Image summary for suse-sles-15-sp1-chost-byos-v20201209-gen2

SUSE-IU-2020:111-1

This update for krb5 fixes the following issue:

• Fix prefix reported by krb5-config, libraries and headers are not installed under /usr/lib/mit prefix. (bsc#1174079)

This update for openldap2 fixes the following issues:

• CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp (bsc#1175568).

This update for samba fixes the following issues:
- ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC) (CVE-2020-1472, bsc#1176579).

This update for cifs-utils fixes the following issues:

• CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs (bsc#1174477).
• Fixed an invalid free in mount.cifs; (bsc#1152930).

This update for nfs-utils fixes the following issue:

• Some scripts are requiring Python2 while it is not installed by default and they can work with Python3. (bsc#1173104)

This update for rsyslog fixes the following issues:

• Fix the URL for bug reporting. (bsc#1173433)

This update for hyper-v fixes the following issues:

• Fixes an issue when hyper-v services not running after booting from SLES12SP3 ISO. (bsc#1116957)

This update for libzypp, zypper provides the following fixes:
Changes in libzypp:

• VendorAttr: Const-correct API and let Target provide its settings. (bsc#1174918)
• Support buildnr with commit hash in purge-kernels. This adds special behaviour for when a kernel version has the rebuild counter before the kernel commit hash. (bsc#1175342)
• Improve Italian translation of the 'breaking dependencies' message. (bsc#1173529)
• Make sure reading from lsof does not block forever. (bsc#1174240)
• Just collect details for the signatures found.

• man: Enhance description of the global package cache. (bsc#1175592)
• man: Point out that plain rpm packages are not downloaded to the global package cache. (bsc#1173273)
• Directly list subcommands in 'zypper help'. (bsc#1165424)
• Remove extern C block wrapping augeas.h as it breaks the build on Arch Linux.
• Point out that plaindir repos do not follow symlinks. (bsc#1174561)
• Fix help command for list-patches.

This update for suse-build-key fixes the following issues:

• The SUSE Notary Container key is different from the build signing key, include this key instead as suse-container-key. (PM-1845 bsc#1170347)

• The SUSE build key for SUSE Linux Enterprise 12 and 15 is extended by 4 more years. (bsc#1176759)

This update for permissions fixes the following issues:

• whitelist WMP (bsc#1161335, bsc#1176625)

This update for efivar fixes the following issues:

• Fixed an issue when segmentation fault are caused on non-EFI systems. (bsc#1175989)

This update for multipath-tools fixes the following issues:

• kpartx: Recognize DASD on loop devices again. (bsc#1139775)
• kpartx.rules: Fix handling of synthetic uevents. (bsc#1161923)
• libmpathpersist: Limit PRIN allocation length to 8192 bytes. (bsc#1165786)
• Fix handling of incompletely initialized udev devices. (bsc#1172157)
• Avoid data corruption caused by duplicate alias in bindings file. (bsc#1172429)
• Improve logging for failure to set dev_loss_tmo. (bsc#1173060, bsc#1173064)
• Fix handling of hardware properties for maps without paths. (bsc#1176644)
• Backported upstream fixes (bsc#1176670): * multipath-tools: add HPE MSA 1060/2060 to hwtable. * ALUA support for PURE FlashArray. * libmultipath: EMC PowerMax NVMe device config. * libmultipath: Fix ALUA autodetection when paths are down.

This update for aaa_base fixes the following issues:

• DIR_COLORS (bug#1006973): - add screen.xterm-256color - add TERM rxvt-unicode-256color - sort and merge TERM entries in etc/DIR_COLORS
• check for Packages.db and use this instead of Packages. (bsc#1171762)
• Rename path() to _path() to avoid using a general name.
• refresh_initrd call modprobe as /sbin/modprobe (bsc#1011548)
• etc/profile add some missing ;; in case esac statements
• profile and csh.login: on s390x set TERM to dumb on dumb terminal (bsc#1153946)
• backup-rpmdb: exit if zypper is running (bsc#1161239)
• Add color alias for ip command (jsc#sle-9880, jsc#SLE-7679, bsc#1153943)

This update for libproxy fixes the following issues:

• CVE-2020-25219: Rewrote url::recvline to be nonrecursive (bsc#1176410).
• CVE-2020-26154: Fixed a buffer overflow when PAC is enabled (bsc#1177143).

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990).
• CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
• CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721).
• CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725).
• CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
• CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
• CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
• CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
• CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
• CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr function which could have led to memory corruption and read overflow (bsc#1177206).
• CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups (bsc#1177121).

• 9p: Fix memory leak in v9fs_mount (git-fixes).
• ACPI: EC: Reference count query handlers under lock (git-fixes).
• airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
• airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
• airo: Fix read overflows sending packets (git-fixes).
• ALSA: asihpi: fix iounmap in error handler (git-fixes).
• ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
• ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
• ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
• ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes).
• ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes).
• ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes).
• altera-stapl: altera_get_note: prevent write beyond end of 'key' (git-fixes).
• ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
• arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#SLE-4084).
• arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
• asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
• ASoC: kirkwood: fix IRQ error handling (git-fixes).
• ASoC: tegra: Fix reference count leaks (git-fixes).
• ath10k: fix array out-of-bounds access (git-fixes).
• ath10k: fix memory leak for tpc_stats_final (git-fixes).
• ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
• batman-adv: Add missing include for in_interrupt() (git-fixes).
• batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
• batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
• batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
• batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes).
• batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
• bcache: Convert pr_ uses to a more typical style (git fixes (block drivers)).
• bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
• bcm63xx_enet: correct clock usage (git-fixes).
• bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
• bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes (bitfield)).
• blktrace: fix debugfs use after free (git fixes (block drivers)).
• block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)).
• block: revert back to synchronous request_queue removal (git fixes (block drivers)).
• block: Use non _rcu version of list functions for tag_set_list (git-fixes).
• Bluetooth: Fix refcount use-after-free issue (git-fixes).
• Bluetooth: guard against controllers sending zero'd events (git-fixes).
• Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
• Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).
• Bluetooth: prefetch channel before killing sock (git-fixes).
• bnxt_en: Fix completion ring sizing with TPA enabled (networking-stable-20_07_29).
• bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM (git-fixes).
• btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789).
• btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
• ceph: do not allow setlease on cephfs (bsc#1177041).
• ceph: fix potential mdsc use-after-free crash (bsc#1177042).
• ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
• ceph: handle zero-length feature mask in session messages (bsc#1177044).
• cfg80211: regulatory: reject invalid hints (bsc#1176699).
• cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
• cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
• cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
• clk: Add (devm_)clk_get_optional() functions (git-fixes).
• clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
• clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes).
• clk/ti/adpll: allocate room for terminating null (git-fixes).
• clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes).
• cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#1176966).
• dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate() (git-fixes).
• dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling (git-fixes).
• dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes).
• dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
• dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
• dm crypt: avoid truncating the logical block size (git fixes (block drivers)).
• dm: fix redundant IO accounting for bios that need splitting (git fixes (block drivers)).
• dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block drivers)).
• dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)).
• dm: report suspended device during destroy (git fixes (block drivers)).
• dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes (block drivers)).
• dm: use noio when sending kobject event (git fixes (block drivers)).
• dm writecache: add cond_resched to loop in persistent_memory_claim() (git fixes (block drivers)).
• dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)).
• dm zoned: assign max_io_len correctly (git fixes (block drivers)).
• drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).
• Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877).
• Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
• drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
• drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic (git-fixes).
• drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
• drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails (git-fixes).
• drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
• drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
• drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
• drm/amdgpu: increase atombios cmd timeout (git-fixes).
• drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table (git-fixes).
• drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table (git-fixes).
• drm/amdkfd: fix a memory leak issue (git-fixes).
• drm/amdkfd: Fix reference count leaks (git-fixes).
• drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
• drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
• drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context changes
• drm/mediatek: Add exception handing in mtk_drm_probe() if component init fail (git-fixes).
• drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata() (git-fixes).
• drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
• drm/msm: add shutdown support for display platform_driver (git-fixes).
• drm/msm: Disable preemption on all 5xx targets (git-fixes).
• drm/msm: fix leaks if initialization fails (git-fixes).
• drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
• drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
• drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
• drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open (git-fixes).
• drm/nouveau: Fix reference count leak in nouveau_connector_detect (git-fixes).
• drm/nouveau: fix reference count leak in nv50_disp_atomic_commit (git-fixes).
• drm/nouveau: fix runtime pm imbalance on error (git-fixes).
• drm/omap: fix possible object reference leak (git-fixes).
• drm/radeon: fix multiple reference count leak (git-fixes).
• drm/radeon: Prefer lower feedback dividers (git-fixes).
• drm/radeon: revert 'Prefer lower feedback dividers' (git-fixes).
• drm/sun4i: Fix dsi dcs long write function (git-fixes).
• drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
• drm/tve200: Stabilize enable/disable (git-fixes).
• drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
• e1000: Do not perform reset in reset_task if we are already down (git-fixes).
• EDAC: Fix reference count leaks (bsc#1112178).
• fbcon: prevent user font height or width change from causing (bsc#1112178)
• Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
• ftrace: Move RCU is watching check after recursion check (git-fixes).
• ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
• gma/gma500: fix a memory disclosure bug due to uninitialized bytes (git-fixes).
• gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
• gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() (git-fixes).
• gtp: fix Illegal context switch in RCU read-side critical section (git-fixes).
• gtp: fix use-after-free in gtp_newlink() (git-fixes).
• Hide e21a4f3a930c as of its duplication
• HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() (git-fixes).
• hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
• hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
• hv_utils: return error if host timesysnc update is stale (bsc#1176877).
• hwmon: (applesmc) check status earlier (git-fixes).
• i2c: core: Do not fail PRP0001 enumeration when no ID table exist (git-fixes).
• i2c: cpm: Fix i2c_ram structure (git-fixes).
• ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
• ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
• ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
• iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes).
• iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
• iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes).
• iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
• iio: adc: mcp3422: fix locking on error path (git-fixes).
• iio: adc: mcp3422: fix locking scope (git-fixes).
• iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
• iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
• iio: improve IIO_CONCENTRATION channel type description (git-fixes).
• iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
• iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes).
• iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
• include: add additional sizes (bsc#1094244 ltc#168122).
• iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177293).
• iommu/amd: Fix potential @entry null deref (bsc#1177294).
• iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176316).
• iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
• iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
• iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177295).
• iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
• iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177296).
• iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#1176319).
• iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
• kernel-syms.spec.in: Also use bz compression (boo#1175882).
• KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
• KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and non-VHE (jsc#SLE-4084).
• KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put for VHE (jsc#SLE-4084).
• KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#SLE-4084).
• KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE (jsc#SLE-4084).
• KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#SLE-4084).
• KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
• KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#SLE-4084).
• KVM: arm64: Factor out fault info population and gic workarounds (jsc#SLE-4084).
• KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
• KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
• KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
• KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#SLE-4084).
• KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions (jsc#SLE-4084).
• KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
• KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#SLE-4084).
• KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#SLE-4084).
• KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#SLE-4084).
• KVM: arm64: Move userspace system registers into separate function (jsc#SLE-4084).
• KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers (jsc#SLE-4084).
• KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#SLE-4084).
• KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
• KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#SLE-4084).
• KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
• KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
• KVM: arm64: Rewrite system register accessors to read/write functions (jsc#SLE-4084).
• KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
• KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc#SLE-4084).
• KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#SLE-4084).
• KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#SLE-4084).
• KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#SLE-4084).
• KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
• KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE (jsc#SLE-4084).
• KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#SLE-4084).
• KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
• KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#SLE-4084).
• KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#SLE-4084).
• KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#SLE-4084).
• KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#SLE-4084).
• KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#SLE-4084).
• KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#SLE-4084).
• KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
• KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM (bsc#1176321).
• KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#1112178).
• KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
• libceph: allow setting abort_on_full for rbd (bsc#1169972).
• libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
• libnvdimm: cover up struct nvdimm changes (bsc#1171742).
• libnvdimm/security, acpi/nfit: unify zero-key for all security commands (bsc#1171742).
• libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
• libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
• lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block drivers)).
• mac802154: tx: fix use-after-free (git-fixes).
• md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)).
• media: davinci: vpif_capture: fix potential double free (git-fixes).
• media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes).
• media: smiapp: Fix error handling at NVM reading (git-fixes).
• media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
• mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
• mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
• mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#1154366).
• mmc: cqhci: Add cqhci_deactivate() (git-fixes).
• mmc: sdhci-msm: Add retries when all tuning phases are found valid (git-fixes).
• mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based controllers (git-fixes).
• mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).
• mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/pgalloc)).
• mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/vmalloc)).
• mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes).
• mtd: lpddr: Fix a double free in probe() (git-fixes).
• mtd: phram: fix a double free issue in error path (git-fixes).
• mtd: properly check all write ioctls for permissions (git-fixes).
• net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
• net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
• net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
• net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
• net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
• net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() (git-fixes).
• net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
• net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
• net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
• net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
• net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (git-fixes).
• net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
• net: initialize fastreuse on inet_inherit_port (networking-stable-20_08_15).
• net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
• net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
• net: lio_core: fix potential sign-extension overflow on large shift (git-fixes).
• net/mlx5: Add meaningful return codes to status_to_err function (git-fixes).
• net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
• net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded (git-fixes).
• net: mvneta: fix mtu change on port without link (git-fixes).
• net-next: ax88796: Do not free IRQ in ax_remove() (already freed in ax_close()) (git-fixes).
• net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
• net: qca_spi: Avoid packet drop during initial sync (git-fixes).
• net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
• net: refactor bind_bucket fastreuse into helper (networking-stable-20_08_15).
• net/smc: fix dmb buffer shortage (git-fixes).
• net/smc: fix restoring of fallback changes (git-fixes).
• net/smc: fix sock refcounting in case of termination (git-fixes).
• net/smc: improve close of terminated socket (git-fixes).
• net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
• net/smc: remove freed buffer from list (git-fixes).
• net/smc: reset sndbuf_desc if freed (git-fixes).
• net/smc: set rx_off for SMCR explicitly (git-fixes).
• net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
• net/smc: tolerate future SMCD versions (git-fixes).
• net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing() (git-fixes).
• net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
• net: stmmac: do not stop NAPI processing when dropping a packet (git-fixes).
• net: stmmac: dwmac4: fix flow control issue (git-fixes).
• net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset function (git-fixes).
• net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array (git-fixes).
• net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration (git-fixes).
• net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b (git-fixes).
• net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs (git-fixes).
• net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode (git-fixes).
• net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock (git-fixes).
• net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()' (git-fixes).
• net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()' (git-fixes).
• net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes).
• net: stmmac: set MSS for each tx DMA channel (git-fixes).
• net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
• net-sysfs: add a newline when printing 'tx_timeout' by sysfs (networking-stable-20_07_29).
• net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
• net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb() (git-fixes).
• net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).
• net: ucc_geth - fix Oops when changing number of buffers in the ring (git-fixes).
• NFSv4: do not mark all open state for recovery when handling recallable state revoked flag (bsc#1176935).
• nvme-fc: set max_segments to lldd max value (bsc#1176038).
• nvme-pci: override the value of the controller's numa node (bsc#1176507).
• ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
• omapfb: fix multiple reference count leaks due to pm_runtime_get_sync (git-fixes).
• PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
• PCI: Fix pci_create_slot() reference count leak (git-fixes).
• PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
• PCI: qcom: Add missing reset for ipq806x (git-fixes).
• PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
• PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
• PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
• phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
• pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
• powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#168122).
• powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244 ltc#168122).
• powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244 ltc#168122).
• powerpc/64s: Include header file to fix a warning (bsc#1094244 ltc#168122).
• powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#168122).
• powerpc/64s: sreset panic if there is no debugger or crash dump handlers (bsc#1094244 ltc#168122).
• powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#168122).
• powerpc: Add cputime_to_nsecs() (bsc#1065729).
• powerpc/book3s64/radix: Add kernel command line option to disable radix GTSE (bsc#1055186 ltc#153436).
• powerpc/book3s64/radix: Fix boot failure with large amount of guest memory (bsc#1176022 ltc#187208).
• powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
• powerpc/init: Do not advertise radix during client-architecture-support (bsc#1055186 ltc#153436 ).
• powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
• powerpc/kernel: Enables memory hot-remove after reboot on pseries guests (bsc#1177030 ltc#187588).
• powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
• powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#1177030 ltc#187588).
• powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#1176022 ltc#187208).
• powerpc/powernv: Remove real mode access limit for early allocations (bsc#1176022 ltc#187208).
• powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436).
• powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
• powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
• powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
• powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack (bsc#1094244 ltc#168122).
• powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022 ltc#187208).
• powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244 ltc#168122).
• powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
• powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244 ltc#168122).
• powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#168122).
• powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
• powerpc/traps: fix recoverability of machine check handling on book3s/32 (bsc#1094244 ltc#168122).
• powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244 ltc#168122).
• powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S (bsc#1065729).
• power: supply: max17040: Correct voltage reading (git-fixes).
• rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes (rcu)).
• regulator: push allocation in set_consumer_device_supply() out of lock (git-fixes).
• rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243).
• rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
• rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#SLE-13618).
• rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To avoid the unnecessary key enrollment, when enrolling the signing key of the kernel package, '--ca-check' is added to mokutil so that mokutil will ignore the request if the CA of the signing key already exists in MokList or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only defined in a kernel module package (KMP), it's used to determine whether the %post script is running in a kernel package, or a kernel module package.
• rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
• rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#1176698) The '-c' option wasn't passed down to %_kernel_module_package so the ueficert subpackage wasn't generated even if the certificate is specified in the spec file.
• rtc: ds1374: fix possible race condition (git-fixes).
• rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
• rxrpc: Fix race between recvmsg and sendmsg on immediate call failure (networking-stable-20_08_08).
• rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA (networking-stable-20_07_29).
• s390/mm: fix huge pte soft dirty copying (git-fixes).
• s390/qeth: do not process empty bridge port events (git-fixes).
• s390/qeth: integrate RX refill worker with NAPI (git-fixes).
• s390/qeth: tolerate pre-filled RX buffer (git-fixes).
• scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
• scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675).
• scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#188304).
• scsi: ibmvfc: Use compiler attribute defines instead of __attribute__() (bsc#1176962 ltc#188304).
• scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
• scsi: libfc: Fix for double free() (bsc#1174899).
• scsi: libfc: free response frame from GPN_ID (bsc#1174899).
• scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#1174899).
• scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
• scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
• scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
• scsi: qla2xxx: Fix the return value (bsc#1171688).
• scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#1171688).
• scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#1171688).
• scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#1171688).
• scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
• scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (bsc#1171688).
• scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
• scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
• scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
• scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (bsc#1171688).
• scsi: qla2xxx: Suppress two recently introduced compiler warnings (git-fixes).
• scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1171688).
• sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186 (git-fixes).
• sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210 (git-fixes).
• serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).
• serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).
• serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
• Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).
• SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546).
• SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
• SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
• stmmac: Do not access tx_q->dirty_tx before netif_tx_lock (git-fixes).
• tcp: apply a floor of 1 for RTT samples from TCP timestamps (networking-stable-20_08_08).
• thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 (git-fixes).
• tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#1112178).
• USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
• USB: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).
• USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
• USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).
• USB: Fix out of sync data toggle if a configured device is reconfigured (git-fixes).
• USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
• USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
• USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
• USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
• USB: hso: check for return value in hso_serial_common_create() (networking-stable-20_08_08).
• usblp: fix race between disconnect() and read() (git-fixes).
• USB: lvtest: return proper error code in probe (git-fixes).
• usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (git-fixes).
• USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
• USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
• USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook (git-fixes).
• USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D (git-fixes).
• USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
• USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules (git-fixes).
• USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
• USB: sisusbvga: Fix a potential UB casued by left shifting a negative value (git-fixes).
• USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
• USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
• USB: uas: Add quirk for PNY Pro Elite (git-fixes).
• USB: UAS: fix disconnect by unplugging a hub (git-fixes).
• USB: yurex: Fix bad gfp argument (git-fixes).
• vgacon: remove software scrollback support (bsc#1176278).
• video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).
• virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes (block drivers)).
• vrf: prevent adding upper devices (git-fixes).
• vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
• x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1112178).
• xen: do not reschedule in preemption off sections (bsc#1175749).
• xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
• xen uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (bsc#1065600).
• xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
• yam: fix possible memory leak in yam_init_driver (git-fixes).

This update for bind fixes the following issues:
BIND was upgraded to version 9.16.6:
Note:

• bind is now more strict in regards to DNSSEC. If queries are not working, check for DNSSEC issues. For instance, if bind is used in a namserver forwarder chain, the forwarding DNS servers must support DNSSEC.

• CVE-2020-8616: Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server. (bsc#1171740) Address records are limited to 4 for any domain.
• CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an assertion failure. (bsc#1171740)
• CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass the tcp-clients limit (bsc#1157051).
• CVE-2018-5741: Fixed the documentation (bsc#1109160).
• CVE-2020-8618: It was possible to trigger an INSIST when determining whether a record would fit into a TCP message buffer (bsc#1172958).
• CVE-2020-8619: It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with a particular zone content and query patterns (bsc#1172958).
• CVE-2020-8624: 'update-policy' rules of type 'subdomain' were incorrectly treated as 'zonesub' rules, which allowed keys used in 'subdomain' rules to update names outside of the specified subdomains. The problem was fixed by making sure 'subdomain' rules are again processed as described in the ARM (bsc#1175443).
• CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it was possible to trigger an assertion failure in code determining the number of bits in the PKCS#11 RSA public key with a specially crafted packet (bsc#1175443).
• CVE-2020-8621: named could crash in certain query resolution scenarios where QNAME minimization and forwarding were both enabled (bsc#1175443).
• CVE-2020-8620: It was possible to trigger an assertion failure by sending a specially crafted large TCP DNS message (bsc#1175443).
• CVE-2020-8622: It was possible to trigger an assertion failure when verifying the response to a TSIG-signed request (bsc#1175443).

• Add engine support to OpenSSL EdDSA implementation.
• Add engine support to OpenSSL ECDSA implementation.
• Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.
• Warn about AXFR streams with inconsistent message IDs.
• Make ISC rwlock implementation the default again.
• Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)
• Installed the default files in /var/lib/named and created chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)
• Fixed an issue where bind was not working in FIPS mode (bsc#906079).
• Fixed dependency issues (bsc#1118367 and bsc#1118368).
• GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).
• Fixed an issue with FIPS (bsc#1128220).
• The liblwres library is discontinued upstream and is no longer included.
• Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).
• Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.
• The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours.
• Zone timers are now exported via statistics channel.
• The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored.
• 'rndc dnstap -roll ' did not limit the number of saved files to .
• Add 'rndc dnssec -status' command.
• Addressed a couple of situations where named could crash.
• Changed /var/lib/named to owner root:named and perms rwxrwxr-t so that named, being a/the only member of the 'named' group has full r/w access yet cannot change directories owned by root in the case of a compromized named. [bsc#1173307, bind-chrootenv.conf]
• Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).
• Removed '-r /dev/urandom' from all invocations of rndc-confgen (init/named system/lwresd.init system/named.init in vendor-files) as this option is deprecated and causes rndc-confgen to fail. (bsc#1173311, bsc#1176674, bsc#1170713)
• /usr/bin/genDDNSkey: Removing the use of the -r option in the call of /usr/sbin/dnssec-keygen as BIND now uses the random number functions provided by the crypto library (i.e., OpenSSL or a PKCS#11 provider) as a source of randomness rather than /dev/random. Therefore the -r command line option no longer has any effect on dnssec-keygen. Leaving the option in genDDNSkey as to not break compatibility. Patch provided by Stefan Eisenwiener. [bsc#1171313]
• Put libns into a separate subpackage to avoid file conflicts in the libisc subpackage due to different sonums (bsc#1176092).
• Require /sbin/start_daemon: both init scripts, the one used in systemd context as well as legacy sysv, make use of start_daemon.

This update for python-azure-agent fixes the following issues:

• Fixes an issue when the 'python-azure-agent' fails to initialize Azure instances. (bsc#1177161, bsc#1177257)

• From 2.2.48.1 + Refactoring GoalState class out of Protocol, making Protocol thread-safe, removing stale dependencies of Protocol and removing the dependency on the file system to read the Protocol info + Fetch goal state when creating HostPluginProtocol (#1799) + Separate goal state from the protocol class (#1777) + Make protocol util a singleton per thread (#1743, #1756) + Fetch goal state before sending telemetry (#1751) + Remove file dependency (#1754) + Others (#1758, #1767, #1744, #1749, #1816, #1820) + New logs for goal state fetch (#1797) and refresh (#1794). + Thread name added to logs (#1778) + Populate telemetry events at creation time (#1791) + Periodic HeartBeat to be logged to the file (#1755) + Add unit test to verify call stacks on telemetry events (#1828) + Others (#1841, #1842, #1846) + Handling errors while reading extension status files (Limiting Size and Transient issues)(#1761) + Enable SWAP on Resource Disk as Application Certification Support suggested (#1762) + Update 'Provisioning' options in default configs ( #1853) + Drop Metadata Server Support (#1806, #1839, #1840 ) + Improve documentation of ResourceDisk.EnableSwapEncryption (#1782) + Removed is_snappy function (#1774) + Handle exceptions in monitor thread (#1770) + Fix timestamp for periodic operations in the monitor thread (#1879) + Fix permissions on the Ubuntu systemd service file (#1814) + Update hostname setting for SUSE distros (#1832) + Python 3.8 improvements + support for Ubuntu 20.04 (#1860, #1865, #1738) + Testing and dev-infra improvements [#1771, #1768, #1800, #1826, #1827, #1833] + Others (#1854, #1858)

• From 2.2.46

This update for gcc10, nvptx-tools fixes the following issues:
This update provides the GCC10 compiler suite and runtime libraries.
The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants.
The new compiler variants are available with '-10' suffix, you can specify them via:
CC=gcc-10 CXX=g++-10
or similar commands.
For a detailed changelog check out https://gcc.gnu.org/gcc-10/changes.html
Changes in nvptx-tools:

• Enable build on aarch64

This update for gettext-runtime fixes the following issues:

• Fix for an issue when 'xgettext' crashes during creating a 'POT' file. (bsc#1176142)

This update for procps fixes the following issues:

• Fixes an issue when command 'ps -C' does not allow anymore an argument longer than 15 characters. (bsc#1158830)

This update contains changes needed for Common criteria certification.
shim:

• add a temporary shim loader EFI signed by SUSE that contains additional checks of Extended Key Usage for Codesigning (bsc#1177315)

• Configure alternative shim (bsc#1177315)
• Remove curve25519-sha256@libssh.org as it doesn't work in fips mode
• doc: logrotate is started via timer

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724).
• CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725).
• CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511).

• drm/sun4i: mixer: Extend regmap max_register (git-fixes).
• i2c: meson: fix clock setting overwrite (git-fixes).
• iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
• mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
• macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
• mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
• mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685).
• NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340).
• NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).
• nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). add two previous futile attempts to fix the bug to blacklist.conf
• nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
• nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
• nvme: fix possible io failures when removing multipathed ns (bsc#1174748).
• nvme: make nvme_identify_ns propagate errors back (bsc#1174748). Refresh: - patches.suse/nvme-flush-scan_work-when-resetting-controller.patch
• nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
• nvme-multipath: do not reset on unknown status (bsc#1174748).
• nvme: Namepace identification descriptor list is optional (bsc#1174748).
• nvme: pass status to nvme_error_status (bsc#1174748).
• nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
• nvme: return error from nvme_alloc_ns() (bsc#1174748).
• powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
• scsi-hisi-kabi-fixes.patch
• scsi-hisi-kabi-fixes.patch
• scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683).
• scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
• scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683).
• scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683).
• scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683).
• scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
• scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683).
• scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh:
• scsi-hisi_sas-Issue-internal-abort-on-all-relevant-q.patch
• scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update:
• scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
• scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538).
• scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).

This update for kexec-tools fixes the following issues:

• Fixes an issue where XEN fails to start 'kdump' service. (bsc#1133877, bsc#1141559, bsc#1172688)
• Fix for loading kdump kernel with kexec on startup. (bsc#1168698)

This update for file fixes the following issues:

• Fixes an issue when file displays broken 'ELF' interpreter. (bsc#1176123)

This update for gnutls fixes the following issues:

• Fix heap buffer overflow in handshake with no_renegotiation alert sent (CVE-2020-24659 bsc#1176181)
• FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086)
• FIPS: Use 2048 bit prime in DH selftest (bsc#1176086)
• FIPS: Add TLS KDF selftest (bsc#1176671)

This update for chrony fixes the following issues:

• Integrate three upstream patches to fix an infinite loop in chronyc. (bsc#1171806)

This update for freetype2 fixes the following issues:

• CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps (bsc#1177914).

This update for shim-susesigned fixes the following issues:

• Fix a buffer use-after-free at the end of the EKU verification in shim-susesigned (bsc#1177315)

This update for libsolv, libzypp, yaml-cpp, zypper fixes the following issues:
libzypp was updated to 17.25.1:

• When kernel-rt has been installed, the purge-kernels service fails during boot. (bsc#1176902)
• Use package name provides as group key in purge-kernel (bsc#1176740 bsc#1176192) kernel-default-base has new packaging, where the kernel uname -r does not reflect the full package version anymore. This patch adds additional logic to use the most generic/shortest edition each package provides with %{packagename}= to group the kernel packages instead of the rpm versions. This also changes how the keep-spec for specific versions is applied, instead of matching the package versions, each of the package name provides will be matched.
• RepoInfo: Return the type of the local metadata cache as fallback (bsc#1176435)
• VendorAttr: Fix broken 'suse,opensuse' equivalence handling. Enhance API and testcases. (bsc#1174918)
• Update docs regarding 'opensuse' namepace matching.
• Link against libzstd to close libsolvs open references (as we link statically)

• The libyaml-cpp0_6 library package is added the to the Basesystem module, LTSS and ESPOS channels, and the INSTALLER channels, as a new libzypp dependency.

• info: Assume descriptions starting with '

  ' are richtext (bsc#935885)

• help: prevent 'whatis' from writing to stderr (bsc#1176712)
• wp: point out that command is aliased to a search command and searches case-insensitive (jsc#SLE-16271)

• make testcase_mangle_repo_names deal correctly with freed repos [bsc#1177238]
• fix deduceq2addedmap clearing bits outside of the map
• conda: feature depriorization first
• conda: fix startswith implementation
• move find_update_seeds() call in cleandeps calculation
• set SOLVABLE_BUILDHOST in rpm and rpmmd parsers
• new testcase_mangle_repo_names() function
• new solv_fmemopen() function

This update for catatonit fixes the following issues:

• Fixes an issue when catatonit hangs when process dies in very specific way. (bsc#1176155)

This update for samba fixes the following issues:

• CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613).
• CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
• CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).

This update for timezone fixes the following issues:

• timezone update 2020b (bsc#1177460) * Revised predictions for Morocco's changes starting in 2023. * Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08. * Macquarie Island has stayed in sync with Tasmania since 2011. * Casey, Antarctica is at +08 in winter and +11 in summer. * zic no longer supports -y, nor the TYPE field of Rules.

This update for timezone fixes the following issues:

• Generate 'fat' timezone files (was default before 2020b). (bsc#1178346, bsc#1178350, bsc#1178353)
• Palestine ends DST earlier than predicted, on 2020-10-24. (bsc#1177460)
• Fiji starts DST later than usual, on 2020-12-20. (bsc#1177460)

This update for sysconfig fixes the following issues:

• Fix for 'netconfig' to run with a new library including fallback to the previous location. (bsc#1176285)
• Fix for changing content of such files like '/etc/resolv.conf' to avoid linked applications re-read them and unnecessarily re-initializes themselves accordingly. (bsc#1176325)
• Fix for 'chrony helper' calling in background. (bsc#1173391)
• Fix for configuration file by creating a symlink for it to prevent false ownership on the file. (bsc#1159566)

This update for systemd fixes the following issues:

• seccomp: shm{get,at,dt} now have their own numbers everywhere (bsc#1173422)
• test-seccomp: log function names
• test-seccomp: add log messages when skipping tests
• basic/virt: Detect PowerVM hypervisor (bsc#1176800)
• fs-util: suppress world-writable warnings if we read /dev/null
• udevadm: rename option '--log-priority' into '--log-level'
• udev: rename kernel option 'log_priority' into 'log_level'
• fstab-generator: add 'nofail' when NFS 'bg' option is used (bsc#1176513)
• Fix memory protection default (bsc#1167471)
• cgroup: Support 0-value for memory protection directives and accepts MemorySwapMax=0 (bsc#1154935)
• Improve latency and reliability when users log in/out (bsc#1104902, bsc#1165502)

This update for SUSEConnect fixes the following issues:

• Recognize more formats when parsing the '.curlrc' for proxy credentials. (bsc#1155027)
• Add 'rpmlintrc' to filter false-positive warning about patch not applied
• Extend the YaST API in order to access to the package search functionality. (jsc#SLE-9109)

This update for ca-certificates-mozilla fixes the following issues:
The SSL Root CA store was updated to the 2.44 state of the Mozilla NSS Certificate store (bsc#1177864)

• Removed CAs:

• Added CAs:

This update for mozilla-nss fixes the following issues:

• Fixes an issue for Mozilla Firefox which has failed in fips mode (bsc#1174697)
• FIPS: Adjust the Diffie-Hellman and Elliptic Curve Diffie-Hellman algorithms to be NIST SP800-56Arev3 compliant (bsc#1176173).

This update for bind fixes the following issues:

• Add '/usr/lib64/named' to the files and directories in bind config to include external plugins for chroot. (bsc#1178078)
• Replaced named's dependency on time-sync with a dependency on time-set in 'named.service' to avoid a dependency-loop. (bsc#1177790)
• Removed 'dnssec-enable' from named.conf as it has been obsoleted and may break. (bsc#1177915)
• Added a comment for reference which should be removed in the future. (bsc#1177603)
• Added a comment to the 'dnssec-validation' in named.conf with a reference to forwarders which do not return signed responses. (bsc#1175894)
• Replaced an INSIST macro which calls abort with a test and a diagnostic output. (bsc#1177913)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bug fixes.

The following security bugs were fixed:

• CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766).
• CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485).
• CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723).
• CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086).
• CVE-2020-16120: Fixed a permissions issue in ovl_path_open() (bsc#1177470).
• CVE-2020-8694: Restricted energy meter to root access (bsc#1170415).
• CVE-2020-27673: Fixed an issue where rogue guests could have caused denial of service of Dom0 via high frequency events (XSA-332 bsc#1177411)
• CVE-2020-27675: Fixed a race condition in event handler which may crash dom0 (XSA-331 bsc#1177410).

• ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
• ALSA: compress_offload: remove redundant initialization (git-fixes).
• ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
• ALSA: core: pcm: simplify locking for timers (git-fixes).
• ALSA: core: timer: clarify operator precedence (git-fixes).
• ALSA: core: timer: remove redundant assignment (git-fixes).
• ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes).
• ALSA: hda - Do not register a cb func if it is registered already (git-fixes).
• ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).
• ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).
• ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).
• ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
• ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).
• ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
• ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
• ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
• ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
• ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
• ALSA: usb-audio: fix spelling mistake 'Frequence' -> 'Frequency' (git-fixes).
• ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
• ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
• ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).
• ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes).
• ath10k: provide survey info as accumulated data (git-fixes).
• ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes).
• ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes).
• ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes).
• backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).
• blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750).
• block: ensure bdi->io_pages is always initialized (bsc#1177749).
• Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
• Bluetooth: Only mark socket zapped after unlocking (git-fixes).
• bnxt: do not enable NAPI until rings are ready (networking-stable-20_09_11).
• bnxt_en: Check for zero dir entries in NVRAM (networking-stable-20_09_11).
• brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).
• brcmfmac: check ndev pointer (git-fixes).
• brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
• btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687).
• btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
• btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).
• btrfs: fix incorrect updating of log root tree (bsc#1177687).
• btrfs: fix race between page release and a fast fsync (bsc#1177687).
• btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).
• btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).
• btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).
• btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).
• btrfs: reduce contention on log trees when logging checksums (bsc#1177687).
• btrfs: release old extent maps during page release (bsc#1177687).
• btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).
• btrfs: remove root usage from can_overcommit (bsc#1131277).
• btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).
• btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560).
• btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).
• can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).
• can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes).
• can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes).
• ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234).
• ceph: map snapid to anonymous bdev ID (bsc#1178234).
• ceph: promote to unsigned long long before shifting (bsc#1178187).
• clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).
• clk: at91: remove the checking of parent_name (git-fixes).
• clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes).
• clk: imx8mq: Fix usdhc parents order (git-fixes).
• coredump: fix crash when umh is disabled (bsc#1177753).
• crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
• crypto: ccp - fix error handling (git-fixes).
• crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes).
• crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes).
• crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).
• cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
• cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
• Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes
• dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).
• drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
• drm/gma500: fix error check (git-fixes).
• drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes).
• drm/nouveau/mem: guard against NULL pointer access in mem_del (git-fixes).
• EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178).
• eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
• Fix use after free in get_capset_info callback (git-fixes).
• gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24).
• gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11).
• HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes).
• HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes).
• i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
• ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
• ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
• ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
• ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes).
• iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes).
• iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes).
• iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
• iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
• iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).
• iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).
• iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).
• iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes).
• ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes).
• include/linux/swapops.h: correct guards for non_swap_entry() (git-fixes (mm/swap)).
• Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes).
• Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (git-fixes).
• Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes).
• Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes).
• Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).
• Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes).
• iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).
• ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24).
• ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes).
• iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
• kbuild: enforce -Werror=return-type (bsc#1177281).
• leds: mt6323: move period calculation (git-fixes).
• lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
• libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178188).
• livepatch: Test if -fdump-ipa-clones is really available As of now we add -fdump-ipa-clones unconditionally. It does not cause a trouble if the kernel is build with the supported toolchain. Otherwise it could fail easily. Do the correct thing and test for the availability.
• mac80211: handle lack of sband->bitrates in rates (git-fixes).
• mailbox: avoid timer start from callback (git-fixes).
• media: ati_remote: sanity check for both endpoints (git-fixes).
• media: bdisp: Fix runtime PM imbalance on error (git-fixes).
• media: exynos4-is: Fix a reference count leak (git-fixes).
• media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes).
• media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes).
• media: firewire: fix memory leak (git-fixes).
• media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).
• media: media/pci: prevent memory leak in bttv_probe (git-fixes).
• media: omap3isp: Fix memleak in isp_probe (git-fixes).
• media: platform: fcp: Fix a reference count leak (git-fixes).
• media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).
• media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
• media: Revert 'media: exynos4-is: Add missed check for pinctrl_lookup_state()' (git-fixes).
• media: s5p-mfc: Fix a reference count leak (git-fixes).
• media: saa7134: avoid a shift overflow (git-fixes).
• media: st-delta: Fix reference count leak in delta_run_work (git-fixes).
• media: sti: Fix reference count leaks (git-fixes).
• media: tc358743: initialize variable (git-fixes).
• media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
• media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).
• media: usbtv: Fix refcounting mixup (git-fixes).
• media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
• media: vsp1: Fix runtime PM imbalance on error (git-fixes).
• memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes).
• memory: omap-gpmc: Fix a couple off by ones (git-fixes).
• mfd: sm501: Fix leaks in probe() (git-fixes).
• mic: vop: copy data to kernel space then write to io memory (git-fixes).
• misc: mic: scif: Fix error handling path (git-fixes).
• misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
• misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes).
• mlx5 PPC ringsize workaround (bsc#1173432).
• mlx5: remove support for ib_get_vector_affinity (bsc#1174748).
• mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa (git-fixes (mm/numa)).
• mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
• mm/ksm.c: do not WARN if page is still mapped in remove_stable_node() (git-fixes (mm/hugetlb)).
• mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)).
• mm/mempolicy.c: use match_string() helper to simplify the code (git-fixes (mm/mempolicy)).
• mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)).
• mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).
• mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide (git-fixes (mm/writeback)).
• mm/page_owner.c: remove drain_all_pages from init_early_allocated_pages (git-fixes (mm/debug)).
• mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
• mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes (mm/zsmalloc)).
• mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes (mm/zsmalloc)).
• mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).
• mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely (git-fixes (mm/zsmalloc)).
• mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() (git-fixes (mm/hugetlb)).
• mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
• Move upstreamed patches into sorted section
• mtd: lpddr: fix excessive stack usage with clang (git-fixes).
• mtd: mtdoops: Do not write panic data twice (git-fixes).
• mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).
• mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
• mwifiex: fix double free (git-fixes).
• mwifiex: remove function pointer check (git-fixes).
• mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).
• net/mlx5e: Take common TIR context settings into a function (bsc#1177740).
• net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740).
• net: disable netpoll on fresh napis (networking-stable-20_09_11).
• net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes).
• net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() (git-fixes).
• net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24).
• net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).
• net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24).
• net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24).
• net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24).
• net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11).
• net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11).
• net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
• net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes).
• net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes).
• netlabel: fix problems with mapping removal (networking-stable-20_09_11).
• nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes).
• nl80211: fix non-split wiphy information (git-fixes).
• NTB: hw: amd: fix an issue about leak system resources (git-fixes).
• nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
• nvme-rdma: fix crash when connect rejected (bsc#1174748).
• nvme: do not update disk info for multipathed device (bsc#1171558).
• platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
• powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
• powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).
• powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
• powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
• powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
• powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).
• powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).
• powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).
• powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).
• pty: do tty_flip_buffer_push without port->lock in pty_write (git-fixes).
• pwm: lpss: Add range limit check for the base_unit register value (git-fixes).
• pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes).
• ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).
• rtl8xxxu: prevent potential memory leak (git-fixes).
• scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
• scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).
• sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11).
• spi: fsl-espi: Only process interrupts for expected events (git-fixes).
• tg3: Fix soft lockup when tg3_reset_task() fails (networking-stable-20_09_11).
• tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
• tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24).
• tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11).
• tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
• tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24).
• tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24).
• tty: ipwireless: fix error handling (git-fixes).
• tty: serial: earlycon dependency (git-fixes).
• tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
• usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
• usb: cdc-acm: handle broken union descriptors (git-fixes).
• usb: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes).
• usb: core: Solve race condition in anchor cleanup functions (git-fixes).
• usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
• usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
• usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
• usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).
• usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
• usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).
• usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).
• usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes).
• usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).
• usb: ohci: Default to per-port over-current protection (git-fixes).
• usb: serial: qcserial: fix altsetting probing (git-fixes).
• vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202).
• video: fbdev: sis: fix null ptr dereference (git-fixes).
• video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes).
• VMCI: check return value of get_user_pages_fast() for errors (git-fixes).
• w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).
• watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101).
• watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101).
• wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).
• writeback: Avoid skipping inode writeback (bsc#1177755).
• writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755).
• writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755).
• x86, fakenuma: Fix invalid starting node ID (git-fixes (mm/x86/fakenuma)).
• x86/apic: Unify duplicated local apic timer clockevent initialization (bsc#1112178).
• x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178).
• x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).
• xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
• xen/events: add a new 'late EOI' evtchn framework (XSA-332 bsc#1177411).
• xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).
• xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).
• xen/events: block rogue events for some time (XSA-332 bsc#1177411).
• xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).
• xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600).
• xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).
• xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).
• xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).
• xen/gntdev.c: Mark pages as dirty (bsc#1065600).
• xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
• xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
• xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
• xen: XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600).
• xfs: avoid infinite loop when cancelling CoW blocks after writeback failure (bsc#1178027).
• xfs: limit entries returned when counting fsmap records (git-fixes).

This update for libsolv, libzypp, zypper fixes the following issues:
libzypp was updated to version 17.25.1:

• Fix bsc#1176902: When kernel-rt has been installed, the purge-kernels service fails during boot.
• Use package name provides as group key in purge-kernel (bsc#1176740 bsc#1176192) kernel-default-base has new packaging, where the kernel uname -r does not reflect the full package version anymore. This patch adds additional logic to use the most generic/shortest edition each package provides with %{packagename}= to group the kernel packages instead of the rpm versions. This also changes how the keep-spec for specific versions is applied, instead of matching the package versions, each of the package name provides will be matched.
• RepoInfo: Return the type of the local metadata cache as fallback (bsc#1176435)
• VendorAttr: Fix broken 'suse,opensuse' equivalence handling. Enhance API and testcases. (bsc#1174918)
• Update docs regarding 'opensuse' namepace matching.
• New solver testcase format.
• Link against libzsd to close libsolvs open references (as we link statically)

• info: Assume descriptions starting with '

  ' are richtext (bsc#935885)

• Use new testcase API in libzypp.
• BuildRequires: libzypp-devel >= 17.25.0.
• help: prevent 'whatis' from writing to stderr (bsc#1176712)
• wp: point out that command is aliased to a search command and searches case-insensitive (jsc#SLE-16271)

• do not ask the namespace callback for splitprovides when writing a testcase
• fix add_complex_recommends() selecting conflicted packages in rare cases leading to crashes
• improve choicerule generation so that package updates are prefered in more cases
• make testcase_mangle_repo_names deal correctly with freed repos [bsc#1177238]
• fix deduceq2addedmap clearing bits outside of the map
• conda: feature depriorization first
• conda: fix startswith implementation
• move find_update_seeds() call in cleandeps calculation
• set SOLVABLE_BUILDHOST in rpm and rpmmd parsers
• new testcase_mangle_repo_names() function
• new solv_fmemopen() function

This update for grub2 fixes the following issues:

• Fixed an issue, where the https boot was interrupted by an unrecognized network address error message (bsc#1172952)
• Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062)
• Fixed an error in grub2-install where it exited with 'failed to get canonical path of `/boot/grub2/i386-pc'.' (bsc#1177957)
• Fixed a boot failure issue on blocklist installations (bsc#1178278)

This update for findutils fixes the following issues:

• Do not unconditionally use leaf optimization for NFS. (bsc#1174232) NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made.

This update for openssh fixes the following issues:

• Ensure that only approved DH parameters are used in FIPS mode, to meet NIST 800-56arev3 restrictions. (bsc#1177939).

This update for openldap2 fixes the following issues:

• CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).

This update for tcpdump fixes the following issues:

• CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).

This update for krb5 fixes the following security issue:

• CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).

This update for systemd fixes the following issues:

• build-sys: optionally disable support of journal over the network (bsc#1177458)
• ask-password: prevent buffer overflow when reading from keyring (bsc#1177510)
• mount: don't propagate errors from mount_setup_unit() further up
• Rely on the new build option --disable-remote for journal_remote This allows to drop the workaround that consisted in cleaning journal-upload files and {sysusers.d,tmpfiles.d}/systemd-remote.conf manually when 'journal_remote' support was disabled.
• Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package
• Make sure {sysusers.d,tmpfiles.d}/systemd-remote.conf are not shipped with --without=journal_remote (bsc#1177458) These files were incorrectly packaged in the main package when systemd-journal_remote was disabled.
• Make use of %{_unitdir} and %{_sysusersdir}
• Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)

This update for dmidecode fixes the following issues:

• Add partial support for SMBIOS 3.4.0. (bsc#1174257)
• Skip details of uninstalled memory modules. (bsc#1174257)

This update for multipath-tools fixes the following issues:

• Avoid reading files extensions other than '.conf' from config dir. (bsc#1162896)
• Fix wrong usage of '%service_del_preun -n' macro in spec file. (bsc#1178354)

This update for bind fixes the following issue:

• Build the 'Administrator Reference Manual' which is built using python3-Sphinx (bsc#1177983)

This update for pam and sudo fixes the following issue:
pam:

• pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858)
• Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727)
• Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593)

• Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593)

This update for c-ares fixes the following issues:

• Version update to 1.17.0 * CVE-2020-8277: Fixed a Denial of Service through DNS request (bsc#1178882) * For further details see https://c-ares.haxx.se/changelog.html

This update for vim doesn't fix any user visible issues and it is optional to install.

• Introduce vim-small package with reduced requirements for small installations (bsc#1166602).
• Stop owning /etc/vimrc so the old, distro provided config actually gets removed.
• Own some dirs in vim-data-common so installation of vim-small doesn't leave not owned directories. (bsc#1173256)
• Add vi as slave to update-alternatives so that every package has a matching 'vi' symlink. (bsc#1174564, bsc#1176549)

This update for lvm2 fixes the following issues:

• Fixed an issue when the hot spares in LVM not added automatically. (bsc#1175110)
• Fixed an issue when lvm produces a large number of luns with error message 'Too many open files'. (bsc#1173503)
• Fixes an issue when LVM initialization failed during reboot. (bsc#998893)
• Fixed a misplaced parameter in the lvm configuration. (bsc#1123327)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782).
• CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393).
• CVE-2020-25668: Fixed a use-after-free in con_font_op() (bnc#1178123).

• 9P: Cast to loff_t before multiplying (git-fixes).
• acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
• ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
• ACPI: dock: fix enum-conversion warning (git-fixes).
• ACPI / extlog: Check for RDMSR failure (git-fixes).
• ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
• ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
• ALSA: hda - Fix the return value if cb func is already registered (git-fixes).
• ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).
• ata: sata_rcar: Fix DMA boundary mask (git-fixes).
• ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
• ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
• bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes).
• can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).
• can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).
• can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).
• can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).
• can: peak_usb: add range checking in decode operations (git-fixes).
• can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).
• can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
• clk: ti: clockdomain: fix static checker warning (git-fixes).
• crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
• device property: Do not clear secondary pointer for shared primary firmware node (git-fixes).
• device property: Keep secondary firmware node secondary by type (git-fixes).
• drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).
• drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes).
• drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes).
• drm/amdgpu: do not map BO in reserved region (git-fixes).
• drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes).
• drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (git-fixes).
• drm/i915: Break up error capture compression loops with cond_resched() (git-fixes).
• drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
• drm/imx: tve remove extraneous type qualifier (git-fixes).
• drm/ttm: fix eviction valuable range check (git-fixes).
• drm/vc4: drv: Add error handding for bind (git-fixes).
• efivarfs: Replace invalid slashes with exclamation marks in dentries (git-fixes).
• ftrace: Fix recursion check for NMI test (git-fixes).
• ftrace: Handle tracing when switching between context (git-fixes).
• hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
• hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820).
• hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).
• icmp: randomize the global rate limiter (git-fixes).
• kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).
• leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
• libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
• media: platform: Improve queue set up flow for bug fixing (git-fixes).
• media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
• memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).
• mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
• mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
• mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
• Move the upstreamed powercap fix into sorted sectio
• mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
• net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).
• net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873).
• net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
• nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873).
• p54: avoid accessing the data mapped to streaming DMA (git-fixes).
• pinctrl: intel: Set default bias in case no particular value given (git-fixes).
• powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968).
• powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
• power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).
• regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).
• regulator: resolve supply after creating regulator (git-fixes).
• ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).
• rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
• scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873).
• staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).
• staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).
• staging: octeon: repair 'fixed-link' support (git-fixes).
• thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes).
• USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
• USB: adutux: fix debugging (git-fixes).
• usb: cdc-acm: fix cooldown mechanism (git-fixes).
• usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).
• usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
• USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).
• USB: serial: option: add Quectel EC200T module support (git-fixes).
• USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
• usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).
• usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).
• video: fbdev: pvr2fb: initialize variables (git-fixes).
• video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
• video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
• video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
• vt: Disable KD_FONT_OP_COPY (bsc#1178589).
• x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
• x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1058115 bsc#1176907).
• xfs: do not update mtime on COW faults (bsc#1167030).
• xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
• xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
• xfs: fix rmap key and record comparison functions (git-fixes).
• xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).

This update for gnutls fixes the following issue:

• Avoid spurious audit messages about incompatible signature algorithms (bsc#1172695)

This update for openssl-1_1 fixes the following issues:
This update backports various bugfixes for FIPS:

• Restore private key check in EC_KEY_check_key [bsc#1177479]
• Add shared secret KAT to FIPS DH selftest [bsc#1175847]
• Include ECDH/DH Requirements from SP800-56Arev3 [bsc#1175847]
• Fix locking issue uncovered by python testsuite (bsc#1166848)
• Fix the sequence of locking operations in FIPS mode [bsc#1165534]
• Fix deadlock in FIPS rand code (bsc#1165281)
• Fix wrong return values of FIPS DSA and ECDH selftests (bsc#1163569)
• Fix FIPS DRBG without derivation function (bsc#1161198)
• Allow md5_sha1 in FIPS mode to enable TLS 1.0 (bsc#1161203)
• Obsolete libopenssl-1_0_0-hmac for a clean upgrade from SLE-12 (bsc#1158499)

• Restore the EVP_PBE_scrypt() behavior from before the KDF patch by treating salt=NULL as salt='' (bsc#1160158)

This update for python-setuptools fixes the following issues:

• Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916)

This update for lvm2 fixes the following issues:

• Fixed an issue where /boot logical volume was accidentally unmounted (bsc#1177533)

This update for glib2 fixes the following issues:

• Add support for slim format of timezone. (bsc#1178346)
• Fix DST incorrect end day when using slim format. (bsc#1178346)

This update for libusb-1_0 fixes the following issues:

• Fixes a build failure for libusb for the inclusion of 'sys/time.h' on PowerPC. (bsc#1178376)

This update for python3 fixes the following issues:
Update to 3.6.12 (bsc#1179193), including:

• Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916)

• Fixed incomplete c-ares-devel dependencies introduced by the privous update (bsc#1178882).

This update for pam fixes the following issues:

• Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720) - Check whether the password contains a substring of of the user's name of at least `` characters length in some form. This is enabled by the new parameter `usersubstr=`

This update for aaa_base fixes the following issue:

• Avoid semicolon within (t)csh login script on S/390. (bsc#1179431)

SUSE-IU-2020:84-1

This update for systemd-presets-branding-SLE fixes the following issues:
Cleanup of outdated autostart services (bsc#1171656):

• Remove acpid.service. acpid is only available on SLE via openSUSE backports. In openSUSE acpid.service is *not* autostarted. I see no reason why it should be on SLE.
• Remove spamassassin.timer. This timer never seems to have existed. Instead spamassassin ships a 'sa-update.timer'. But it is not default-enabled and nobody ever complained about this.
• Remove snapd.apparmor.service: This service was proactively added a year ago, but snapd didn't even make it into openSUSE yet. There's no reason to keep this entry unless snapd actually enters SLE which is not foreseeable.

This update for systemd fixes the following issues:

• migrate-sysconfig-i18n.sh: fixed marker handling (bsc#1173229)

• Fix inconsistent file modes for some ghost files (bsc#1173227)

• Fix build of systemd on openSUSE Leap 15.2 (bsc#1173422)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2020-15780: A lockdown bypass for loading unsigned modules using ACPI table injection was fixed. (bsc#1173573)
• CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).
• CVE-2020-12771: An issue was discovered in btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails (bnc#1171732).
• CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868).
• CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).
• CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
• CVE-2020-10768: Fixed an issue with the prctl() function, where indirect branch speculation could be enabled even though it was diabled before (bnc#1172783).
• CVE-2020-10766: Fixed an issue which allowed an attacker with a local account to disable SSBD protection (bnc#1172781).
• CVE-2020-10767: Fixed an issue where Indirect Branch Prediction Barrier was disabled in certain circumstances, leaving the system open to a spectre v2 style attack (bnc#1172782).
• CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).
• CVE-2020-0305: Fixed a possible use-after-free due to a race condition incdev_get of char_dev.c. This could lead to local escalation of privilege. User interaction is not needed for exploitation (bnc#1174462).
• CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
• CVE-2020-10781: Fixed a denial of service issue in the ZRAM implementation (bnc#1173074).
• CVE-2019-20908: Fixed incorrect access permissions for the efivar_ssdt ACPI variable, which could be used by attackers to bypass lockdown or secure boot restrictions (bnc#1173567).
• CVE-2019-20810: Fixed a memory leak in go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c because it did not call snd_card_free for a failure path (bnc#1172458).
• CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c, related to invalid length checks for variable elements in a beacon head (bnc#1152107).

• ACPI: GED: add support for _Exx / _Lxx handler methods (bsc#1111666).
• ACPI: GED: use correct trigger type field in _Exx / _Lxx handling (bsc#1111666).
• ACPI: NFIT: Fix unlock on error in scrub_show() (bsc#1171753).
• ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510).
• ACPI: sysfs: Fix pm_profile_attr type (bsc#1111666).
• ACPI: video: Use native backlight on Acer Aspire 5783z (bsc#1111666).
• ACPI: video: Use native backlight on Acer TravelMate 5735Z (bsc#1111666).
• ALSA: es1688: Add the missed snd_card_free() (bsc#1051510).
• ALSA: hda: Add ElkhartLake HDMI codec vid (bsc#1111666).
• ALSA: hda: add sienna_cichlid audio asic id for sienna_cichlid up (bsc#1111666).
• ALSA: hda/hdmi - enable runtime pm for newer AMD display audio (bsc#1111666).
• ALSA: hda - let hs_mic be picked ahead of hp_mic (bsc#1111666).
• ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines (bsc#1111666).
• ALSA: hda/realtek - Add LED class support for micmute LED (bsc#1111666).
• ALSA: hda/realtek - Enable micmute LED on and HP system (bsc#1111666).
• ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 (bsc#1111666).
• ALSA: hda/realtek - Fix unused variable warning w/o CONFIG_LEDS_TRIGGER_AUDIO (bsc#1111666).
• ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (bsc#1111666).
• ALSA: lx6464es - add support for LX6464ESe pci express variant (bsc#1111666).
• ALSA: opl3: fix infoleak in opl3 (bsc#1111666).
• ALSA: pcm: disallow linking stream to itself (bsc#1111666).
• ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback (bsc#1111666).
• ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (bsc#1111666).
• ALSA: usb-audio: add quirk for MacroSilicon MS2109 (bsc#1111666).
• ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock (bsc#1111666).
• ALSA: usb-audio: Clean up quirk entries with macros (bsc#1111666).
• ALSA: usb-audio: Fix inconsistent card PM state after resume (bsc#1111666).
• ALSA: usb-audio: Fix packet size calculation (bsc#1111666).
• ALSA: usb-audio: Fix racy list management in output queue (bsc#1111666).
• ALSA: usb-audio: Improve frames size computation (bsc#1111666).
• ALSA: usb-audio: Manage auto-pm of all bundled interfaces (bsc#1111666).
• ALSA: usb-audio: Use the new macro for HP Dock rename quirks (bsc#1111666).
• amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes).
• arm64: map FDT as RW for early_init_dt_scan() (jsc#SLE-12423).
• ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (bsc#1111666).
• ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (bsc#1111666).
• ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (bsc#1111666).
• ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb (bsc#1111666).
• ax25: fix setsockopt(SO_BINDTODEVICE) (networking-stable-20_05_27).
• b43: Fix connection problem with WPA3 (bsc#1111666).
• b43_legacy: Fix connection problem with WPA3 (bsc#1111666).
• bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)).
• be2net: fix link failure after ethtool offline test (git-fixes).
• block: nr_sects_write(): Disable preemption on seqcount write (bsc#1173818).
• block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)).
• block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)).
• Bluetooth: Add SCO fallback for invalid LMP parameters error (bsc#1111666).
• bnxt_en: Fix AER reset logic on 57500 chips (git-fixes).
• bnxt_en: Fix ethtool selftest crash under error conditions (git-fixes).
• bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails (git-fixes).
• bnxt_en: Fix ipv6 RFS filter matching logic (git-fixes).
• bnxt_en: fix NULL dereference in case SR-IOV configuration fails (git-fixes).
• bnxt_en: Fix VF anti-spoof filter setup (networking-stable-20_05_12).
• bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features() (networking-stable-20_05_12).
• bnxt_en: Improve AER slot reset (networking-stable-20_05_12).
• brcmfmac: fix wrong location to get firmware feature (bsc#1111666).
• brcmfmac: Transform compatible string for FW loading (bsc#1169771).
• btrfs: add assertions for tree == inode->io_tree to extent IO helpers (bsc#1174438).
• btrfs: add new helper btrfs_lock_and_flush_ordered_range (bsc#1174438).
• btrfs: Always use a cached extent_state in btrfs_lock_and_flush_ordered_range (bsc#1174438).
• btrfs: do not zero f_bavail if we have available space (bsc#1168081).
• btrfs: do not zero f_bavail if we have available space (bsc#1168081).
• btrfs: drop argument tree from btrfs_lock_and_flush_ordered_range (bsc#1174438).
• btrfs: fix extent_state leak in btrfs_lock_and_flush_ordered_range (bsc#1174438).
• btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof (bsc#1174438).
• btrfs: fix hang on snapshot creation after RWF_NOWAIT write (bsc#1174438).
• btrfs: fix RWF_NOWAIT write not failling when we need to cow (bsc#1174438).
• btrfs: fix RWF_NOWAIT writes blocking on extent locks and waiting for IO (bsc#1174438).
• btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247).
• btrfs: Return EAGAIN if we can't start no snpashot write in check_can_nocow (bsc#1174438).
• btrfs: use correct count in btrfs_file_write_iter() (bsc#1174438).
• btrfs: Use newly introduced btrfs_lock_and_flush_ordered_range (bsc#1174438).
• btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
• bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads (bsc#1111666).
• carl9170: remove P2P_GO support (bsc#1111666).
• CDC-ACM: heed quirk also in error handling (git-fixes).
• ceph: convert mdsc->cap_dirty to a per-session list (bsc#1167104).
• ceph: request expedited service on session's last cap flush (bsc#1167104).
• cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages (bsc#1173857).
• char/random: Add a newline at the end of the file (jsc#SLE-12423).
• cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1144333).
• cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016).
• cifs: set up next DFS target before generic_ip_connect() (bsc#1144333 bsc#1161016).
• clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510).
• clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
• clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
• clocksource: dw_apb_timer: Make CPU-affiliation being optional (bsc#1111666).
• compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)).
• compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)).
• copy_{to,from}_user(): consolidate object size checks (git fixes).
• crypto: algboss - do not wait during notifier callback (bsc#1111666).
• crypto: algif_skcipher - Cap recv SG list at ctx->used (bsc#1111666).
• crypto: caam - update xts sector size for large input length (bsc#1111666).
• crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (bsc#1111666).
• crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes).
• Crypto/chcr: fix for ccm(aes) failed test (bsc#1111666).
• crypto: chelsio/chtls: properly set tp->lsndtime (bsc#1111666).
• crypto: talitos - fix IPsec cipher in length (git-fixes).
• crypto: talitos - reorder code in talitos_edesc_alloc() (git-fixes).
• debugfs: Check module state before warning in {full/open}_proxy_open() (bsc#1173746).
• devinet: fix memleak in inetdev_init() (networking-stable-20_06_07).
• dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' (bsc#1111666).
• dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)).
• dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)).
• dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)).
• dm: fix potential for q->make_request_fn NULL pointer (git fixes (block drivers)).
• dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)).
• dm: various cleanups to md->queue initialization code (git fixes).
• dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)).
• dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block drivers)).
• dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27).
• driver-core, libnvdimm: Let device subsystems add local lockdep coverage (bsc#1171753).
• Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170617, bsc#1170618).
• drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (bsc#1051510).
• drm: amd/display: fix Kconfig help text (bsc#1113956) * only fix DEBUG_KERNEL_DC
• drm: bridge: adv7511: Extend list of audio sample rates (bsc#1111666).
• drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1113956) * context changes
• drm: encoder_slave: fix refcouting error for modules (bsc#1111666).
• drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
• drm/i915/icl+: Fix hotplug interrupt disabling after storm detection (bsc#1112178)
• drm/i915: Whitelist context-local timestamp in the gen9 cmdparser (bsc#1111666).
• drm/mediatek: Check plane visibility in atomic_update (bsc#1113956) * context changes
• drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1111666).
• drm: panel-orientation-quirks: Add quirk for Asus T101HA panel (bsc#1111666).
• drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 (bsc#1111666).
• drm/qxl: Use correct notify port address when creating cursor ring (bsc#1113956)
• drm/radeon: fix double free (bsc#1113956)
• drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1113956)
• drm/sun4i: hdmi ddc clk: Fix size of m divider (bsc#1111666).
• drm/tegra: hub: Do not enable orphaned window group (bsc#1111666).
• drm/vkms: Hold gem object while still in-use (bsc#1113956) * context changes
• e1000: Distribute switch variables for initialization (bsc#1111666).
• e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
• e1000e: Do not wake up the system via WOL if device wakeup is disabled (bsc#1051510).
• e1000e: Relax condition to trigger reset for ME workaround (bsc#1111666).
• EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
• efi/random: Increase size of firmware supplied randomness (jsc#SLE-12423).
• efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness (jsc#SLE-12423).
• efi: READ_ONCE rng seed size before munmap (jsc#SLE-12423).
• efi: Reorder pr_notice() with add_device_randomness() call (jsc#SLE-12423).
• evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
• evm: Fix a small race in init_desc() (bsc#1051510).
• ext4: fix a data race at inode->i_blocks (bsc#1171835).
• ext4: fix partial cluster initialization when splitting extent (bsc#1173839).
• ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838).
• ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error handlers (bsc#1173833).
• extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (bsc#1051510).
• fanotify: fix ignore mask logic for events on child and on dir (bsc#1172719).
• fdt: add support for rng-seed (jsc#SLE-12423).
• fdt: Update CRC check for rng-seed (jsc#SLE-12423).
• firmware: imx: scu: Fix corruption of header (git-fixes).
• firmware: imx: scu: Fix possible memory leak in imx_scu_probe() (bsc#1111666).
• Fix boot crash with MD (bsc#1174343)
• fix multiplication overflow in copy_fdtable() (bsc#1173825).
• fpga: dfl: afu: Corrected error handling levels (git-fixes).
• fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks (networking-stable-20_05_12).
• gpiolib: Document that GPIO line names are not globally unique (bsc#1051510).
• gpu: host1x: Detach driver on unregister (bsc#1111666).
• gpu: ipu-v3: pre: do not trigger update if buffer address does not change (bsc#1111666).
• HID: magicmouse: do not set up autorepeat (git-fixes).
• HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
• hv_netvsc: Fix netvsc_start_xmit's return type (git-fixes).
• hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() (bsc#1111666).
• hwmon: (emc2103) fix unable to change fan pwm1_enable attribute (bsc#1111666).
• hwmon: (max6697) Make sure the OVERT mask is set correctly (bsc#1111666).
• i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 (bsc#1111666).
• i2c: eg20t: Load module automatically if ID matches (bsc#1111666).
• i2c: mlxcpld: check correct size of maximum RECV_LEN packet (bsc#1111666).
• i40e: reduce stack usage in i40e_set_fc (git-fixes).
• IB/hfi1: Do not destroy hfi1_wq when the device is shut down (bsc#1174409).
• IB/hfi1: Do not destroy link_wq when the device is shut down (bsc#1174409).
• ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
• ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369).
• ibmvnic: Flush existing work items before device removal (bsc#1065729).
• ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
• iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510).
• iio:health:afe4404 Fix timestamp alignment and prevent data leak (bsc#1111666).
• iio:humidity:hdc100x Fix alignment and data leak issues (bsc#1111666).
• iio:magnetometer:ak8974: Fix alignment and data leak issues (bsc#1111666).
• iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() (bsc#1111666).
• iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
• iio:pressure:ms5611 Fix buffer element alignment (bsc#1111666).
• iio: pressure: zpa2326: handle pm_runtime_get_sync failure (bsc#1111666).
• ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1051510).
• ima: Fix ima digest hash table key calculation (bsc#1051510).
• include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868).
• Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list (bsc#1111666).
• input: i8042 - Remove special PowerPC handling (git-fixes).
• Input: synaptics - add a second working PNP_ID for Lenovo T470s (bsc#1111666).
• intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
• intel_th: Fix a NULL dereference when hub driver is not loaded (bsc#1111666).
• ipvlan: call dev_change_flags when ipvlan mode is reset (git-fixes).
• ixgbevf: Remove limit of 10 entries for unicast filter list (git-fixes).
• jbd2: avoid leaking transaction credits when unreserving handle (bsc#1173845).
• jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833).
• kabi: hv: prevent struct device_node to become defined (bsc#1172871).
• kabi: ppc64le: prevent struct dma_map_ops to become defined (jsc#SLE-12423).
• kABI: protect struct mlx5_cmd_work_ent (kabi).
• kABI: reintroduce inet_hashtables.h include to l2tp_ip (kabi).
• kernfs: fix barrier usage in __kernfs_new_node() (bsc#1111666).
• KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS (bsc#1114279).
• KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1114279).
• KVM: x86: Fix APIC page invalidation race (bsc#1174122).
• kvm: x86: Fix L1TF mitigation for shadow MMU (bsc#1171904).
• KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904).
• KVM: x86: only do L1TF workaround on affected processors (bsc#1171904).
• l2tp: add sk_family checks to l2tp_validate_socket (networking-stable-20_06_07).
• l2tp: do not use inet_hash()/inet_unhash() (networking-stable-20_06_07).
• libceph: do not omit recovery_deletes in target_copy() (bsc#1174113).
• libceph: ignore pool overlay and cache logic on redirects (bsc#1173146).
• libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock (bsc#1171753).
• libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant (bsc#1171753).
• libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() (bsc#1171753).
• libnvdimm: cover up changes in struct nvdimm_bus (bsc#1171753).
• libnvdimm: cover up nd_pfn_sb changes (bsc#1171759).
• libnvdimm/dax: Pick the right alignment default when creating dax devices (bsc#1171759).
• libnvdimm/label: Remove the dpa align check (bsc#1171759).
• libnvdimm/of_pmem: Provide a unique name for bus provider (bsc#1171739).
• libnvdimm/pfn_dev: Add a build check to make sure we notice when struct page size change (bsc#1171743).
• libnvdimm/pfn_dev: Add page size and struct page size to pfn superblock (bsc#1171759).
• libnvdimm/pfn: Prevent raw mode fallback if pfn-infoblock valid (bsc#1171743).
• libnvdimm/pmem: Advance namespace seed for specific probe errors (bsc#1171743).
• libnvdimm/region: Initialize bad block for volatile namespaces (bnc#1151927 5.3.6).
• libnvdimm/region: Rewrite _probe_success() to _advance_seeds() (bsc#1171743).
• libnvdimm: Use PAGE_SIZE instead of SZ_4K for align check (bsc#1171759).
• livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995).
• livepatch: Disallow vmlinux.ko (bsc#1071995).
• livepatch: Make klp_apply_object_relocs static (bsc#1071995).
• livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995).
• livepatch: Remove .klp.arch (bsc#1071995).
• loop: replace kill_bdev with invalidate_bdev (bsc#1173820).
• lpfc_debugfs: get rid of pointless access_ok() (bsc#1172687 bsc#1171530).
• lpfc: Synchronize NVME transport and lpfc driver devloss_tmo (bcs#1173060).
• mac80211: add option for setting control flags (bsc#1111666).
• mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX (bsc#1111666).
• mailbox: imx: Disable the clock on devm_mbox_controller_register() failure (git-fixes).
• md: Avoid namespace collision with bitmap API (git fixes (block drivers)).
• mdraid: fix read/write bytes accounting (bsc#1172537).
• md: use memalloc scope APIs in mddev_suspend()/mddev_resume() (bsc#1166985)).
• media: cec: silence shift wrapping warning in __cec_s_log_addrs() (git-fixes).
• media: si2157: Better check for running tuner in init (bsc#1111666).
• mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue (git-fixes).
• mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue (git-fixes).
• mlxsw: pci: Return error on PCI reset timeout (git-fixes).
• mlxsw: spectrum_acl_tcam: Position vchunk in a vregion list properly (networking-stable-20_05_12).
• mlxsw: spectrum: Disallow prio-tagged packets when PVID is removed (git-fixes).
• mlxsw: spectrum_dpipe: Add missing error path (git-fixes).
• mlxsw: spectrum: Prevent force of 56G (git-fixes).
• mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead (git-fixes).
• mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON() (git-fixes).
• mlxsw: spectrum_switchdev: Add MDB entries in prepare phase (git-fixes).
• mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky (git-fixes).
• mmc: block: Fix request completion in the CQE timeout path (bsc#1111666).
• mmc: block: Fix use-after-free issue for rpmb (bsc#1111666).
• mmc: fix compilation of user API (bsc#1051510).
• mmc: sdhci: do not enable card detect interrupt for gpio cd type (bsc#1111666).
• mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk (bsc#1111666).
• Move upstreamed lpfc patches into sorted section
• mvpp2: remove misleading comment (git-fixes).
• net: be more gentle about silly gso requests coming from user (networking-stable-20_06_07).
• net: check untrusted gso_size at kernel entry (networking-stable-20_06_07).
• net/cxgb4: Check the return from t4_query_params properly (git-fixes).
• net: dsa: loop: Add module soft dependency (networking-stable-20_05_16).
• net: dsa: mt7530: fix roaming from DSA user ports (networking-stable-20_05_27).
• net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it (git-fixes).
• net: ena: add missing ethtool TX timestamping indication (git-fixes).
• net: ena: avoid memory access violation by validating req_id properly (git-fixes).
• net: ena: do not wake up tx queue when down (git-fixes).
• net: ena: ena-com.c: prevent NULL pointer dereference (git-fixes).
• net: ena: ethtool: use correct value for crc32 hash (git-fixes).
• net: ena: fix continuous keep-alive resets (git-fixes).
• net: ena: fix corruption of dev_idx_to_host_tbl (git-fixes).
• net: ena: fix default tx interrupt moderation interval (git-fixes).
• net: ena: fix incorrect default RSS key (git-fixes).
• net: ena: fix incorrectly saving queue numbers when setting RSS indirection table (git-fixes).
• net: ena: fix issues in setting interrupt moderation params in ethtool (git-fixes).
• net: ena: fix potential crash when rxfh key is NULL (git-fixes).
• net: ena: fix retrieval of nonadaptive interrupt moderation intervals (git-fixes).
• net: ena: fix uses of round_jiffies() (git-fixes).
• net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE (git-fixes).
• net: ena: reimplement set/get_coalesce() (git-fixes).
• net: ena: rss: do not allocate key when not supported (git-fixes).
• net: ena: rss: fix failure to get indirection table (git-fixes).
• net: ena: rss: store hash function as values and not bits (git-fixes).
• netfilter: connlabels: prefer static lock initialiser (git-fixes).
• netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795).
• netfilter: not mark a spinlock as __read_mostly (git-fixes).
• net: fix a potential recursive NETDEV_FEAT_CHANGE (networking-stable-20_05_16).
• net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* (networking-stable-20_05_27).
• net: ipip: fix wrong address family in init error path (networking-stable-20_05_27).
• net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set (git-fixes).
• net: macsec: preserve ingress frame ordering (networking-stable-20_05_12).
• net/mlx4_core: drop useless LIST_HEAD (git-fixes).
• net/mlx4_core: fix a memory leak bug (git-fixes).
• net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() (networking-stable-20_05_12).
• net/mlx5: Add command entry handling completion (networking-stable-20_05_27).
• net/mlx5: Avoid panic when setting vport rate (git-fixes).
• net/mlx5: Continue driver initialization despite debugfs failure (git-fixes).
• net/mlx5e: ethtool, Fix a typo in WOL function names (git-fixes).
• net/mlx5e: Fix traffic duplication in ethtool steering (git-fixes).
• net/mlx5e: Remove unnecessary clear_bit()s (git-fixes).
• net/mlx5e: Update netdev txq on completions during closure (networking-stable-20_05_27).
• net/mlx5: Fix command entry leak in Internal Error State (networking-stable-20_05_12).
• net/mlx5: Fix crash upon suspend/resume (networking-stable-20_06_07).
• net/mlx5: Fix forced completion access non initialized command entry (networking-stable-20_05_12).
• net: mvmdio: allow up to four clocks to be specified for orion-mdio (git-fixes).
• net: mvpp2: prs: Do not override the sign bit in SRAM parser shift (git-fixes).
• net: phy: fix aneg restart in phy_ethtool_set_eee (networking-stable-20_05_16).
• netprio_cgroup: Fix unlimited memory leak of v2 cgroups (networking-stable-20_05_16).
• net: qede: stop adding events on an already destroyed workqueue (git-fixes).
• net: qed: fix excessive QM ILT lines consumption (git-fixes).
• net: qed: fix NVMe login fails over VFs (git-fixes).
• net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() (networking-stable-20_05_27).
• net: revert 'net: get rid of an signed integer overflow in ip_idents_reserve()' (networking-stable-20_05_27).
• net sched: fix reporting the first-time use timestamp (networking-stable-20_05_27).
• net: stricter validation of untrusted gso packets (networking-stable-20_05_12).
• net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict() (networking-stable-20_05_12).
• net/tls: Fix sk_psock refcnt leak when in tls_data_ready() (networking-stable-20_05_12).
• net: usb: qmi_wwan: add support for DW5816e (networking-stable-20_05_12).
• net: usb: qmi_wwan: add Telit 0x1050 composition (networking-stable-20_06_07).
• net: usb: qmi_wwan: add Telit LE910C1-EUX composition (networking-stable-20_06_07).
• net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() (bsc#1172484).
• nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K (git-fixes).
• NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() (bsc#1170592).
• NFSv4: Retry CLOSE and DELEGRETURN on NFS4ERR_OLD_STATEID (bsc#1170592).
• nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() (bsc#1173857).
• nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type (bsc#1111666).
• nvdimm: Avoid race between probe and reading device attributes (bsc#1170442).
• nvme: check for NVME_CTRL_LIVE in nvme_report_ns_ids() (bcs#1171558 bsc#1159058).
• nvme: do not update multipath disk information if the controller is down (bcs#1171558 bsc#1159058).
• nvme: fail cancelled commands with NVME_SC_HOST_PATH_ERROR (bsc#1158983 bsc#1172538).
• nvme-fc: Fail transport errors with NVME_SC_HOST_PATH (bsc#1158983 bsc#1172538).
• nvme-tcp: fail command with NVME_SC_HOST_PATH_ERROR send failed (bsc#1158983 bsc#1172538).
• objtool: Clean instruction state before each function validation (bsc#1169514).
• objtool: Ignore empty alternatives (bsc#1169514).
• ocfs2: no need try to truncate file beyond i_size (bsc#1171841).
• overflow: Fix -Wtype-limits compilation warnings (git fixes).
• overflow.h: Add arithmetic shift helper (git fixes).
• p54usb: add AirVasT USB stick device-id (bsc#1051510).
• padata: ensure the reorder timer callback runs on the correct CPU (git-fixes).
• padata: reorder work kABI fixup (git-fixes).
• PCI/AER: Remove HEST/FIRMWARE_FIRST parsing for AER ownership (bsc#1174356).
• PCI/AER: Use only _OSC to determine AER ownership (bsc#1174356).
• PCI: Allow pci_resize_resource() for devices on root bus (bsc#1051510).
• PCI: Fix pci_register_host_bridge() device_register() error handling (bsc#1051510).
• PCI: Generalize multi-function power dependency device links (bsc#1111666).
• PCI: hv: Change pci_protocol_version to per-hbus (bsc#1172871, bsc#1172872).
• PCI: hv: Fix the PCI HyperV probe failure path to release resource properly (bsc#1172871, bsc#1172872).
• PCI: hv: Introduce hv_msi_entry (bsc#1172871, bsc#1172872).
• PCI: hv: Move hypercall related definitions into tlfs header (bsc#1172871, bsc#1172872).
• PCI: hv: Move retarget related structures into tlfs header (bsc#1172871, bsc#1172872).
• PCI: hv: Reorganize the code in preparation of hibernation (bsc#1172871, bsc#1172872).
• PCI: hv: Retry PCI bus D0 entry on invalid device state (bsc#1172871, bsc#1172872).
• PCI: pciehp: Fix indefinite wait on sysfs requests (git-fixes).
• PCI: pciehp: Support interrupts sent from D3hot (git-fixes).
• PCI/PM: Call .bridge_d3() hook only if non-NULL (git-fixes).
• PCI: Program MPS for RCiEP devices (bsc#1051510).
• PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port (bsc#1051510).
• pci: Revive pci_dev __aer_firmware_first* fields for kABI (bsc#1174356).
• pcm_native: result of put_user() needs to be checked (bsc#1111666).
• perf: Allocate context task_ctx_data for child event (git-fixes).
• perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).
• perf: Copy parent's address filter offsets on clone (git-fixes).
• perf/core: Add sanity check to deal with pinned event failure (git-fixes).
• perf/core: Avoid freeing static PMU contexts when PMU is unregistered (git-fixes).
• perf/core: Correct event creation with PERF_FORMAT_GROUP (git-fixes).
• perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).
• perf/core: Fix ctx_event_type in ctx_resched() (git-fixes).
• perf/core: Fix error handling in perf_event_alloc() (git-fixes).
• perf/core: Fix exclusive events' grouping (git-fixes).
• perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).
• perf/core: Fix impossible ring-buffer sizes warning (git-fixes).
• perf/core: Fix locking for children siblings group read (git-fixes).
• perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes (dependent patch for 18736eef1213)).
• perf/core: Fix perf_event_read_value() locking (git-fixes).
• perf/core: Fix perf_pmu_unregister() locking (git-fixes).
• perf/core: Fix __perf_read_group_add() locking (git-fixes (dependent patch)).
• perf/core: Fix perf_sample_regs_user() mm check (git-fixes).
• perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).
• perf/core: Fix race between close() and fork() (git-fixes).
• perf/core: Fix the address filtering fix (git-fixes).
• perf/core: Fix use-after-free in uprobe_perf_close() (git-fixes).
• perf/core: Force USER_DS when recording user stack data (git-fixes).
• perf/core: Restore mmap record type correctly (git-fixes).
• perf: Fix header.size for namespace events (git-fixes).
• perf/ioctl: Add check for the sample_period value (git-fixes).
• perf, pt, coresight: Fix address filters for vmas with non-zero offset (git-fixes).
• perf: Return proper values for user stack errors (git-fixes).
• perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes).
• perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (git-fixes).
• perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes).
• perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (git-fixes).
• perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static (git-fixes).
• perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs (git-fixes stable).
• perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes).
• perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events (git-fixes stable).
• perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes).
• perf/x86: Fix incorrect PEBS_REGS (git-fixes).
• perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts() (git-fixes).
• perf/x86/intel: Add proper condition to run sched_task callbacks (git-fixes).
• perf/x86/intel/bts: Fix the use of page_private() (git-fixes).
• perf/x86/intel: Fix PT PMI handling (git-fixes).
• perf/x86/intel: Move branch tracing setup to the Intel-specific source file (git-fixes).
• perf/x86/intel/uncore: Add Node ID mask (git-fixes).
• perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes).
• perf/x86/intel/uncore: Handle invalid event coding for free-running counter (git-fixes).
• perf/x86/uncore: Fix event group support (git-fixes).
• pid: Improve the comment about waiting in zap_pid_ns_processes (git fixes)).
• pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' (bsc#1051510).
• pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()' (bsc#1051510).
• pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs (bsc#1051510).
• platform/x86: dell-laptop: do not register micmute LED if there is no token (bsc#1111666).
• platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() (bsc#1111666).
• PM / Domains: Allow genpd users to specify default active wakeup behavior (git-fixes).
• pnp: Use list_for_each_entry() instead of open coding (git fixes).
• powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729).
• powerpc/64s: Save FSCR to init_task.thread.fscr after feature init (bsc#1065729).
• powerpc/book3s64: Export has_transparent_hugepage() related functions (bsc#1171759).
• powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey (bsc#1065729).
• powerpc/fadump: fix race between pstore write and fadump crash trigger (bsc#1168959 ltc#185010).
• powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030).
• powerpc/xmon: Reset RCU and soft lockup watchdogs (bsc#1065729).
• power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select (bsc#1051510).
• power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()' (bsc#1051510).
• power: supply: smb347-charger: IRQSTAT_D is volatile (bsc#1051510).
• power: vexpress: add suppress_bind_attrs to true (bsc#1111666).
• pppoe: only process PADT targeted at local interfaces (networking-stable-20_05_16).
• qed: reduce maximum stack frame size (git-fixes).
• qlcnic: fix missing release in qlcnic_83xx_interrupt_test (git-fixes).
• r8152: support additional Microsoft Surface Ethernet Adapter variant (networking-stable-20_05_27).
• raid5: remove gfp flags from scribble_alloc() (bsc#1166985).
• RDMA/efa: Fix setting of wrong bit in get/set_feature commands (bsc#1111666)
• RDMA/efa: Set maximum pkeys device attribute (bsc#1111666)
• RDMA/efa: Support remote read access in MR registration (bsc#1111666)
• RDMA/efa: Unified getters/setters for device structs bitmask access (bsc#1111666)
• README.BRANCH: Add Takashi Iwai as primary maintainer.
• regmap: debugfs: Do not sleep while atomic for fast_io regmaps (bsc#1111666).
• resolve KABI warning for perf-pt-coresight (git-fixes).
• Revert 'bcache: ignore pending signals when creating gc and allocator thread' (git fixes (block drivers)).
• Revert commit e918e570415c ('tpm_tis: Remove the HID IFX0102') (bsc#1111666).
• Revert 'dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues' (git fixes (block drivers)).
• Revert 'thermal: mediatek: fix register index error' (bsc#1111666).
• Revert 'tools lib traceevent: Remove unneeded qsort and uses memmove'
• s390/bpf: Maintain 8-byte stack alignment (bsc#1169194).
• s390: fix syscall_get_error for compat processes (git-fixes).
• s390/qdio: consistently restore the IRQ handler (git-fixes).
• s390/qdio: lock device while installing IRQ handler (git-fixes).
• s390/qdio: put thinint indicator after early error (git-fixes).
• s390/qdio: tear down thinint indicator after early error (git-fixes).
• s390/qeth: fix error handling for isolation mode cmds (git-fixes).
• sch_choke: avoid potential panic in choke_reset() (networking-stable-20_05_12).
• sch_sfq: validate silly quantum values (networking-stable-20_05_12).
• scsi: aacraid: fix a signedness bug (bsc#1174296).
• scsi: hisi_sas: fix calls to dma_set_mask_and_coherent() (bsc#1174296).
• scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM (bsc#1172759 ltc#184814).
• scsi: lpfc: Add an internal trace log buffer (bsc#1172687 bsc#1171530).
• scsi: lpfc: Add blk_io_poll support for latency improvment (bsc#1172687 bsc#1171530).
• scsi: lpfc: Add support to display if adapter dumps are available (bsc#1172687 bsc#1171530).
• scsi: lpfc: Allow applications to issue Common Set Features mailbox command (bsc#1172687 bsc#1171530).
• scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset() (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix inconsistent indenting (bsc#1158983).
• scsi: lpfc: Fix interrupt assignments when multiple vectors are supported on same CPU (bsc#1158983).
• scsi: lpfc: Fix kdump hang on PPC (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix language in 0373 message to reflect non-error message (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix less-than-zero comparison of unsigned value (bsc#1158983).
• scsi: lpfc: Fix missing MDS functionality (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix NVMe rport deregister and registration during ADISC (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix oops due to overrun when reading SLI3 data (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix shost refcount mismatch when deleting vport (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix stack trace seen while setting rrq active (bsc#1172687 bsc#1171530).
• scsi: lpfc: Fix unused assignment in lpfc_sli4_bsg_link_diag_test (bsc#1172687 bsc#1171530).
• scsi: lpfc: Update lpfc version to 12.8.0.2 (bsc#1158983).
• scsi: megaraid_sas: Fix a compilation warning (bsc#1174296).
• scsi: mpt3sas: Fix double free in attach error handling (bsc#1174296).
• scsi: qedf: Add port_id getter (bsc#1150660).
• scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (bsc#1174296).
• scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (bsc#1158983).
• sctp: Do not add the shutdown timer if its already been added (networking-stable-20_05_27).
• sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed (networking-stable-20_05_27).
• spi: dw: use 'smp_mb()' to avoid sending spi data error (bsc#1051510).
• spi: fix initial SPI_SR value in spi-fsl-dspi (bsc#1111666).
• spi: pxa2xx: Apply CS clk quirk to BXT (bsc#1111666).
• spi: spidev: fix a race between spidev_release and spidev_remove (bsc#1111666).
• spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices (bsc#1111666).
• spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate (bsc#1111666).
• staging: comedi: verify array index is correct before using it (bsc#1111666).
• staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (bsc#1051510).
• staging: sm750fb: add missing case while setting FB_VISUAL (bsc#1051510).
• SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bsc#1152624).
• tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes (bsc#1173284).
• timers: Add a function to start/reduce a timer (networking-stable-20_05_27).
• tpm_tis: extra chip->ops check on error path in tpm_tis_core_init (bsc#1111666).
• tpm_tis: Remove the HID IFX0102 (bsc#1111666).
• tracing: Fix event trigger to accept redundant spaces (git-fixes).
• tty: n_gsm: Fix bogus i++ in gsm_data_kick (bsc#1051510).
• tty: n_gsm: Fix SOF skipping (bsc#1051510).
• tty: n_gsm: Fix waking up upper tty layer when room available (bsc#1051510).
• tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040 (networking-stable-20_05_12).
• ubifs: remove broken lazytime support (bsc#1173826).
• usb: add USB_QUIRK_DELAY_INIT for Logitech C922 (git-fixes).
• USB: c67x00: fix use after free in c67x00_giveback_urb (bsc#1111666).
• usb: chipidea: core: add wakeup support for extcon (bsc#1111666).
• usb: dwc2: Fix shutdown callback in platform (bsc#1111666).
• usb: dwc2: gadget: move gadget resume after the core is in L0 state (bsc#1051510).
• usb: dwc3: gadget: introduce cancelled_list (git-fixes).
• usb: dwc3: gadget: never call ->complete() from ->ep_queue() (git-fixes).
• usb: dwc3: gadget: Properly handle ClearFeature(halt) (git-fixes).
• usb: dwc3: gadget: Properly handle failed kick_transfer (git-fixes).
• USB: ehci: reopen solution for Synopsys HC bug (git-fixes).
• usb: gadget: fix potential double-free in m66592_probe (bsc#1111666).
• usb: gadget: lpc32xx_udc: do not dereference ep pointer before null check (bsc#1051510).
• usb: gadget: udc: atmel: fix uninitialized read in debug printk (bsc#1111666).
• usb: gadget: udc: atmel: remove outdated comment in usba_ep_disable() (bsc#1111666).
• usb: gadget: udc: Potential Oops in error handling code (bsc#1111666).
• USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke (bsc#1051510).
• usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() (bsc#1111666).
• USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() (bsc#1051510).
• usb: musb: Fix runtime PM imbalance on error (bsc#1051510).
• usb: musb: start session in resume for host port (bsc#1051510).
• usbnet: smsc95xx: Fix use-after-free after removal (bsc#1111666).
• USB: ohci-sm501: Add missed iounmap() in remove (bsc#1111666).
• USB: serial: ch341: add new Product ID for CH340 (bsc#1111666).
• USB: serial: cypress_m8: enable Simply Automated UPB PIM (bsc#1111666).
• USB: serial: iuu_phoenix: fix memory corruption (bsc#1111666).
• USB: serial: option: add GosunCn GM500 series (bsc#1111666).
• USB: serial: option: add Quectel EG95 LTE modem (bsc#1111666).
• USB: serial: option: add Telit LE910C1-EUX compositions (bsc#1051510).
• USB: serial: qcserial: add DW5816e QDL support (bsc#1051510).
• USB: serial: usb_wwan: do not resubmit rx urb on fatal errors (bsc#1051510).
• USB: serial: usb_wwan: do not resubmit rx urb on fatal errors (git-fixes).
• vfio/pci: Fix SR-IOV VF handling with MMIO blocking (bsc#1174123).
• vfs: Fix EOVERFLOW testing in put_compat_statfs64 (bnc#1151927 5.3.6).
• virtio-blk: handle block_device_operations callbacks after hot unplug (git fixes (block drivers)).
• vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484).
• vmxnet3: add support to get/set rx flow hash (bsc#1172484).
• vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484).
• vmxnet3: avoid format strint overflow warning (bsc#1172484).
• vmxnet3: prepare for version 4 changes (bsc#1172484).
• vmxnet3: Remove always false conditional statement (bsc#1172484).
• vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1172484).
• vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1172484).
• vmxnet3: Replace msleep(1) with usleep_range() (bsc#1172484).
• vmxnet3: update to version 4 (bsc#1172484).
• vmxnet3: use correct hdr reference when packet is encapsulated (bsc#1172484).
• vsock: fix timeout in vsock_accept() (networking-stable-20_06_07).
• vxlan: Avoid infinite loop when suppressing NS messages with invalid options (git-fixes).
• w1: omap-hdq: cleanup to add missing newline for some dev_dbg (bsc#1051510).
• watchdog: sp805: fix restart handler (bsc#1111666).
• wil6210: add general initialization/size checks (bsc#1111666).
• wil6210: check rx_buff_mgmt before accessing it (bsc#1111666).
• wil6210: ignore HALP ICR if already handled (bsc#1111666).
• wil6210: make sure Rx ring sizes are correlated (git-fixes).
• work around mvfs bug (bsc#1162063).
• x86/apic: Install an empty physflat_init_apic_ldr (bsc#1163309).
• x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1114279).
• x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS (git-fixes).
• x86: Fix early boot crash on gcc-10, third try (bsc#1114279).
• x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1172257).
• x86/reboot/quirks: Add MacBook6,1 reboot quirk (bsc#1114279).
• xfrm: fix error in comment (git fixes).
• xhci: Fix incorrect EP_STATE_MASK (git-fixes).

This update for lvm2 fixes the following issues:

• Fixed an issue where the system hangs for 90 seconds before it actually shuts down (bsc#1172597)

This update for python-azure-agent fixes the following issues:

• Properly set the DHCP configuration to push the hostname to the DHCP server. (bsc#1173866)
• Do not bring the interface down to push the hostname, just use 'ifup'. (bsc#1173866)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive the following fixes:
Fix a regression where virt-manager generated KVM setups and possible others could fail to boot the kernel (bsc#1174887)

This update for open-lldp fixes the following issues:

• Fix for a segementation fault, when agents change their MAC address (bsc#1171284)
• lldapd will now transmit the permanent MAC address (the MAC address of the underlying physical device) as port id, thus allowing the switch or any management application to differentiate between those ports. (bsc#1153520)
• Fix for a segmentation fault, when lldapd registers an interface and it gets shortly removed afterwards. (bsc#1170745)

This update for rsyslog fixes the following issues:

• Fix for logrotate to avoid unexpected exit with coredump after logrotate. (bsc#1173338)

This update for supportutils-plugin-suse-public-cloud and python3-azuremetadata fixes the following issues:
supportutils-plugin-suse-public-cloud:

• Fixes an error when supportutils-plugin-suse-public-cloud and supportutils-plugin-salt are installed at the same time (bsc#1174618)
• Sensitive information like credentials (such as access keys) will be removed when the metadata is being collected (bsc#1170475, bsc#1170476)

• Added latest support for `--listapis` and `--api` (bsc#1173238, bsc#1173240)
• Detects when the VM is running in ASM (Azure Classic) and does now handle the condition to generate the data without requiring access to the full IMDS available, only in ARM instances (bsc#1173357, bsc#1174847)

This update for SUSEConnect fixes the following issues:
Update from version 0.3.22 to version 0.3.25

• Don't fail de-activation when '-release' package already got removed.
• Fix cloud_provider detection on AWS large instances. (bsc#1160007)
• Forbid de-registration for on-demand Public Cloud instances. (bsc#1155911)
• Setup customer_center on read-only boot system. (bsc#1130864)

This update for glibc fixes the following issues:

• Fix concurrent changes on nscd aware files appeared by 'getent' when the NSCD cache was enabled. (bsc#1171878, BZ #23178)
• Implement correct locking and cancellation cleanup in syslog functions. (bsc#1172085, BZ #26100)

This update for grub2 fixes the following issues:

• A potential regression has been fixed that would cause systems with an updated 'grub2' to boot no longer due to a missing 'grub-calloc' linker symbol. (bsc#1174782)

This update for sysfsutils fixes the following issue:

• Fix cdev name comparison. (bsc#1155305)

This update for python3 fixes the following issues:

• bsc#1174091, CVE-2019-20907: avoiding possible infinite loop in specifically crafted tarball.

This update for util-linux fixes the following issues:

• blockdev: Do not fail --report on kpartx-style partitions on multipath. (bsc#1168235)
• nologin: Add support for -c to prevent error from su -c. (bsc#1151708)
• Avoid triggering autofs in lookup_umount_fs_by_statfs. (bsc#1168389)
• mount: Fall back to device node name if /dev/mapper link not found. (bsc#1149911)

This update for ca-certificates-mozilla fixes the following issues:
update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673)
Removed CAs:
* AddTrust External CA Root * AddTrust Class 1 CA Root * LuxTrust Global Root 2 * Staat der Nederlanden Root CA - G2 * Symantec Class 1 Public Primary Certification Authority - G4 * Symantec Class 2 Public Primary Certification Authority - G4 * VeriSign Class 3 Public Primary Certification Authority - G3
Added CAs:
* certSIGN Root CA G2 * e-Szigno Root CA 2017 * Microsoft ECC Root Certificate Authority 2017 * Microsoft RSA Root Certificate Authority 2017

• reverted p11-kit nss trust integration as it breaks in fresh installations (bsc#1154871)

This update for gettext-runtime fixes the following issues:

• Fix boo941629-unnessary-rpath-on-standard-path.patch (bsc#941629)
• Added msgfmt-double-free.patch to fix a double free error (CVE-2018-18751 bsc#1113719)
• Add patch msgfmt-reset-msg-length-after-remove.patch which does reset the length of message string after a line has been removed (bsc#1106843)

This update for grub2 fixes the following issues:

• CVE-2020-15705: Fail kernel validation without shim protocol (bsc#1174421).
• Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery (bsc#1172745).

This update for dracut fixes the following issue:

• Fix typo in did setup conditional. (bsc#1172807)

This update for hyper-v fixes the following issues:

• Remove dependency to network-online.target now that gethostname is used in kvp_daemon. (bsc#1174443, bsc#1174444)
• Reopen the devices if read() or write() returns errors
• Use either python2 or python3 for lsvmbus. (bsc#1093910)
• Remove sysv init scripts
• Enable build on aarch64
• Use gethostname for async name resolution. (bsc#1100758)
• Asynchronous name resolution in kvp_daemon. (bsc#1100758)
• kvp: eliminate 'may be used uninitialized' warning
• Fixed Python pep8/flake8 warnings for lsvmbus
• Replace GPLv2 boilerplate/reference with SPDX
• Fix a warning of buffer overflow with gcc 8.0.1
• fcopy: set 'error' in case an unknown operation was requested
• vss: fix loop device detection.
• Fix IP reporting by KVP daemon with SRIOV
• Fix a bug in the key delete code
• Fix compiler warnings about major/target_fname

This update for samba fixes the following issues:

• Add 'libsmbldap0' to 'libsmbldap2' package to fix upgrades from previous versions. (bsc#1172810)
• Fix for command 'net' as it is unable to negotiate with 'SMB2'. (bsc#1174120)

This update for python-azure-agent contains the following fix:

• Drop paa_sudo_sle15_nopwd.patch (bsc#1175198) + sudoers file is managed by cloud-init we no longer need this hack

This update for supportutils-plugin-suse-public-cloud contains the following fix:

• Update to version 1.0.5: (bsc#1175250, bsc#1175251) + Query for new GCE initialization code packages

This update for e2fsprogs fixes the following issues:

• Fix for an issue when system message with placeholders are not properly replaced. (bsc#1170964)

This update for systemd fixes the following issues:

• Improve logging when PID1 fails at setting a namespace up when spawning a command specified by 'Exec*='. (bsc#1172824, bsc#1142733) pid1: improve message when setting up namespace fails. execute: let's close glibc syslog channels too. execute: normalize logging in *execute.c*. execute: fix typo in error message. execute: drop explicit *log_open()*/*log_close()* now that it is unnecessary. execute: make use of the new logging mode in *execute.c* log: add a mode where we open the log fds for every single log message. log: let's make use of the fact that our functions return the negative error code for *log_oom()* too. execute: downgrade a log message ERR → WARNING, since we proceed ignoring its result. execute: rework logging in *setup_keyring()* to include unit info. execute: improve and augment execution log messages.
• vconsole-setup: downgrade log message when setting font fails on dummy console. (bsc#1172195 bsc#1173539)
• fix infinite timeout. (bsc#1158336)
• bpf: mount bpffs by default on boot. (bsc#1146991)
• man: explain precedence for options which take a list.
• man: unify titling, fix description of precedence in sysusers.d(5)
• udev-event: fix timeout log messages.

This update for zlib provides the following fixes:

• Permit a deflateParams() parameter change as soon as possible. (bsc#1174736)
• Fix DFLTCC not flushing EOBS when creating raw streams. (bsc#1174551)

This update for nfs-utils fixes the following issues:

• Fix a bug when concurrent 'gssd' requests arrive from kernel, causing hanging NFS mounts. (bsc#1174260)

This update for avahi fixes the following issues:

• When changing ownership of /var/lib/autoipd, only change ownership of files owned by avahi, to mitigate against possible exploits (bsc#1154063).

This update for curl fixes the following issues:

• An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wrong connection and instead pick another one the application has created since then. [bsc#1175109, CVE-2020-8231]

This update for iputils fixes the following issue:

• ping: Remove workaround for bug in IP_RECVERR on raw sockets. (bsc#927831)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1165629).
• CVE-2020-14314: Fixed a potential negative array index in do_split() (bsc#1173798).
• CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem which could have led to privilege escalation (bsc#1175213).
• CVE-2020-14331: Fixed a missing check in vgacon scrollback handling (bsc#1174205).
• CVE-2020-16166: Fixed a potential issue which could have allowed remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG (bsc#1174757).
• CVE-2020-24394: Fixed an issue which could set incorrect permissions on new filesystem objects when the filesystem lacks ACL support (bsc#1175518).
• CVE-2020-10135: Legacy pairing and secure-connections pairing authentication Bluetooth might have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access (bsc#1171988).
• CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069).

• ACPI: kABI fixes for subsys exports (bsc#1174968).
• ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq (bsc#1174968).
• ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate (bsc#1174968).
• ACPI: PM: Introduce 'poweroff' callbacks for ACPI PM domain and LPSS (bsc#1174968).
• ACPI: PM: Simplify and fix PM domain hibernation callbacks (bsc#1174968).
• af_key: pfkey_dump needs parameter validation (git-fixes).
• agp/intel: Fix a memory leak on module initialisation failure (git-fixes).
• ALSA: core: pcm_iec958: fix kernel-doc (bsc#1111666).
• ALSA: echoaduio: Drop superfluous volatile modifier (bsc#1111666).
• ALSA: echoaudio: Fix potential Oops in snd_echo_resume() (bsc#1111666).
• ALSA: hda: Add support for Loongson 7A1000 controller (bsc#1111666).
• ALSA: hda/ca0132 - Add new quirk ID for Recon3D (bsc#1111666).
• ALSA: hda/ca0132 - Fix AE-5 microphone selection commands (bsc#1111666).
• ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value (bsc#1111666).
• ALSA: hda: fix NULL pointer dereference during suspend (git-fixes).
• ALSA: hda: fix snd_hda_codec_cleanup() documentation (bsc#1111666).
• ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO (bsc#1111666).
• ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops (bsc#1111666).
• ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes).
• ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems (bsc#1111666).
• ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen (bsc#1111666).
• ALSA: hda/realtek - Add quirk for MSI GE63 laptop (bsc#1111666).
• ALSA: hda/realtek - Add quirk for MSI GL63 (bsc#1111666).
• ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes).
• ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes).
• ALSA: hda/realtek - change to suitable link model for ASUS platform (bsc#1111666).
• ALSA: hda/realtek - Check headset type by unplug and resume (bsc#1111666).
• ALSA: hda/realtek - Enable audio jacks of Acer vCopperbox with ALC269VC (bsc#1111666).
• ALSA: hda/realtek: Enable headset mic of Acer C20-820 with ALC269VC (bsc#1111666).
• ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256 (bsc#1111666).
• ALSA: hda/realtek: Enable headset mic of Acer Veriton N4660G with ALC269VC (bsc#1111666).
• ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289 (bsc#1111666).
• ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G15(GA502) series with ALC289 (bsc#1111666).
• ALSA: hda/realtek - Enable Speaker for ASUS UX563 (bsc#1111666).
• ALSA: hda/realtek: Fix add a 'ultra_low_power' function for intel reference board (alc256) (bsc#1111666).
• ALSA: hda/realtek: Fixed ALC298 sound bug by adding quirk for Samsung Notebook Pen S (bsc#1111666).
• ALSA: hda/realtek - Fixed HP right speaker no sound (bsc#1111666).
• ALSA: hda/realtek - Fix Lenovo Thinkpad X1 Carbon 7th quirk subdevice id (bsc#1111666).
• ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged (bsc#1111666).
• ALSA: hda/realtek - Fix unused variable warning (bsc#1111666).
• ALSA: hda/realtek: typo_fix: enable headset mic of ASUS ROG Zephyrus G14(GA401) series with ALC289 (bsc#1111666).
• ALSA: hda - reverse the setting value in the micmute_led_set (bsc#1111666).
• ALSA: hda: Workaround for spurious wakeups on some Intel platforms (git-fixes).
• ALSA: pci: delete repeated words in comments (bsc#1111666).
• ALSA: seq: oss: Serialize ioctls (bsc#1111666).
• ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1) (git-fixes).
• ALSA: usb-audio: add quirk for Pioneer DDJ-RB (bsc#1111666).
• ALSA: usb-audio: add startech usb audio dock name (bsc#1111666).
• ALSA: usb-audio: Add support for Lenovo ThinkStation P620 (bsc#1111666).
• ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support (bsc#1111666).
• ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume control (bsc#1111666).
• ALSA: usb-audio: endpoint : remove needless check before usb_free_coherent() (bsc#1111666).
• ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 (bsc#1174625).
• ALSA: usb-audio: fix spelling mistake 'buss' -> 'bus' (bsc#1111666).
• ALSA: usb-audio: ignore broken processing/extension unit (git-fixes).
• ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 (bsc#1111666).
• ALSA: usb/line6: remove 'defined but not used' warning (bsc#1111666).
• arm64: Add MIDR encoding for HiSilicon Taishan CPUs (bsc#1174547).
• arm64: Add MIDR encoding for NVIDIA CPUs (bsc#1174547).
• arm64: add sysfs vulnerability show for meltdown (bsc#1174547).
• arm64: Add sysfs vulnerability show for spectre-v1 (bsc#1174547).
• arm64: add sysfs vulnerability show for spectre-v2 (bsc#1174547).
• arm64: add sysfs vulnerability show for speculative store bypass (bsc#1174547).
• arm64: Advertise mitigation of Spectre-v2, or lack thereof (bsc#1174547).
• arm64: Always enable spectre-v2 vulnerability detection (bsc#1174547).
• arm64: Always enable ssb vulnerability detection (bsc#1174547).
• arm64: backtrace: Do not bother trying to unwind the userspace stack (bsc#1175397).
• arm64: capabilities: Add NVIDIA Denver CPU to bp_harden list (bsc#1174547).
• arm64: capabilities: Merge duplicate Cavium erratum entries (bsc#1174547).
• arm64: capabilities: Merge entries for ARM64_WORKAROUND_CLEAN_CACHE (bsc#1174547).
• arm64: cpufeature: Enable Qualcomm Falkor/Kryo errata 1003 (bsc#1175398).
• arm64: Do not mask out PTE_RDONLY in pte_same() (bsc#1175393).
• arm64: enable generic CPU vulnerabilites support (bsc#1174547). Update config/arm64/default
• arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default (bsc#1175394).
• arm64: errata: Do not define type field twice for arm64_errata entries (bsc#1174547).
• arm64: errata: Update stale comment (bsc#1174547).
• arm64: Get rid of __smccc_workaround_1_hvc_* (bsc#1174547).
• arm64: kpti: Avoid rewriting early page tables when KASLR is enabled (bsc#1174547).
• arm64: kpti: Update arm64_kernel_use_ng_mappings() when forced on (bsc#1174547).
• arm64: kpti: Whitelist Cortex-A CPUs that do not implement the CSV3 field (bsc#1174547).
• arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs (bsc#1174547).
• arm64: KVM: Avoid setting the upper 32 bits of VTCR_EL2 to 1 (bsc#1133021).
• arm64: KVM: Guests can skip __install_bp_hardening_cb()s HYP work (bsc#1174547).
• arm64: KVM: Use SMCCC_ARCH_WORKAROUND_1 for Falkor BP hardening (bsc#1174547).
• arm64: mm: Fix pte_mkclean, pte_mkdirty semantics (bsc#1175526).
• arm64: Provide a command line to disable spectre_v2 mitigation (bsc#1174547).
• arm64: Silence clang warning on mismatched value/register sizes (bsc#1175396).
• arm64/speculation: Support 'mitigations=' cmdline option (bsc#1174547).
• arm64: ssbd: explicitly depend on (bsc#1175399).
• arm64: ssbs: Do not treat CPUs with SSBS as unaffected by SSB (bsc#1174547).
• arm64: ssbs: Fix context-switch when SSBS is present on all CPUs (bsc#1175669).
• arm64/sve: Fix wrong free for task->thread.sve_state (bsc#1175400).
• arm64/sve: should not depend on <uapi/linux/prctl.h> (bsc#1175401).
• arm64: tlbflush: avoid writing RES0 bits (bsc#1175402).
• arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 (bsc#1174547).
• ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 (bsc#1133021).
• ARM: KVM: invalidate icache on guest exit for Cortex-A15 (bsc#1133021).
• ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 (bsc#1133021).
• ASoC: hda/tegra: Set buffer alignment to 128 bytes (bsc#1111666).
• ASoC: intel: Fix memleak in sst_media_open (git-fixes).
• ASoC: rt5670: Correct RT5670_LDO_SEL_MASK (git-fixes).
• AX.25: Fix out-of-bounds read in ax25_connect() (git-fixes).
• AX.25: Prevent integer overflows in connect and sendmsg (git-fixes).
• AX.25: Prevent out-of-bounds read in ax25_sendmsg() (git-fixes).
• ax88172a: fix ax88172a_unbind() failures (git-fixes).
• b43: Remove uninitialized_var() usage (git-fixes).
• bcache: allocate meta data pages as compound pages (bsc#1172873).
• block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148).
• block: Fix use-after-free in blkdev_get() (bsc#1174843).
• block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148).
• Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (bsc#1111666).
• Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() (bsc#1111666).
• Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() (bsc#1111666).
• bonding: fix active-backup failover for current ARP slave (bsc#1174771).
• bonding: fix a potential double-unregister (git-fixes).
• bonding: show saner speed for broadcast mode (git-fixes).
• bpf: Fix map leak in HASH_OF_MAPS map (git-fixes).
• brcmfmac: keep SDIO watchdog running when console_interval is non-zero (bsc#1111666).
• brcmfmac: set state of hanger slot to FREE when flushing PSQ (bsc#1111666).
• brcmfmac: To fix Bss Info flag definition Bug (bsc#1111666).
• btrfs: change timing for qgroup reserved space for ordered extents to fix reserved space leak (bsc#1172247).
• btrfs: file: reserve qgroup space after the hole punch range is locked (bsc#1172247).
• btrfs: fix a block group ref counter leak after failure to remove block group (bsc#1175149).
• btrfs: fix block group leak when removing fails (bsc#1175149).
• btrfs: fix bytes_may_use underflow when running balance and scrub in parallel (bsc#1175149).
• btrfs: fix corrupt log due to concurrent fsync of inodes with shared extents (bsc#1175149).
• btrfs: fix data block group relocation failure due to concurrent scrub (bsc#1175149).
• btrfs: fix double free on ulist after backref resolution failure (bsc#1175149).
• btrfs: fix fatal extent_buffer readahead vs releasepage race (bsc#1175149).
• btrfs: fix memory leaks after failure to lookup checksums during inode logging (bsc#1175550).
• btrfs: fix page leaks after failure to lock page for delalloc (bsc#1175149).
• btrfs: fix race between block group removal and block group creation (bsc#1175149).
• btrfs: fix space_info bytes_may_use underflow after nocow buffered write (bsc#1175149).
• btrfs: fix space_info bytes_may_use underflow during space cache writeout (bsc#1175149).
• btrfs: fix wrong file range cleanup after an error filling dealloc range (bsc#1175149).
• btrfs: inode: fix NULL pointer dereference if inode does not need compression (bsc#1174484).
• btrfs: inode: move qgroup reserved space release to the callers of insert_reserved_file_extent() (bsc#1172247).
• btrfs: inode: refactor the parameters of insert_reserved_file_extent() (bsc#1172247).
• btrfs: make btrfs_ordered_extent naming consistent with btrfs_file_extent_item (bsc#1172247).
• btrfs: Open code btrfs_write_and_wait_marked_extents (bsc#1175149).
• btrfs: qgroup: allow to unreserve range without releasing other ranges (bsc#1120163).
• btrfs: qgroup: fix data leak caused by race between writeback and truncate (bsc#1172247).
• btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (bsc#1120163).
• btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (bsc#1120163).
• btrfs: Rename and export clear_btree_io_tree (bsc#1175149).
• btrfs: treat RWF_{,D}SYNC writes as sync for CRCs (bsc#1175493).
• bus: hisi_lpc: Add .remove method to avoid driver unbind crash (bsc#1174658).
• bus: hisi_lpc: Do not fail probe for unrecognised child devices (bsc#1174658).
• bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free (bsc#1174658).
• cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip (git-fixes).
• cfg80211: check vendor command doit pointer before use (git-fixes).
• char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667).
• cifs: document and cleanup dfs mount (bsc#1144333 bsc#1172428).
• cifs: Fix an error pointer dereference in cifs_mount() (bsc#1144333 bsc#1172428).
• cifs: fix double free error on share and prefix (bsc#1144333 bsc#1172428).
• cifs: handle empty list of targets in cifs_reconnect() (bsc#1144333 bsc#1172428).
• cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect (bsc#1144333 bsc#1172428).
• cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect() (bsc#1144333 bsc#1172428).
• cifs: only update prefix path of DFS links in cifs_tree_connect() (bsc#1144333 bsc#1172428).
• cifs: reduce number of referral requests in DFS link lookups (bsc#1144333 bsc#1172428).
• cifs: rename reconn_inval_dfs_target() (bsc#1144333 bsc#1172428).
• clk: at91: clk-generated: check best_rate against ranges (bsc#1111666).
• clk: clk-atlas6: fix return value check in atlas6_clk_init() (bsc#1111666).
• clk: iproc: round clock rate to the closest (bsc#1111666).
• clk: spear: Remove uninitialized_var() usage (git-fixes).
• clk: st: Remove uninitialized_var() usage (git-fixes).
• config: arm64: enable CONFIG_IOMMU_DEFAULT_PASSTHROUGH References: bsc#1174549
• console: newport_con: fix an issue about leak related system resources (git-fixes).
• constrants: fix malformed XML Closing tag of an element is '', not ''. Fixes: 8b37de2eb835 ('rpm/constraints.in: Increase memory for kernel-docs')
• Created new preempt kernel flavor (jsc#SLE-11309) Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel.
• crypto: ccp - Fix use of merged scatterlists (git-fixes).
• crypto: cpt - do not sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified (git-fixes).
• crypto: qat - fix double free in qat_uclo_create_batch_init_list (git-fixes).
• crypto: rockchip - fix scatterlist nents error (git-fixes).
• crypto: stm32/crc32 - fix ext4 chksum BUG_ON() (git-fixes).
• crypto: talitos - check AES key size (git-fixes).
• crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK (git-fixes).
• crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
• dev: Defer free of skbs in flush_backlog (git-fixes).
• device property: Fix the secondary firmware node handling in set_primary_fwnode() (git-fixes).
• devres: keep both device name and resource name in pretty name (git-fixes).
• dlm: Fix kobject memleak (bsc#1175768).
• dlm: remove BUG() before panic() (bsc#1174844).
• dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler (git-fixes).
• Documentation/networking: Add net DIM documentation (bsc#1174852).
• dpaa2-eth: Fix passing zero to 'PTR_ERR' warning (bsc#1175403).
• dpaa2-eth: free already allocated channels on probe defer (bsc#1175404).
• dpaa2-eth: prevent array underflow in update_cls_rule() (bsc#1175405).
• dpaa_eth: add dropped frames to percpu ethtool stats (bsc#1174550).
• dpaa_eth: add newline in dev_err() msg (bsc#1174550).
• dpaa_eth: avoid timestamp read on error paths (bsc#1175406).
• dpaa_eth: change DMA device (bsc#1174550).
• dpaa_eth: cleanup skb_to_contig_fd() (bsc#1174550).
• dpaa_eth: defer probing after qbman (bsc#1174550).
• dpaa_eth: extend delays in ndo_stop (bsc#1174550).
• dpaa_eth: fix DMA mapping leak (bsc#1174550).
• dpaa_eth: Fix one possible memleak in dpaa_eth_probe (bsc#1174550).
• dpaa_eth: FMan erratum A050385 workaround (bsc#1174550).
• dpaa_eth: perform DMA unmapping before read (bsc#1175407).
• dpaa_eth: register a device link for the qman portal used (bsc#1174550).
• dpaa_eth: remove netdev_err() for user errors (bsc#1174550).
• dpaa_eth: remove redundant code (bsc#1174550).
• dpaa_eth: simplify variables used in dpaa_cleanup_tx_fd() (bsc#1174550).
• dpaa_eth: use a page to store the SGT (bsc#1174550).
• dpaa_eth: use fd information in dpaa_cleanup_tx_fd() (bsc#1174550).
• dpaa_eth: use only one buffer pool per interface (bsc#1174550).
• dpaa_eth: use page backed rx buffers (bsc#1174550).
• driver core: Avoid binding drivers to dead devices (git-fixes).
• Drivers: hv: balloon: Remove dependencies on guest page size (git-fixes).
• Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE (git-fixes).
• Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops (bsc#1175127, bsc#1175128).
• Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (git-fixes).
• drivers/perf: hisi: Fix typo in events attribute array (bsc#1175408).
• drivers/perf: hisi: Fixup one DDRC PMU register offset (bsc#1175410).
• drivers/perf: hisi: Fix wrong value for all counters enable (bsc#1175409).
• drm: Added orientation quirk for ASUS tablet model T103HAF (bsc#1111666).
• drm/amd/display: fix pow() crashing when given base 0 (git-fixes).
• drm/amdgpu: avoid dereferencing a NULL pointer (bsc#1111666).
• drm/amdgpu: Fix bug where DPM is not enabled after hibernate and resume (bsc#1111666).
• drm/amdgpu: Fix NULL dereference in dpm sysfs handlers (bsc#1113956) * refresh for context changes
• drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() (git-fixes).
• drm/amdgpu: Replace invalid device ID with a valid device ID (bsc#1113956)
• drm/arm: fix unintentional integer overflow on left shift (git-fixes).
• drm/bridge: dw-hdmi: Do not cleanup i2c adapter and ddc ptr in (bsc#1113956) * refreshed for context changes
• drm/bridge: sil_sii8620: initialize return of sii8620_readb (git-fixes).
• drm/dbi: Fix SPI Type 1 (9-bit) transfer (bsc#1113956) * move drm_mipi_dbi.c -> tinydrm/mipi-drm.c * refresh for context changes
• drm/debugfs: fix plain echo to connector 'force' attribute (bsc#1111666).
• drm/etnaviv: Fix error path on failure to enable bus clk (git-fixes).
• drm/etnaviv: fix ref count leak via pm_runtime_get_sync (bsc#1111666).
• drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi (bsc#1112178) * updated names of get/put functions
• drm: hold gem reference until object is no longer accessed (bsc#1113956)
• drm/imx: fix use after free (git-fixes).
• drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() (git-fixes).
• drm/imx: tve: fix regulator_disable error path (git-fixes).
• drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline (git-fixes).
• drm/msm/adreno: fix updating ring fence (git-fixes).
• drm/msm: ratelimit crtc event overflow error (bsc#1111666).
• drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason (git-fixes).
• drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure (git-fixes).
• drm/nouveau: fix multiple instances of reference count leaks (bsc#1111666).
• drm/panel: otm8009a: Drop unnessary backlight_device_unregister() (git-fixes).
• drm: panel: simple: Fix bpc for LG LB070WV8 panel (git-fixes).
• drm/radeon: disable AGP by default (bsc#1111666).
• drm/radeon: fix array out-of-bounds read and write issues (git-fixes).
• drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync (bsc#1111666).
• drm/rockchip: fix VOP_WIN_GET macro (bsc#1175411).
• drm/tilcdc: fix leak & null ref in panel_connector_get_modes (bsc#1111666).
• drm/ttm/nouveau: do not call tt destroy callback on alloc failure (bsc#1175232).
• drm/vmwgfx: Fix two list_for_each loop exit tests (bsc#1111666).
• drm/vmwgfx: Use correct vmw_legacy_display_unit pointer (bsc#1111666).
• drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600).
• efi/memreserve: deal with memreserve entries in unmapped memory (bsc#1174685).
• ext4: check journal inode extents more carefully (bsc#1173485).
• ext4: do not allow overlapping system zones (bsc#1173485).
• ext4: fix checking of directory entry validity for inline directories (bsc#1175771).
• ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max (bsc#1174840).
• ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485).
• fat: do not allow to mount if the FAT length == 0 (bsc#1174845).
• fbdev: Detect integer underflow at 'struct fbcon_ops'->clear_margins. (bsc#1112178) * move files drivers/video/fbdev/core -> drivers/video/console * refresh for context changes
• firmware: google: check if size is valid when decoding VPD data (git-fixes).
• firmware: google: increment VPD key_len properly (git-fixes).
• fpga: dfl: fix bug in port reset handshake (git-fixes).
• fsl/fman: add API to get the device behind a fman port (bsc#1174550).
• fsl/fman: check dereferencing null pointer (git-fixes).
• fsl/fman: detect FMan erratum A050385 (bsc#1174550).
• fsl/fman: do not touch liodn base regs reserved on non-PAMU SoCs (bsc#1174550).
• fsl/fman: fix dereference null return value (git-fixes).
• fsl/fman: fix eth hash table allocation (git-fixes).
• fsl/fman: fix unreachable code (git-fixes).
• fsl/fman: remove unused struct member (bsc#1174550).
• fsl/fman: use 32-bit unsigned integer (git-fixes).
• fuse: fix memleak in cuse_channel_open (bsc#1174926).
• fuse: fix missing unlock_page in fuse_writepage() (bsc#1174904).
• fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS (bsc#1175062).
• fuse: fix weird page warning (bsc#1175063).
• fuse: flush dirty data/metadata before non-truncate setattr (bsc#1175064).
• fuse: truncate pending writes on O_TRUNC (bsc#1175065).
• fuse: verify attributes (bsc#1175066).
• fuse: verify nlink (bsc#1175067).
• genetlink: remove genl_bind (networking-stable-20_07_17).
• go7007: add sanity checking for endpoints (git-fixes).
• gpu: host1x: debug: Fix multiple channels emitting messages simultaneously (bsc#1111666).
• HID: hiddev: fix mess in hiddev_open() (git-fixes).
• HISI LPC: Re-Add ACPI child enumeration support (bsc#1174658).
• HISI LPC: Stop using MFD APIs (bsc#1174658).
• hv_balloon: Balloon up according to request page number (git-fixes).
• hv_balloon: Use a static page for the balloon_up send buffer (git-fixes).
• hv_netvsc: Allow scatter-gather feature to be tunable (git-fixes).
• hv_netvsc: do not use VF device if link is down (git-fixes).
• hv_netvsc: Fix a warning of suspicious RCU usage (git-fixes).
• hv_netvsc: Fix error handling in netvsc_attach() (git-fixes).
• hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() (git-fixes).
• hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() (git-fixes).
• hv_netvsc: Fix unwanted wakeup in netvsc_attach() (git-fixes).
• hv_netvsc: flag software created hash value (git-fixes).
• hv_netvsc: Remove 'unlikely' from netvsc_select_queue (git-fixes).
• i2c: rcar: in slave mode, clear NACK earlier (git-fixes).
• i2c: rcar: slave: only send STOP event when we have been addressed (bsc#1111666).
• i40e: Fix crash during removing i40e driver (git-fixes).
• i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (git-fixes).
• ibmveth: Fix use of ibmveth in a bridge (bsc#1174387 ltc#187506).
• ibmvnic: Fix IRQ mapping disposal in error path (bsc#1175112 ltc#187459).
• ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873 ltc#187922).
• include/linux/poison.h: remove obsolete comment (git fixes (poison)).
• Input: psmouse - add a newline when printing 'proto' by sysfs (git-fixes).
• Input: sentelic - fix error return when fsp_reg_write fails (bsc#1111666).
• integrity: remove redundant initialization of variable ret (git-fixes).
• io-mapping: indicate mapping failure (git-fixes).
• ip6_gre: fix null-ptr-deref in ip6gre_init_net() (git-fixes).
• ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() (networking-stable-20_06_28).
• ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL (bsc#1175515).
• ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL (bsc#1175515).
• ip_tunnel: Emit events for post-register MTU changes (git-fixes).
• ip_tunnel: fix use-after-free in ip_tunnel_lookup() (networking-stable-20_06_28).
• ip_tunnel: restore binding to ifaces with a large mtu (git-fixes).
• ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg (networking-stable-20_07_17).
• ipv4: Silence suspicious RCU usage warning (git-fixes).
• ipv6: fix memory leaks on IPV6_ADDRFORM path (git-fixes).
• ipvlan: fix device features (git-fixes).
• ipvs: allow connection reuse for unconfirmed conntrack (git-fixes).
• ipvs: fix refcount usage for conns in ops mode (git-fixes).
• ipvs: fix the connection sync failed in some cases (bsc#1174699).
• irqchip/gic: Atomically update affinity (bsc#1111666).
• iwlegacy: Check the return value of pcie_capability_read_*() (bsc#1111666).
• jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() (bsc#1175772).
• kabi: genetlink: remove genl_bind (kabi).
• kabi: hide new parameter of ip6_dst_lookup_flow() (bsc#1165629).
• kabi: mask changes to struct ipv6_stub (bsc#1165629).
• kernel/cpu_pm: Fix uninitted local in cpu_pm (git fixes (kernel/pm)).
• kernel-docs: Change Requires on python-Sphinx to earlier than version 3 References: bsc#1166965 From 3 on the internal API that the build system uses was rewritten in an incompatible way. See https://github.com/sphinx-doc/sphinx/issues/7421 and https://bugzilla.suse.com/show_bug.cgi?id=1166965#c16 for some details.
• kernel/relay.c: fix memleak on destroy relay channel (git-fixes).
• kernfs: do not call fsnotify() with name without a parent (bsc#1175770).
• KVM: arm64: Ensure 'params' is initialised when looking up sys register (bsc#1133021).
• KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART (bsc#1133021).
• KVM: arm/arm64: Fix young bit from mmu notifier (bsc#1133021).
• KVM: arm/arm64: vgic: Do not rely on the wrong pending table (bsc#1133021).
• KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections (bsc#1133021).
• KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests (bsc#1133021).
• KVM: arm: Make inject_abt32() inject an external abort instead (bsc#1133021).
• KVM: Change offset in kvm_write_guest_offset_cached to unsigned (bsc#1133021).
• KVM: Check for a bad hva before dropping into the ghc slow path (bsc#1133021).
• KVM: PPC: Book3S PR: Remove uninitialized_var() usage (bsc#1065729).
• l2tp: remove skb_dst_set() from l2tp_xmit_skb() (networking-stable-20_07_17).
• leds: 88pm860x: fix use-after-free on unbind (git-fixes).
• leds: core: Flush scheduled work for system suspend (git-fixes).
• leds: da903x: fix use-after-free on unbind (git-fixes).
• leds: lm3533: fix use-after-free on unbind (git-fixes).
• leds: lm355x: avoid enum conversion warning (git-fixes).
• leds: wm831x-status: fix use-after-free on unbind (git-fixes).
• lib/dim: Fix -Wunused-const-variable warnings (bsc#1174852).
• lib: dimlib: fix help text typos (bsc#1174852).
• lib: logic_pio: Add logic_pio_unregister_range() (bsc#1174658).
• lib: logic_pio: Avoid possible overlap for unregistering regions (bsc#1174658).
• lib: logic_pio: Fix RCU usage (bsc#1174658).
• linux/dim: Add completions count to dim_sample (bsc#1174852).
• linux/dim: Fix overflow in dim calculation (bsc#1174852).
• linux/dim: Move implementation to .c files (bsc#1174852).
• linux/dim: Move logic to dim.h (bsc#1174852).
• linux/dim: Remove 'net' prefix from internal DIM members (bsc#1174852).
• linux/dim: Rename externally exposed macros (bsc#1174852).
• linux/dim: Rename externally used net_dim members (bsc#1174852).
• linux/dim: Rename net_dim_sample() to net_dim_update_sample() (bsc#1174852).
• liquidio: Fix wrong return value in cn23xx_get_pf_num() (git-fixes).
• llc: make sure applications use ARPHRD_ETHER (networking-stable-20_07_17).
• mac80211: mesh: Free ie data when leaving mesh (git-fixes).
• mac80211: mesh: Free pending skb when destroying a mpath (git-fixes).
• MAINTAINERS: add entry for Dynamic Interrupt Moderation (bsc#1174852).
• md-cluster: Fix potential error pointer dereference in resize_bitmaps() (git-fixes).
• md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 (git-fixes).
• media: budget-core: Improve exception handling in budget_register() (git-fixes).
• media: exynos4-is: Add missed check for pinctrl_lookup_state() (git-fixes).
• media: firewire: Using uninitialized values in node_probe() (git-fixes).
• media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities() (git-fixes).
• media: vpss: clean up resources in init (git-fixes).
• mfd: arizona: Ensure 32k clock is put on driver unbind and error (git-fixes).
• mfd: dln2: Run event handler loop under spinlock (git-fixes).
• mfd: rk808: Fix RK818 ID template (bsc#1175412).
• mld: fix memory leak in ipv6_mc_destroy_dev() (networking-stable-20_06_28).
• mm: filemap: clear idle flag for writes (bsc#1175769).
• mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate (git fixes (mm/migrate)).
• mm/mmu_notifier: use hlist_add_head_rcu() (git fixes (mm/mmu_notifiers)).
• mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() (git fixes (mm/compaction)).
• mm/rmap.c: do not reuse anon_vma if we just want a copy (git fixes (mm/rmap)).
• mm/shmem.c: cast the type of unmap_start to u64 (git fixes (mm/shmem)).
• mm, thp: fix defrag setting if newline is not used (git fixes (mm/thp)).
• mm/vunmap: add cond_resched() in vunmap_pmd_range (bsc#1175654 ltc#184617).
• mtd: spi-nor: Fix an error code in spi_nor_read_raw() (bsc#1175413).
• mtd: spi-nor: fix kernel-doc for spi_nor::info (bsc#1175414).
• mtd: spi-nor: fix kernel-doc for spi_nor::reg_proto (bsc#1175415).
• mtd: spi-nor: fix silent truncation in spi_nor_read_raw() (bsc#1175416).
• mwifiex: Prevent memory corruption handling keys (git-fixes).
• net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb (git-fixes).
• net: bridge: enfore alignment for ethernet address (networking-stable-20_06_28).
• net: core: reduce recursion limit value (networking-stable-20_06_28).
• net: Do not clear the sock TX queue in sk_set_socket() (networking-stable-20_06_28).
• net: dsa: b53: check for timeout (git-fixes).
• net: dsa: bcm_sf2: Fix node reference count (git-fixes).
• net: ena: Add first_interrupt field to napi struct (bsc#1174852).
• net: ena: add reserved PCI device ID (bsc#1174852).
• net: ena: add support for reporting of packet drops (bsc#1174852).
• net: ena: add support for the rx offset feature (bsc#1174852).
• net: ena: add support for traffic mirroring (bsc#1174852).
• net: ena: add unmask interrupts statistics to ethtool (bsc#1174852).
• net: ena: allow setting the hash function without changing the key (bsc#1174852).
• net: ena: avoid unnecessary admin command when RSS function set fails (bsc#1174852).
• net: ena: avoid unnecessary rearming of interrupt vector when busy-polling (bsc#1174852).
• net: ena: change default RSS hash function to Toeplitz (bsc#1174852).
• net: ena: change num_queues to num_io_queues for clarity and consistency (bsc#1174852).
• net: ena: changes to RSS hash key allocation (bsc#1174852).
• net: ena: Change WARN_ON expression in ena_del_napi_in_range() (bsc#1174852).
• net: ena: clean up indentation issue (bsc#1174852).
• net: ena: cosmetic: change ena_com_stats_admin stats to u64 (bsc#1174852).
• net: ena: cosmetic: code reorderings (bsc#1174852).
• net: ena: cosmetic: extract code to ena_indirection_table_set() (bsc#1174852).
• net: ena: cosmetic: fix line break issues (bsc#1174852).
• net: ena: cosmetic: fix spacing issues (bsc#1174852).
• net: ena: cosmetic: fix spelling and grammar mistakes in comments (bsc#1174852).
• net: ena: cosmetic: minor code changes (bsc#1174852).
• net: ena: cosmetic: remove unnecessary code (bsc#1174852).
• net: ena: cosmetic: remove unnecessary spaces and tabs in ena_com.h macros (bsc#1174852).
• net: ena: cosmetic: rename ena_update_tx/rx_rings_intr_moderation() (bsc#1174852).
• net: ena: cosmetic: satisfy gcc warning (bsc#1174852).
• net: ena: cosmetic: set queue sizes to u32 for consistency (bsc#1174852).
• net: ena: drop superfluous prototype (bsc#1174852).
• net: ena: enable support of rss hash key and function changes (bsc#1174852).
• net: ena: enable the interrupt_moderation in driver_supported_features (bsc#1174852).
• net: ena: ethtool: clean up minor indentation issue (bsc#1174852).
• net: ena: ethtool: get_channels: use combined only (bsc#1174852).
• net: ena: ethtool: remove redundant non-zero check on rc (bsc#1174852).
• net: ena: ethtool: support set_channels callback (bsc#1174852).
• net/ena: Fix build warning in ena_xdp_set() (bsc#1174852).
• net: ena: fix ena_com_comp_status_to_errno() return value (bsc#1174852).
• net: ena: fix error returning in ena_com_get_hash_function() (bsc#1174852).
• net: ena: fix incorrect setting of the number of msix vectors (bsc#1174852).
• net: ena: fix incorrect update of intr_delay_resolution (bsc#1174852).
• net: ena: fix request of incorrect number of IRQ vectors (bsc#1174852).
• net: ena: fix update of interrupt moderation register (bsc#1174852).
• net: ena: Fix using plain integer as NULL pointer in ena_init_napi_in_range (bsc#1174852).
• net: ena: implement XDP drop support (bsc#1174852).
• net: ena: Implement XDP_TX action (bsc#1174852).
• net: ena: make ethtool -l show correct max number of queues (bsc#1174852).
• net: ena: Make missed_tx stat incremental (bsc#1083548).
• net: ena: Make some functions static (bsc#1174852).
• net: ena: move llq configuration from ena_probe to ena_device_init() (bsc#1174852).
• net: ena: multiple queue creation related cleanups (bsc#1174852).
• net: ena: Prevent reset after device destruction (bsc#1083548).
• net: ena: reduce driver load time (bsc#1174852).
• net: ena: remove all old adaptive rx interrupt moderation code from ena_com (bsc#1174852).
• net: ena: remove code duplication in ena_com_update_nonadaptive_moderation_interval _*() (bsc#1174852).
• net: ena: remove code that does nothing (bsc#1174852).
• net: ena: remove ena_restore_ethtool_params() and relevant fields (bsc#1174852).
• net: ena: remove old adaptive interrupt moderation code from ena_netdev (bsc#1174852).
• net: ena: remove redundant print of number of queues (bsc#1174852).
• net: ena: remove set but not used variable 'hash_key' (bsc#1174852).
• net: ena: remove set but not used variable 'rx_ring' (bsc#1174852).
• net: ena: rename ena_com_free_desc to make API more uniform (bsc#1174852).
• net: ena: Select DIMLIB for ENA_ETHERNET (bsc#1174852).
• net: ena: simplify ena_com_update_intr_delay_resolution() (bsc#1174852).
• net: ena: support new LLQ acceleration mode (bsc#1174852).
• net: ena: switch to dim algorithm for rx adaptive interrupt moderation (bsc#1174852).
• net: ena: use explicit variable size for clarity (bsc#1174852).
• net: ena: use SHUTDOWN as reset reason when closing interface (bsc#1174852).
• net: ena: xdp: update napi budget for DROP and ABORTED (bsc#1174852).
• net: ena: xdp: XDP_TX: fix memory leak (bsc#1174852).
• net: ethernet: aquantia: Fix wrong return value (git-fixes).
• net: ethernet: broadcom: have drivers select DIMLIB as needed (bsc#1174852).
• net: ethernet: stmmac: Disable hardware multicast filter (git-fixes).
• net: fec: correct the error path for regulator disable in probe (git-fixes).
• netfilter: x_tables: add counters allocation wrapper (git-fixes).
• netfilter: x_tables: cap allocations at 512 mbyte (git-fixes).
• netfilter: x_tables: limit allocation requests for blob rule heads (git-fixes).
• net: Fix a documentation bug wrt. ip_unprivileged_port_start (git-fixes). (SLES tuning guide refers to ip-sysctl.txt.)
• net: fix memleak in register_netdevice() (networking-stable-20_06_28).
• net: Fix the arp error in some cases (networking-stable-20_06_28).
• net: gre: recompute gre csum for sctp over gre tunnels (git-fixes).
• net: hns3: add autoneg and change speed support for fibre port (bsc#1174070).
• net: hns3: add support for FEC encoding control (bsc#1174070).
• net: hns3: add support for multiple media type (bsc#1174070).
• net: hns3: fix a not link up issue when fibre port supports autoneg (bsc#1174070).
• net: hns3: fix for FEC configuration (bsc#1174070).
• net: hns3: fix port capbility updating issue (bsc#1174070).
• net: hns3: fix port setting handle for fibre port (bsc#1174070).
• net: hns3: fix selftest fail issue for fibre port with autoneg on (bsc#1174070).
• net: hns3: restore the MAC autoneg state after reset (bsc#1174070).
• net: increment xmit_recursion level in dev_direct_xmit() (networking-stable-20_06_28).
• net: ip6_gre: Request headroom in __gre6_xmit() (git-fixes).
• net: lan78xx: add missing endpoint sanity check (git-fixes).
• net: lan78xx: fix transfer-buffer memory leak (git-fixes).
• net: make symbol 'flush_works' static (git-fixes).
• net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes).
• net: mvpp2: fix memory leak in mvpp2_rx (git-fixes).
• net: netsec: Fix signedness bug in netsec_probe() (bsc#1175417).
• net: netsec: initialize tx ring on ndo_open (bsc#1175418).
• net: phy: Check harder for errors in get_phy_id() (bsc#1111666).
• net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init (git-fixes).
• net: Set fput_needed iff FDPUT_FPUT is set (git-fixes).
• net: socionext: Fix a signedness bug in ave_probe() (bsc#1175419).
• net: socionext: replace napi_alloc_frag with the netdev variant on init (bsc#1175420).
• net: spider_net: Fix the size used in a 'dma_free_coherent()' call (git-fixes).
• net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes).
• net: stmmac: Fix RX packet size > 8191 (git-fixes).
• net: udp: Fix wrong clean up for IS_UDPLITE macro (git-fixes).
• net: update net_dim documentation after rename (bsc#1174852).
• net: usb: ax88179_178a: fix packet alignment padding (networking-stable-20_06_28).
• net: usb: qmi_wwan: add support for Quectel EG95 LTE modem (networking-stable-20_07_17).
• netvsc: unshare skb in VF rx handler (git-fixes).
• nfc: nci: add missed destroy_workqueue in nci_register_device (git-fixes).
• ntb: Fix an error in get link status (git-fixes).
• ntb_netdev: fix sleep time mismatch (git-fixes).
• ntb: ntb_transport: Use scnprintf() for avoiding potential buffer overflow (git-fixes).
• nvme: fix possible deadlock when I/O is blocked (git-fixes).
• nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths (bsc#1172108).
• nvme-multipath: fix logic for non-optimized paths (bsc#1172108).
• nvme-multipath: round-robin: eliminate 'fallback' variable (bsc#1172108).
• nvme: multipath: round-robin: fix single non-optimized path case (bsc#1172108).
• obsolete_kmp: provide newer version than the obsoleted one (boo#1170232).
• ocfs2: add trimfs dlm lock resource (bsc#1175228).
• ocfs2: add trimfs lock to avoid duplicated trims in cluster (bsc#1175228).
• ocfs2: avoid inode removal while nfsd is accessing it (bsc#1172963).
• ocfs2: avoid inode removal while nfsd is accessing it (bsc#1172963).
• ocfs2: change slot number type s16 to u16 (bsc#1175786).
• ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963).
• ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963).
• ocfs2: fix remounting needed after setfacl command (bsc#1173954).
• ocfs2: fix the application IO timeout when fstrim is running (bsc#1175228).
• ocfs2: fix value of OCFS2_INVALID_SLOT (bsc#1175767).
• ocfs2: load global_inode_alloc (bsc#1172963).
• ocfs2: load global_inode_alloc (bsc#1172963).
• omapfb: dss: Fix max fclk divider for omap36xx (bsc#1113956)
• openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() (git-fixes).
• PCI/ASPM: Add missing newline in sysfs 'policy' (git-fixes).
• PCI: dwc: Move interrupt acking into the proper callback (bsc#1175666).
• PCI: Fix pci_cfg_wait queue locking problem (git-fixes).
• PCI: Fix 'try' semantics of bus and slot reset (git-fixes).
• PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() (git-fixes).
• PCI: hv: Fix a timing issue which causes kdump to fail occasionally (bsc#1172871, bsc#1172872, git-fixes).
• PCI: Release IVRS table in AMD ACS quirk (git-fixes).
• PCI: switchtec: Add missing __iomem and __user tags to fix sparse warnings (git-fixes).
• PCI: switchtec: Add missing __iomem tag to fix sparse warnings (git-fixes).
• phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked (git-fixes).
• pinctrl: single: fix function name in documentation (git-fixes).
• pinctrl-single: fix pcs_parse_pinconf() return value (git-fixes).
• platform/x86: intel-hid: Fix return value check in check_acpi_dev() (git-fixes).
• platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() (git-fixes).
• PM / CPU: replace raw_notifier with atomic_notifier (git fixes (kernel/pm)).
• PM / devfreq: rk3399_dmc: Add missing of_node_put() (bsc#1175668).
• PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails.
• PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent (bsc#1175668).
• PM: sleep: core: Fix the handling of pending runtime resume requests (git-fixes).
• powerpc/64s: Do not init FSCR_DSCR in __init_FSCR() (bsc#1065729).
• powerpc/64s: Fix early_init_mmu section mismatch (bsc#1065729).
• powerpc: Allow 4224 bytes of stack expansion for the signal frame (bsc#1065729).
• powerpc/book3s64/pkeys: Use PVR check instead of cpu feature (bsc#1065729).
• powerpc/boot: Fix CONFIG_PPC_MPC52XX references (bsc#1065729).
• powerpc/eeh: Fix pseries_eeh_configure_bridge() (bsc#1174689).
• powerpc/nvdimm: Use HCALL error as the return value (bsc#1175284).
• powerpc/nvdimm: use H_SCM_QUERY hcall on H_OVERLAP error (bsc#1175284).
• powerpc/perf: Fix missing is_sier_aviable() during build (bsc#1065729).
• powerpc/pseries: Do not initiate shutdown when system is running on UPS (bsc#1175440 ltc#187574).
• powerpc/pseries/hotplug-cpu: Remove double free in error path (bsc#1065729).
• powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death (bsc#1085030 ltC#165630).
• powerpc/pseries: PCIE PHB reset (bsc#1174689).
• powerpc/pseries: remove cede offline state for CPUs (bsc#1065729).
• powerpc/rtas: do not online CPUs for partition suspend (bsc#1065729).
• powerpc/vdso: Fix vdso cpu truncation (bsc#1065729).
• power: supply: check if calc_soc succeeded in pm860x_init_battery (git-fixes).
• propagate_one(): mnt_set_mountpoint() needs mount_lock (bsc#1174841).
• pseries: Fix 64 bit logical memory block panic (bsc#1065729).
• pwm: bcm-iproc: handle clk_get_rate() return (git-fixes).
• rds: Prevent kernel-infoleak in rds_notify_queue_get() (git-fixes).
• regulator: gpio: Honor regulator-boot-on property (git-fixes).
• Revert 'ALSA: hda: call runtime_allow() for all hda controllers' (bsc#1111666).
• Revert 'drm/amdgpu: Fix NULL dereference in dpm sysfs handlers' (bsc#1113956) * refresh for context changes
• Revert 'ocfs2: avoid inode removal while nfsd is accessing it' This reverts commit 9e096c72476eda333a9998ff464580c00ff59c83.
• Revert 'ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963).' This reverts commit 0bf6e248f93736b3f17f399b4a8f64ffa30d371e.
• Revert 'ocfs2: load global_inode_alloc (bsc#1172963).' This reverts commit fc476497b53f967dc615b9cbad9427ba3107b5c4.
• Revert 'scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe' (bsc#1171688 bsc#1174003).
• Revert 'scsi: qla2xxx: Fix crash on qla2x00_mailbox_command' (bsc#1171688 bsc#1174003).
• Revert 'xen/balloon: Fix crash when ballooning on x86 32 bit PAE' (bsc#1065600).
• rocker: fix incorrect error handling in dma_rings_init (networking-stable-20_06_28).
• rpm/check-for-config-changes: Ignore CONFIG_CC_VERSION_TEXT
• rpm/check-for-config-changes: Ignore CONFIG_LD_VERSION
• rpm/constraints.in: Increase memory for kernel-docs References: https://build.opensuse.org/request/show/792664
• rpm: drop execute permissions on source files Sometimes a source file with execute permission appears in upstream repository and makes it into our kernel-source packages. This is caught by OBS build checks and may even result in build failures. Sanitize the source tree by removing execute permissions from all C source and header files.
• rpm/kabi.pl: account for namespace field being moved last Upstream is moving the namespace field in Module.symvers last in order to preserve backwards compatibility with kmod tools (depmod, etc). Fix the kabi.pl script to expect the namespace field last. Since split() ignores trailing empty fields and delimeters, switch to using tr to count how many fields/tabs are in a line. Also, in load_symvers(), pass LIMIT of -1 to split() so it does not strip trailing empty fields, as namespace is an optional field.
• rpm/kernel-binary.spec.in: do not run klp-symbols for configs with no modules Starting with 5.8-rc1, s390x/zfcpdump builds fail because rpm/klp-symbols script does not find .tmp_versions directory. This is missing because s390x/zfcpdump is built without modules (CONFIG_MODULES disabled). As livepatching cannot work without modules, the cleanest solution is setting %klp_symbols to 0 if CONFIG_MODULES is disabled. (We cannot simply add another condition to the place where %klp_symbols is set as it can be already set to 1 from prjconf.)
• rpm/kernel-binary.spec.in: restrict livepatch metapackage to default flavor It has been reported that the kernel-*-livepatch metapackage got erroneously enabled for SLE15-SP3's new -preempt flavor, leading to a unresolvable dependency to a non-existing kernel-livepatch-x.y.z-preempt package. As SLE12 and SLE12-SP1 have run out of livepatching support, the need to build said metapackage for the -xen flavor is gone and the only remaining flavor for which they're still wanted is -default. Restrict the build of the kernel-*-livepatch metapackage to the -default flavor.
• rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup Co-Authored-By: Adam Spiers
• rpm/kernel-obs-build.spec.in: Enable overlayfs Overlayfs is needed for podman or docker builds when no more specific driver can be used (like lvm or btrfs). As the default build fs is ext4 currently, we need overlayfs kernel modules to be available.
• rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073).
• rpm/mkspec-dtb: add mt76 based dtb package
• rpm/package-descriptions: garbege collection remove old ARM and Xen flavors.
• rtlwifi: rtl8192cu: Remove uninitialized_var() usage (git-fixes).
• rtnetlink: Fix memory(net_device) leak when ->newlink fails (git-fixes).
• s390, dcssblk: kaddr and pfn can be NULL to ->direct_access() (bsc#1174873).
• sched: consistently handle layer3 header accesses in the presence of VLANs (networking-stable-20_07_17).
• sched/deadline: Initialize ->dl_boosted (bsc#1112178).
• scripts/git_sort/git_sort.py: add bluetooth/bluetooth-next.git repository
• scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666).
• scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666).
• scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666).
• scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666).
• scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666).
• scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558 bsc#1136666 bsc#1173060).
• scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666).
• scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param (bsc#1171558 bsc#1136666).
• scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666).
• scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666).
• scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666).
• scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666).
• scsi: dh: Add Fujitsu device to devinfo and dh lists (bsc#1174026).
• scsi: Fix trivial spelling (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case into lower case (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Indicate correct supported speeds for Mezz card (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Introduce a function for computing the debug message prefix (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: SAN congestion management implementation (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use register names instead of register offsets (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688 bsc#1174003).
• scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688 bsc#1174003).
• scsi: smartpqi: add bay identifier (bsc#1172418).
• scsi: smartpqi: add gigabyte controller (bsc#1172418).
• scsi: smartpqi: add id support for SmartRAID 3152-8i (bsc#1172418).
• scsi: smartpqi: add inquiry timeouts (bsc#1172418).
• scsi: smartpqi: add module param for exposure order (bsc#1172418).
• scsi: smartpqi: add module param to hide vsep (bsc#1172418).
• scsi: smartpqi: add new pci ids (bsc#1172418).
• scsi: smartpqi: add pci ids for fiberhome controller (bsc#1172418).
• scsi: smartpqi: add RAID bypass counter (bsc#1172418).
• scsi: smartpqi: add sysfs entries (bsc#1172418).
• scsi: smartpqi: Align driver syntax with oob (bsc#1172418).
• scsi: smartpqi: avoid crashing kernel for controller issues (bsc#1172418).
• scsi: smartpqi: bump version (bsc#1172418).
• scsi: smartpqi: bump version (bsc#1172418).
• scsi: smartpqi: bump version to 1.2.16-010 (bsc#1172418).
• scsi: smartpqi: change TMF timeout from 60 to 30 seconds (bsc#1172418).
• scsi: smartpqi: correct hang when deleting 32 lds (bsc#1172418).
• scsi: smartpqi: correct REGNEWD return status (bsc#1172418).
• scsi: smartpqi: correct syntax issue (bsc#1172418).
• scsi: smartpqi: fix call trace in device discovery (bsc#1172418).
• scsi: smartpqi: fix controller lockup observed during force reboot (bsc#1172418).
• scsi: smartpqi: fix LUN reset when fw bkgnd thread is hung (bsc#1172418).
• scsi: smartpqi: fix problem with unique ID for physical device (bsc#1172418).
• scsi: smartpqi: identify physical devices without issuing INQUIRY (bsc#1172418).
• scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask (bsc#1172418).
• scsi: smartpqi: remove unused manifest constants (bsc#1172418).
• scsi: smartpqi: Reporting unhandled SCSI errors (bsc#1172418).
• scsi: smartpqi: support device deletion via sysfs (bsc#1172418).
• scsi: smartpqi: update copyright (bsc#1172418).
• scsi: smartpqi: update logical volume size after expansion (bsc#1172418).
• scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow (bsc#1172418).
• scsi: storvsc: Correctly set number of hardware queues for IDE disk (git-fixes).
• scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790).
• sctp: Do not advertise IPv4 addresses if ipv6only is set on the socket (networking-stable-20_06_28).
• selftests/livepatch: fix mem leaks in test-klp-shadow-vars (bsc#1071995).
• selftests/livepatch: more verification in test-klp-shadow-vars (bsc#1071995).
• selftests/livepatch: rework test-klp-shadow-vars (bsc#1071995).
• selftests/livepatch: simplify test-klp-callbacks busy target tests (bsc#1071995).
• serial: 8250: change lock order in serial8250_do_startup() (git-fixes).
• serial: pl011: Do not leak amba_ports entry on driver register error (git-fixes).
• serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes).
• Set VIRTIO_CONSOLE=y (bsc#1175667).
• sign also s390x kernel images (bsc#1163524)
• soc: fsl: qbman: allow registering a device link for the portal user (bsc#1174550).
• soc: fsl: qbman_portals: add APIs to retrieve the probing status (bsc#1174550).
• spi: davinci: Remove uninitialized_var() usage (git-fixes).
• spi: lantiq: fix: Rx overflow error in full duplex mode (git-fixes).
• spi: nxp-fspi: Ensure width is respected in spi-mem operations (bsc#1175421).
• spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode (bsc#1175422).
• spi: spi-mem: export spi_mem_default_supports_op() (bsc#1175421).
• staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes).
• staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes).
• staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes).
• staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support (git-fixes).
• staging: fsl-dpaa2: ethsw: Add missing netdevice check (bsc#1175423).
• staging: rtl8192u: fix a dubious looking mask before a shift (git-fixes).
• staging/speakup: fix get_word non-space look-ahead (git-fixes).
• tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT (networking-stable-20_06_28).
• tcp: grow window for OOO packets only for SACK flows (networking-stable-20_06_28).
• tcp: make sure listeners do not initialize congestion-control state (networking-stable-20_07_17).
• tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() (networking-stable-20_07_17).
• tcp: md5: do not send silly options in SYNCOOKIES (networking-stable-20_07_17).
• tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers (networking-stable-20_07_17).
• tracepoint: Mark __tracepoint_string's __used (git-fixes).
• tracing: Use trace_sched_process_free() instead of exit() for pid tracing (git-fixes).
• tty: hvc_console, fix crashes on parallel open/close (git-fixes).
• tty: serial: fsl_lpuart: add imx8qxp support (bsc#1175670).
• tty: serial: fsl_lpuart: free IDs allocated by IDA (bsc#1175670).
• USB: cdc-acm: rework notification_buffer resizing (git-fixes).
• USB: gadget: f_tcm: Fix some resource leaks in some error paths (git-fixes).
• USB: host: ohci-exynos: Fix error handling in exynos_ohci_probe() (git-fixes).
• USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge (git-fixes).
• USB: iowarrior: fix up report size handling for some devices (git-fixes).
• usbip: tools: fix module name in man page (git-fixes).
• USB: rename USB quirk to USB_QUIRK_ENDPOINT_IGNORE (git-fixes).
• USB: serial: cp210x: enable usb generic throttle/unthrottle (git-fixes).
• USB: serial: cp210x: re-enable auto-RTS on open (git-fixes).
• USB: serial: ftdi_sio: clean up receive processing (git-fixes).
• USB: serial: ftdi_sio: fix break and sysrq handling (git-fixes).
• USB: serial: ftdi_sio: make process-packet buffer unsigned (git-fixes).
• USB: serial: iuu_phoenix: fix led-activity helpers (git-fixes).
• USB: serial: qcserial: add EM7305 QDL product ID (git-fixes).
• USB: xhci: define IDs for various ASMedia host controllers (git-fixes).
• USB: xhci: Fix ASM2142/ASM3142 DMA addressing (git-fixes).
• USB: xhci: Fix ASMedia ASM1142 DMA addressing (git-fixes).
• USB: xhci-mtk: fix the failure of bandwidth allocation (git-fixes).
• VFS: Check rename_lock in lookup_fast() (bsc#1174734).
• video: fbdev: sm712fb: fix an issue about iounmap for a wrong address (git-fixes).
• video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call (git-fixes).
• virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial (git-fixes).
• vlan: consolidate VLAN parsing code and limit max parsing depth (networking-stable-20_07_17).
• vmxnet3: use correct tcp hdr length when packet is encapsulated (bsc#1175199).
• vt_compat_ioctl(): clean up, use compat_ptr() properly (git-fixes).
• vt: vt_ioctl: remove unnecessary console allocation checks (git-fixes).
• vxlan: Ensure FDB dump is performed under RCU (git-fixes).
• watchdog: f71808e_wdt: clear watchdog timeout occurred flag (bsc#1111666).
• watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options (bsc#1111666).
• watchdog: f71808e_wdt: remove use of wrong watchdog_info option (bsc#1111666).
• wl1251: fix always return 0 error (git-fixes).
• x86/hyperv: Create and use Hyper-V page definitions (git-fixes).
• x86/hyper-v: Fix overflow bug in fill_gva_list() (git-fixes).
• x86/hyperv: Make hv_vcpu_is_preempted() visible (git-fixes).
• x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178).
• x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).
• xen/balloon: fix accounting in alloc_xenballooned_pages error path (bsc#1065600).
• xen/balloon: make the balloon wait interruptible (bsc#1065600).
• xfrm: check id proto in validate_tmpl() (git-fixes).
• xfrm: clean up xfrm protocol checks (git-fixes).
• xfrm_user: uncoditionally validate esn replay attribute struct (git-fixes).
• xfs: fix inode allocation block res calculation precedence (git-fixes).
• xfs: fix reflink quota reservation accounting error (git-fixes).
• xhci: Fix enumeration issue when setting max packet size for FS devices (git-fixes).

This update for openldap2 fixes the following issues:

• bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125.

This update for libxml2 fixes the following issues:

• CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).

This update for shim fixes the following issues:
This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting.
This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from July / August 2020 are applied.

Changes:
Use vendor-dbx to block old SUSE/openSUSE signkeys (bsc#1168994)

• Add dbx-cert.tar.xz which contains the certificates to block and a script, generate-vendor-dbx.sh, to generate vendor-dbx.bin
• Add vendor-dbx.bin as the vendor dbx to block unwanted keys

• Update the path to grub-tpm.efi in shim-install (bsc#1174320)
• Only check EFI variable copying when Secure Boot is enabled (bsc#1173411)
• Use the full path of efibootmgr to avoid errors when invoking shim-install from packagekitd (bsc#1168104)
• shim-install: add check for btrfs is used as root file system to enable relative path lookup for file. (bsc#1153953)
• shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)

This update for cryptsetup fixes the following issues:
Update from version 2.0.5 to version 2.0.6. (jsc#SLE-5911, bsc#1165580)

• Fix support of larger metadata areas in *LUKS2* header.

• If *AEAD* (authenticated encryption) is used, cryptsetup now tries to check if the requested *AEAD* algorithm with specified key size is available in kernel crypto API. This change avoids formatting a device that cannot be later activated.

• Fix setting of integrity no-journal flag. Now you can store this flag to metadata using *\--persistent* option.

• Fix cryptsetup-reencrypt to not keep temporary reencryption headers if interrupted during initial password prompt.

• Adds early check to plain and LUKS2 formats to disallow device format if device size is not aligned to requested sector size. Previously it was possible, and the device was rejected to activate by kernel later.

• Fix checking of hash algorithms availability for *PBKDF* early. Previously *LUKS2* format allowed non-existent hash algorithm with invalid keyslot preventing the device from activation.

• Allow Adiantum cipher construction (a non-authenticated length-preserving fast encryption scheme), so it can be used both for data encryption and keyslot encryption in *LUKS1/2* devices.