session.service` (used with pipewire >= 0.3.23)
Changes to the default preset: - enable `btrfsmaintenance-refresh.path`. - disable `btrfsmaintenance-refresh.service`. - enable `dnf-makecache.timer`. - enable `ignition-firstboot-complete.service`. - enable logwatch.timer and avoid to have logwatch out of sync with logrotate. (bsc#1112500) - enable `mlocate.timer`. Recent versions of mlocate don't use `updatedb.timer` any more. (bsc#1115408) - remove enable `updatedb.timer`
Avoid needless refresh on boot. (bsc#1165780)

Advisory ID	SUSE-SU-2021:930-1
Released	Wed Mar 24 12:09:23 2021
Summary	Security update for nghttp2
Type	security
Severity	important
References	1172442,1181358,CVE-2020-11080

Description:

This update for nghttp2 fixes the following issues:

CVE-2020-11080: HTTP/2 Large Settings Frame DoS (bsc#1181358)

Advisory ID	SUSE-SU-2021:974-1
Released	Mon Mar 29 19:31:27 2021
Summary	Security update for tar
Type	security
Severity	low
References	1181131,CVE-2021-20193

Description:

This update for tar fixes the following issues:
CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)

Advisory ID	SUSE-RU-2021:991-1
Released	Wed Mar 31 13:28:37 2021
Summary	Recommended update for vim
Type	recommended
Severity	moderate
References	1182324

Description:

This update for vim provides the following fixes:

Install SUSE vimrc in /usr. (bsc#1182324)
Source correct suse.vimrc file. (bsc#1182324)

Advisory ID	SUSE-RU-2021:1018-1
Released	Tue Apr 6 14:29:13 2021
Summary	Recommended update for gzip
Type	recommended
Severity	moderate
References	1180713

Description:

This update for gzip fixes the following issues:

Fixes an issue when 'gzexe' counts the lines to skip wrong. (bsc#1180713)

Advisory ID	SUSE-RU-2021:1021-1
Released	Tue Apr 6 14:30:30 2021
Summary	Recommended update for cups
Type	recommended
Severity	moderate
References	1175960

Description:

This update for cups fixes the following issues:

Fixed the web UI kerberos authentication (bsc#1175960)

Advisory ID	SUSE-RU-2021:1169-1
Released	Tue Apr 13 15:01:42 2021
Summary	Recommended update for procps
Type	recommended
Severity	low
References	1181976

Description:

This update for procps fixes the following issues:

Corrected a statement in the man page about processor pinning via taskset (bsc#1181976)

Advisory ID	SUSE-RU-2021:1289-1
Released	Wed Apr 21 14:02:46 2021
Summary	Recommended update for gzip
Type	recommended
Severity	moderate
References	1177047

Description:

This update for gzip fixes the following issues:

Fixed a potential segfault when zlib acceleration is enabled (bsc#1177047)

Advisory ID	SUSE-RU-2021:1295-1
Released	Wed Apr 21 14:08:19 2021
Summary	Recommended update for systemd-presets-common-SUSE
Type	recommended
Severity	moderate
References	1184136

Description:

This update for systemd-presets-common-SUSE fixes the following issues:

Enabled hcn-init.service for HNV on POWER (bsc#1184136)

Advisory ID	SUSE-RU-2021:1449-1
Released	Fri Apr 30 08:08:25 2021
Summary	Recommended update for systemd-presets-branding-SLE
Type	recommended
Severity	moderate
References	1165780

Description:

This update for systemd-presets-branding-SLE fixes the following issues:

Don't enable 'btrfsmaintenance-refresh.service', 'btrfsmaintenance' is managed by systemd-presets-common-SUSE instead. (bsc#1165780)

Advisory ID	SUSE-SU-2021:1454-1
Released	Fri Apr 30 09:22:26 2021
Summary	Security update for cups
Type	security
Severity	important
References	1184161,CVE-2021-25317

Description:

This update for cups fixes the following issues:

CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks (bsc#1184161)

Advisory ID	SUSE-RU-2021:1533-1
Released	Thu May 6 17:04:28 2021
Summary	Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type	recommended
Severity	moderate
References	1174304,1174306,1175740,1175741,1179031,1179032,1180304,1182793,1183414,1183415

Description:

This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent contains the following fixes:
Changes in google-guest-agent:

Update to version 20210223.01 (bsc#1183414, bsc#1183415) * add a match block to sshd_config for SAs (#99) * add ipv6 forwarded ip support (#101) * call restorecon on ssh host keys (#98) * Include startup and shutdown in preset (#96) * set metadata URL earlier (#94)
Fix activation logic of systemd services (bsc#1182793)

Update to version 20201211.00 * Require snapshot scripts to live under /etc/google/snapshots (#90) * Adding support for Windows user account password lengths between 15 and 255 characters. (#91) * Adding bkatyl to OWNERS (#92)

Changes in google-guest-configs:

Update to version 20210317.00 (bsc#1183414, bsc#1183415) * dracut.conf wants spaces around values (#19) * make the same change for debian (#18) * change path back for google_nvme_id (#17) * move google_nvme_id to /usr/bin (#16) * correct udev rule syntax (#15) * prune el6 spec (#13) * Updated udev rules (#11)
Remove empty %{_sbindir} from %install and %files section

Remove service files (bsc#1180304) + google-optimize-local-ssd.service, google-set-multiqueue.service scripts are called from within the guest agent

Changes in google-guest-oslogin:

Update to version 20210316.00 (bsc#1183414, bsc#1183415) * call correct function in pwenthelper (#53)

Update to version 20210108.00 * Update logic in the cache_refresh binary (#52) * remove old unused workflow files (#49)

* add getpwnam,getpwuid,getgrnam,getgrgid (#42) * Change requires to not require the python library for policycoreutils. (#44) * add dial and recvline (#41) * PR feedback * new client component and tests
Changes in google-osconfig-agent:

Update to version 20210316.00 (bsc#1183414, bsc#1183415) * call correct function in pwenthelper (#53)

Update to version 20210108.00 * Update logic in the cache_refresh binary (#52) * remove old unused workflow files (#49)

Update to version 20200925.00 (bsc#1179031, bsc#1179032) * add getpwnam,getpwuid,getgrnam,getgrgid (#42) * Change requires to not require the python library for policycoreutils. (#44) * add dial and recvline (#41) * PR feedback * new client component and tests

Update to version 20200819.00 (bsc#1175740, bsc#1175741) * deny non-2fa users (#37) * use asterisks instead (#39) * set passwords to ! (#38) * correct index 0 bug (#36) * Support security key generated OTP challenges. (#35)

No post action for ssh

Initial build (bsc#1174304, bsc#1174306, jsc#ECO-2099, jsc#PM-1945) + Version 20200507.00 + Replaces google-compute-engine-oslogin package

Advisory ID	SUSE-RU-2021:1543-1
Released	Fri May 7 15:16:34 2021
Summary	Recommended update for patterns-microos
Type	recommended
Severity	moderate
References	1184435

Description:

This update for patterns-microos provides the following fix:

Require the libvirt-daemon-qemu package and include the needed dependencies in the product. (bsc#1184435)

Advisory ID	SUSE-RU-2021:1549-1
Released	Mon May 10 13:48:00 2021
Summary	Recommended update for procps
Type	recommended
Severity	moderate
References	1185417

Description:

This update for procps fixes the following issues:

Support up to 2048 CPU as well. (bsc#1185417)

Advisory ID	SUSE-RU-2021:1643-1
Released	Wed May 19 13:51:48 2021
Summary	Recommended update for pam
Type	recommended
Severity	important
References	1181443,1184358,1185562

Description:

This update for pam fixes the following issues:

Fixed a bug, where the 'unlimited'/'-1' value was not interpreted correctly (bsc#1181443)
Fixed a bug, where pam_access interpreted the keyword 'LOCAL' incorrectly, leading to an attempt to resolve it as a hostname (bsc#1184358)
In the 32-bit compatibility package for 64-bit architectures, require 'systemd-32bit' to be also installed as it contains pam_systemd.so for 32 bit applications. (bsc#1185562)

Advisory ID	SUSE-RU-2021:1669-1
Released	Thu May 20 11:10:44 2021
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1181540,1181651,1183194,1185170

Description:

This update for nfs-utils fixes the following issues:

The '/var/run' is long deprecated - switch all relevant paths to '/run'. (bsc#1185170)
Improve logging of authentication (bsc#1181540)
Add man page of the 'nconnect mount'. (bsc#1181651)
Fixed an issue when HANA crashed due to inaccessible/hanging NFS mount. (bsc#1183194)

Advisory ID	SUSE-RU-2021:1675-1
Released	Thu May 20 15:00:23 2021
Summary	Recommended update for snappy
Type	recommended
Severity	moderate
References	1080040,1184507

Description:

This update for snappy fixes the following issues:
Update from version 1.1.3 to 1.1.8

Small performance improvements.
Removed `snappy::string` alias for `std::string`.
Improved `CMake` configuration.
Improved packages descriptions.
Fix RPM groups.
Aarch64 fixes
PPC speedups
PIE improvements
Fix license install. (bsc#1080040)
Fix a 1% performance regression when snappy is used in PIE executable.
Improve compression performance by 5%.
Improve decompression performance by 20%.
Use better download URL.
Fix a build issue for tensorflow2. (bsc#1184507)

Advisory ID	SUSE-RU-2021:1700-1
Released	Mon May 24 16:39:35 2021
Summary	Recommended update for google-guest-agent, google-guest-oslogin, google-osconfig-agent
Type	recommended
Severity	moderate
References	1185848,1185849

Description:

This update for google-guest-agent, google-guest-oslogin, google-osconfig-agent contains the following fixes:

Update to version 20210414.00 (bsc#1185848, bsc#1185849) * start sshd (#106) * Add systemd-networkd.service restart dependency. (#104) * Update error message for handleHealthCheckRequest. (#105)

Update to version 20210429.00 (bsc#1185848, bsc#1185849) * correct pagetoken in groupsforuser (#59) * resolve self groups last (#58) * support empty groups (#57) * no paginating to find groups (#56) * clear users vector (#55) * correct usage of pagetoken (#54)

Update to version 20210506.00 (bsc#1185848, bsc#1185849) * Add more os policy assignment examples (#348) * e2e_tests: enable stable tests for OSPolicies (#347) * Align start and end task logs (#346) * ConfigTask: add additional info logs (#345) * e2e_tests: add validation tests (#344) * Config Task: make sure agent respects policy mode (#343) * update * e2e_tests: readd retries to OSPolicies * Set minWaitDuration as a string instead of object (#341) * e2e_tests: Fix a few SUSE tests (#339) * Remove pre-release flag from config (#340) * e2e_tests: fixup OSPolicy tests (#338) * e2e_tests: unlock mutex for CreatePolicies as soon as create finishes (#337) * e2e_tests: Don't retry failed OSPolicy tests, fix msi test (#336) * Examples for os policy assignments (#334) * e2e_tests: increase the deadline for OSPolicy tests and only start after a zone has been secured (#335) * Fix panic when installing MSI (#332) * e2e_tests: Add test cases of installing dbe, rpm and msi packages (#333) * e2e_tests: add more logging * e2e_tests: (#330) * e2e_test: Add timouts to OSPolicy tests so we don't wait forever (#329) * Create top level directories for gcloud and console for os policy assignment examples (#328) * e2e_tests: Move api from an internal directory (#327) * Make sure we use the same test name for reruns (#326) * Add CONFIG_V1 capability (#325) * e2e_tests: reduce size of instances, use pd-balanced, rerun failed tests once (#324) * Only report installed packages for dpkg (#322) * e2e_tests: fix windows package and repository tests (#323) * Add top level directories for os policy examples (#321) * e2e_tests: move to using inventory api for inventory reporting (#320) * e2e_tests: add ExecResource tests (#319) * ExecResource: make sure we set permissions correctly for downloaded files (#318) * Config task: only run post check on resources that have already been evaluated (#317) * e2e_test: reorganize OSPolicy tests to be per Resource type (#316) * Set custom user agent (#299) * e2e_tests: check InstanceOSPoliciesCompliance for each test case, add LocalPath FileResource test (#314) * PackageResource: make sure to run AptUpdate prior to package install (#315) * Fix bugs/add more logging for OSPolicies (#313) * Change metadata http client to ignore http proxies (#312) * e2e_test: add tests for FileResource (#311) * Add task_type context logging (#310) * Fix e2e_test typo (#309) * Fix e2e_tests (#308) * Disable OSPolicies by default since it is an unreleased feature (#307) * e2e_tests: Add more OSPolicies package and repo tests (#306) * Do not enforce repo_gpgcheck in guestpolicies (#305) * Gather inventory 3-5min after agent start (#303) * e2e_tests: add OSPolicies tests for package install (#302) * Add helpful error log if a service account is missing (#304) * OSPolicies: correct apt repo extension, remove yum/zypper gpgcheck override (#301) * Update cos library to parse new version of packages file (#300) * config_task: Rework config step logic (#296) * e2e_test: enable serial logs in cos to support ReportInventory test (#297)

Advisory ID	SUSE-RU-2021:1861-1
Released	Fri Jun 4 09:59:40 2021
Summary	Recommended update for gcc10
Type	recommended
Severity	moderate
References	1029961,1106014,1178577,1178624,1178675,1182016

Description:

This update for gcc10 fixes the following issues:

Disable nvptx offloading for aarch64 again since it doesn't work
Fixed a build failure issue. (bsc#1182016)
Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)
Fix 32bit 'libgnat.so' link. (bsc#1178675)
prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)
Build complete set of multilibs for arm-none target. (bsc#1106014)

Advisory ID	SUSE-RU-2021:1923-1
Released	Thu Jun 10 08:37:00 2021
Summary	Recommended update for nfs-utils
Type	recommended
Severity	important
References	1183194

Description:

This update for nfs-utils fixes the following issues:

Ensured thread safety when opening files over NFS to prevent a use-after-free issue (bsc#1183194)

Advisory ID	SUSE-RU-2021:1935-1
Released	Thu Jun 10 10:45:09 2021
Summary	Recommended update for gzip
Type	recommended
Severity	moderate
References	1186642

Description:

This update for gzip fixes the following issue:

gzip had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642)

Advisory ID	SUSE-RU-2021:1937-1
Released	Thu Jun 10 10:47:09 2021
Summary	Recommended update for nghttp2
Type	recommended
Severity	moderate
References	1186642

Description:

This update for nghttp2 fixes the following issue:

The (lib)nghttp2 packages had a lower release number in SUSE Linux Enterprise 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642)

Advisory ID	SUSE-RU-2021:1941-1
Released	Thu Jun 10 10:49:52 2021
Summary	Recommended update for sysconfig
Type	recommended
Severity	moderate
References	1186642

Description:

This update for sysconfig fixes the following issue:

sysconfig had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642)

Advisory ID	SUSE-SU-2021:1954-1
Released	Fri Jun 11 10:45:09 2021
Summary	Security update for containerd, docker, runc
Type	security
Severity	important
References	1168481,1175081,1175821,1181594,1181641,1181677,1181730,1181732,1181749,1182451,1182476,1182947,1183024,1183855,1184768,1184962,1185405,CVE-2021-21284,CVE-2021-21285,CVE-2021-21334,CVE-2021-30465

Description:

This update for containerd, docker, runc fixes the following issues:
Docker was updated to 20.10.6-ce (bsc#1184768, bsc#1182947, bsc#1181594)

Switch version to use -ce suffix rather than _ce to avoid confusing other tools (bsc#1182476).
CVE-2021-21284: Fixed a potential privilege escalation when the root user in the remapped namespace has access to the host filesystem (bsc#1181732)
CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest crashes the dockerd daemon (bsc#1181730).
btrfs quotas being removed by Docker regularly (bsc#1183855, bsc#1175081)

runc was updated to v1.0.0~rc93 (bsc#1182451, bsc#1175821 bsc#1184962).

Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).
Fixed /dev/null is not available (bsc#1168481).
CVE-2021-30465: Fixed a symlink-exchange attack vulnarability (bsc#1185405).

containerd was updated to v1.4.4

CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397).
Handle a requirement from docker (bsc#1181594).

Advisory ID	SUSE-RU-2021:2091-1
Released	Mon Jun 21 10:45:13 2021
Summary	Recommended update for wget
Type	recommended
Severity	moderate
References	1181173

Description:

This update for wget fixes the following issue:

When running recursively, wget will verify the length of the whole URL when saving the files. This will make it overwrite files with truncated names, throwing the following message: 'The name is too long,... trying to shorten'. (bsc#1181173)

Advisory ID	SUSE-RU-2021:2096-1
Released	Mon Jun 21 13:35:38 2021
Summary	Recommended update for python-six
Type	recommended
Severity	moderate
References	1186642

Description:

This update for python-six fixes the following issue:

python-six had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642)

Advisory ID	SUSE-RU-2021:2146-1
Released	Wed Jun 23 17:55:14 2021
Summary	Recommended update for openssh
Type	recommended
Severity	moderate
References	1115550,1174162

Description:

This update for openssh fixes the following issues:

Fixed a race condition leading to a sshd termination of multichannel sessions with non-root users (bsc#1115550, bsc#1174162).

Advisory ID	SUSE-RU-2021:2173-1
Released	Mon Jun 28 14:59:45 2021
Summary	Recommended update for automake
Type	recommended
Severity	moderate
References	1040589,1047218,1182604,1185540,1186049

Description:

This update for automake fixes the following issues:

Implement generated autoconf makefiles reproducible (bsc#1182604)
Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848)
Avoid bashisms in test-driver script. (bsc#1185540)

This update for pcre fixes the following issues:

Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589)

This update for brp-check-suse fixes the following issues:

Add fixes to support reproducible builds. (bsc#1186049)

Advisory ID	SUSE-RU-2021:2178-1
Released	Mon Jun 28 15:56:15 2021
Summary	Recommended update for systemd-presets-common-SUSE
Type	recommended
Severity	moderate
References	1186561

Description:

This update for systemd-presets-common-SUSE fixes the following issues:
When installing the systemd-presets-common-SUSE package for the first time in a new system, it might happen that some services are installed before systemd so the %systemd_pre/post macros would not work. This is handled by enabling all preset services in this package's %posttrans section but it wasn't enabling user services, just system services. Now it enables also the user services installed before this package (bsc#1186561)

Advisory ID	SUSE-RU-2021:2191-1
Released	Mon Jun 28 18:38:13 2021
Summary	Recommended update for patterns-microos
Type	recommended
Severity	moderate
References	1186791

Description:

This update for patterns-microos provides the following fix:

Add zypper-migration-plugin to the default pattern. (bsc#1186791)

Advisory ID	SUSE-RU-2021:2193-1
Released	Mon Jun 28 18:38:43 2021
Summary	Recommended update for tar
Type	recommended
Severity	moderate
References	1184124

Description:

This update for tar fixes the following issues:

Link '/var/lib/tests/tar/bin/genfile' as Position-Independent Executable (bsc#1184124)

Advisory ID	SUSE-SU-2021:2196-1
Released	Tue Jun 29 09:41:39 2021
Summary	Security update for lua53
Type	security
Severity	moderate
References	1175448,1175449,CVE-2020-24370,CVE-2020-24371

Description:

This update for lua53 fixes the following issues:
Update to version 5.3.6:

CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449)
CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448)
Long brackets with a huge number of '=' overflow some internal buffer arithmetic.

Advisory ID	SUSE-RU-2021:2286-1
Released	Fri Jul 9 17:38:53 2021
Summary	Recommended update for dosfstools
Type	recommended
Severity	moderate
References	1172863

Description:

This update for dosfstools fixes the following issue:

Fixed a bug that was causing an installation issue when trying to create an EFI partition on an NVMe-over-Fabrics device (bsc#1172863)

Advisory ID	SUSE-SU-2021:2320-1
Released	Wed Jul 14 17:01:06 2021
Summary	Security update for sqlite3
Type	security
Severity	important
References	1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327

Description:

This update for sqlite3 fixes the following issues:

Update to version 3.36.0
CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization (bsc#1173641)
CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator (bsc#1164719)
CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439)
CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438)
CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference (bsc#1160309)
CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850)
CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847)
CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c (bsc#1159715)
CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference (bsc#1159491)
CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name (bsc#1158960)
CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns (bsc#1158959)
CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements (bsc#1158958)
CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service (bsc#1158812)
CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818)
CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701)
CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700)
CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)
CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow
CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236)
CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240)
CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)

Advisory ID	SUSE-RU-2021:2395-1
Released	Mon Jul 19 12:08:34 2021
Summary	Recommended update for efivar
Type	recommended
Severity	moderate
References	1187386

Description:

This update for efivar provides the following fix:

Fix the eMMC sysfs parsing. (bsc#1187386)

Advisory ID	SUSE-SU-2021:2412-1
Released	Tue Jul 20 15:25:21 2021
Summary	Security update for containerd
Type	security
Severity	moderate
References	1188282,CVE-2021-32760

Description:

This update for containerd fixes the following issues:

CVE-2021-32760: Fixed a bug which allows untrusted container images to change permissions in the host's filesystem. (bsc#1188282)

Advisory ID	SUSE-RU-2021:2456-1
Released	Thu Jul 22 15:28:39 2021
Summary	Recommended update for pam-config
Type	recommended
Severity	moderate
References	1187091

Description:

This update for pam-config fixes the following issues:

Add 'revoke' to the option list for 'pam_keyinit'.
Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091)

Advisory ID	SUSE-RU-2021:2464-1
Released	Fri Jul 23 14:20:23 2021
Summary	Recommended update for shim
Type	recommended
Severity	moderate
References	1185232,1185261,1185441,1185464,1185961,1187071,1187260,1187696

Description:

This update for shim fixes the following issues:

shim-install: Always assume 'removable' for Azure to avoid the endless reset loop (bsc#1185464)
Avoid deleting the mirrored RT variables (bsc#1187696)
Split the keys in vendor-dbx.bin to vendor-dbx-sles and vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce the size of MokListXRT (bsc#1185261) + Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
Handle ignore_db and user_insecure_mode correctly (bsc#1185441, bsc#1187071)
Relax the maximum variable size check for u-boot (bsc#1185621)
Relax the check for import_mok_state() when Secure Boot is off. (bsc#1185261)
Ignore the odd LoadOptions length (bsc#1185232)
shim-install: reset def_shim_efi to 'shim.efi' if the given file doesn't exist
Fided the size of rela sections for AArch64
Disable exporting vendor-dbx to MokListXRT since writing a large RT variable could crash some machines (bsc#1185261)
Avoid potential crash when calling QueryVariableInfo in EFI 1.10 machines (bsc#1187260)
Avoid buffer overflow when copying data to the MOK config table (bsc#1185232)

Advisory ID	SUSE-RU-2021:2477-1
Released	Tue Jul 27 13:32:50 2021
Summary	Recommended update for growpart-rootgrow
Type	recommended
Severity	important
References	1165198,1188179

Description:

This update for growpart-rootgrow fixes the following issues:

Change the logic to determine the partition ID of the root filesystem (bsc#1188179) + Previously the algorithm depended on the order of the output from lsblk using an index to keep track of the known partitions. The new implementation is order independent, it depends on the partition ID being numerical in nature and at the end of the device string.

Add coverage config. Omit version module from coverage check.

Fix string formatting for flake8 formatting.

Replace travis testing with GitHub actions. Add ci testing workflow action.

Switch implementation to use Popen for Python 3.4 compatibility (bsc#1165198)

Bump version: 1.0.2 → 1.0.3

Fixed unit tests and style This clobbers several fixes into one. Sorry about it but I started on already made changes done by other people. This commit includes several pep8 style fixes mostly on the indentation level. In addition it fixes the unit tests to really cover all code and to make the exception tests really effective.

Switch to use Popen instead of run The run() fuction in the subprocess module was implemented after Python 3.4. However, we need to support Python 3.4 for SLES 12

Bump version: 1.0.1 → 1.0.2

Package LICENSE file The LICENSE file is part of the source repo but was not packaged with the rpm package

Advisory ID	SUSE-RU-2021:2481-1
Released	Tue Jul 27 14:20:27 2021
Summary	Recommended update for sysconfig
Type	recommended
Severity	moderate
References	1184124

Description:

This update for sysconfig fixes the following issues:

Link as Position Independent Executable (bsc#1184124).

Advisory ID	SUSE-RU-2021:2573-1
Released	Thu Jul 29 14:21:52 2021
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1188127

Description:

This update for timezone fixes the following issue:

From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by

the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

Advisory ID	SUSE-RU-2021:2606-1
Released	Wed Aug 4 13:16:09 2021
Summary	Recommended update for libcbor
Type	recommended
Severity	moderate
References	1102408

Description:

This update for libcbor fixes the following issues:

Implement a fix to avoid building shared library twice. (bsc#1102408)

Advisory ID	SUSE-RU-2021:2625-1
Released	Thu Aug 5 12:10:27 2021
Summary	Recommended update for supportutils
Type	recommended
Severity	moderate
References	1185991,1185993,1186347,1186397,1186687,1188348

Description:

This update for supportutils fixes the following issues:
ethtool was updated to version 3.1.17:

Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)
Adding ethtool options g l m to network.txt (jsc#SLE-18240)
lsof options to improve performance (bsc#1186687)
Exclude rhn.conf from etc.txt (bsc#1186347)
analyzevmcore supports local directories (bsc#1186397)
getappcore checks for valid compression binary (bsc#1185991)
getappcore does not trigger errors with help message (bsc#1185993)

Advisory ID	SUSE-RU-2021:2627-1
Released	Thu Aug 5 12:10:46 2021
Summary	Recommended maintenance update for systemd-default-settings
Type	recommended
Severity	moderate
References	1188348

Description:

This update for systemd-default-settings fixes the following issue:

Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)

Advisory ID	SUSE-RU-2021:2681-1
Released	Thu Aug 12 14:59:06 2021
Summary	Recommended update for growpart-rootgrow
Type	recommended
Severity	important
References	1188868,1188904

Description:

This update for growpart-rootgrow fixes the following issues:

Fix root partition ID lookup. Only consider trailing digits to be part of the paritition ID. (bsc#1188868) (bsc#1188904)

Advisory ID	SUSE-SU-2021:2682-1
Released	Thu Aug 12 20:06:19 2021
Summary	Security update for rpm
Type	security
Severity	important
References	1179416,1181805,1183543,1183545,CVE-2021-20266,CVE-2021-20271,CVE-2021-3421

Description:

This update for rpm fixes the following issues:

Changed default package verification level to 'none' to be compatible to rpm-4.14.1
Made illegal obsoletes a warning
Fixed a potential access of freed mem in ndb's glue code (bsc#1179416)
Added support for enforcing signature policy and payload verification step to transactions (jsc#SLE-17817)
Added :humansi and :hmaniec query formatters for human readable output
Added query selectors for whatobsoletes and whatconflicts
Added support for sorting caret higher than base version
rpm does no longer require the signature header to be in a contiguous region when signing (bsc#1181805)

Security fixes:

CVE-2021-3421: A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity (bsc#1183543)

CVE-2021-20271: A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability (bsc#1183545)

CVE-2021-20266: A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.

Advisory ID	SUSE-SU-2021:2760-1
Released	Tue Aug 17 17:11:14 2021
Summary	Security update for c-ares
Type	security
Severity	important
References	1188881,CVE-2021-3672

Description:

This update for c-ares fixes the following issues:
Version update to git snapshot 1.17.1+20200724:

CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881)
If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash
Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response
Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing
Use unbuffered /dev/urandom for random data to prevent early startup performance issues

Advisory ID	SUSE-RU-2021:2899-1
Released	Wed Sep 1 08:30:58 2021
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	moderate
References	1186282,1187332

Description:

This update for systemd-rpm-macros fixes the following issues:

Fixed an issue whe zypper ignores the ordering constraints. (bsc#1187332)
Introduce '%sysusers_create_package': '%sysusers_create' and '%sysusers_create_inline' are now deprecated and the new macro should be used instead.
%sysusers_create_inline: use here-docs instead of echo (bsc#1186282)

Advisory ID	SUSE-SU-2021:2937-1
Released	Fri Sep 3 09:18:45 2021
Summary	Security update for libesmtp
Type	security
Severity	important
References	1160462,1189097,CVE-2019-19977

Description:

This update for libesmtp fixes the following issues:

CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).

Advisory ID	SUSE-RU-2021:2962-1
Released	Mon Sep 6 18:23:01 2021
Summary	Recommended update for runc
Type	recommended
Severity	critical
References	1189743

Description:

This update for runc fixes the following issues:

Fixed an issue when toolbox container fails to start. (bsc#1189743)

Advisory ID	SUSE-RU-2021:2974-1
Released	Tue Sep 7 17:17:23 2021
Summary	Recommended update for librdkafka
Type	recommended
Severity	important
References	1189792

Description:

This update for librdkafka fixes the following issue:

Fixed thread creation on SUSE Linux Enterprise Server 15 SP3. (bsc#1189792)

Advisory ID	SUSE-RU-2021:2997-1
Released	Thu Sep 9 14:37:34 2021
Summary	Recommended update for python3
Type	recommended
Severity	moderate
References	1187338,1189659

Description:

This update for python3 fixes the following issues:

Fixed an issue when the missing 'stropts.h' causing build errors for different python modules. (bsc#1187338)

Advisory ID	SUSE-RU-2021:3001-1
Released	Thu Sep 9 15:08:13 2021
Summary	Recommended update for netcfg
Type	recommended
Severity	moderate
References	1189683

Description:

This update for netcfg fixes the following issues:

add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683]

Advisory ID	SUSE-RU-2021:3022-1
Released	Mon Sep 13 10:48:16 2021
Summary	Recommended update for c-ares
Type	recommended
Severity	important
References	1190225

Description:

This update for c-ares fixes the following issue:

Allow '_' as part of DNS response. (bsc#1190225) - 'c-ares' 1.17.2 introduced response validation to prevent a security issue, however it was not listing '_' as a valid character for domain name responses which caused issues when a 'CNAME' referenced a 'SRV' record which contained underscores.

Advisory ID	SUSE-RU-2021:3132-1
Released	Fri Sep 17 16:37:37 2021
Summary	Recommended update for google-guest-oslogin
Type	recommended
Severity	moderate
References	1188992,1189041

Description:

This update for google-guest-oslogin contains the following fixes:

Update to version 20210728.00 (bsc#1188992, bsc#1189041) * JSON object cleanup (#65)

Update to version 20210707.00 * throw exceptions in cache_refresh (#64)

from version 20210702.00 * Use IP address for calling the metadata server. (#63)

Update to version 20210618.00 * flush each group member write (#62)

Advisory ID	SUSE-RU-2021:3182-1
Released	Tue Sep 21 17:04:26 2021
Summary	Recommended update for file
Type	recommended
Severity	moderate
References	1189996

Description:

This update for file fixes the following issues:

Fixes exception thrown by memory allocation problem (bsc#1189996)

Advisory ID	SUSE-RU-2021:3203-1
Released	Thu Sep 23 14:41:35 2021
Summary	Recommended update for kmod
Type	recommended
Severity	moderate
References	1189537,1190190

Description:

This update for kmod fixes the following issues:

Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190).
Enable support for ZSTD compressed modules
Display module information even for modules built into the running kernel (bsc#1189537)
'/usr/lib' should override '/lib' where both are available. Support '/usr/lib' for depmod.d as well.
Remove test patches included in release 29

Update to release 29 * Fix `modinfo -F` not working for built-in modules and certain fields. * Fix a memory leak, overflow and double free on error path.

Advisory ID	SUSE-RU-2021:3245-1
Released	Tue Sep 28 13:54:31 2021
Summary	Recommended update for docker
Type	recommended
Severity	important
References	1190670

Description:

This update for docker fixes the following issues:

Return ENOSYS for clone3 in the seccomp profile to avoid breaking containers using glibc 2.34.
Add shell requires for the *-completion subpackages.

Advisory ID	SUSE-RU-2021:3274-1
Released	Fri Oct 1 10:34:17 2021
Summary	Recommended update for ca-certificates-mozilla
Type	recommended
Severity	important
References	1190858

Description:

This update for ca-certificates-mozilla fixes the following issues:

remove one of the Letsencrypt CAs DST_Root_CA_X3.pem, as it expires September 30th 2021 and openssl certificate chain handling does not handle this correctly in openssl 1.0.2 and older. (bsc#1190858)

Advisory ID	SUSE-SU-2021:3291-1
Released	Wed Oct 6 16:45:36 2021
Summary	Security update for glibc
Type	security
Severity	moderate
References	1186489,1187911,CVE-2021-33574,CVE-2021-35942

Description:

This update for glibc fixes the following issues:

CVE-2021-33574: Fixed use __pthread_attr_copy in mq_notify (bsc#1186489).
CVE-2021-35942: Fixed wordexp handle overflow in positional parameter number (bsc#1187911).

Advisory ID	SUSE-RU-2021:3382-1
Released	Tue Oct 12 14:30:17 2021
Summary	Recommended update for ca-certificates-mozilla
Type	recommended
Severity	moderate
References

Description:

This update for ca-certificates-mozilla fixes the following issues:

A new sub-package for minimal base containers (jsc#SLE-22162)

Advisory ID	SUSE-SU-2021:3445-1
Released	Fri Oct 15 09:03:39 2021
Summary	Security update for rpm
Type	security
Severity	important
References	1183659,1185299,1187670,1188548

Description:

This update for rpm fixes the following issues:
Security issues fixed:

PGP hardening changes (bsc#1185299)

Maintaince issues fixed:

Fixed zstd detection (bsc#1187670)
Added ndb rofs support (bsc#1188548)
Fixed deadlock when multiple rpm processes try tp acquire the database lock (bsc#1183659)

Advisory ID	SUSE-SU-2021:3490-1
Released	Wed Oct 20 16:31:55 2021
Summary	Security update for ncurses
Type	security
Severity	moderate
References	1190793,CVE-2021-39537

Description:

This update for ncurses fixes the following issues:

CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)

Advisory ID	SUSE-RU-2021:3494-1
Released	Wed Oct 20 16:48:46 2021
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1190052

Description:

This update for pam fixes the following issues:

Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638)
Added new file macros.pam on request of systemd. (bsc#1190052)

Advisory ID	SUSE-RU-2021:3501-1
Released	Fri Oct 22 10:42:46 2021
Summary	Recommended update for libzypp, zypper, libsolv, protobuf
Type	recommended
Severity	moderate
References	1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190465,1190712,1190815

Description:

This update for libzypp, zypper, libsolv and protobuf fixes the following issues:

Choice rules: treat orphaned packages as newest (bsc#1190465)
Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602)
Do not check of signatures and keys two times(redundant) (bsc#1190059)
Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760)
Show key fpr from signature when signature check fails (bsc#1187224)
Fix solver jobs for PTFs (bsc#1186503)
Fix purge-kernels fails (bsc#1187738)
Fix obs:// platform guessing for Leap (bsc#1187425)
Make sure to keep states alives while transitioning. (bsc#1190199)
Manpage: Improve description about patch updates(bsc#1187466)
Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested.
Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815)
Fix crashes in logging code when shutting down (bsc#1189031)
Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712)
Add need reboot/restart hint to XML install summary (bsc#1188435)
Prompt: choose exact match if prompt options are not prefix free (bsc#1188156)
Include libprotobuf-lite20 in products to enable parallel downloads. (jsc#ECO-2911, jsc#SLE-16862)

Advisory ID	SUSE-SU-2021:3506-1
Released	Mon Oct 25 10:20:22 2021
Summary	Security update for containerd, docker, runc
Type	security
Severity	important
References	1102408,1185405,1187704,1188282,1190826,1191015,1191121,1191334,1191355,1191434,CVE-2021-30465,CVE-2021-32760,CVE-2021-41089,CVE-2021-41091,CVE-2021-41092,CVE-2021-41103

Description:

This update for containerd, docker, runc fixes the following issues:
Docker was updated to 20.10.9-ce. (bsc#1191355)
See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103
container was updated to v1.4.11, to fix CVE-2021-41103. bsc#1191355

CVE-2021-32760: Fixed that a archive package allows chmod of file outside of unpack target directory (bsc#1188282)

Install systemd service file as well (bsc#1190826)

Update to runc v1.0.2. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.2

Fixed a failure to set CPU quota period in some cases on cgroup v1.
Fixed the inability to start a container with the 'adding seccomp filter rule for syscall ...' error, caused by redundant seccomp rules (i.e. those that has action equal to the default one). Such redundant rules are now skipped.
Made release builds reproducible from now on.
Fixed a rare debug log race in runc init, which can result in occasional harmful 'failed to decode ...' errors from runc run or exec.
Fixed the check in cgroup v1 systemd manager if a container needs to be frozen before Set, and add a setting to skip such freeze unconditionally. The previous fix for that issue, done in runc 1.0.1, was not working.

Update to runc v1.0.1. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.1

Fixed occasional runc exec/run failure ('interrupted system call') on an Azure volume.
Fixed 'unable to find groups ... token too long' error with /etc/group containing lines longer than 64K characters.
cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is frozen. This is a regression in 1.0.0, not affecting runc itself but some of libcontainer users (e.g Kubernetes).
cgroupv2: bpf: Ignore inaccessible existing programs in case of permission error when handling replacement of existing bpf cgroup programs. This fixes a regression in 1.0.0, where some SELinux policies would block runc from being able to run entirely.
cgroup/systemd/v2: don't freeze cgroup on Set.
cgroup/systemd/v1: avoid unnecessary freeze on Set.
fix issues with runc under openSUSE MicroOS's SELinux policy. bsc#1187704

Update to runc v1.0.0. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.0
! The usage of relative paths for mountpoints will now produce a warning (such configurations are outside of the spec, and in future runc will produce an error when given such configurations).

cgroupv2: devices: rework the filter generation to produce consistent results with cgroupv1, and always clobber any existing eBPF program(s) to fix runc update and avoid leaking eBPF programs (resulting in errors when managing containers).
cgroupv2: correctly convert 'number of IOs' statistics in a cgroupv1-compatible way.
cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
cgroupv2: wait for freeze to finish before returning from the freezing code, optimize the method for checking whether a cgroup is frozen.
cgroups/systemd: fixed 'retry on dbus disconnect' logic introduced in rc94
cgroups/systemd: fixed returning 'unit already exists' error from a systemd cgroup manager (regression in rc94)
cgroupv2: support SkipDevices with systemd driver
cgroup/systemd: return, not ignore, stop unit error from Destroy
Make 'runc --version' output sane even when built with go get or otherwise outside of our build scripts.
cgroups: set SkipDevices during runc update (so we don't modify cgroups at all during runc update).
cgroup1: blkio: support BFQ weights.
cgroupv2: set per-device io weights if BFQ IO scheduler is available.

Update to runc v1.0.0~rc95. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95
This release of runc contains a fix for CVE-2021-30465, and users are strongly recommended to update (especially if you are providing semi-limited access to spawn containers to untrusted users). (bsc#1185405)
Update to runc v1.0.0~rc94. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94
Breaking Changes:

cgroupv1: kernel memory limits are now always ignored, as kmemcg has been effectively deprecated by the kernel. Users should make use of regular memory cgroup controls.

Regression Fixes:

seccomp: fix 32-bit compilation errors
runc init: fix a hang caused by deadlock in seccomp/ebpf loading code
runc start: fix 'chdir to cwd: permission denied' for some setups

Advisory ID	SUSE-RU-2021:3510-1
Released	Tue Oct 26 11:22:15 2021
Summary	Recommended update for pam
Type	recommended
Severity	important
References	1191987

Description:

This update for pam fixes the following issues:

Fixed a bad directive file which resulted in the 'securetty' file to be installed as 'macros.pam'. (bsc#1191987)

Advisory ID	SUSE-SU-2021:3529-1
Released	Wed Oct 27 09:23:32 2021
Summary	Security update for pcre
Type	security
Severity	moderate
References	1172973,1172974,CVE-2019-20838,CVE-2020-14155

Description:

This update for pcre fixes the following issues:
Update pcre to version 8.45:

CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974).
CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973)

Advisory ID	SUSE-RU-2021:3792-1
Released	Wed Nov 24 06:12:09 2021
Summary	Recommended update for kmod
Type	recommended
Severity	moderate
References	1192104

Description:

This update for kmod fixes the following issues:

Enable ZSTD compression (bsc#1192104)(jsc#SLE-21256)

Advisory ID	SUSE-RU-2021:3799-1
Released	Wed Nov 24 18:07:54 2021
Summary	Recommended update for gcc11
Type	recommended
Severity	moderate
References	1187153,1187273,1188623

Description:

This update for gcc11 fixes the following issues:
The additional GNU compiler collection GCC 11 is provided:
To select these compilers install the packages:

gcc11
gcc-c++11
and others with 11 prefix.

to select them for building:

CC='gcc-11'
CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

Advisory ID	SUSE-RU-2021:3872-1
Released	Thu Dec 2 07:25:55 2021
Summary	Recommended update for cracklib
Type	recommended
Severity	moderate
References	1191736

Description:

This update for cracklib fixes the following issues:

Enable build time tests (bsc#1191736)

Advisory ID	SUSE-RU-2021:3883-1
Released	Thu Dec 2 11:47:07 2021
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1177460

Description:

This update for timezone fixes the following issues:
Update timezone to 2021e (bsc#1177460)

Palestine will fall back 10-29 (not 10-30) at 01:00
Fiji suspends DST for the 2021/2022 season
'zic -r' marks unspecified timestamps with '-00'
Fix a bug in 'zic -b fat' that caused old timestamps to be mishandled in 32-bit-only readers
Refresh timezone info for china

Advisory ID	SUSE-RU-2021:3891-1
Released	Fri Dec 3 10:21:49 2021
Summary	Recommended update for keyutils
Type	recommended
Severity	moderate
References	1029961,1113013,1187654

Description:

This update for keyutils fixes the following issues:

Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

Revert the change notifications that were using /dev/watch_queue.
Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
Allow 'keyctl supports' to retrieve raw capability data.
Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.
Allow 'keyctl new_session' to name the keyring.
Allow 'keyctl add/padd/etc.' to take hex-encoded data.
Add 'keyctl watch*' to expose kernel change notifications on keys.
Add caps for namespacing and notifications.
Set a default TTL on keys that upcall for name resolution.
Explicitly clear memory after it's held sensitive information.
Various manual page fixes.
Fix C++-related errors.
Add support for keyctl_move().
Add support for keyctl_capabilities().
Make key=val list optional for various public-key ops.
Fix system call signature for KEYCTL_PKEY_QUERY.
Fix 'keyctl pkey_query' argument passing.
Use keyctl_read_alloc() in dump_key_tree_aux().
Various manual page fixes.

Updated to 1.6:

Apply various specfile cleanups from Fedora.
request-key: Provide a command line option to suppress helper execution.
request-key: Find least-wildcard match rather than first match.
Remove the dependency on MIT Kerberos.
Fix some error messages
keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
Fix doc and comment typos.
Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
Add pkg-config support for finding libkeyutils.
upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

Add keyring restriction support.
Add KDF support to the Diffie-Helman function.
DNS: Add support for AFS config files and SRV records

Advisory ID	SUSE-SU-2021:3899-1
Released	Fri Dec 3 11:27:41 2021
Summary	Security update for aaa_base
Type	security
Severity	moderate
References	1162581,1174504,1191563,1192248

Description:

This update for aaa_base fixes the following issues:

Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504).
Add $HOME/.local/bin to PATH, if it exists (bsc#1192248).
Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563).
Support xz compressed kernel (bsc#1162581)

Advisory ID	SUSE-SU-2021:3942-1
Released	Mon Dec 6 14:46:05 2021
Summary	Security update for brotli
Type	security
Severity	moderate
References	1175825,CVE-2020-8927

Description:

This update for brotli fixes the following issues:

CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB (bsc#1175825).

Advisory ID	SUSE-SU-2021:3946-1
Released	Mon Dec 6 14:57:42 2021
Summary	Security update for gmp
Type	security
Severity	moderate
References	1192717,CVE-2021-43618

Description:

This update for gmp fixes the following issues:

CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

Advisory ID	SUSE-SU-2021:3950-1
Released	Mon Dec 6 14:59:37 2021
Summary	Security update for openssh
Type	security
Severity	important
References	1190975,CVE-2021-41617

Description:

This update for openssh fixes the following issues:

CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).

Advisory ID	SUSE-RU-2021:3980-1
Released	Thu Dec 9 16:42:19 2021
Summary	Recommended update for glibc
Type	recommended
Severity	moderate
References	1191592

Description:

glibc was updated to fix the following issue:

Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)

Advisory ID	SUSE-RU-2021:4009-1
Released	Mon Dec 13 11:24:43 2021
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	low
References

Description:

This update for systemd-rpm-macros fixes the following issues:

Introduce rpm macro %_systemd_util_dir

Advisory ID	SUSE-SU-2021:4104-1
Released	Thu Dec 16 11:14:12 2021
Summary	Security update for python3
Type	security
Severity	moderate
References	1180125,1183374,1183858,1185588,1187668,1189241,1189287,CVE-2021-3426,CVE-2021-3733,CVE-2021-3737

Description:

This update for python3 fixes the following issues:

CVE-2021-3426: Fixed information disclosure via pydoc (bsc#1183374).
CVE-2021-3733: Fixed infinitely reading potential HTTP headers after a 100 Continue status response from the server (bsc#1189241).
CVE-2021-3737: Fixed ReDoS in urllib.request (bsc#1189287).

We do not require python-rpm-macros package (bsc#1180125).
Use versioned python-Sphinx to avoid dependency on other version of Python (bsc#1183858).
Stop providing 'python' symbol, which means python2 currently (bsc#1185588).
Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668).

Advisory ID	SUSE-SU-2021:4153-1
Released	Wed Dec 22 11:00:48 2021
Summary	Security update for openssh
Type	security
Severity	important
References	1183137,CVE-2021-28041

Description:

This update for openssh fixes the following issues:

CVE-2021-28041: Fixed double free in ssh-agent (bsc#1183137).

Advisory ID	SUSE-RU-2021:4165-1
Released	Wed Dec 22 22:52:11 2021
Summary	Recommended update for kmod
Type	recommended
Severity	moderate
References	1193430

Description:

This update for kmod fixes the following issues:

Ensure that kmod and packages linking to libkmod provide same features. (bsc#1193430)

Advisory ID	SUSE-SU-2021:4171-1
Released	Thu Dec 23 09:55:13 2021
Summary	Security update for runc
Type	security
Severity	moderate
References	1193436,CVE-2021-43784

Description:

This update for runc fixes the following issues:
Update to runc v1.0.3.

CVE-2021-43784: Fixed a potential vulnerability related to the internal usage of netlink, which is believed to not be exploitable with any released versions of runc (bsc#1193436)
Fixed inability to start a container with read-write bind mount of a read-only fuse host mount.
Fixed inability to start when read-only /dev in set in spec.
Fixed not removing sub-cgroups upon container delete, when rootless cgroup v2 is used with older systemd.
Fixed returning error from GetStats when hugetlb is unsupported (which causes excessive logging for kubernetes).

Advisory ID	SUSE-RU-2021:4182-1
Released	Thu Dec 23 11:51:51 2021
Summary	Recommended update for zlib
Type	recommended
Severity	moderate
References	1192688

Description:

This update for zlib fixes the following issues:

Fix hardware compression incorrect result on z15 hardware (bsc#1192688)

Advisory ID	SUSE-RU-2022:48-1
Released	Tue Jan 11 09:17:57 2022
Summary	Recommended update for python3
Type	recommended
Severity	moderate
References	1190566,1192249,1193179

Description:

This update for python3 fixes the following issues:

Don't use OpenSSL 1.1 on platforms which don't have it.

Remove shebangs from python-base libraries in '_libdir'. (bsc#1193179, bsc#1192249).
Build against 'openssl 1.1' as it is incompatible with 'openssl 3.0+' (bsc#1190566)
Fix for permission error when changing the mtime of the source file in presence of 'SOURCE_DATE_EPOCH'.

Advisory ID	SUSE-RU-2022:55-1
Released	Tue Jan 11 12:53:27 2022
Summary	Recommended update for rsyslog
Type	recommended
Severity	moderate
References	1029961,1160414,1178490,1182653

Description:

This update for rsyslog fixes the following issues:

Upgrade to rsyslog 8.2106.0: * The prime new feature is support for TLS and non-TLS connections via imtcp in parallel. Furthermore, most TLS parameters can now be overriden at the input() level. The notable exceptions are certificate files, something that is due to be implemented as next step. * New global option 'parser.supportCompressionExtension' This permits to turn off rsyslog's single-message compression extension when it interferes with non-syslog message processing (the parser subsystem expects syslog messages, not generic text) closes https://github.com/rsyslog/rsyslog/issues/4598 * imtcp: add more override config params to input() It is now possible to override all module parameters at the input() level. Module parameters serve as defaults. Existing configs need no modification. * imtcp: add stream driver parameter to input() configuration This permits to have different inputs use different stream drivers and stream driver parameters. * imtcp: permit to run multiple inputs in parallel Previously, a single server was used to run all imtcp inputs. This had a couple of drawsbacks. First and foremost, we could not use different stream drivers in the varios inputs. This patch now provides a baseline to do that, but does still not implement the capability (in this sense it is a staging patch). Secondly, we now ensure that each input has at least one exclusive thread for processing, untangling the performance of multiple inputs from each other. * tcpsrv bugfix: potential sluggishnes and hang on shutdown tcpsrv is used by multiple other modules (imtcp, imdiag, imgssapi, and, in theory, also others - even ones we do not know about). However, the internal synchornization did not properly take multiple tcpsrv users in consideration. As such, a single user could hang under some circumstances. This was caused by improperly awaking all users from a pthread condition wait. That in turn could lead to some sluggish behaviour and, in rare cases, a hang at shutdown. Note: it was highly unlikely to experience real problems with the officially provided modules. * refactoring of syslog/tcp driver parameter passing This has now been generalized to a parameter block, which makes it much cleaner and also easier to add new parameters in the future. * config script: add re_match_i() and re_extract_i() functions This provides case-insensitive regex functionality.
Upgrade to rsyslog 8.2104.0: * rainerscript: call getgrnam_r repeatedly to get all group members (bsc#1178490) * new built-in function get_property() to access property vars * mmdblookup: add support for mmdb DB reload on HUP * new contributed function module fmunflatten * test bugfix: some tests did not work with newer TLS library versions

Update 'remote.conf' example file to new 'Address' and 'Port' notation. (bsc#1182653)

Upgrade to rsyslog 8.2102.0: * omfwd: add stats counter for sent bytes * omfwd: add error reporting configuration option * action stats counter bugfix: failure count was not properly incremented * action stats counter bugfix: resume count was not incremented * omfwd bugfix: segfault or error if port not given * lookup table bugfix: data race on lookup table reload * testbench modernization * testbench: fix invalid sequence of kafka tests runs * testbench: fix kafkacat issues * testbench: fix year-dependendt clickhouse test

Upgrade to rsyslog 8.2012.0: * testbench bugfix: some tests did not work in make distcheck * immark: rewrite with many improvements * usability: re-phrase error message to help users better understand cause * add new system property $now-unixtimestamp * omfwd: add new rate limit option * omfwd bug: param 'StreamDriver.PermitExpiredCerts' is not 'off' by default

prepare usrmerge (bsc#1029961)

remove legacy stuff from specfile * sysvinit is not supported anymore, so remove all tests related to systemv in the specfile

Upgrade to rsyslog 8.2010.0: * gnutls TLS subsystem bugfix: handshake error handling * core/msg bugfix: memory leak * core/msg bugfix: segfault in jsonPathFindNext() when not an object * openssl TLS subsystem: improvments of error and status messages * core bugfix: do not create empty JSON objects on non-existent key access * gnutls subsysem bugfix: potential hang on session closure * core/network bugfix: obey net.enableDNS=off when querying local hostname * core bugfix: potential segfault on query of PROGRAMNAME property * imtcp bugfix: broken connection not necessariy detected * new module: imhttp - http input * mmdarwin bugfix: potential zero uuid when reusing existing one * imdocker bugfix: build issue on some platforms * omudpspoof bugfix: make compatbile with Solaris build * testbench fix: python 3 incompatibility * core bugfix: segfault if disk-queue file cannot be created * cosmetic: fix dummy module name in debug output * config bugfix: intended warning emitted as error

Upgrade to rsyslog 8.2008.0
Added custom unit file rsyslog.service because systemd service file was removed from upstream project
Use systemd_ordering instead of requiring to make rsyslog useable in containers.
Fix the URL for bug reporting, should not point to 'novell.com'. (bsc#1173433)
Add support for 'omkafka'.
Avoid build error with gcc flag '-fno-common'. (bsc#1160414)

Advisory ID	SUSE-RU-2022:84-1
Released	Mon Jan 17 04:40:30 2022
Summary	Recommended update for dosfstools
Type	recommended
Severity	moderate
References	1172863,1188401

Description:

This update for dosfstools fixes the following issues:

To be able to create filesystems compatible with previous version, add -g command line option to mkfs (bsc#1188401)
BREAKING CHANGES: After fixing of bsc#1172863 in the last update, mkfs started to create different images than before. Applications that depend on exact FAT file format (e. g. embedded systems) may be broken in two ways: * The introduction of the alignment may create smaller images than before, with a different positions of important image elements. It can break existing software that expect images in doststools <= 4.1 style. To work around these problems, use '-a' command line argument. * The new image may contain a different geometry values. Geometry sensitive applications expecting doststools <= 4.1 style images can fails to accept different geometry values. There is no direct work around for this problem. But you can take the old image, use 'file -s $IMAGE', check its 'sectors/track' and 'heads', and use them in the newly introduced '-g' command line argument.

Advisory ID	SUSE-RU-2022:96-1
Released	Tue Jan 18 05:14:44 2022
Summary	Recommended update for rpm
Type	recommended
Severity	important
References	1180125,1190824,1193711

Description:

This update for rpm fixes the following issues:

Fix header check so that old rpms no longer get rejected (bsc#1190824)
Add explicit requirement on python-rpm-macros (bsc#1180125, bsc#1193711)

Advisory ID	SUSE-SU-2022:184-1
Released	Tue Jan 25 18:20:56 2022
Summary	Security update for json-c
Type	security
Severity	important
References	1171479,CVE-2020-12762

Description:

This update for json-c fixes the following issues:

CVE-2020-12762: Fixed integer overflow and out-of-bounds write. (bsc#1171479)

Advisory ID	SUSE-RU-2022:207-1
Released	Thu Jan 27 09:24:49 2022
Summary	Recommended update for glibc
Type	recommended
Severity	moderate
References

Description:

This update for glibc fixes the following issues:

Add support for livepatches on x86_64 for SUSE Linux Enterprise 15 SP4 (jsc#SLE-20049).

Advisory ID	SUSE-RU-2022:228-1
Released	Mon Jan 31 06:07:52 2022
Summary	Recommended update for boost
Type	recommended
Severity	moderate
References	1194522

Description:

This update for boost fixes the following issues:

Fix compilation errors (bsc#1194522)

Advisory ID	SUSE-RU-2022:273-1
Released	Tue Feb 1 14:15:21 2022
Summary	Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type	recommended
Severity	important
References	1102408,1192652,1192653,1193257,1193258

Description:

This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent contains the following fixes:
Changes in google-guest-agent:

Update to version 20211116.00 (bsc#1193257, bsc#1193258) * dont duplicate logs (#146) * Add WantedBy network dependencies to google-guest-agent service (#136) * dont try dhcpv6 when not needed (#145) * Integration tests: instance setup (#143) * Integration test: test create and remove google user (#128) * handle comm errors in script runner (#140) * enforce script ordering (#138) * enable ipv6 on secondary interfaces (#133)
from version 20211103.00 * Integration tests: instance setup (#143)
from version 20211027.00 * Integration test: test create and remove google user (#128)

Update to version 20211019.00 * handle comm errors in script runner (#140)
from version 20211015.00 * enforce script ordering (#138)
from version 20211014.00 * enable ipv6 on secondary interfaces (#133)
from version 20211013.00 * dont open ssh tempfile exclusively (#137)
from version 20211011.00 * correct linux startup script order (#135) * Emit sshable attribute (#123)
from version 20210908.1 * restore line (#127)
from version 20210908.00 * New integ test (#124)
from version 20210901.00 * support enable-oslogin-sk key (#120) * match script logging to guest agent (#125)
from version 20210804.00 * Debug logging (#122)
Refresh patches for new version * dont_overwrite_ifcfg.patch

Build with go1.15 for reproducible build results (bsc#1102408)

Update to version 20210707.00 * Use IP address for calling the metadata server. (#116)
from version 20210629.00 * use IP for MDS (#115)

Update to version 20210603.00 * systemd-notify in agentInit (#113) * dont check status (#112)
from version 20210524.00 * more granular service restarts (#111)
from version 20210414.00 * (no functional changes)

Changes in google-guest-configs:

Add missing pkg-config dependency to BuildRequires for SLE-12

Install modprobe configuration files into /etc again on SLE-15-SP2 and older since that's stil the default location on these distributions
Probe udev directory using the 'udevdir' pkg-config variable on SLE-15-SP2 and older since the variable got renamed to 'udev_dir' in later versions
Remove redundant pkgconfig(udev) from BuildRequires for SLE-12

Update to version 20211116.00 (bsc#1193257, bsc#1193258) * GCE supports up to 24 NVMe local SSDs, but the regex in the PROGRAM field only looks for the last digit of the given string causing issues when there are >= 10 local SSDs. Changed REGEX to get the last number of the string instead to support the up to 24 local SSDs. (#30) * chmod+x google_nvme_id on EL (#31)
Fix duplicate installation of google_optimize_local_ssd and google_set_multiqueue
Install google_nvme_id into /usr/lib/udev (bsc#1192652, bsc#1192653)

Update to version 20210916.00 * Revert 'dont set IP in etc/hosts; remove rsyslog (#26)' (#28)
from version 20210831.00 * restore rsyslog (#27)
from version 20210830.00 * Fix NVMe partition names (#25)
from version 20210824.00 * dont set IP in etc/hosts; remove rsyslog (#26) * update OWNERS

Use %_modprobedir for modprobe.d files (out of /etc)
Use %_sysctldir for sysctl.d files (out of /etc)

Update to version 20210702.00 * use grep for hostname check (#23)
from version 20210629.00 * address set_hostname vuln (#22)
from version 20210324.00 * dracut.conf wants spaces around values (#19)

Changes in google-guest-oslogin:

Update to version 20211013.00 (bsc#1193257, bsc#1193258) * remove deprecated binary (#79)
from version 20211001.00 * no message if no groups (#78)
from version 20210907.00 * use sigaction for signals (#76)
from version 20210906.00 * include cstdlib for exit (#75) * catch SIGPIPE in authorized_keys (#73)
from version 20210805.00 * fix double free in ParseJsonToKey (#70)
from version 20210804.00 * fix packaging for authorized_keys_sk (#68) * add authorized_keys_sk (#66)
Add google_authorized_keys_sk to %files section
Remove google_oslogin_control from %files section

Changes in google-osconfig-agent:

Update to version 20211117.00 (bsc#1193257, bsc#1193258) * Add retry logic for RegisterAgent (#404)
from version 20211111.01 * e2e_test: drop ubuntu 1604 image as its EOL (#403)
from version 20211111.00 * e2e_test: move to V1 api for OSPolicies (#397)
from version 20211102.00 * Fix context logging and fix label names (#400)
from version 20211028.00 * Add cloudops example for gcloud (#399)

Update to version 20211021.00 * Added patch report logging for Zypper. (#395)
from version 20211012.00 * Replace deprecated instance filters with the new filters (#394)
from version 20211006.00 * Added patch report log messages for Yum and Apt (#392)
from version 20210930.00 * Config: Add package info caching (#391)
from version 20210928.00 * Fixed the runWithPty function to set ctty to child's filedesc (#389)
from version 20210927.00 * e2e_tests: fix a test output mismatch (#390)
from version 20210924.00 * Fix some e2e test failures (#388)
from version 20210923.02 * Correctly check for folder existance in package upgrade (#387)
from version 20210923.01 * ReportInventory: Fix bug in deb/rpm inventory, reduce calls to append (#386)
from version 20210923.00 * Deprecate old config directory in favor of new cache directory (#385)
from version 20210922.02 * Fix rpm/deb package formating for inventory reporting (#384)
from version 20210922.01 * Add centos stream rocky linux and available package tests (#383)
from version 20210922.00 * Add more info logs, actually cleanup unmanaged repos (#382)
from version 20210901.00 * Add E2E tests for Windows Application (#379) * Return lower-case package name (#377) * Update Terraform scripts for multi-project deployments tutorial. (#378)
from version 20210811.00 * Support Windows Application Inventory (#371)
from version 20210723.00 * Send basic inventory with RegisterAgent (#373)
from version 20210722.1 * e2e_tests: move to manually generated osconfig library (#372)
from version 20210722.00 * Create OWNERS file for examples directory (#368)
from version 20210719.00 * Update Zypper patch info parsing (#370)

Build with go1.15 for reproducible build results (bsc#1102408)

Update to version 20210712.1 * Skip getting patch info when no patches are found. (#369)
from version 20210712.00 * Add Terraform scripts for multi-project deployments (#367)
from version 20210709.00 * Add examples/Terraform directory. (#366)
from version 20210707.00 * Fix bug in printing packages to update, return error for zypper patch (#365)
from version 20210629.00 * Add CloudOps examples for CentOS (#364)

Update to version 20210621.00 * chore: Fixing a comment. (#363)
from version 20210617.00 * Use exec.CommandContext so that canceling the context also kills any running processes (#362)
from version 20210608.1 * e2e_tests: point to official osconfig client library (#359)
from version 20210608.00 * e2e_tests: deflake tests (#358)
from version 20210607.00 * Fix build on some architectures (#357)
from version 20210603.00 * Create win-validation-powershell.yaml (#356)
from version 20210602.00 * Agent efficiency improvements/bugfixes/logging updates (#355) * e2e_tests: add tests for ExecResource output (#354)
from version 20210525.00 * Run fieldalignment on all structs (#353)
from version 20210521.00 * Config Task: add error message and ExecResource output recording (#350) * e2e_tests: remove Windows server 1909 and add server 20h2 (#352) * Added a method for logging structured data (#349)

Advisory ID	SUSE-SU-2022:330-1
Released	Fri Feb 4 09:29:08 2022
Summary	Security update for glibc
Type	security
Severity	important
References	1194640,1194768,1194770,1194785,CVE-2021-3999,CVE-2022-23218,CVE-2022-23219

Description:

This update for glibc fixes the following issues:

CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640)
CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768)
CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770)

Features added:

IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195)

Advisory ID	SUSE-SU-2022:334-1
Released	Fri Feb 4 09:30:58 2022
Summary	Security update for containerd, docker
Type	security
Severity	moderate
References	1191015,1191121,1191334,1191434,1193273,CVE-2021-41089,CVE-2021-41091,CVE-2021-41092,CVE-2021-41103,CVE-2021-41190

Description:

This update for containerd, docker fixes the following issues:

CVE-2021-41089: Fixed 'cp' can chmod host files (bsc#1191015).
CVE-2021-41091: Fixed flaw that could lead to data directory traversal in moby (bsc#1191434).
CVE-2021-41092: Fixed exposed user credentials with a misconfigured configuration file (bsc#1191334).
CVE-2021-41103: Fixed file access to local users in containerd (bsc#1191121).
CVE-2021-41190: Fixed OCI manifest and index parsing confusion (bsc#1193273).

Advisory ID	SUSE-RU-2022:353-1
Released	Tue Feb 8 17:41:48 2022
Summary	Recommended update for systemd-rpm-macros
Type	recommended
Severity	moderate
References

Description:

This update for systemd-rpm-macros fixes the following issues:

Bump version to 10

%sysusers_create_inline was wrongly marked as deprecated
%sysusers_create can be useful in certain cases and won't go away until we'll move to file triggers. So don't mark it as deprecated too

Advisory ID	SUSE-RU-2022:383-1
Released	Tue Feb 15 17:47:36 2022
Summary	Recommended update for cyrus-sasl
Type	recommended
Severity	moderate
References	1194265

Description:

This update for cyrus-sasl fixes the following issues:

Fixed an issue when in postfix 'sasl' authentication with password fails. (bsc#1194265)
Add config parameter '--with-dblib=gdbm'
Avoid converting of '/etc/sasldb2 by every update. Convert '/etc/sasldb2' only if it is a Berkeley DB.

Advisory ID	SUSE-RU-2022:476-1
Released	Thu Feb 17 10:31:35 2022
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1194661

Description:

This update for nfs-utils fixes the following issues:

If an error or warning message is produced before closeall() is called, mountd doesn't work. (bsc#1194661)

Advisory ID	SUSE-RU-2022:520-1
Released	Fri Feb 18 12:45:19 2022
Summary	Recommended update for rpm
Type	recommended
Severity	moderate
References	1194968

Description:

This update for rpm fixes the following issues:

Revert unwanted /usr/bin/python to /usr/bin/python2 change we got with the update to 4.14.3 (bsc#1194968)

Advisory ID	SUSE-RU-2022:548-1
Released	Tue Feb 22 13:48:55 2022
Summary	Recommended update for blog
Type	recommended
Severity	moderate
References	1186506,1191057

Description:

This update for blog fixes the following issues:

Update to version 2.26 * On s390/x and PPC64 gcc misses unused arg0

Update to version 2.24 * Avoid install errror due missed directory

Update to version 2.22 * Avoid KillMode=none for newer systemd version as well as rework the systemd unit files of blog (bsc#1186506)

Move to /usr for UsrMerge (bsc#1191057)

Update to version 2.21 * Merge pull request #4 from samueldr/fix/makefile Fixup Makefile for better build system support * Silent new gcc compiler

Advisory ID	SUSE-RU-2022:682-1
Released	Thu Mar 3 11:37:03 2022
Summary	Recommended update for supportutils-plugin-suse-public-cloud
Type	recommended
Severity	important
References	1195095,1195096

Description:

This update for supportutils-plugin-suse-public-cloud fixes the following issues:

Update to version 1.0.6 (bsc#1195095, bsc#1195096) - Include cloud-init logs whenever they are present - Update the packages we track in AWS, Azure, and Google - Include the ecs logs for AWS ECS instances

Advisory ID	SUSE-RU-2022:692-1
Released	Thu Mar 3 15:46:47 2022
Summary	Recommended update for filesystem
Type	recommended
Severity	moderate
References	1190447

Description:

This update for filesystem fixes the following issues:

Release ported filesystem to LTSS channels (bsc#1190447).

Advisory ID	SUSE-SU-2022:720-1
Released	Fri Mar 4 10:20:28 2022
Summary	Security update for containerd
Type	security
Severity	moderate
References	1196441,CVE-2022-23648

Description:

This update for containerd fixes the following issues:

CVE-2022-23648: A specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host (bsc#1196441).

Advisory ID	SUSE-SU-2022:736-1
Released	Fri Mar 4 14:51:57 2022
Summary	Security update for vim
Type	security
Severity	important
References	1190533,1190570,1191893,1192478,1192481,1193294,1193298,1194216,1194556,1195004,1195066,1195126,1195202,1195356,CVE-2021-3778,CVE-2021-3796,CVE-2021-3872,CVE-2021-3927,CVE-2021-3928,CVE-2021-3984,CVE-2021-4019,CVE-2021-4193,CVE-2021-46059,CVE-2022-0318,CVE-2022-0319,CVE-2022-0351,CVE-2022-0361,CVE-2022-0413

Description:

This update for vim fixes the following issues:

CVE-2022-0318: Fixed heap-based buffer overflow (bsc#1195004).
CVE-2021-3796: Fixed use-after-free in nv_replace() in normal.c (bsc#1190570).
CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status() drawscreen.c (bsc#1191893).
CVE-2021-3927: Fixed heap-based buffer overflow (bsc#1192481).
CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
CVE-2021-4019: Fixed heap-based buffer overflow (bsc#1193294).
CVE-2021-3984: Fixed illegal memory access when C-indenting could have led to heap buffer overflow (bsc#1193298).
CVE-2021-3778: Fixed heap-based buffer overflow in regexp_nfa.c (bsc#1190533).
CVE-2021-4193: Fixed out-of-bounds read (bsc#1194216).
CVE-2021-46059: Fixed pointer dereference vulnerability via the vim_regexec_multi function at regexp.c (bsc#1194556).
CVE-2022-0319: Fixded out-of-bounds read (bsc#1195066).
CVE-2022-0351: Fixed uncontrolled recursion in eval7() (bsc#1195126).
CVE-2022-0361: Fixed buffer overflow (bsc#1195126).
CVE-2022-0413: Fixed use-after-free in src/ex_cmds.c (bsc#1195356).

Advisory ID	SUSE-SU-2022:743-1
Released	Mon Mar 7 22:08:12 2022
Summary	Security update for cyrus-sasl
Type	security
Severity	important
References	1194265,1196036,CVE-2022-24407

Description:

This update for cyrus-sasl fixes the following issues:

CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).

The following non-security bugs were fixed:

postfix: sasl authentication with password fails (bsc#1194265).

Advisory ID	SUSE-RU-2022:775-1
Released	Wed Mar 9 12:55:03 2022
Summary	Recommended update for pciutils
Type	recommended
Severity	moderate
References	1192862

Description:

This update for pciutils fixes the following issues:

Report the theoretical speeds for PCIe 5.0 and 6.0 (bsc#1192862)

Advisory ID	SUSE-RU-2022:789-1
Released	Thu Mar 10 11:22:05 2022
Summary	Recommended update for update-alternatives
Type	recommended
Severity	moderate
References	1195654

Description:

This update for update-alternatives fixes the following issues:

Break bash - update-alternatives cycle rewrite of '%post' in 'lua'. (bsc#1195654)

Advisory ID	SUSE-RU-2022:792-1
Released	Thu Mar 10 11:58:18 2022
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1194845,1196494,1196495

Description:

This update for suse-build-key fixes the following issues:

The old SUSE PTF key was extended, but also move it to suse_ptf_key_old.asc (as it is a DSA1024 key).
Added a new SUSE PTF key with RSA2048 bit as suse_ptf_key.asc (bsc#1196494)
Extended the expiry of SUSE Linux Enterprise 11 key (bsc#1194845)
Added SUSE Container signing key in PEM format for use e.g. by cosign.
The SUSE security key was replaced with 2022 edition (E-Mail usage only). (bsc#1196495)

Advisory ID	SUSE-RU-2022:808-1
Released	Fri Mar 11 06:07:58 2022
Summary	Recommended update for procps
Type	recommended
Severity	moderate
References	1195468

Description:

This update for procps fixes the following issues:

Stop registering signal handler for SIGURG, to avoid `ps` failure if someone sends such signal. Without the signal handler, SIGURG will just be ignored. (bsc#1195468)

Advisory ID	SUSE-RU-2022:861-1
Released	Tue Mar 15 23:30:50 2022
Summary	Recommended update for openssl-1_1
Type	recommended
Severity	moderate
References	1182959,1195149,1195792,1195856

Description:

This update for openssl-1_1 fixes the following issues:
openssl-1_1:

Fix PAC pointer authentication in ARM (bsc#1195856)
Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792)
FIPS: Fix function and reason error codes (bsc#1182959)
Enable zlib compression support (bsc#1195149)

glibc:

Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1

linux-glibc-devel:

Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1

libxcrypt:

Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1

zlib:

Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1

Advisory ID	SUSE-RU-2022:884-1
Released	Thu Mar 17 09:47:28 2022
Summary	Recommended update for python-jsonschema, python-rfc3987, python-strict-rfc3339
Type	recommended
Severity	moderate
References	1082318

Description:

This update for python-jsonschema, python-rfc3987, python-strict-rfc3339 fixes the following issues:

Add patch to fix build with new webcolors.

update to version 3.2.0 (jsc#SLE-18756): * Added a format_nongpl setuptools extra, which installs only format dependencies that are non-GPL (#619).

specfile: * require python-importlib-metadata
update to version 3.1.1: * Temporarily revert the switch to js-regex until #611 and #612 are resolved.
changes from version 3.1.0: - Regular expressions throughout schemas now respect the ECMA 262 dialect, as recommended by the specification (#609).

Activate more of the test suite
Remove tests and benchmarking from the runtime package
Update to v3.0.2 - Fixed a bug where 0 and False were considered equal by const and enum
from v3.0.1 - Fixed a bug where extending validators did not preserve their notion of which validator property contains $id information.

Update to 3.0.1: - Support for Draft 6 and Draft 7 - Draft 7 is now the default - New TypeChecker object for more complex type definitions (and overrides) - Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification

Use %license instead of %doc (bsc#1082318)

Remove hashbang from runtime module
Replace PyPI URL with https://github.com/dgerber/rfc3987
Activate doctests

Add missing runtime dependency on timezone
Replace dead link with GitHub URL
Activate test suite

Trim bias from descriptions.

Initial commit, needed by flex

Advisory ID	SUSE-RU-2022:936-1
Released	Tue Mar 22 18:10:17 2022
Summary	Recommended update for filesystem and systemd-rpm-macros
Type	recommended
Severity	moderate
References	1196275,1196406

Description:

This update for filesystem and systemd-rpm-macros fixes the following issues:
filesystem:

Add path /lib/modprobe.d (bsc#1196275, jsc#SLE-20639)

systemd-rpm-macros:

Make %_modprobedir point to /lib/modprobe.d (bsc#1196275, bsc#1196406)

Advisory ID	SUSE-SU-2022:942-1
Released	Thu Mar 24 10:30:15 2022
Summary	Security update for python3
Type	security
Severity	moderate
References	1186819,CVE-2021-3572

Description:

This update for python3 fixes the following issues:

CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819).

Advisory ID	SUSE-SU-2022:1040-1
Released	Wed Mar 30 09:40:58 2022
Summary	Security update for protobuf
Type	security
Severity	moderate
References	1195258,CVE-2021-22570

Description:

This update for protobuf fixes the following issues:

CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258).

Advisory ID	SUSE-RU-2022:1047-1
Released	Wed Mar 30 16:20:56 2022
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1196093,1197024

Description:

This update for pam fixes the following issues:

Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093)
Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024)

Advisory ID	SUSE-SU-2022:1061-1
Released	Wed Mar 30 18:27:06 2022
Summary	Security update for zlib
Type	security
Severity	important
References	1197459,CVE-2018-25032

Description:

This update for zlib fixes the following issues:

CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).

Advisory ID	SUSE-RU-2022:1099-1
Released	Mon Apr 4 12:53:05 2022
Summary	Recommended update for aaa_base
Type	recommended
Severity	moderate
References	1194883

Description:

This update for aaa_base fixes the following issues:

Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883)
Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library

Advisory ID	SUSE-RU-2022:1118-1
Released	Tue Apr 5 18:34:06 2022
Summary	Recommended update for timezone
Type	recommended
Severity	moderate
References	1177460

Description:

This update for timezone fixes the following issues:

timezone update 2022a (bsc#1177460): * Palestine will spring forward on 2022-03-27, not on 03-26 * `zdump -v` now outputs better failure indications * Bug fixes for code that reads corrupted TZif data

Advisory ID	SUSE-RU-2022:1119-1
Released	Wed Apr 6 09:16:06 2022
Summary	Recommended update for supportutils
Type	recommended
Severity	moderate
References	1189028,1190315,1190943,1191096,1191794,1193204,1193732,1193868,1195797

Description:

This update for supportutils fixes the following issues:

Add command `blkid`
Add email.txt based on OPTION_EMAIL (bsc#1189028)
Add rpcinfo -p output #116
Add s390x specific files and output
Add shared memory as a log directory for emergency use (bsc#1190943)
Fix cron package for RPM validation (bsc#1190315)
Fix for invalid argument during updates (bsc#1193204)
Fix iscsi initiator name (bsc#1195797)
Improve `lsblk` readability with `--ascsi` option
Include 'multipath -t' output in mpio.txt
Include /etc/sssd/conf.d configuration files
Include udev rules in /lib/udev/rules.d/
Made /proc directory and network names spaces configurable (bsc#1193868)
Prepare future installation of binaries to /usr/sbin instead of /sbin. This does not affect SUSE Linux Enterprise 15 Serivce Pack 3 and 4 (bsc#1191096)
Move localmessage/warm logs out of messages.txt to new localwarn.txt
Optimize configuration files
Remove chronyc DNS lookups with -n switch (bsc#1193732)
Remove duplicate commands in network.txt
Remove duplicate firewalld status output
getappcore identifies compressed core files (bsc#1191794)

Advisory ID	SUSE-RU-2022:1126-1
Released	Thu Apr 7 14:05:02 2022
Summary	Recommended update for nfs-utils
Type	recommended
Severity	moderate
References	1197297,1197788

Description:

This update for nfs-utils fixes the following issues:

Ensure `sloppy` is added correctly for newer kernels. (bsc#1197297) * This is required for kernels since 5.6 (like in SUSE Linux Enterprise 15 SP4), and it's safe for all kernels.
Fix the source build with new `glibc` like in SUSE Linux Enterprise 15 SP4. (bsc#1197788)

Advisory ID	SUSE-RU-2022:1147-1
Released	Mon Apr 11 15:49:43 2022
Summary	Recommended update for containerd
Type	recommended
Severity	moderate
References	1195784

Description:

This update of containerd fixes the following issue:

container-ctr is shipped to the PackageHub repos.

Advisory ID	SUSE-RU-2022:1150-1
Released	Mon Apr 11 17:34:19 2022
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1197293

Description:

This update for suse-build-key fixes the following issues:
No longer install 1024bit keys by default. (bsc#1197293)

The SLE11 key has been moved to documentation directory, and is obsoleted / removed by the package.
The old PTF (pre March 2022) key moved to documentation directory.

Advisory ID	SUSE-SU-2022:1158-1
Released	Tue Apr 12 14:44:43 2022
Summary	Security update for xz
Type	security
Severity	important
References	1198062,CVE-2022-1271

Description:

This update for xz fixes the following issues:

CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)

Advisory ID	SUSE-RU-2022:1281-1
Released	Wed Apr 20 12:26:38 2022
Summary	Recommended update for libtirpc
Type	recommended
Severity	moderate
References	1196647

Description:

This update for libtirpc fixes the following issues:

Add option to enforce connection via protocol version 2 first (bsc#1196647)

Advisory ID	SUSE-RU-2022:1374-1
Released	Mon Apr 25 15:02:13 2022
Summary	Recommended update for openldap2
Type	recommended
Severity	moderate
References	1191157,1197004

Description:

This update for openldap2 fixes the following issues:

allow specification of max/min TLS version with TLS1.3 (bsc#1191157)
libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004)
restore CLDAP functionality in CLI tools (jsc#PM-3288)

Advisory ID	SUSE-RU-2022:1409-1
Released	Tue Apr 26 12:54:57 2022
Summary	Recommended update for gcc11
Type	recommended
Severity	moderate
References	1195628,1196107

Description:

This update for gcc11 fixes the following issues:

Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from packages provided by older GCC work. Add a requires from that package to the corresponding libstc++6 package to keep those at the same version. [bsc#1196107]
Fixed memory corruption when creating dependences with the D language frontend.
Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628]
Put libstdc++6-pp Requires on the shared library and drop to Recommends.

Advisory ID	SUSE-RU-2022:1438-1
Released	Wed Apr 27 15:27:19 2022
Summary	Recommended update for systemd-presets-common-SUSE
Type	recommended
Severity	low
References	1195251

Description:

This update for systemd-presets-common-SUSE fixes the following issue:

enable vgauthd service for VMWare by default (bsc#1195251)

Advisory ID	SUSE-RU-2022:1451-1
Released	Thu Apr 28 10:47:22 2022
Summary	Recommended update for perl
Type	recommended
Severity	moderate
References	1193489

Description:

This update for perl fixes the following issues:

Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489)

Advisory ID	SUSE-RU-2022:1460-1
Released	Thu Apr 28 16:21:58 2022
Summary	Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type	recommended
Severity	moderate
References	1195437,1195438

Description:

This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent fixes the following issues:

Update to version 20220204.00. (bsc#1195437, bsc#1195438) * remove han from owners (#154) * Remove extra slash from metadata URL. (#151)
from version 20220104.00 * List IPv6 routes (#150)
from version 20211228.00 * add add or remove route integration test, utils (#147)
from version 20211214.00 * add malformed ssh key unit test (#142)

Update to version 20220211.00. (bsc#1195437, bsc#1195438) * Set NVMe-PD IO timeout to 4294967295. (#32)

Update to version 20220205.00. (bsc#1195437, bsc#1195438) * Fix build for EL9. (#82)
from version 20211213.00 * Reauth error (#81)
Rename Source0 field to Source
Update URL in Source field to point to upstream tarball

Update to version 20220209.00 (bsc#1195437, bsc#1195438) * Update licences, remove deprecated centos-8 tests (#414)

Update to version 20220204.00 * Add DisableLocalLogging option (#413)
from version 20220107.00 * OS assignment example: Copy file from bucket

Advisory ID	SUSE-SU-2022:1548-1
Released	Thu May 5 16:45:28 2022
Summary	Security update for tar
Type	security
Severity	moderate
References	1029961,1120610,1130496,1181131,CVE-2018-20482,CVE-2019-9923,CVE-2021-20193

Description:

This update for tar fixes the following issues:

CVE-2021-20193: Fixed a memory leak in read_header() in list.c (bsc#1181131).
CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c (bsc#1130496).
CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c (bsc#1120610).

Update to GNU tar 1.34: * Fix extraction over pipe * Fix memory leak in read_header (CVE-2021-20193) (bsc#1181131) * Fix extraction when . and .. are unreadable * Gracefully handle duplicate symlinks when extracting * Re-initialize supplementary groups when switching to user privileges

Update to GNU tar 1.33: * POSIX extended format headers do not include PID by default * --delay-directory-restore works for archives with reversed member ordering * Fix extraction of a symbolic link hardlinked to another symbolic link * Wildcards in exclude-vcs-ignore mode don't match slash * Fix the --no-overwrite-dir option * Fix handling of chained renames in incremental backups * Link counting works for file names supplied with -T * Accept only position-sensitive (file-selection) options in file list files

prepare usrmerge (bsc#1029961)

Update to GNU 1.32 * Fix the use of --checkpoint without explicit --checkpoint-action * Fix extraction with the -U option * Fix iconv usage on BSD-based systems * Fix possible NULL dereference (savannah bug #55369) [bsc#1130496] [CVE-2019-9923] * Improve the testsuite

Update to GNU 1.31 * Fix heap-buffer-overrun with --one-top-level, bug introduced with the addition of that option in 1.28 * Support for zstd compression * New option '--zstd' instructs tar to use zstd as compression program. When listing, extractng and comparing, zstd compressed archives are recognized automatically. When '-a' option is in effect, zstd compression is selected if the destination archive name ends in '.zst' or '.tzst'. * The -K option interacts properly with member names given in the command line. Names of members to extract can be specified along with the '-K NAME' option. In this case, tar will extract NAME and those of named members that appear in the archive after it, which is consistent with the semantics of the option. Previous versions of tar extracted NAME, those of named members that appeared before it, and everything after it. * Fix CVE-2018-20482 - When creating archives with the --sparse option, previous versions of tar would loop endlessly if a sparse file had been truncated while being archived.

Advisory ID	SUSE-SU-2022:1617-1
Released	Tue May 10 14:40:12 2022
Summary	Security update for gzip
Type	security
Severity	important
References	1198062,1198922,CVE-2022-1271

Description:

This update for gzip fixes the following issues:

CVE-2022-1271: Fix escaping of malicious filenames. (bsc#1198062)

Advisory ID	SUSE-RU-2022:1655-1
Released	Fri May 13 15:36:10 2022
Summary	Recommended update for pam
Type	recommended
Severity	moderate
References	1197794

Description:

This update for pam fixes the following issue:

Do not include obsolete header files (bsc#1197794)

Advisory ID	SUSE-RU-2022:1658-1
Released	Fri May 13 15:40:20 2022
Summary	Recommended update for libpsl
Type	recommended
Severity	important
References	1197771

Description:

This update for libpsl fixes the following issues:

Fix libpsl compilation issues (bsc#1197771)

Advisory ID	SUSE-RU-2022:1659-1
Released	Fri May 13 15:41:32 2022
Summary	Recommended update for cups
Type	recommended
Severity	moderate
References	1189517,1195115

Description:

This update for cups fixes the following issues:

CUPS printservice takes much longer than before with a big number of printers (bsc#1189517)
CUPS PreserveJobHistory doesn't work with seconds (bsc#1195115)

Advisory ID	SUSE-SU-2022:1670-1
Released	Mon May 16 10:06:30 2022
Summary	Security update for openldap2
Type	security
Severity	important
References	1199240,CVE-2022-29155

Description:

This update for openldap2 fixes the following issues:

CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

Advisory ID	SUSE-SU-2022:1689-1
Released	Mon May 16 14:09:01 2022
Summary	Security update for containerd, docker
Type	security
Severity	important
References	1193930,1196441,1197284,1197517,CVE-2021-43565,CVE-2022-23648,CVE-2022-24769,CVE-2022-27191

Description:

This update for containerd, docker fixes the following issues:

CVE-2022-24769: Fixed incorrect default inheritable capabilities (bsc#1197517).
CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).
CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server (bsc#1197284).
CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext packet (bsc#1193930).

Advisory ID	SUSE-RU-2022:1709-1
Released	Tue May 17 17:35:47 2022
Summary	Recommended update for libcbor
Type	recommended
Severity	important
References	1197743

Description:

This update for libcbor fixes the following issues:

Fix build errors occuring on SUSE Linux Enterprise 15 Service Pack 4

Advisory ID	SUSE-SU-2022:1718-1
Released	Tue May 17 17:44:43 2022
Summary	Security update for e2fsprogs
Type	security
Severity	important
References	1198446,CVE-2022-1304

Description:

This update for e2fsprogs fixes the following issues:

CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault and possibly arbitrary code execution. (bsc#1198446)

Advisory ID	SUSE-RU-2022:1843-1
Released	Wed May 25 15:25:44 2022
Summary	Recommended update for suse-build-key
Type	recommended
Severity	moderate
References	1198504

Description:

This update for suse-build-key fixes the following issues:

still ship the old ptf key in the documentation directory (bsc#1198504)

Advisory ID	SUSE-SU-2022:1861-1
Released	Thu May 26 12:07:40 2022
Summary	Security update for cups
Type	security
Severity	important
References	1199474,CVE-2022-26691

Description:

This update for cups fixes the following issues:

CVE-2022-26691: Fixed an authentication bypass and code execution vulnerability (bsc#1199474)

Advisory ID	SUSE-RU-2022:1887-1
Released	Tue May 31 09:24:18 2022
Summary	Recommended update for grep
Type	recommended
Severity	moderate
References	1040589

Description:

This update for grep fixes the following issues:

Make profiling deterministic. (bsc#1040589, SLE-24115)

Advisory ID	SUSE-RU-2022:1899-1
Released	Wed Jun 1 10:43:22 2022
Summary	Recommended update for libtirpc
Type	recommended
Severity	important
References	1198176

Description:

This update for libtirpc fixes the following issues:

Add a check for nullpointer in check_address to prevent client from crashing (bsc#1198176)

Advisory ID	SUSE-RU-2022:1909-1
Released	Wed Jun 1 16:25:35 2022
Summary	Recommended update for glibc
Type	recommended
Severity	moderate
References	1198751

Description:

This update for glibc fixes the following issues:

Add the correct name for the IBM Z16 (bsc#1198751).

Advisory ID	SUSE-RU-2022:2019-1
Released	Wed Jun 8 16:50:07 2022
Summary	Recommended update for gcc11
Type	recommended
Severity	moderate
References	1192951,1193659,1195283,1196861,1197065

Description:

This update for gcc11 fixes the following issues:
Update to the GCC 11.3.0 release.

includes SLS hardening backport on x86_64. [bsc#1195283]
includes change to adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861]
fixed miscompile of embedded premake in 0ad on i586. [bsc#1197065]
use --with-cpu rather than specifying --with-arch/--with-tune
Fix D memory corruption in -M output.
Fix ICE in is_this_parameter with coroutines. [bsc#1193659]
fixes issue with debug dumping together with -o /dev/null
fixes libgccjit issue showing up in emacs build [bsc#1192951]
Package mwaitintrin.h

Advisory ID	SUSE-SU-2022:2035-1
Released	Fri Jun 10 10:16:40 2022
Summary	Security update for grub2
Type	security
Severity	important
References	1191184,1191185,1191186,1193282,1197948,1198460,1198493,1198495,1198496,1198581,CVE-2021-3695,CVE-2021-3696,CVE-2021-3697,CVE-2022-28733,CVE-2022-28734,CVE-2022-28735,CVE-2022-28736

Description:

This update for grub2 fixes the following issues:
This update provides security fixes and hardenings for Boothole 3 / Boothole 2022 (bsc#1198581)

CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184)
CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185)
CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186)
CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460)
CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493)
CVE-2022-28735: Fixed some verifier framework changes (bsc#1198495)
CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496)
Update SBAT security contact (bsc#1193282)
Bump grub's SBAT generation to 2

Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948)

Advisory ID	SUSE-SU-2022:2102-1
Released	Thu Jun 16 15:18:23 2022
Summary	Security update for vim
Type	security
Severity	important
References	1070955,1191770,1192167,1192902,1192903,1192904,1193466,1193905,1194093,1194216,1194217,1194388,1194872,1194885,1195004,1195203,1195332,1195354,1196361,1198596,1198748,1199331,1199333,1199334,1199651,1199655,1199693,1199745,1199747,1199936,1200010,1200011,1200012,CVE-2017-17087,CVE-2021-3778,CVE-2021-3796,CVE-2021-3872,CVE-2021-3875,CVE-2021-3903,CVE-2021-3927,CVE-2021-3928,CVE-2021-3968,CVE-2021-3973,CVE-2021-3974,CVE-2021-3984,CVE-2021-4019,CVE-2021-4069,CVE-2021-4136,CVE-2021-4166,CVE-2021-4192,CVE-2021-4193,CVE-2021-46059,CVE-2022-0128,CVE-2022-0213,CVE-2022-0261,CVE-2022-0318,CVE-2022-0319,CVE-2022-0351,CVE-2022-0359,CVE-2022-0361,CVE-2022-0392,CVE-2022-0407,CVE-2022-0413,CVE-2022-0696,CVE-2022-1381,CVE-2022-1420,CVE-2022-1616,CVE-2022-1619,CVE-2022-1620,CVE-2022-1733,CVE-2022-1735,CVE-2022-1771,CVE-2022-1785,CVE-2022-1796,CVE-2022-1851,CVE-2022-1897,CVE-2022-1898,CVE-2022-1927

Description:

This update for vim fixes the following issues:

CVE-2017-17087: Fixed information leak via .swp files (bsc#1070955).
CVE-2021-3875: Fixed heap-based buffer overflow (bsc#1191770).
CVE-2021-3903: Fixed heap-based buffer overflow (bsc#1192167).
CVE-2021-3968: Fixed heap-based buffer overflow (bsc#1192902).
CVE-2021-3973: Fixed heap-based buffer overflow (bsc#1192903).
CVE-2021-3974: Fixed use-after-free (bsc#1192904).
CVE-2021-4069: Fixed use-after-free in ex_open()in src/ex_docmd.c (bsc#1193466).
CVE-2021-4136: Fixed heap-based buffer overflow (bsc#1193905).
CVE-2021-4166: Fixed out-of-bounds read (bsc#1194093).
CVE-2021-4192: Fixed use-after-free (bsc#1194217).
CVE-2021-4193: Fixed out-of-bounds read (bsc#1194216).
CVE-2022-0128: Fixed out-of-bounds read (bsc#1194388).
CVE-2022-0213: Fixed heap-based buffer overflow (bsc#1194885).
CVE-2022-0261: Fixed heap-based buffer overflow (bsc#1194872).
CVE-2022-0318: Fixed heap-based buffer overflow (bsc#1195004).
CVE-2022-0359: Fixed heap-based buffer overflow in init_ccline() in ex_getln.c (bsc#1195203).
CVE-2022-0392: Fixed heap-based buffer overflow (bsc#1195332).
CVE-2022-0407: Fixed heap-based buffer overflow (bsc#1195354).
CVE-2022-0696: Fixed NULL pointer dereference (bsc#1196361).
CVE-2022-1381: Fixed global heap buffer overflow in skip_range (bsc#1198596).
CVE-2022-1420: Fixed out-of-range pointer offset (bsc#1198748).
CVE-2022-1616: Fixed use-after-free in append_command (bsc#1199331).
CVE-2022-1619: Fixed heap-based Buffer Overflow in function cmdline_erase_chars (bsc#1199333).
CVE-2022-1620: Fixed NULL pointer dereference in function vim_regexec_string (bsc#1199334).
CVE-2022-1733: Fixed heap-based buffer overflow in cindent.c (bsc#1199655).
CVE-2022-1735: Fixed heap-based buffer overflow (bsc#1199651).
CVE-2022-1771: Fixed stack exhaustion (bsc#1199693).
CVE-2022-1785: Fixed out-of-bounds write (bsc#1199745).
CVE-2022-1796: Fixed use-after-free in find_pattern_in_path (bsc#1199747).
CVE-2022-1851: Fixed out-of-bounds read (bsc#1199936).
CVE-2022-1897: Fixed out-of-bounds write (bsc#1200010).
CVE-2022-1898: Fixed use-after-free (bsc#1200011).
CVE-2022-1927: Fixed buffer over-read (bsc#1200012).

Advisory ID	SUSE-RU-2022:2112-1
Released	Fri Jun 17 11:44:24 2022
Summary	Recommended update for gnutls
Type	recommended
Severity	moderate
References	1190698,1191021,1194907

Description:

This update for gnutls fixes the following issues:

FIPS: Make sure zeroization is performed in all API functions [bsc#1191021]
FIPS: Add missing requirements for the SLI [bsc#1190698] * Remove 3DES from FIPS approved algorithms: * DRBG service (gnutls_rnd) should be considered approved:
FIPS: Mark AES-GCM as approved in the TLS context [bsc#1194907]