openSUSE-SLE-15.4-2022-19 moderate SUSE Updates openSUSE-SLE 15.4 This update for ghostscript, gswrap fixes the following issues: We now ship an additional wraper for ghostscript, called gswrap, for SLE 15 SP2 and SLE15 SP3. You can install this wrapper by installing the gswrap package. - Allow the `gswrap` package to use its wrapper script for `ghostscript` (jsc#SLE-21705 jsc#SLE-21706) - Use `update-alternatives` to get the real `ghostscript` binary from `/usr/bin/gs` to `/usr/bin/gs.bin` ghostscript-9.52-158.1.src.rpm ghostscript-9.52-158.1.x86_64.rpm ghostscript-devel-9.52-158.1.x86_64.rpm ghostscript-x11-9.52-158.1.x86_64.rpm ghostscript-9.52-158.1.s390x.rpm ghostscript-devel-9.52-158.1.s390x.rpm ghostscript-x11-9.52-158.1.s390x.rpm ghostscript-9.52-158.1.ppc64le.rpm ghostscript-devel-9.52-158.1.ppc64le.rpm ghostscript-x11-9.52-158.1.ppc64le.rpm ghostscript-9.52-158.1.aarch64.rpm ghostscript-devel-9.52-158.1.aarch64.rpm ghostscript-x11-9.52-158.1.aarch64.rpm openSUSE-SLE-15.4-2022-143 moderate SUSE Updates openSUSE-SLE 15.4 This update for java-11-openjdk fixes the following issues: - Java Cryptography was always operating in FIPS mode if crypto-policies was not used. - Allow plain key import in fips mode unless "com.suse.fips.plainKeySupport" is set to false java-11-openjdk-11.0.13.0-3.68.1.src.rpm java-11-openjdk-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-javadoc-11.0.13.0-3.68.1.noarch.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-src-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-src-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.aarch64.rpm openSUSE-SLE-15.4-2022-157 important SUSE Updates openSUSE-SLE 15.4 This update for zxing-cpp fixes the following issues: - CVE-2021-28021: Fixed buffer overflow vulnerability in function stbi__extend_receive in stb_image.h via a crafted JPEG file. (bsc#1191743). - CVE-2021-42715: Fixed buffer overflow in stb_image PNM loader (bsc#1191942). - CVE-2021-42716: Fixed denial of service in stb_image HDR loader when reading crafted HDR files (bsc#1191944). libZXing1-1.2.0-9.7.1.x86_64.rpm libZXing1-32bit-1.2.0-9.7.1.x86_64.rpm zxing-cpp-1.2.0-9.7.1.src.rpm zxing-cpp-devel-1.2.0-9.7.1.x86_64.rpm libZXing1-1.2.0-9.7.1.s390x.rpm zxing-cpp-devel-1.2.0-9.7.1.s390x.rpm libZXing1-1.2.0-9.7.1.ppc64le.rpm zxing-cpp-devel-1.2.0-9.7.1.ppc64le.rpm libZXing1-1.2.0-9.7.1.aarch64.rpm zxing-cpp-devel-1.2.0-9.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-176 important SUSE Updates openSUSE-SLE 15.4 This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack (bsc#1185382). - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc (bsc#1185383). - CVE-2019-25033: Fixed integer overflow in the regional allocator via the ALIGN_UP macro (bsc#1185384). - CVE-2019-25034: Fixed integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write (bsc#1185385). - CVE-2019-25035: Fixed out-of-bounds write in sldns_bget_token_par (bsc#1185386). - CVE-2019-25036: Fixed assertion failure and denial of service in synth_cname (bsc#1185387). - CVE-2019-25037: Fixed assertion failure and denial of service in dname_pkt_copy via an invalid packet (bsc#1185388). - CVE-2019-25038: Fixed integer overflow in a size calculation in dnscrypt/dnscrypt.c (bsc#1185389). - CVE-2019-25039: Fixed integer overflow in a size calculation in respip/respip.c (bsc#1185390). - CVE-2019-25040: Fixed infinite loop via a compressed name in dname_pkt_copy (bsc#1185391). - CVE-2019-25041: Fixed assertion failure via a compressed name in dname_pkt_copy (bsc#1185392). - CVE-2019-25042: Fixed out-of-bounds write via a compressed name in rdata_copy (bsc#1185393). - CVE-2020-28935: Fixed symbolic link traversal when writing PID file (bsc#1179191). libunbound2-1.6.8-10.6.1.x86_64.rpm unbound-1.6.8-10.6.1.src.rpm unbound-1.6.8-10.6.1.x86_64.rpm unbound-anchor-1.6.8-10.6.1.x86_64.rpm unbound-devel-1.6.8-10.6.1.x86_64.rpm unbound-munin-1.6.8-10.6.1.noarch.rpm unbound-python-1.6.8-10.6.1.x86_64.rpm libunbound2-1.6.8-10.6.1.s390x.rpm unbound-1.6.8-10.6.1.s390x.rpm unbound-anchor-1.6.8-10.6.1.s390x.rpm unbound-devel-1.6.8-10.6.1.s390x.rpm unbound-python-1.6.8-10.6.1.s390x.rpm libunbound2-1.6.8-10.6.1.ppc64le.rpm unbound-1.6.8-10.6.1.ppc64le.rpm unbound-anchor-1.6.8-10.6.1.ppc64le.rpm unbound-devel-1.6.8-10.6.1.ppc64le.rpm unbound-python-1.6.8-10.6.1.ppc64le.rpm libunbound2-1.6.8-10.6.1.aarch64.rpm unbound-1.6.8-10.6.1.aarch64.rpm unbound-anchor-1.6.8-10.6.1.aarch64.rpm unbound-devel-1.6.8-10.6.1.aarch64.rpm unbound-python-1.6.8-10.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-226 important SUSE Updates openSUSE-SLE 15.4 This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. (bsc#1194844) - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. (bsc#1194843) - CVE-2022-23302: Fix remote code execution by removing src/main/java/org/apache/log4j/net/JMSSink.java. (bsc#1194842) log4j12-1.2.17-4.9.1.noarch.rpm log4j12-1.2.17-4.9.1.src.rpm log4j12-javadoc-1.2.17-4.9.1.noarch.rpm log4j12-manual-1.2.17-4.9.1.noarch.rpm openSUSE-SLE-15.4-2022-198 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517). - CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985). - CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302). - CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace (bnc#1194518). - CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927). - CVE-2021-4202: Fixed a race condition during NFC device remove which could lead to a use-after-free memory corruption (bsc#1194529) - CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allowed a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4 (bnc#1193727). - CVE-2021-4149: Fixed a locking condition in btrfs which could lead to system deadlocks (bsc#1194001). - CVE-2021-45485: In the IPv6 implementation in net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses (bnc#1194094). - CVE-2021-45486: In the IPv4 implementation in net/ipv4/route.c has an information leak because the hash table is very small (bnc#1194087). The following non-security bugs were fixed: - ACPI: APD: Check for NULL pointer after calling devm_ioremap() (git-fixes). - ACPI: Add stubs for wakeup handler functions (git-fixes). - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes (git-fixes). - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: ctl: Fix copy of updated id with element read/write (git-fixes). - ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes). - ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes). - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform (git-fixes). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows (git-fixes). - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes). - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes). - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes). - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes). - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes). - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers (git-fixes). - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ (git-fixes). - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: hda: Make proper use of timecounter (git-fixes). - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: jack: Check the return value of kstrdup() (git-fixes). - ALSA: oss: fix compile error when OSS_DEBUG is enabled (git-fixes). - ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes). - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() (git-fixes). - ALSA: pcm: oss: Limit the period size to 16MB (git-fixes). - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID (git-fixes). - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk (git-fixes). - ASoC: codecs: wcd934x: handle channel mappping list correctly (git-fixes). - ASoC: codecs: wcd934x: return correct value from mixer put (git-fixes). - ASoC: codecs: wcd934x: return error code correctly from hw_params (git-fixes). - ASoC: codecs: wsa881x: fix return values from kcontrol put (git-fixes). - ASoC: cs42l42: Correct configuring of switch inversion from ts-inv (git-fixes). - ASoC: cs42l42: Disable regulators if probe fails (git-fixes). - ASoC: cs42l42: Use device_property API instead of of_property (git-fixes). - ASoC: fsl_asrc: refine the check of available clock divider (git-fixes). - ASoC: fsl_mqs: fix MODULE_ALIAS (git-fixes). - ASoC: mediatek: Check for error clk pointer (git-fixes). - ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s (git-fixes). - ASoC: meson: aiu: fifo: Add missing dma_coerce_mask_and_coherent() (git-fixes). - ASoC: qdsp6: q6routing: Fix return value from msm_routing_put_audio_mixer (git-fixes). - ASoC: rt5663: Handle device_property_read_u32_array error codes (git-fixes). - ASoC: samsung: idma: Check of ioremap return value (git-fixes). - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked() (git-fixes). - ASoC: sunxi: fix a sound binding broken reference (git-fixes). - ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes). - ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes). - ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes). - ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes). - ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes). - ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes). - ASoC: tegra: Fix wrong value type in DMIC (git-fixes). - ASoC: tegra: Fix wrong value type in DSPK (git-fixes). - ASoC: tegra: Fix wrong value type in I2S (git-fixes). - ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA (git-fixes). - Add cherry-picked IDs for qemu fw_cfg patches - Bluetooth: L2CAP: Fix using wrong mode (git-fixes). - Bluetooth: bfusb: fix division by zero in send path (git-fixes). - Bluetooth: btmtksdio: fix resume failure (git-fixes). - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() (git-fixes). - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (git-fixes). - Bluetooth: hci_bcm: Check for error irq (git-fixes). - Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes). - Bluetooth: stop proccessing malicious adv data (git-fixes). - Documentation: ACPI: Fix data node reference documentation (git-fixes). - Documentation: dmaengine: Correctly describe dmatest with channel unset (git-fixes). - Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (git-fixes). - HID: add USB_HID dependancy to hid-chicony (git-fixes). - HID: add USB_HID dependancy to hid-prodikeys (git-fixes). - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (git-fixes). - HID: bigbenff: prevent null pointer dereference (git-fixes). - HID: google: add eel USB id (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_frame_init_v1_buttonpad (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_get_str_desc (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_huion_init (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init (git-fixes). - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover (git-fixes). - Input: appletouch - initialize work before device registration (git-fixes). - Input: atmel_mxt_ts - fix double free in mxt_read_info_block (git-fixes). - Input: elantech - fix stack out of bound access in elantech_change_report_id() (git-fixes). - Input: i8042 - add deferred probe support (bsc#1190256). - Input: i8042 - enable deferred probe quirk for ASUS UM325UA (bsc#1190256). - Input: max8925_onkey - do not mark comment as kernel-doc (git-fixes). - Input: spaceball - fix parsing of movement data packets (git-fixes). - Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes). - Input: ti_am335x_tsc - set ADCREFM for X configuration (git-fixes). - Move upstreamed patches into sorted section - NFC: st21nfca: Fix memory leak in device probe and remove (git-fixes). - NFSD: Fix zero-length NFSv3 WRITEs (git-fixes). - NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes). - NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes). - PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment (git-fixes). - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes). - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() (git-fixes). - PCI/MSI: Mask MSI-X vectors only on success (git-fixes). - PCI: cadence: Add cdns_plat_pcie_probe() missing return (git-fixes). - PCI: dwc: Do not remap invalid res (git-fixes). - PCI: mvebu: Check for errors from pci_bridge_emul_init() call (git-fixes). - PCI: mvebu: Do not modify PCI IO type bits in conf_write (git-fixes). - PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2 registers on emulated bridge (git-fixes). - PCI: mvebu: Fix support for PCI_EXP_DEVCTL on emulated bridge (git-fixes). - PCI: mvebu: Fix support for PCI_EXP_RTSTA on emulated bridge (git-fixes). - PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space (git-fixes). - PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device (git-fixes). - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault (git-fixes). - PCI: xgene: Fix IB window setup (git-fixes). - PM: runtime: Defer suspending suppliers (git-fixes). - PM: sleep: Do not assume that "mem" is always present (git-fixes). - RDMA/hns: Replace kfree() with kvfree() (jsc#SLE-14777). - Revert "PM: sleep: Do not assume that "mem" is always present" (git-fixes). - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" (git-fixes). - Revert "net/mlx5: Add retry mechanism to the command entry index allocation" (jsc#SLE-15172). - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status (git-fixes). - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes). - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) (git-fixes). - USB: cdc-acm: fix break reporting (git-fixes). - USB: cdc-acm: fix racy tty buffer accesses (git-fixes). - USB: chipidea: fix interrupt deadlock (git-fixes). - USB: core: Fix bug in resuming hub's handling of wakeup requests (git-fixes). - USB: gadget: bRequestType is a bitfield, not a enum (git-fixes). - USB: gadget: detect too-big endpoint 0 requests (git-fixes). - USB: gadget: zero allocate endpoint 0 buffers (git-fixes). - USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes). - USB: serial: option: add Telit FN990 compositions (git-fixes). - Update patches.suse/tpm-fix-potential-NULL-pointer-access-in-tpm_del_cha.patch (git-fixes bsc#1193660 ltc#195634). - Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18120) Moving this driver into the "supported" package. - amd/display: downgrade validation failure log level (git-fixes). - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile (git-fixes). - atlantic: Fix buff_ring OOB in aq_ring_rx_clean (git-fixes). - ax25: NPD bug when detaching AX25 device (git-fixes). - backlight: qcom-wled: Fix off-by-one maximum with default num_strings (git-fixes). - backlight: qcom-wled: Override default length with qcom,enabled-strings (git-fixes). - backlight: qcom-wled: Pass number of elements to read to read_u32_array (git-fixes). - backlight: qcom-wled: Validate enabled string indices in DT (git-fixes). - batman-adv: mcast: do not send link-local multicast to mcast routers (git-fixes). - blk-cgroup: synchronize blkg creation against policy deactivation (bsc#1194584). - block/scsi-ioctl: Fix kernel-infoleak in scsi_put_cdrom_generic_arg() (git-fixes). - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586). - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (git-fixes). - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} (git-fixes). - can: kvaser_usb: get CAN clock frequency from device (git-fixes). - can: sja1000: fix use after free in ems_pcmcia_add_card() (git-fixes). - can: softing: softing_startstop(): fix set but not used variable warning (git-fixes). - can: softing_cs: softingcs_probe(): fix memleak on registration failure (git-fixes). - can: usb_8dev: remove unused member echo_skb from struct usb_8dev_priv (git-fixes). - can: xilinx_can: xcan_probe(): check for error irq (git-fixes). - char/mwave: Adjust io port register size (git-fixes). - clk: Do not parent clks until the parent is fully registered (git-fixes). - clk: Gemini: fix struct name in kernel-doc (git-fixes). - clk: bcm-2835: Pick the closest clock rate (git-fixes). - clk: bcm-2835: Remove rounding up the dividers (git-fixes). - clk: imx8mn: Fix imx8mn_clko1_sels (git-fixes). - clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1 (git-fixes). - clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk (git-fixes). - clk: qcom: regmap-mux: fix parent clock lookup (git-fixes). - clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell (git-fixes). - crypto: caam - replace this_cpu_ptr with raw_cpu_ptr (git-fixes). - crypto: mxs-dcp - Use sg_mapping_iter to copy data (git-fixes). - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() (git-fixes). - crypto: qat - do not ignore errors from enable_vf2pf_comms() (git-fixes). - crypto: qat - fix reuse of completion variable (git-fixes). - crypto: qat - handle both source of interrupt in VF ISR (git-fixes). - crypto: qce - fix uaf on qce_ahash_register_one (git-fixes). - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (git-fixes). - crypto: stm32/cryp - fix double pm exit (git-fixes). - crypto: stm32/cryp - fix lrw chaining mode (git-fixes). - crypto: stm32/cryp - fix xts and race condition in crypto_engine requests (git-fixes). - debugfs: lockdown: Allow reading debugfs files that are not world readable (bsc#1193328 ltc#195566). - device property: Fix documentation for FWNODE_GRAPH_DEVICE_DISABLED (git-fixes). - dm crypt: document encrypted keyring key option (git-fixes). - dm writecache: add "cleaner" and "max_age" to Documentation (git-fixes). - dm writecache: advance the number of arguments when reporting max_age (git-fixes). - dm writecache: fix performance degradation in ssd mode (git-fixes). - dm writecache: flush origin device when writing and cache is full (git-fixes). - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() (git-fixes). - dmaengine: at_xdmac: Do not start transactions at tx_submit level (git-fixes). - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (git-fixes). - dmaengine: at_xdmac: Fix concurrency over xfers_list (git-fixes). - dmaengine: at_xdmac: Fix lld view setting (git-fixes). - dmaengine: at_xdmac: Print debug message after realeasing the lock (git-fixes). - dmaengine: bestcomm: fix system boot lockups (git-fixes). - dmaengine: idxd: add module parameter to force disable of SVA (bsc#1192931). - dmaengine: idxd: enable SVA feature for IOMMU (bsc#1192931). - dmaengine: pxa/mmp: stop referencing config->slave_id (git-fixes). - dmaengine: st_fdma: fix MODULE_ALIAS (git-fixes). - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (git-fixes). - drm/amd/display: Fix for the no Audio bug with Tiled Displays (git-fixes). - drm/amd/display: Update bounding box states (v2) (git-fixes). - drm/amd/display: Update number of DCN3 clock states (git-fixes). - drm/amd/display: add connector type check for CRC source set (git-fixes). - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled (git-fixes). - drm/amd/display: fix incorrect CM/TF programming sequence in dwb (git-fixes). - drm/amd/display: fix missing writeback disablement if plane is removed (git-fixes). - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (git-fixes). - drm/amdgpu: Fix a printing message (git-fixes). - drm/amdgpu: Fix amdgpu_ras_eeprom_init() (git-fixes). - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE (git-fixes). - drm/amdgpu: revert "Add autodump debugfs node for gpu reset v8" (git-fixes). - drm/amdkfd: Account for SH/SE count when setting up cu masks (git-fixes). - drm/amdkfd: Check for null pointer after calling kmemdup (git-fixes). - drm/ast: potential dereference of null pointer (git-fixes). - drm/atomic: Check new_crtc_state->active to determine if CRTC needs disable in self refresh mode (git-fixes). - drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes). - drm/bridge: display-connector: fix an uninitialized pointer in probe() (git-fixes). - drm/bridge: nwl-dsi: Avoid potential multiplication overflow on 32-bit (git-fixes). - drm/bridge: ti-sn65dsi86: Set max register for regmap (git-fixes). - drm/display: fix possible null-pointer dereference in dcn10_set_clock() (git-fixes). - drm/exynos: Always initialize mapping in exynos_drm_register_dma() (git-fixes). - drm/i915/fb: Fix rounding error in subsampled plane size calculation (git-fixes). - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (git-fixes). - drm/mediatek: Check plane visibility in atomic_update (git-fixes). - drm/msm/dpu: fix safe status debugfs file (git-fixes). - drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660 (git-fixes). - drm/msm/dsi: set default num_data_lanes (git-fixes). - drm/msm/mdp5: fix cursor-related warnings (git-fixes). - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (git-fixes). - drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture() (git-fixes). - drm/panel: innolux-p079zca: Delete panel on attach() failure (git-fixes). - drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure (git-fixes). - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (git-fixes). - drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes). - drm/rockchip: dsi: Fix unbalanced clock on probe error (git-fixes). - drm/rockchip: dsi: Hold pm-runtime across bind/unbind (git-fixes). - drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes). - drm/sun4i: dw-hdmi: Fix missing put_device() call in sun8i_hdmi_phy_get (git-fixes). - drm/sun4i: fix unmet dependency on RESET_CONTROLLER for PHY_SUN6I_MIPI_DPHY (git-fixes). - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence (git-fixes). - drm/tegra: vic: Fix DMA API misuse (git-fixes). - drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes). - drm/vc4: hdmi: Make sure the controller is powered up during bind (git-fixes). - drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET (git-fixes). - drm/vc4: hdmi: Set a default HSM rate (git-fixes). - drm: fix null-ptr-deref in drm_dev_init_release() (git-fixes). - drm: xlnx: zynqmp: release reset to DP controller before accessing DP registers (git-fixes). - drm: xlnx: zynqmp_dpsub: Call pm_runtime_get_sync before setting pixel clock (git-fixes). - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (git-fixes). - eeprom: idt_89hpesx: Restore printing the unsupported fwnode name (git-fixes). - ext4: Avoid trim error on fs with small groups (bsc#1191271). - ext4: fix lazy initialization next schedule time computation in more granular unit (bsc#1194580). - fget: clarify and improve __fget_files() implementation (bsc#1193727). - firmware: Update Kconfig help text for Google firmware (git-fixes). - firmware: arm_scmi: pm: Propagate return value to caller (git-fixes). - firmware: arm_scpi: Fix string overflow in SCPI genpd driver (git-fixes). - firmware: qcom_scm: Fix error retval in __qcom_scm_is_call_available() (git-fixes). - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries (git-fixes). - firmware: qemu_fw_cfg: fix kobject leak in probe error path (git-fixes). - firmware: qemu_fw_cfg: fix sysfs information leak (git-fixes). - firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()' (git-fixes). - firmware: smccc: Fix check for ARCH_SOC_ID not implemented (git-fixes). - firmware: tegra: Fix error application of sizeof() to pointer (git-fixes). - firmware: tegra: Reduce stack usage (git-fixes). - firmware_loader: fix pre-allocated buf built-in firmware use (git-fixes). - floppy: Fix hang in watchdog when disk is ejected (git-fixes). - flow_offload: return EOPNOTSUPP for the unsupported mpls action type (bsc#1154353). - fuse: Pass correct lend value to filemap_write_and_wait_range() (bsc#1194953). - gpiolib: acpi: Make set-debounce-timeout failures non fatal (git-fixes). - gpu: host1x: Add back arm_iommu_detach_device() (git-fixes). - hwmon: (lm90) Add basic support for TI TMP461 (git-fixes). - hwmon: (lm90) Add max6654 support to lm90 driver (git-fixes). - hwmon: (lm90) Do not report 'busy' status bit as alarm (git-fixes). - hwmon: (lm90) Drop critical attribute support for MAX6654 (git-fixes). - hwmon: (lm90) Fix usage of CONFIG2 register in detect function (git-fixes). - hwmon: (lm90) Introduce flag indicating extended temperature support (git-fixes). - i2c: rk3x: Handle a spurious start completion interrupt flag (git-fixes). - i2c: validate user data in compat ioctl (git-fixes). - i3c: fix incorrect address slot lookup on 64-bit (git-fixes). - i3c: master: dw: check return of dw_i3c_master_get_free_pos() (git-fixes). - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc (git-fixes). - i40e: Fix for displaying message regarding NVM version (git-fixes). - i40e: Fix incorrect netdev's real number of RX/TX queues (git-fixes). - i40e: Fix to not show opcode msg on unsuccessful VF MAC change (git-fixes). - i40e: fix use-after-free in i40e_sync_filters_subtask() (git-fixes). - iavf: Fix limit of total number of queues to active queues of VF (git-fixes). - iavf: restore MSI state on reset (git-fixes). - ieee802154: atusb: fix uninit value in atusb_set_extended_addr (git-fixes). - ieee802154: fix error return code in ieee802154_llsec_getparams() (git-fixes). - ieee802154: fix error return code in ieee802154_add_iface() (git-fixes). - ieee802154: hwsim: Fix memory leak in hwsim_add_one (git-fixes). - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others (git-fixes). - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() (git-fixes). - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (git-fixes). - igb: Fix removal of unicast MAC filters of VFs (git-fixes). - igbvf: fix double free in `igbvf_probe` (git-fixes). - igc: Fix typo in i225 LTR functions (jsc#SLE-13533). - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (git-fixes). - iio: ad7768-1: Call iio_trigger_notify_done() on error (git-fixes). - iio: adc: axp20x_adc: fix charging current reporting on AXP22x (git-fixes). - iio: at91-sama5d2: Fix incorrect sign extension (git-fixes). - iio: dln2-adc: Fix lockdep complaint (git-fixes). - iio: dln2: Check return value of devm_iio_trigger_register() (git-fixes). - iio: itg3200: Call iio_trigger_notify_done() on error (git-fixes). - iio: kxsd9: Do not return error code in trigger handler (git-fixes). - iio: ltr501: Do not return error code in trigger handler (git-fixes). - iio: mma8452: Fix trigger reference couting (git-fixes). - iio: stk3310: Do not return error code in interrupt handler (git-fixes). - iio: trigger: Fix reference counting (git-fixes). - iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes). - ionic: Initialize the 'lif->dbid_inuse' bitmap (bsc#1167773). - isofs: Fix out of bound access for corrupted isofs image (bsc#1194591). - iwlwifi: fw: correctly limit to monitor dump (git-fixes). - iwlwifi: mvm: Fix scan channel flags settings (git-fixes). - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing() (git-fixes). - iwlwifi: mvm: avoid static queue number aliasing (git-fixes). - iwlwifi: mvm: disable RX-diversity in powersave (git-fixes). - iwlwifi: mvm: fix 32-bit build in FTM (git-fixes). - iwlwifi: mvm: fix access to BSS elements (git-fixes). - iwlwifi: mvm: test roc running status bits before removing the sta (git-fixes). - iwlwifi: pcie: free RBs during configure (git-fixes). - ixgbe: set X550 MDIO speed before talking to PHY (git-fixes). - kmod: make request_module() return an error when autoloading is disabled (git-fixes). - kobject: Restore old behaviour of kobject_del(NULL) (git-fixes). - kobject_uevent: remove warning in init_uevent_argv() (git-fixes). - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - libata: add horkage for ASMedia 1092 (git-fixes). - libata: if T_LENGTH is zero, dma direction should be DMA_NONE (git-fixes). - livepatch: Avoid CPU hogging with cond_resched (bsc#1071995). - lockdown: Allow unprivileged users to see lockdown status (git-fixes). - mISDN: change function names to avoid conflicts (git-fixes). - mac80211: Fix monitor MTU limit so that A-MSDUs get through (git-fixes). - mac80211: agg-tx: do not schedule_and_wake_txq() under sta->lock (git-fixes). - mac80211: do not access the IV when it was stripped (git-fixes). - mac80211: fix lookup when adding AddBA extension element (git-fixes). - mac80211: fix regression in SSN handling of addba tx (git-fixes). - mac80211: initialize variable have_higher_than_11mbit (git-fixes). - mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes). - mac80211: send ADDBA requests using the tid/queue of the aggregation session (git-fixes). - mac80211: track only QoS data frames for admission control (git-fixes). - mac80211: validate extended element ID is present (git-fixes). - mailbox: hi3660: convert struct comments to kernel-doc notation (git-fixes). - media: Revert "media: uvcvideo: Set unique vdev name based in type" (bsc#1193255). - media: aspeed: Update signal status immediately to ensure sane hw state (git-fixes). - media: aspeed: fix mode-detect always time out at 2nd run (git-fixes). - media: cpia2: fix control-message timeouts (git-fixes). - media: dib0700: fix undefined behavior in tuner shutdown (git-fixes). - media: dib8000: Fix a memleak in dib8000_init() (git-fixes). - media: dmxdev: fix UAF when dvb_register_device() fails (git-fixes). - media: dw2102: Fix use after free (git-fixes). - media: em28xx: fix control-message timeouts (git-fixes). - media: em28xx: fix memory leak in em28xx_init_dev (git-fixes). - media: flexcop-usb: fix control-message timeouts (git-fixes). - media: hantro: Fix probe func error path (git-fixes). - media: i2c: imx274: fix trivial typo expsoure/exposure (git-fixes). - media: i2c: imx274: fix trivial typo obainted/obtained (git-fixes). - media: imx-pxp: Initialize the spinlock prior to using it (git-fixes). - media: mceusb: fix control-message timeouts (git-fixes). - media: msi001: fix possible null-ptr-deref in msi001_probe() (git-fixes). - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (git-fixes). - media: pvrusb2: fix control-message timeouts (git-fixes). - media: rcar-csi2: Correct the selection of hsfreqrange (git-fixes). - media: rcar-csi2: Optimize the selection PHTW register (git-fixes). - media: redrat3: fix control-message timeouts (git-fixes). - media: s2255: fix control-message timeouts (git-fixes). - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (git-fixes). - media: si2157: Fix "warm" tuner state detection (git-fixes). - media: si470x-i2c: fix possible memory leak in si470x_i2c_probe() (git-fixes). - media: stk1160: fix control-message timeouts (git-fixes). - media: streamzap: remove unnecessary ir_raw_event_reset and handle (git-fixes). - media: uvcvideo: fix division by zero at stream start (git-fixes). - media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()' (git-fixes). - memblock: ensure there is no overflow in memblock_overlaps_region() (git-fixes). - memory: emif: Remove bogus debugfs error handling (git-fixes). - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (git-fixes). - misc: fastrpc: Add missing lock before accessing find_vma() (git-fixes). - misc: fastrpc: fix improper packet size calculation (git-fixes). - misc: lattice-ecp3-config: Fix task hung when firmware load failed (git-fixes). - mmc: meson-mx-sdio: add IRQ check (git-fixes). - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit (git-fixes). - mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes). - mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes). - mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes). - move to "mainline soon" section: - patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch - moxart: fix potential use-after-free on remove path (bsc#1194516). - mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode (git-fixes). - mt76: mt7915: fix an off-by-one bound check (git-fixes). - mtd: rawnand: fsmc: Fix timing computation (git-fixes). - mtd: rawnand: fsmc: Take instruction delay into account (git-fixes). - mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip() (git-fixes). - mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() (git-fixes). - mwifiex: Fix possible ABBA deadlock (git-fixes). - mwifiex: Try waking the firmware until we get an interrupt (git-fixes). - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources (jsc#SLE-8464). - net/mlx5: Set command entry semaphore up once got index free (jsc#SLE-15172). - net/mlx5e: Fix wrong features assignment in case of error (git-fixes). - net/mlx5e: Wrap the tx reporter dump callback to extract the sq (jsc#SLE-15172). - net/sched: fq_pie: prevent dismantle issue (jsc#SLE-15172). - net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1176774). - net: create netdev->dev_addr assignment helpers (git-fixes). - net: ena: Fix error handling when calculating max IO queues number (bsc#1154492). - net: ena: Fix undefined state when tx request id is out of bounds (bsc#1154492). - net: ena: Fix wrong rx request id by resetting device (git-fixes). - net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (jsc#SLE-14777). - net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes). - net: usb: pegasus: Do not drop long Ethernet frames (git-fixes). - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone (bsc#1176447). - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (git-fixes). - nfc: fix segfault in nfc_genl_dump_devices_done (git-fixes). - nfsd: Fix nsfd startup race (again) (git-fixes). - nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groups (bsc#1176447). - nvme-tcp: block BH in sk state_change sk callback (git-fixes). - nvme-tcp: can't set sk_user_data without write_lock (git-fixes). - nvme-tcp: check sgl supported by target (git-fixes). - nvme-tcp: do not update queue count when failing to set io queues (git-fixes). - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (git-fixes). - nvme-tcp: fix crash triggered with a dataless request submission (git-fixes). - nvme-tcp: fix error codes in nvme_tcp_setup_ctrl() (git-fixes). - nvme-tcp: fix io_work priority inversion (git-fixes). - nvme-tcp: fix possible data corruption with bio merges (git-fixes). - nvme-tcp: fix possible req->offset corruption (git-fixes). - nvme-tcp: fix wrong setting of request iov_iter (git-fixes). - nvme-tcp: get rid of unused helper function (git-fixes). - nvme-tcp: pair send_mutex init with destroy (git-fixes). - nvme-tcp: pass multipage bvec to request iov_iter (git-fixes). - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME (git-fixes). - pcmcia: fix setting of kthread task states (git-fixes). - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (git-fixes). - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (git-fixes). - pcnet32: Use pci_resource_len to validate PCI resource (git-fixes). - pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes). - pinctrl: qcom: spmi-gpio: correct parent irqspec translation (git-fixes). - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (git-fixes). - pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume() (git-fixes). - pipe: increase minimum default pipe size to 2 pages (bsc#1194587). - platform/x86: apple-gmux: use resource_size() with res (git-fixes). - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (git-fixes). - power: reset: ltc2952: Fix use of floating point literals (git-fixes). - power: supply: core: Break capacity loop (git-fixes). - power: supply: max17042_battery: Clear status bits in interrupt handler (git-fixes). - powerpc/64s: fix program check interrupt emergency stack path (bsc#1156395). - powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (bsc#1193901 ltc#194976). - powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC (bsc#1156395). - powerpc/perf: Fix data source encodings for L2.1 and L3.1 accesses (bsc#1065729). - powerpc/prom_init: Fix improper check of prom_getprop() (bsc#1065729). - powerpc/pseries/cpuhp: cache node corrections (bsc#1065729). - powerpc/pseries/cpuhp: delete add/remove_by_count code (bsc#1065729). - powerpc/pseries/mobility: ignore ibm, platform-facilities updates (bsc#1065729). - powerpc/traps: do not enable irqs in _exception (bsc#1065729). - powerpc/xive: Add missing null check after calling kmalloc (bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes). - powerpc: add interrupt_cond_local_irq_enable helper (bsc#1065729). - powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (bsc#1193901 ltc#194976). - pwm: mxs: Do not modify HW state in .probe() after the PWM chip was registered (git-fixes). - pwm: tiecap: Drop .free() callback (git-fixes). - qlcnic: potential dereference null pointer of rx_queue->page_ring (git-fixes). - quota: check block number when reading the block in quota file (bsc#1194589). - quota: correct error number in free_dqentry() (bsc#1194590). - random: fix data race on crng init time (git-fixes). - random: fix data race on crng_node_pool (git-fixes). - regmap: Call regmap_debugfs_exit() prior to _init() (git-fixes). - rndis_host: support Hytera digital radios (git-fixes). - rpmsg: core: Clean up resources on announce_create failure (git-fixes). - rtl8xxxu: Fix the handling of TX A-MPDU aggregation (git-fixes). - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (git-fixes). - rtw88: use read_poll_timeout instead of fixed sleep (git-fixes). - rtw88: wow: build wow function only if CONFIG_PM is on (git-fixes). - rtw88: wow: fix size access error of probe request (git-fixes). - sata: nv: fix debug format string mismatch (git-fixes). - scsi: lpfc: Add additional debugfs support for CMF (bsc#1194266). - scsi: lpfc: Adjust CMF total bytes and rxmonitor (bsc#1194266). - scsi: lpfc: Cap CMF read bytes to MBPI (bsc#1194266). - scsi: lpfc: Change return code on I/Os received during link bounce (bsc#1194266). - scsi: lpfc: Fix NPIV port deletion crash (bsc#1194266). - scsi: lpfc: Fix leaked lpfc_dmabuf mbox allocations with NPIV (bsc#1194266). - scsi: lpfc: Fix lpfc_force_rscn ndlp kref imbalance (bsc#1194266). - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup (bsc#1194266). - scsi: lpfc: Update lpfc version to 14.0.0.4 (bsc#1194266). - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id() (git-fixes). - scsi: qla2xxx: Format log strings only if needed (git-fixes). - scsi: qla2xxx: edif: Fix EDIF bsg (git-fixes). - scsi: qla2xxx: edif: Fix app start delay (git-fixes). - scsi: qla2xxx: edif: Fix app start fail (git-fixes). - scsi: qla2xxx: edif: Fix off by one bug in qla_edif_app_getfcinfo() (git-fixes). - scsi: qla2xxx: edif: Flush stale events and msgs on session down (git-fixes). - scsi: qla2xxx: edif: Increase ELS payload (git-fixes). - select: Fix indefinitely sleeping task in poll_schedule_timeout() (bsc#1194027). - selftests: KVM: Explicitly use movq to read xmm registers (git-fixes). - selinux: fix potential memleak in selinux_add_opt() (git-fixes). - seq_buf: Fix overflow in seq_buf_putmem_hex() (git-fixes). - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (git-fixes). - serial: pl011: Add ACPI SBSA UART match id (git-fixes). - serial: tty: uartlite: fix console setup (git-fixes). - sfc: Check null pointer of rx_queue->page_ring (git-fixes). - sfc: The RX page_ring is optional (git-fixes). - sfc: falcon: Check null pointer of rx_queue->page_ring (git-fixes). - sfc_ef100: potential dereference of null pointer (jsc#SLE-16683). - shmem: shmem_writepage() split unlikely i915 THP (git-fixes). - slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew() (git-fixes). - soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes). - soc: fsl: dpaa2-console: free buffer before returning from dpaa2_console_read (git-fixes). - soc: fsl: dpio: rename the enqueue descriptor variable (git-fixes). - soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id (git-fixes). - soc: fsl: dpio: use an explicit NULL instead of 0 (git-fixes). - soc: fsl: dpio: use the combined functions to protect critical zone (git-fixes). - spi: change clk_disable_unprepare to clk_unprepare (git-fixes). - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (git-fixes). - spi: spi-rspi: Drop redeclaring ret variable in qspi_transfer_in() (git-fixes). - staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent() (git-fixes). - staging: fbtft: Do not spam logs when probe is deferred (git-fixes). - staging: fbtft: Rectify GPIO handling (git-fixes). - staging: fieldbus: anybuss: jump to correct label in an error path (git-fixes). - staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC (git-fixes). - staging: rtl8192e: return error code from rtllib_softmac_init() (git-fixes). - staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib() (git-fixes). - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (git-fixes). - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN (git-fixes). - thermal/drivers/imx8mm: Enable ADC when enabling monitor (git-fixes). - thermal/drivers/int340x: Do not set a wrong tcc offset on resume (git-fixes). - thermal: core: Reset previous low and high trip during thermal zone init (git-fixes). - tpm: add request_locality before write TPM_INT_ENABLE (git-fixes). - tpm: fix potential NULL pointer access in tpm_del_char_device (git-fixes). - tracing/kprobes: 'nmissed' not showed correctly for kretprobe (git-fixes). - tracing/uprobes: Check the return value of kstrdup() for tu->filename (git-fixes). - tracing: Add test for user space strings when filtering on string pointers (git-fixes). - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (git-fixes). - tty: max310x: fix flexible_array.cocci warnings (git-fixes). - tty: serial: atmel: Call dma_async_issue_pending() (git-fixes). - tty: serial: atmel: Check return code of dmaengine_submit() (git-fixes). - tty: serial: earlycon dependency (git-fixes). - tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup (git-fixes). - tty: serial: uartlite: allow 64 bit address (git-fixes). - tty: synclink_gt: rename a conflicting function name (git-fixes). - udf: Fix crash after seekdir (bsc#1194592). - uio: uio_dmem_genirq: Catch the Exception (git-fixes). - usb: core: config: fix validation of wMaxPacketValue entries (git-fixes). - usb: core: config: using bit mask instead of individual bits (git-fixes). - usb: dwc2: check return value after calling platform_get_resource() (git-fixes). - usb: dwc3: gadget: Continue to process pending requests (git-fixes). - usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). - usb: dwc3: gadget: Reclaim extra TRBs after request completion (git-fixes). - usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield (git-fixes). - usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (git-fixes). - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (git-fixes). - usb: dwc3: ulpi: fix checkpatch warning (git-fixes). - usb: ftdi-elan: fix memory leak on device disconnect (git-fixes). - usb: gadget: composite: Allow bMaxPower=0 if self-powered (git-fixes). - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear (git-fixes). - usb: gadget: u_ether: fix race in setting MAC address in setup phase (git-fixes). - usb: mtu3: add memory barrier before set GPD's HWO (git-fixes). - usb: mtu3: fix interval value for intr and isoc (git-fixes). - usb: mtu3: fix list_head check warning (git-fixes). - usb: mtu3: set interval of FS intr and isoc endpoint (git-fixes). - usb: typec: tcpm: handle SRC_STARTUP state if cc changes (git-fixes). - usb: xhci: Extend support for runtime power management for AMD's Yellow carp (git-fixes). - usermodehelper: reset umask to default before executing user process (git-fixes). - vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888). - video: backlight: Drop maximum brightness override for brightness zero (git-fixes). - watchdog: Fix OMAP watchdog early handling (git-fixes). - watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT (git-fixes). - wcn36xx: Fix missing frame timestamp for beacon/probe-resp (git-fixes). - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (git-fixes). - wcn36xx: Release DMA channel descriptor allocations (git-fixes). - wcn36xx: handle connection loss indication (git-fixes). - wireguard: allowedips: add missing __rcu annotation to satisfy sparse (git-fixes). - wireguard: device: reset peer src endpoint when netns exits (git-fixes). - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc() (git-fixes). - wireguard: receive: drop handshakes if queue lock is contended (git-fixes). - wireguard: receive: use ring buffer for incoming handshakes (git-fixes). - wireguard: selftests: actually test for routing loops (git-fixes). - wireguard: selftests: increase default dmesg log size (git-fixes). - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma (git-fixes). - x86/platform/uv: Add more to secondary CPU kdump info (bsc#1194493). - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set (git-fixes). - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending (git-fixes). - xhci: avoid race between disable slot command and host runtime suspend (git-fixes). - xhci: fix unsafe memory usage in xhci tracing (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-5.3.18-150300.59.43.1.nosrc.rpm True kernel-preempt-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.43.1.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True dtb-aarch64-5.3.18-150300.59.43.1.src.rpm True dtb-al-5.3.18-150300.59.43.1.aarch64.rpm True dtb-zte-5.3.18-150300.59.43.1.aarch64.rpm True openSUSE-SLE-15.4-2022-214 important SUSE Updates openSUSE-SLE 15.4 This update for log4j fixes the following issues: - CVE-2022-23307: Fixed deserialization flaw in the chainsaw component of log4j leading to malicious code execution. (bsc#1194844) - CVE-2022-23305: Fixed SQL injection when application is configured to use JDBCAppender. (bsc#1194843) - CVE-2022-23302: Fixed remote code execution when application is configured to use JMSSink. (bsc#1194842) log4j-1.2.17-5.9.1.src.rpm log4j-manual-1.2.17-5.9.1.noarch.rpm openSUSE-SLE-15.4-2022-282 low SUSE Updates openSUSE-SLE 15.4 This is a relogin-suggested test update for SUSE:SLE-15-SP2:Update update-test-relogin-suggested-5.1-33.2.x86_64.rpm True update-test-relogin-suggested-5.1-33.2.s390x.rpm True update-test-relogin-suggested-5.1-33.2.ppc64le.rpm True update-test-relogin-suggested-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-274 low SUSE Updates openSUSE-SLE 15.4 This is a affects-package-manager test update for SUSE:SLE-15-SP2:Update update-test-affects-package-manager-5.1-33.2.x86_64.rpm True update-test-affects-package-manager-5.1-33.2.s390x.rpm True update-test-affects-package-manager-5.1-33.2.ppc64le.rpm True update-test-affects-package-manager-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-275 low SUSE Updates openSUSE-SLE 15.4 This is a retracted test update for SUSE:SLE-15-SP2:Update update-test-retracted-5.1-33.2.x86_64.rpm update-test-retracted-5.1-33.2.s390x.rpm update-test-retracted-5.1-33.2.ppc64le.rpm update-test-retracted-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-276 low SUSE Updates openSUSE-SLE 15.4 This is a optional test update for SUSE:SLE-15-SP2:Update update-test-optional-5.1-33.2.x86_64.rpm update-test-optional-5.1-33.2.s390x.rpm update-test-optional-5.1-33.2.ppc64le.rpm update-test-optional-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-277 important SUSE Updates openSUSE-SLE 15.4 This is a security test update for SUSE:SLE-15-SP2:Update update-test-security-5.1-33.2.x86_64.rpm update-test-security-5.1-33.2.s390x.rpm update-test-security-5.1-33.2.ppc64le.rpm update-test-security-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-278 low SUSE Updates openSUSE-SLE 15.4 This is a trivial test update for SUSE:SLE-15-SP2:Update update-test-trivial-5.1-33.2.src.rpm update-test-trivial-5.1-33.2.x86_64.rpm update-test-trivial-5.1-33.2.s390x.rpm update-test-trivial-5.1-33.2.ppc64le.rpm update-test-trivial-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-279 low SUSE Updates openSUSE-SLE 15.4 This is a feature test update for SUSE:SLE-15-SP2:Update update-test-feature-5.1-33.2.x86_64.rpm update-test-feature-5.1-33.2.s390x.rpm update-test-feature-5.1-33.2.ppc64le.rpm update-test-feature-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-280 low SUSE Updates openSUSE-SLE 15.4 This is a reboot-needed test update for SUSE:SLE-15-SP2:Update update-test-reboot-needed-5.1-33.2.x86_64.rpm True update-test-reboot-needed-5.1-33.2.s390x.rpm True update-test-reboot-needed-5.1-33.2.ppc64le.rpm True update-test-reboot-needed-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-281 low SUSE Updates openSUSE-SLE 15.4 This is a interactive test update for SUSE:SLE-15-SP2:Update Is this message visible? update-test-interactive-5.1-33.2.x86_64.rpm update-test-interactive-5.1-33.2.s390x.rpm update-test-interactive-5.1-33.2.ppc64le.rpm update-test-interactive-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-287 critical SUSE Updates openSUSE-SLE 15.4 This update for samba fixes the following issues: - CVE-2021-44142: Fixed out-of-Bound Read/Write on Samba vfs_fruit module. (bsc#1194859) libndr0-32bit-4.11.14+git.319.91d693db37c-4.35.1.x86_64.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.x86_64.rpm samba-4.11.14+git.319.91d693db37c-4.35.1.src.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.s390x.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.ppc64le.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-284 critical SUSE Updates openSUSE-SLE 15.4 This update for samba fixes the following issues: - CVE-2021-44142: Fixed out-of-Bound Read/Write on Samba vfs_fruit module. (bsc#1194859) libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy0-32bit-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-4.9.5+git.483.212a7ebca6b-3.64.1.src.rpm samba-libs-python-32bit-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm openSUSE-SLE-15.4-2022-330 important SUSE Updates openSUSE-SLE 15.4 This update for glibc fixes the following issues: - CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640) - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for "unix" (bsc#1194768) - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770) Features added: - IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195) glibc-2.31-150300.9.12.1.src.rpm glibc-2.31-150300.9.12.1.x86_64.rpm glibc-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-devel-2.31-150300.9.12.1.x86_64.rpm glibc-devel-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-devel-static-2.31-150300.9.12.1.x86_64.rpm glibc-devel-static-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-extra-2.31-150300.9.12.1.x86_64.rpm glibc-html-2.31-150300.9.12.1.noarch.rpm glibc-i18ndata-2.31-150300.9.12.1.noarch.rpm glibc-info-2.31-150300.9.12.1.noarch.rpm glibc-lang-2.31-150300.9.12.1.noarch.rpm glibc-locale-2.31-150300.9.12.1.x86_64.rpm glibc-locale-base-2.31-150300.9.12.1.x86_64.rpm glibc-locale-base-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-profile-2.31-150300.9.12.1.x86_64.rpm glibc-profile-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-utils-2.31-150300.9.12.1.x86_64.rpm glibc-utils-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-utils-src-2.31-150300.9.12.1.src.rpm nscd-2.31-150300.9.12.1.x86_64.rpm glibc-2.31-150300.9.12.1.s390x.rpm glibc-devel-2.31-150300.9.12.1.s390x.rpm glibc-devel-static-2.31-150300.9.12.1.s390x.rpm glibc-extra-2.31-150300.9.12.1.s390x.rpm glibc-locale-2.31-150300.9.12.1.s390x.rpm glibc-locale-base-2.31-150300.9.12.1.s390x.rpm glibc-profile-2.31-150300.9.12.1.s390x.rpm glibc-utils-2.31-150300.9.12.1.s390x.rpm nscd-2.31-150300.9.12.1.s390x.rpm glibc-2.31-150300.9.12.1.ppc64le.rpm glibc-devel-2.31-150300.9.12.1.ppc64le.rpm glibc-devel-static-2.31-150300.9.12.1.ppc64le.rpm glibc-extra-2.31-150300.9.12.1.ppc64le.rpm glibc-locale-2.31-150300.9.12.1.ppc64le.rpm glibc-locale-base-2.31-150300.9.12.1.ppc64le.rpm glibc-profile-2.31-150300.9.12.1.ppc64le.rpm glibc-utils-2.31-150300.9.12.1.ppc64le.rpm nscd-2.31-150300.9.12.1.ppc64le.rpm glibc-2.31-150300.9.12.1.aarch64.rpm glibc-devel-2.31-150300.9.12.1.aarch64.rpm glibc-devel-static-2.31-150300.9.12.1.aarch64.rpm glibc-extra-2.31-150300.9.12.1.aarch64.rpm glibc-locale-2.31-150300.9.12.1.aarch64.rpm glibc-locale-base-2.31-150300.9.12.1.aarch64.rpm glibc-profile-2.31-150300.9.12.1.aarch64.rpm glibc-utils-2.31-150300.9.12.1.aarch64.rpm nscd-2.31-150300.9.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-366 critical SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880). - CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c (bnc#1194087). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867). - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object (bnc#1193767). - CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bnc#1192847) - CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bsc#1192845) - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag (bsc#1194529). - CVE-2021-4197: Use cgroup open-time credentials for process migraton perm checks (bsc#1194302). - CVE-2021-4159: Fixed kernel ptr leak vulnerability via BPF in coerce_reg_to_size (bsc#1194227). - CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after error (bsc#1194001). - CVE-2021-4135: Fixed zero-initialize memory inside netdevsim for new map's value in function nsim_bpf_map_alloc (bsc#1193927). - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers when users call close() and fget() simultaneouslyand can potentially trigger a race condition (bnc#1193727). - CVE-2021-4002: Fixed incorrect TLBs flush in hugetlbfs after huge_pmd_unshare (bsc#1192946). - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864). - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861). - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system (bnc#1186207). - CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bsc#1192877) - CVE-2021-28715: Fixed issue with xen/netback to do not queue unlimited number of packages (XSA-392) (bsc#1193442). - CVE-2021-28714: Fixed issue with xen/netback to handle rx queue stall detection (XSA-392) (bsc#1193442). - CVE-2021-28713: Fixed issue with xen/console to harden hvc_xen against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28712: Fixed issue with xen/netfront to harden netfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28711: Fixed issue with xen/blkfront to harden blkfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-0935: Fixed possible out of bounds write in ip6_xmit of ip6_output.c due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1192032). - CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc (bsc#1193731). - CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device (bsc#1179599). - CVE-2019-15126: Fixed a vulnerability in Broadcom and Cypress Wi-Fi chips, used in RPi family of devices aka "Kr00k". (bsc#1167162) - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. This affects kernel/bpf/core.c and net/core/filter.c (bnc#1193575). The following non-security bugs were fixed: - Bluetooth: fix the erroneous flush_work() order (git-fixes). - Build: Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731). - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241 bsc#1195166). - IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241). - elfcore: fix building with clang (bsc#1169514). - hv_netvsc: Set needed_headroom according to VF (bsc#1193506). - ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241 bsc#1195166). - kernel-*-subpackage: Add dependency on kernel scriptlets (bsc#1192740). - kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). - kernel-binary.spec.in: add zstd to BuildRequires if used - kernel-binary.spec.in: make sure zstd is supported by kmod if used - kernel-binary.spec: Check for no kernel signing certificates. Also remove unused variable. - kernel-binary.spec: Define $image as rpm macro (bsc#1189841). - kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs. - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167). - kernel-binary.spec: Fix kernel-default-base scriptlets after packaging merge. - kernel-binary.spec: Require dwarves for kernel-binary-devel when BTF is enabled (jsc#SLE-17288). - kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. - kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841). - kernel-source.spec: install-kernel-tools also required on 15.4 - kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229). The semantic changed in an incompatible way so invoking the macro now causes a build failure. - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - livepatch: Avoid CPU hogging with cond_resched (bsc#1071995). - memstick: rtsx_usb_ms: fix UAF (bsc#1194516). - moxart: fix potential use-after-free on remove path (bsc#1194516). - net, xdp: Introduce xdp_init_buff utility routine (bsc#1193506). - net, xdp: Introduce xdp_prepare_buff utility routine (bsc#1193506). - net: Using proper atomic helper (bsc#1186222). - net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241). - net: mana: Add RX fencing (bsc#1193506). - net: mana: Add XDP support (bsc#1193506). - net: mana: Allow setting the number of queues while the NIC is down (bsc#1193506). - net: mana: Fix spelling mistake "calledd" -> "called" (bsc#1193506). - net: mana: Fix the netdev_err()'s vPort argument in mana_init_port() (bsc#1193506). - net: mana: Improve the HWC error handling (bsc#1193506). - net: mana: Support hibernation and kexec (bsc#1193506). - net: mana: Use kcalloc() instead of kzalloc() (bsc#1193506). - objtool: Support Clang non-section symbols in ORC generation (bsc#1169514). - post.sh: detect /usr mountpoint too - recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267). - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (bsc#1192267). - rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. - rpm/kernel-binary.spec.in: avoid conflicting suse-release suse-release had arbitrary values in staging, we can't use it for dependencies. The filesystem one has to be enough (boo#1184804). - rpm/kernel-binary.spec.in: do not strip vmlinux again (bsc#1193306). - rpm/kernel-binary.spec: Use only non-empty certificates. - rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305). - rpm/kernel-source.rpmlintrc: ignore new include/config files. - rpm/kernel-source.spec.in: do some more for vanilla_only. - rpm: Abolish image suffix (bsc#1189841). - rpm: Abolish scritplet templating (bsc#1189841). Outsource kernel-binary and KMP scriptlets to suse-module-tools. - rpm: Define $certs as rpm macro (bsc#1189841). - rpm: Fold kernel-devel and kernel-source scriptlets into spec files (bsc#1189841). - rpm: fix kmp install path - rpm: use _rpmmacrodir (boo#1191384) - tty: hvc: replace BUG_ON() with negative return value. - vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888). - x86/xen: Mark cpu_bringup_and_idle() as dead_end_function (bsc#1169514). - xen/blkfront: do not take local copy of a request from the ring page (git-fixes). - xen/blkfront: do not trust the backend response data blindly (git-fixes). - xen/blkfront: read response from backend only once (git-fixes). - xen/netfront: disentangle tx_skb_freelist (git-fixes). - xen/netfront: do not read data from request on the ring page (git-fixes). - xen/netfront: do not trust the backend response data blindly (git-fixes). - xen/netfront: read response from backend only once (git-fixes). - xen: sync include/xen/interface/io/ring.h with Xen's newest version (git-fixes). - xfrm: fix MTU regression (bsc#1185377, bsc#1194048). kernel-debug-4.12.14-197.105.1.nosrc.rpm True kernel-debug-base-4.12.14-197.105.1.x86_64.rpm True kernel-default-4.12.14-197.105.1.nosrc.rpm True kernel-kvmsmall-4.12.14-197.105.1.nosrc.rpm True kernel-kvmsmall-base-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-4.12.14-197.105.1.nosrc.rpm True kernel-vanilla-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-base-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-devel-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.x86_64.rpm True kernel-default-man-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-base-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-devel-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.s390x.rpm True kernel-zfcpdump-4.12.14-197.105.1.nosrc.rpm True kernel-zfcpdump-man-4.12.14-197.105.1.s390x.rpm True kernel-debug-base-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-base-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-devel-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-base-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-devel-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.aarch64.rpm True openSUSE-SLE-15.4-2022-344 moderate SUSE Updates openSUSE-SLE 15.4 This update for obs-service-kiwi_metainfo_helper fixes the following issues: - Generate OS_VERSION based on os-release VERSION (bsc#1195061). - Add test suite obs-service-kiwi_metainfo_helper-0.5-1.15.1.noarch.rpm obs-service-kiwi_metainfo_helper-0.5-1.15.1.src.rpm