Removed rpms ============ - WebKit2GTK-5.0-lang - gdk-pixbuf-loader-libopenraw - libgnutls30-32bit - libnettle8-32bit - libtasn1-6-32bit - libblkid1-32bit - libcurl4-32bit - libdbus-1-3-32bit - libdevmapper1_03-32bit - libdigikamcore7 - libflann1_9 - libjavascriptcoregtk-5_0-0 - libmozjs-60 - libogg0-32bit - libopenraw1 - libpolkit0 - libwebkit2gtk-5_0-0 - libxml2-2-32bit - libxmlrpc3 - libxmlrpc_client3 - libxmlrpc_util4 - systemd-icon-branding-openSUSE - typelib-1_0-JavaScriptCore-5_0 - typelib-1_0-WebKit2-5_0 - webkit2gtk-5_0-injected-bundles Added rpms ========== - bluez-cups - libblkid1-32bit - libcurl4-32bit - libdbus-1-3-32bit - libdevmapper1_03-32bit - libogg0-32bit - libxml2-2-32bit - libdigikamcore7_8_0 - libduktape206 - libgnutls30-32bit - libnettle8-32bit - libpolkit-agent-1-0 - libpolkit-gobject-1-0 - libtasn1-6-32bit - pkexec - qemu-block-nfs - typelib-1_0-JavaScriptCore-4_1 - typelib-1_0-WebKit2-4_1 Package Source Changes ====================== MozillaFirefox -- Firefox 102.3.0esr ESR - Placeholder changelog-entry (bsc#1203477) +- Firefox 102.4.0esr ESR + Placeholder changelog-entry (bsc#1204421) +- Added mozilla-partial-revert-1768632.patch to fix build on i586 + +- Firefox Extended Support Release 102.3.0 ESR + * Fixed: Various stability, functionality, and security fixes. + MFSA 2022-40 (bsc#1203477) + * CVE-2022-3266 (bmo#1767360) + Out of bounds read when decoding H264 + * CVE-2022-40959 (bmo#1782211) + Bypassing FeaturePolicy restrictions on transient pages + * CVE-2022-40960 (bmo#1787633) + Data-race when parsing non-UTF-8 URLs in threads + * CVE-2022-40958 (bmo#1779993) + Bypassing Secure Context restriction for cookies with __Host + and __Secure prefix + * CVE-2022-40956 (bmo#1770094) + Content-Security-Policy base-uri bypass + * CVE-2022-40957 (bmo#1777604) + Incoherent instruction cache when building WASM on ARM64 + * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835, + bmo#1785109, bmo#1786502, bmo#1789440) + Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 - mozilla-bmo1626236.patch and mozilla-bmo1602730.patch + mozilla-bmo1626236.patch, mozilla-bmo1602730.patch, + mozilla-bmo1504834-part2.patch, mozilla-bmo1504834-part4.patch MozillaThunderbird +- Mozilla Thunderbird 102.4.0 + Placeholder changelog-entry (bsc#1204421) +- Rebase mozilla-silence-no-return-type.patch to apply with fuzz=0 +- Added mozilla-partial-revert-1768632.patch to fix build on i586 +- Mozilla Thunderbird 102.3.3 + * new: Option added to show containing address book for a + contact when using `All Address Books` in vertical mode + (bmo#1778871) + * changed: Thunderbird will try to use POP NTLM authentication + even if not advertised by server (bmo#1793349) + * changed: Task List and Today Pane sidebars will no longer + load when not visible (bmo#1788549) + * fixed: Sending a message while a recipient pill was being + modified did not save changes (bmo#1779785) + * fixed: Nickname column was not available in horizontal view + of Address Book (bmo#1778000) + * fixed: Multiline organization values were displayed across + two columns in horizontal view of Address Book (bmo#1777780) + * fixed: Contact vCard fields with multiple values such as + Categories were truncated when saved (bmo#1792399) + * fixed: ICS calendar files with a `FREEBUSY` property could + not be imported (bmo#1783441) + * fixed: Thunderbird would hang if calendar event exceeded the + year 2035 (bmo#1789999) +- Mozilla Thunderbird 102.3.2 + * changed: Thunderbird will try to use POP CRAM-MD5 + authentication even if not advertised by server (bmo#1789975) + * fixed: Checking messages on POP3 accounts caused POP folder + to lock if mail server was slow or non-responsive + (bmo#1792451) + * fixed: Newsgroups named with consecutive dots would not + appear when refreshing list of newsgroups (bmo#1787789) + * fixed: Sending news articles containing lines starting with + dot were sometimes clipped (bmo#1787955) + * fixed: CardDAV server sync silently failed if sync token + expired (bmo#1791183) + * fixed: Contacts from LDAP on macOS address books were not + displayed (bmo#1791347) + * fixed: Chat account input now accepts URIs for supported chat + protocols (bmo#1776706) + * fixed: Chat ScreenName field was not migrated to new address + book (bmo#1789990) + * fixed: Creating a New Event from the Today Pane used the + currently selected day from the main calendar instead of from + the Today Pane (bmo#1791203) + * fixed: `New Event` button in Today Pane was incorrectly + disabled sometimes (bmo#1792058) + * fixed: Event reminder windows did not close after being + dismissed or snoozed (bmo#1791228) + * fixed: Improved performance of recurring event date + calculation (bmo#1787677) + * fixed: Quarterly calendar events on the last day of the month + repeated one month early (bmo#1789362) + * fixed: Thunderbird would hang if calendar event exceeded the + year 2035 (bmo#1789999) + * fixed: Whitespace in calendar events was incorrectly handled + when upgrading from Thunderbird 91 to 102 (bmo#1790339) + * fixed: Various visual and UX improvements (bmo#1755623,bmo#17 + 83903,bmo#1785851,bmo#1786434,bmo#1787286,bmo#1788151,bmo#178 + 9728,bmo#1790499) +- Mozilla Thunderbird 102.3.1 + * changed: Compose window encryption options now only appear + for encryption technologies that have already been configured + (bmo#1788988) + * changed: Number of contacts in currently selected address + book now displayed at bottom of Address Book list column + (bmo#1745571) + * fixed: Password prompt did not include server hostname for + POP servers (bmo#1786920) + * fixed: `Edit Contact` was missing from Contacts sidebar + context menus (bmo#1771795) + * fixed: Address Book contact lists cut off display of some + characters, the result being unreadable (bmo#1780909) + * fixed: Menu items for dark-themed alarm dialog were invisible + on Windows 7 (bmo#1791738) + * fixed: Various security fixes + MFSA 2022-43 (bsc#1204411) + * CVE-2022-39249 (bmo#1791765) + Matrix SDK bundled with Thunderbird vulnerable to an + impersonation attack by malicious server administrators + * CVE-2022-39250 (bmo#1791765) + Matrix SDK bundled with Thunderbird vulnerable to a device + verification attack + * CVE-2022-39251 (bmo#1791765) + Matrix SDK bundled with Thunderbird vulnerable to an + impersonation attack + * CVE-2022-39236 (bmo#1791765) + Matrix SDK bundled with Thunderbird vulnerable to a data + corruption issue +- Mozilla Thunderbird 102.3 + * changed: Thunderbird will no longer attempt to import account + passwords when importing from another Thunderbird profile in + order to prevent profile corruption and permanent data loss. + (bmo#1790605) + * changed: Devtools performance profile will use Thunderbird + presets instead of Web Developer presets (bmo#1785954) + * fixed: Thunderbird startup performance improvements + (bmo#1785967) + * fixed: Saving email source and images failed + (bmo#1777323,bmo#1778804) + * fixed: Error message was shown repeatedly when temporary disk + space was full (bmo#1788580) + * fixed: Attaching OpenPGP keys without a set size to non- + encrypted messages briefly displayed a size of zero bytes + (bmo#1788952) + * fixed: Global Search entry box initially contained + "undefined" (bmo#1780963) + * fixed: Delete from POP Server mail filter rule intermittently + failed to trigger (bmo#1789418) + * fixed: Connections to POP3 servers without UIDL support + failed (bmo#1789314) + * fixed: Pop accounts with "Fetch headers only" set downloaded + complete messages if server did not advertise TOP capability + (bmo#1789356) + * fixed: "File -> New -> Address Book Contact" from Compose + window did not work (bmo#1782418) + * fixed: Attach "My vCard" option in compose window was not + available (bmo#1787614) + * fixed: Improved performance of matching a contact to an email + address (bmo#1782725) + * fixed: Address book only recognized a contact's first two + email addresses (bmo#1777156) + * fixed: Address book search and autocomplete failed if a + contact vCard could not be parsed (bmo#1789793) + * fixed: Downloading NNTP messages for offline use failed + (bmo#1785773) + * fixed: NNTP client became stuck when connecting to Public- + Inbox servers (bmo#1786203) + * fixed: Various visual and UX improvements + (bmo#1782235,bmo#1787448,bmo#1788725,bmo#1790324) + * fixed: Various security fixes + * unresolved: No dedicated "Department" field in address book + (bmo#1777780) + MFSA 2022-42 (bsc#1203477) + * CVE-2022-3266 (bmo#1767360) + Out of bounds read when decoding H264 + * CVE-2022-40959 (bmo#1782211) + Bypassing FeaturePolicy restrictions on transient pages + * CVE-2022-40960 (bmo#1787633) + Data-race when parsing non-UTF-8 URLs in threads + * CVE-2022-40958 (bmo#1779993) + Bypassing Secure Context restriction for cookies with __Host + and __Secure prefix + * CVE-2022-40956 (bmo#1770094) + Content-Security-Policy base-uri bypass + * CVE-2022-40957 (bmo#1777604) + Incoherent instruction cache when building WASM on ARM64 + * CVE-2022-3155 (bmo#1789061) + Attachment files saved to disk on macOS could be executed + without warning + * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835, + bmo#1785109, bmo#1786502, bmo#1789440) + Memory safety bugs fixed in Thunderbird 102.3 + acpica +- This version includes CEDT table support as requested in feature + (SLE 15 SP5): + jsc#PED-201 + +- Update bundled wmidump to latest upstream 2021-10-11: + * Add support for '//' comments + * Print object_id or notify_id based on ACPI_WMI_EVENT flag + object_id and notify_id member are in one union. It depends on + ACPI_WMI_EVENT flag which member is stored in this union. + So print only one member based on ACPI_WMI_EVENT flag. +- Add comment about origin of the wmidump sources + +- update to 20220331: + For the ASL Sleep() operator, issue a warning if the sleep value is + greater than 10 Milliseconds. Quick boottime is important, so warn about + sleeps greater than 10 ms. Distribution Linux kernels reach initrd in 350 + ms, so excessive delays should be called out. 10 ms is chosen randomly, + but three of such delays would already make up ten percent of the + boottime. + Namespace: Avoid attempting to walk the Namespace if the Namespace does + not exist. + AML interpreter/iASL compiler: Add new Acpi 6.4 semantics for the + LoadTable and Load operators. DDB_HANDLE is gone, now loadtable returns a + pass/fail integer. Now load returns a pass/fail integer, as well as + storing the return value in an optional 2nd argument. + Headers: Use uintptr_t and offsetof() in Linux kernel builds. To avoid + "performing pointer subtraction with a null pointer has undefined + behavior" compiler warnings, use uintptr_t and offsetof() that are always + available during Linux kernel builds to define ACPI_UINTPTR_T and the + ACPI_TO_INTEGER() and ACPI_OFFSET() macros when building the ACPICA code + in the Linux kernel. + Added support for the Windows 11 _OSI string ("Windows 2021"). Submitted + by superm1. + executer/exsystem: Inform users about ACPI spec violation for the Stall() + operator. Values greater than 100 microseconds violate the ACPI + specification, so warn users about it. From the ACPI Specification + version 6.2 Errata A, 19.6.128 *Stall (Stall for a Short Time)*: + The implementation of Stall is OS-specific, but must not relinquish + control of the processor. Because of this, delays longer than 100 + microseconds must use Sleep instead of Stall. + Data Table Compiler/Disassembler: Add support for the APMT table - ARM + Performance Monitoring Unit table. Submitted by @bwicaksononv. + Data Table Compiler/Disassembler: For MADT, add support for the OEM- + defined subtables (Types 0x80-0x7F). + Data Table Compiler: Fixed a problem with support for the SDEV table, + where a subtable Length was not computed correctly. + Data Table Compiler/Disassembler: Add/fix the CFMWS subtable to the CEDT + Acpi table support. + Data Table Compiler/Disassembler: Fix a compile issue with the CEDT and + add template. Submitted by MasterDrogo. + Data Table Compiler/Disassembler: NHLT Changes provided by Piotr Maziarz: + iASL/NHLT: Rename linux specific structures to DeviceInfo to improve + readability of the code. + iASL/NHLT: Fix parsing undocumented bytes at the end of Endpoint. + Undocumented bytes at the end of Endpoint Descriptor can be present + independently of Linux-specific structures. Their size can also vary. + iASL/NHLT: Treat TableTerminator as SpecificConfig. SpecificConfig has 4 + bytes of size and then an amount of bytes specified by size. All of the + terminators that I've seen had a size equal to 4, but theoretically it + can vary. + iASL/AcpiExec: Use _exit instead of exit in signal handers (ctrl-C). + iASL: Remove a remark due to excessive output. Removed a remark for + duplicate Offset() operators, due to a user complaint. + +- The package build fine on arches different than x86 and ARM. Drop + the ExclusiveArch. + +- Update to version 20210930 + * ACPICA kernel-resident subsystem: + * Avoid evaluating methods too early during system resume. + * Added a new _OSI string, "Windows 2020". + * iASL Compiler/Disassembler and ACPICA tools: + * iASL compiler: Updated the check for usage of _CRS, _DIS, + _PRS, and _SRSobjects + * iASL table disassembler: Added disassembly support for the + NHLT ACPI table. + * Added a new subtable type for ACPI 6.4 SRAT Generic Port Affinity + * Added the flag for online capable in the MADT, introduced in + ACPI 6.3. +- Update to version 20210730: + * iASL Compiler/Disassembler and ACPICA tools: + * iasl: Check usage of _CRS, _DIS, _PRS, and _SRS objects + * iASL Table Disassembler/Table compiler: Fix for WPBT table with + no command-line arguments. + * Handle the case where the Command-line Arguments table field does + not exist (zero). + * Headers: Add new DBG2 Serial Port Subtypes + * iASL: Add full support for the AEST table (data compiler) + * Add PRMT module header to facilitate parsing. + * Table disassembler: Add missing strings to decode subtable types. + +- Update to version 20210604: + * ACPICA kernel-resident subsystem + * Cleaned up (delete) the context mutex during local address + handler object deletion. + * Fixed a memory leak caused by the _CID repair function. + * Add support for PlatformRtMechanism OperationRegion handler. + * Add a new utility function, AcpiUtConvertUuidToString. + * iASL Compiler/Disassembler and ACPICA tools: + * Added full support for the PRMT ACPI table + * Added full support for the BDAT ACPI table. + * Added full support for the RGRT ACPI table. + * Added full support for the SVKL ACPI table. + * Completed full support for the IVRS ACPI table. + * Added compiler support for IVRS, updated disassembler support + * Added a new utility, UtIsIdInteger, to determine if a + HID/CID is an integer or a string. + * Headers: Added more structs to the CEDT table + * ACPI 6.4: MADT: added Multiprocessor Wakeup Mailbox Structure. + +- Update to version 20210331 + * ACPI 6.4 is now supported! + ACPICA kernel-resident subsystem: + * Always create namespace nodes. + * Fixed a race condition in generic serial bus operation region handler. + iASL Compiler/Disassembler and ACPICA tools: + * Add disassembly support for the IVRS table. + * Fixed a potential infinite loop due to type mismatch. + iASL/TableCompiler: + * update it with IORT table E.b revision changes. + * Add compilation support for the VIOT table. + * Add compilation support for CEDT table. + * Update of the CEDT template. + +- Update to version 20210105 + ACPICA kernel-resident subsystem: + * Updated all copyrights to 2021. This affects all ACPICA source code + modules. + iASL Compiler/Disassembler and ACPICA tools: + * ASL test suite (ASLTS): Updated all copyrights to 2021. + * Tools and utilities: Updated all signon copyrights to 2021. + * iASL Table Compiler: Removed support for obsolete ACPI tables: VRTC, + MTMR. Al Stone. + +- Update to version 20200717 + ACPICA kernel-resident subsystem: + * Do not increment OperationRegion reference counts for field units. Recent + server firmware has revealed that this reference count can overflow on + large servers that declare many field units (thousands) under the same + OperationRegion. This occurs because each field unit declaration will add + a reference count to the source OperationRegion. This release solves the + reference count overflow for OperationRegion objects by preventing + fieldUnits from incrementing their parent OperationRegion's reference + count. + * Replaced one-element arrays with flexible-arrays, which were introduced + in C99. + * Restored the readme file containing the directions for generation of + ACPICA from source on MSVC 2017. Updated the file for MSVC 2017. File is + located at: generate/msvc2017/readme.txt + iASL Compiler/Disassembler and ACPICA tools: + * iASL: Fixed a regression found in version 20200214. Prevent iASL from + emitting an extra byte of garbage data when control methods declared a + single parameter type without using braces. This extra byte is known to + cause a blue screen on the Windows AML interpreter. + * iASL: Made a change to allow external declarations to specify the type of + a named object even when some name segments are not defined. This change + allows the following ASL code to compile + (When DEV0 is not defined or not defined yet): + External (\_SB.DEV0.OBJ1, IntObj) + External (\_SB.DEV0, DeviceObj) + * iASL: Fixed a problem where method names in "Alias ()" statement could be + misinterpreted. They are now interpreted correctly as method invocations. + * iASL: capture a method parameter count (Within the Method info segment, + as well as the argument node) when using parameter type lists. + +- Update to version 20200528 + ACPICA kernel-resident subsystem: + Removed old/obsolete Visual Studio files which were used to build the + Windows versions of the ACPICA tools. Since we have moved to Visual + Studio 2017, we are no longer supporting Visual Studio 2006 and 2009 + project files. The new subdirectory and solution file are located at: + acpica/generate/msvc2017/AcpiComponents.sln + iASL Compiler/Disassembler and ACPICA tools: + * iASL: added support for a new OperationRegion Address Space (subtype): + PlatformRtMechanism. Support for this new keyword is being released for + early prototyping. It will appear in the next release of the ACPI + specification. + * iASL: do not optimize the NameString parameter of the CondRefOf operator. + In the previous iASL compiler release, the NameString parameter of the + CondRefOf was optimized. There is evidence that some implementations of + the AML interpreter do not perform the recursive search-to-parent search + during the execution of the CondRefOf operator. Therefore, the CondRefOf + operator behaves differently when the NameString parameter is a single + name segment (a NameSeg) as opposed to a full NamePath (starting at the + root scope) or a NameString containing parent prefixes. + * iASL: Prevent an inadvertent remark message. This change prevents a + remark if within a control method the following exist: + 1) An Operation Region is defined, and + 2) A Field operator is defined that refers to the region. + This happens because at the top level, the Field operator does not + actually create a new named object, it simply references the operation + region. + * Removed support for the acpinames utility. The acpinames was a simple + utility used to populate and display the ACPI namespace without executing + any AML code. However, ACPICA now supports executable opcodes outside of + control methods. This means that executable AML opcodes such as If and + Store opcodes need to be executed during table load. Therefore, acpinames + would need to be updated to match the same behavior as the acpiexec + utility and since acpiexec can already dump the entire namespace (via the + 'namespace' command), we no longer have the need to maintain acpinames. + * In order to dump the contents of the ACPI namepsace using acpiexec, + execute the following command from the command line: + acpiexec -b "n" [aml files] +- Refresh parches + +- Enable -fcommon in CFLAGS and CXXFLAGS in order + to fix boo#1160383. + +- Add -fcommon as there are a lot re-definitions which lead to errors + and compile failures with gcc10 which enables -fno-common by default + bsc#1160383 - acpica fails with -fno-common + +- Update to version 20200110 + +- Use noun phrase in summary + +- Update to version 20190509 + Includes a fix that breaks VirtualBox + https://github.com/acpica/acpica/issues/462 + +- Update to version 20190405 + iASL: Implemented an enhanced multiple file compilation that combines + named objects from all input files to a single namespace. With this + feature, any unresolved external declarations as well as duplicate named + object declarations can be detected during compilation rather than + generating errors much later at runtime. The following commands are + examples that utilize this feature: + iasl dsdt.asl ssdt.asl + iasl dsdt.asl ssdt1.asl ssdt2.asl + iasl dsdt.asl ssdt*.asl +- Adjusted patch: + M acpica-no-compiletime.patch + +- Update to version 20190215 + Support for ACPI specification version 6.3: + * Add PCC operation region support for the AML interpreter. This adds PCC + operation region support in the AML interpreter and a default handler for + acpiexec. The change also renames the PCC region address space keyword to + PlatformCommChannel. + * Support for new predefined methods _NBS, _NCH, _NIC, _NIH, and _NIG. + These methods provide OSPM with health information and device boot + status. + * PDTT: Add TriggerOrder to the PCC Identifier structure. The field value + defines if the trigger needs to be invoked by OSPM before or at the end + of kernel crash dump processing/handling operation. + * SRAT: Add Generic Affinity Structure subtable. This subtable in the SRAT + is used for describing devices such as heterogeneous processors, + accelerators, GPUs, and IO devices with integrated compute or DMA + engines. + * MADT: Add support for statistical profiling in GICC. Statistical + profiling extension (SPE) is an architecture-specific feature for ARM. + * MADT: Add online capable flag. If this bit is set, system hardware + supports enabling this processor during OS runtime. + * New Error Disconnect Recover Notification value. There are a number of + scenarios where system Firmware in collaboration with hardware may + disconnect one or more devices from the rest of the system for purposes + of error containment. Firmware can use this new notification value to + alert OSPM of such a removal. + * PPTT: New additional fields in Processor Structure Flags. These flags + provide more information about processor topology. + * NFIT/Disassembler: Change a field name from "Address Range" to "Region + Type". + * HMAT updates: make several existing fields to be reserved as well as + rename subtable 0 to "memory proximity domain attributes". + * GTDT: Add support for new GTDT Revision 3. This revision adds information + for the EL2 timer. + * iASL: Update the HMAT example template for new fields. + * iASL: Add support for the new revision of the GTDT (Rev 3). + ACPICA kernel-resident subsystem: + * AML Parser: fix the main AML parse loop to correctly skip erroneous + extended opcodes. AML opcodes come in two lengths: 1-byte opcodes and 2- + byte extended opcodes. If an error occurs during an AML table load, the + AML parser will continue loading the table by skipping the offending + opcode. This implements a "load table at any cost" philosophy. + iASL Compiler/Disassembler and Tools: + * iASL: Add checks for illegal object references, such as a reference + outside of method to an object within a method. Such an object is only + temporary. + * iASL: Emit error for creation of a zero-length operation region. Such a + region is rather pointless. If encountered, a runtime error is also + implemented in the interpeter. + * Debugger: Fix a possible fault with the "test objects" command. + * iASL: Makefile: support parent directory filenames containing embedded + spaces. + * iASL: Update the TPM2 template to revision 4. + * iASL: Add the ability to report specific warnings or remarks as errors. + * Disassembler: Disassemble OEMx tables as actual AML byte code. + Previously, these tables were treated as "unknown table". + * iASL: Add definition and disassembly for TPM2 revision 3. + * iASL: Add support for TPM2 rev 3 compilation. +- Refresh patches +- Run spec-cleaner + +- Update to 20180629 + Added changelog from mainline, installed into documentation path + +- Update to version 20180508 + ACPICA kernel-resident subsystem: + * Completed the new (recently deployed) package resolution + mechanism for the Load and LoadTable ASL/AML operators. This + fixes a regression that was introduced in version 20180209 + that could result in an AE_AML_INTERNAL exception during the + loading of a dynamic ACPI/AML table (SSDT) that contains + package objects. + iASL Compiler/Disassembler and Tools: + * AcpiDump and AcpiXtract: Implemented support for ACPI tables + larger than 1 MB. This change allows for table offsets within + the acpidump file to be up to 8 characters. These changes are + backwards compatible with existing acpidump files. + version 20180427 + ACPICA kernel-resident subsystem: + * Debugger: Added support for Package objects in the "Test + Objects" command. This command walks the entire namespace and + evaluates all named data objects (Integers, Strings, Buffers, + and now Packages). + * Improved error messages for the namespace root node. + Originally, the root was referred to by the confusing string + "\___". This has been replaced by "Namespace Root" for + clarification. + * Fixed a potential infinite loop in the AcpiRsDumpByteList + function. Colin Ian King . + iASL Compiler/Disassembler and Tools: + * iASL: Implemented support to detect and flag illegal forward + references. For compatibility with other ACPI implementations, + these references are now illegal at the root level of the DSDT + or SSDTs. Forward references have always been illegal within + control methods. This change should not affect existing + ASL/AML code because of the fact that these references + have always been illegal in the other ACPI implementation. + * iASL: Added error messages for the case where a table OEM ID + and OEM TABLE ID strings are longer than the ACPI-defined length. + Previously, these strings were simply silently truncated. + * iASL: Enhanced the -tc option (which creates an AML hex file + in C, suitable for import into a firmware project): + 1) Create a unique name for the table, to simplify use of + multiple SSDTs. + 2) Add a protection #ifdef in the file, similar to a .h + header file. With assistance from Sami Mujawar, + sami.mujawar@arm.com and Evan Lloyd, evan.lloyd@arm.com + * AcpiExec: Added a new option, -df, to disable the local + fault handler. This is useful during debugging, where it may + be desired to drop into a debugger on a fault. + +- Upgrade to latest version 20180313 +- Update patches: + * acpica-no-compiletime.patch + * do_not_use_build_date_and_time.patch + -- Update to version 20140724 - -- Include generate_acpi-tools_tarball.sh in the package's source. - -- Add acpi-tools tarball from kernel sources: tools/power/acpi - Use latest acpidump from there instead of acpica included one. - This fixes acpidump on latest kernels. -- Add script for easier retrieving of acpi-tools tarball from kernel sources. - -- Update to version 20140214 -- Replace $RPM_OPT_FLAGS with %{optflags} as suggested by tcech@suse.cz - -- set HOST for make to not blindly set the hostname - as compiler definition - -- Update to version 20140114 - Drop acpica-add_missing_examples_makefile.patch - - > already included mainlaine. - -- Update to version 20131218 - Add acpica-add_missing_examples_makefile.patch: They forgot to add a file - to the tarball. This patch adds it from git repo. - Drop acpica-fix_dots_in_path_for_p_option.patch: This patch is included - in the newly provided version tarball already. - -- Update to version 20131115 -- Explicitly add commit 04d10e3c1f41a776cbed96dce2326ee649b9a0f0 to fix - bnc#855050: - acpica-fix_dots_in_path_for_p_option.patch - -- Update to version 20130823 -- remove already integrated patch: - dmar-buf10.patch - -- Fix Source3 vs Source4 typo (acpi_validate was broken) - -- Update to version 20130517 - - remove acpidump tarball, it is now included in acpica main project - -- Update to version 20130418 - - remove already integreated patches: - acpica_make_CFLAGS_overridable - bob_noop.patch - - Add fix for DMAR table parsing issue: - https://bugs.acpica.org/show_bug.cgi?id=999 - -- Add wmidump/wmixtract tools for easy WMI (or other) GUID parsing - -- Fix tiny bug in acpi_validate which wrongly adds the file which - is to be compiled additionally to the external reference tables - list - -- Make use of -in (Ignore NoOp opcodes/operators) - to avoid false positive errors during compliation/disassembling - -- Update to version 20121018 - - > remove some patches that got integrated - - > Add one patch (bob_noop.patch) which will get integrated - mainline: Stop and bail out when max error (200) count is reached. - Introduce -in compile/disassemble option. - -- Add acpi_validate script for easy disassembling and re-compilation - of local ACPI tables or of an already existing acpidump file - -- Update to latest version 20121018. - - > one patch got accepted mainline -> removed. - -- Update to latest version 20120913 -- Add acpi_genl from http://www.lesswatts.org/projects/acpi/utilities.php - Can be used to check for ACPI events via netlink (since /proc/acpi/events is - is deprecated) -- Adjust to new Makefile layout - -- Update to latest version 20120518 - -- license update: GPL-2.0 - You added ec_access.c with a GPL-2.0 (only) license. Now the spec file - has to be updated to reflect this - -- Clarify license, it's GPL-2.0+ (bnc#711299). - -- ACPICA version 20111123 released with full ACPI 5.0 support - Detailed changelog can be found here: - http://acpica.org/download/changes.txt - -- Fix build for 32 bit - -- Update to version 20110623 -- Fixed some "set but not used" errors and a link order issue - and sent patches upstream. -- Set "-Wno-unused-result" for some compilations -> too many - offenders to fix that all up. - -- Add acpica-unix-const.patch: fix const correctness issue in - AslCompilererror, http://www.acpica.org/bugzilla/show_bug.cgi?id=923 - -- Add acpica-unix-20110316-gcc46.patch: fix compilation with gcc 4.6 - -- Disable both build dates in this package and in - the files it generates as it both trigger either unneeded - republish of itself or other bigger packages like virtualbox -- Provides: iasl too. - -- Exchange selfmade patch with mainline one to fix build - -- Updated to acpica version 20110316 - Changes are listed in /usr/share/doc/packages/acpica/changes.txt -- Fixed dynamic acpi table extract via acpidump/acpixtract - by reverting acpica commit baab09e6857a427944068c5e599ea2ffb84f765b -- Fixed compile issue and submitted it mainline - -- Add possibility to see changes via new -s param: -r [ -s sleep ] - -- Remove stale acpidump patches - -- Get latest acpidump tool from Len's acpi pmtools: - * Also dump dynamically loaded SSDTs -- Build against its own headers instead of acpica headers - - > unfortunately acpidump is still not part of acpica and - adjusting things ourselves is too much overhead. - -- Update to version 20110112 - Changes are listed in /usr/share/doc/packages/acpica/changes.txt - -- Update to version 20100806 -- Added ec_access executable to be able to debug the Embedded - Controller together with CONFIG_ACPI_EC_DEBUGFS kernel .config - option - -- Update to version 20100806 - For details, see the changes.txt file in the package - changes.txt can now be found in - /usr/share/doc/packages/acpica/changes.txt - -- Update to version 20100702 - For details, see acpica-unix-20100702/changes.txt - -- Update to version 20100428 - -- Avoid (when compiling AML): - DSDT.dsl 10307: Name (_ADR, Zero) - Error 4080 - ^ Invalid object type for reserved name, - must be (Integer) - -- Updated to version 20100304 - Some ACPI 4.0 enhancements and a lot bug fixes and other - enhancements. See changes.txt in the sources for details - -- Updated to version 20091013 - Includes a bug fix to correctly disassmeble Unisys ES7000 tables - -- as-needed fix no longer necessary - -- Update to acpica version 20090730 - The ACPI 4.0 implementation for ACPICA is complete with this release. - -- disable as-needed for this package as it fails to build with it - -- Initial check-in: Version 20090320 - akonadi-server +- In SLE-15-SP3 we had patches that made akonadi fall back to + sqlite if the mysql backend is not available. Those patches were + already merged by upstream so we can let the package Recommend + mysql instead of Require it, since it's not available in SLED. + The Requires are set unless branding-SLE is installed so the + requirements are used in Leap/TW but not in SLE where it's only + a Recommends and an alternate Requirements is used in that case + where the sqlite backend is installed if mysql is not available. + amarok +- Use FFmpeg 4 to build amarok on Tumbleweed. The FFmpeg 5 port + needs more work. + +- Don't require QtWebEngine unconditionally + autoyast2 +- Log the profile/rules/classes file SHA1 sum so we can later + verify that a particular file was or was not used by YaST + (related to bsc#1204175) +- 4.5.8 + +- Allow empty values in ask/default, ask/selection/label and + ask/selection/value elements (bsc#1204448). +- 4.5.7 + +- fix profile location parsing and add 'repo' URL scheme (jsc#SLE-22578, + jsc#SLE-24584) +- 4.5.6 + +- Add needed packages for the selected network backend in order to + prevent it is not declared in the software section (bsc#1201235, + bsc#1201435) +- 4.5.5 + bind +- Update to release 9.16.33 + Security Fixes: + * Previously, there was no limit to the number of database lookups + performed while processing large delegations, which could be + abused to severely impact the performance of named running as a + recursive resolver. This has been fixed. (CVE-2022-2795) + * named running as a resolver with the stale-answer-client-timeout + option set to 0 could crash with an assertion failure, when + there was a stale CNAME in the cache for the incoming query. + This has been fixed. (CVE-2022-3080) + * A memory leak was fixed that could be externally triggered in the + DNSSEC verification code for the ECDSA algorithm. (CVE-2022-38177) + * Memory leaks were fixed that could be externally triggered in the + DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178) + Feature Changes: + * Response Rate Limiting (RRL) code now treats all QNAMEs that are + subject to wildcard processing within a given zone as the same + name, to prevent circumventing the limits enforced by RRL. + * Zones using dnssec-policy now require dynamic DNS or + inline-signing to be configured explicitly. + * A backward-compatible approach was implemented for encoding + internationalized domain names (IDN) in dig and converting the + domain to IDNA2008 form; if that fails, + BIND tries an IDNA2003 conversion. + Bug Fixes: + * A serve-stale bug was fixed, where BIND would try to return stale + data from cache for lookups that received duplicate queries or + queries that would be dropped. This bug resulted in premature + SERVFAIL responses, and has now been resolved. + [bsc#1203614, bsc#1203618, bsc#1203619, bsc#1203620, jsc#SLE-24600] + +- Add systemd drop-in directory for named service + [bsc#1201689, bind.spec] + +- Include a modified createNamedConfInclude script again, as this + broke compatability with existing configurations. + A symlink for named.conf.include to /var/lib/named is created to + allow for a read-only /etc directory. + However it is still advised to change the existing configuration. + See README-bind.chrootenv for a guide how to do this. + [bsc#1203250, vendor-files/tools/createNamedConfInclude, + vendor-files/docu/README-bind.chrootenv, bind.spec] + +- Update to release 9.16.32 + Feature Changes: + * The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically + disabled on systems where they are disallowed by the security policy + (e.g. Red Hat Enterprise Linux 9). Primary zones using those algorithms + need to be migrated to new algorithms prior to running on these systems, + as graceful migration to different DNSSEC algorithms is not possible when + RSASHA1 is disallowed by the operating system. + * Log messages related to fetch limiting have been improved to provide + more complete information. Specifically, the final counts of allowed + and spilled fetches are now logged before the counter object is destroyed. + Bug Fixes: + * Non-dynamic zones that inherit dnssec-policy from the view or options + blocks were not marked as inline-signed and therefore never scheduled + to be re-signed. This has been fixed. + * The old max-zone-ttl zone option was meant to be superseded by + the max-zone-ttl option in dnssec-policy; however, the latter option + was not fully effective. This has been corrected: zones no longer load + if they contain TTLs greater than the limit configured in dnssec-policy. + For zones with both the old max-zone-ttl option and dnssec-policy + configured, the old option is ignored, and a warning is generated. + * rndc dumpdb -expired was fixed to include expired RRsets, + even if stale-cache-enable is set to no and + the cache-cleaning time window has passed. + [bind-9.16.32.tar.xz, bind-9.16.32.tar.xz.sha512.asc, + bind-9.16.31.tar.xz, bind-9.16.31.tar.xz.sha512.asc, + bind.spec, jsc#SLE-24600] + bluez -- Add shared-gatt-server-Fix-heap-overflow-when-appending-.patch +- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync more change log: + (jsc#PED-1407) + - The hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch + be merged to bluez-5.51 in 2018. (bsc#1013732)(CVE-2016-9801) + - The following btmon patches are merged to bluez-5.51 and later: + 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch + 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch + 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch + 0004-btmon-Fix-crash-caused-by-integer-underflow.patch + 0005-btmon-fix-stack-buffer-overflow.patch + 0006-btmon-fix-multiple-segfaults.patch + 0007-btmon-fix-segfault-caused-by-integer-underflow.patch + 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch + 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch + 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch + 0011-btmon-fix-segfault-caused-by-integer-underflow.patch + 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch + (bsc#1015173)(CVE-2016-9918)(bsc#1013893)(CVE-2016-9802) + - The shared-gatt-server-Fix-not-properly-checking-for-sec.patch + be merged to bluez-5.57 in 2021. + (bsc#1186463 CVE-2021-0129 CVE-2020-26558) + - The gatt-Fix-potential-buffer-out-of-bound.patch be merged to + bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588) + - The shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch + be merged to bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588) + - The gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch + be merged to bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588) + - Add JIRA-SLE-18497 number to 5.60, 5.61 and 5.62 update log + to sync with bluez.changes in SLE15-SP5. + - Install modprobe.conf files to %_modprobedir + This change already in bluez.sepc in openSUSE:Factory/bluez. + Sync the change log here. (bsc#1196275, jsc#SLE-20639) + +- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the spec file and + log: (jsc#PED-1407) + - SLE15-SP5 will direct use bluez.changes for openSUSE TW. + So keep the contents of SLE bluez.changes to bluez.changes.sle file. + - Put to /usr/share/doc/packages/bluez/bluez.changes.sle in package. + +- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the spec file and + log: (jsc#PED-1407) + - SLE15-SP5 will use the bluez.spec from openSUSE TW. The following + are changes in bluez.spec of SLE15-SP5: + - Obsoletes: bluez-utils <= 3.36 + to + Obsoletes: bluez-utils < 3.36 + - Obsoletes: bluez-audio <= 3.36 + to + Obsoletes: bluez-audio < 3.36 + - In %package -n libbluetooth3: + Obsoletes: bluez-libs <= 3.36 + to + Obsoletes: bluez-libs < 3.36 + - In %package cups, add the following statements + Requires: %{name} + Requires: cups + Supplements: (%{name} and cups) + - In %package test + Requires: python3-gobject2 + to + Requires: python3-gobject + - In %package auto-enable-devices package, add + Requires(post): systemd + - Add %package obexd and %package zsh-completion + and their %description + - In %prep + - Removed + %setup -q + - Removed + [#] FIXME: Change the dbus service to be a real service, not systemd launched + sed -i "s:Exec=/bin/false:Exec=%{_libexecdir}/bluetooth/obexd:g" obexd/src/org.bluez.obex.service + sed -i "/SystemdService=.*/d" obexd/src/org.bluez.obex.service + [#] END FIXME + - In %build, add + - -with-dbusconfdir=%{_datadir} \ + - In %install + - Removed + [#] FIXME: Do not delete the systemd service once we support systemd user/session services + rm %{buildroot}%{_userunitdir}/obex.service + [#] end FIXME + - org.bluez.mesh.service to %{_sysconfdir}/dbus-1/system-services/, + to + org.bluez.mesh.service to %{_datadir}/dbus-1/system-services/, + - In %files + - Add + %{_bindir}/isotest + %{_libexecdir}/bluetooth/obexd + %{_mandir}/man1/isotest.1%{?ext_man} + - %config %{_sysconfdir}/dbus-1/system.d/bluetooth.conf + to + %{_datadir}/dbus-1/system.d/bluetooth.conf + - Removed + %{_datadir}/dbus-1/services/org.bluez.obex.service + - Removed + %{_datadir}/zsh/site-functions/_bluetoothctl + - Add %files zsh-completion + - SLE15-SP5 will direct use bluez.changes for openSUSE TW. + So keep the contents of SLE bluez.changes to bluez.changes.sle file. + - Removed shared-gatt-server-Fix-heap-overflow-when-appending-.patch in + SLE15-SP5 bluez because 5.65 bluez already includes it. -- Install modprobe.conf files to %_modprobedir (bsc#1196275, jsc#SLE-20639) +- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the patches and + log: (jsc#PED-1407) + - hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch patch + be merged to 5.51 mainline. So 5.65 bluez already includes it. + (PATCH-FIX-UPSTREAM)(bsc#1013721)(CVE-2016-9800) + - Add the following patches from the bluez-5.62 of 15-SP5: + - disable_some_obex_tests.patch + - disable tests for bypass boo#1078285 + - hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch + - bsc#1013708 CVE-2016-9797 + - Al Cho has sent it to upstream but it not be merged: + https://lore.kernel.org/all/20181031081508.25927-1-acho@suse.com/T/ + - hcidump-Fix-memory-leak-with-malformed-packet.patch + - bsc#1015171 CVE-2016-9917 + - Al Cho has sent it to upstream but it not be merged: + https://www.spinics.net/lists/linux-bluetooth/msg79852.html + - hcidump-Fixed-malformed-segment-frame-length.patch + - bsc#1013712 CVE-2016-9798 + - Did not send to upstream. + - 0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch + - Move 43xx firmware path for RPi3 bluetooth support bsc#1140688 bsc#995059 bsc#1094902 + - From https://www.yoctoproject.org/pipermail/yocto/2016-April/029424.html + - Respin the following patches + - bluez-test-2to3.diff + - Removed some parts of patch because those codes be included + in a1939bd51e0faba9a8550eea2590d99cb63a33c1 since 5.65. + - The following patches are the same between SLE15-SP5 with openSUSE TW: + - bluez-5.45-disable-broken-tests.diff in 15-SP5 matchs with + bluez-disable-broken-tests.diff in openSUSE TW. + - 0002-rpi3-Move-the-43xx-firmware-into-lib-firmware.patch in 15-SP5 + matchs with RPi-Move-the-43xx-firmware-into-lib-firmware.patch in + openSUSE TW. (bsc#995059)(bsc#1094902) + +- update to 5.65: + * Fix issue with A2DP cache invalidation handling. + * Fix issue with A2DP and not initialized SEP codec. + * Fix issue with A2DP and multiple SetConfiguration to same SEP + * Fix issue with AVRCP and not properly initialized volume. + * Fix issue with SDP records when operating in LE only mode. + * Fix issue with HoG and not reading report map of instances. + * Fix issue with GATT server crashing while disconnecting. + * Fix issue with not removing connected devices. + * Fix issue with enabling wake support without RPA Resolution. + * Fix issue with pairing failed due to the error of Already Paired. + * Add support for CONFIGURATION_DIRECTORY environment variable. + * Add support for STATE_DIRECTORY environment variable. + * Add support for "Bonded" property with Device API. + * Add experimental support for ISO socket. +- drop bluez-test-2to3.diff (obsolete/upstream) + +- Upgrade bluez-test requirement of PyGObject from ancient version + 2 to current version. (bluez/test is at least able to use it + since 2014) + +- Move the dbus-1 system.d file to /usr (bsc#1199207) +- Fix self-obsoletion issues +- Add supplements to cups subpackage +- Split zsh completion into subpackage +- Don't tell the user to write to /usr (in README-mesh.SUSE) + +- add Requires(post): systemd for bluez-auto-enable-devices + * fixes boo#1198906 + +- update to version 5.64: + This is another release mostly with bug fixes on HOG, GATT, A2DP, + Media, AVDTP, AVRCP, and scanning failure. + This release includes a fix for building with old glibc (< 2.25) + and other minor issues found with the static code analyzing tool. + ISO packet support is added to the emulator as a part of LE Audio + development. +- removed obsoleted 0002-Use-g_memdup2-everywhere.patch + +- Add code to restore user modifications for modprobe.d %config files + after moving the files to %_modprobedir +- Use %_modprobedir (jsc#SLE-20639) + +- update to version 5.63: + * Fix issue with storing IRK causing invalid read access. + * Fix issue with disconnecting due to GattCharacteristic1.MTU. + * Add support for Device{Found,Lost} of advertising monitoring. + +- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075) + +- Stop nuking the obex service, we support user systemd services + just fine now. Following this, no longer hack the dbus service, + leave it as a systemd service as upstream intended. +- Split out obex in own package with it's needed enabledment as a + systemd user service. +- Add 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch: + obex: Use GLib helper function to manipulate paths. Instead of + trying to do it by hand. This also makes sure that relative paths + aren't used by the agent. Patch from fedora. -- refresh patch - hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch +- drop obsoleted patch + 0005-media-rename-local-function-conflicting-with-pause-2.patch + +- add fedora's patches 0002-Use-g_memdup2-everywhere.patch and + 0005-media-rename-local-function-conflicting-with-pause-2.patch + to fix compatibility problems with newer glib and glibc + -- add bluez-test-2to3.diff to get rid of python2 dependency + + I'm not going to remove it, and another maintainer can still + restart the removal process :-) -- refresh other patches +- remove bluez-5.59-0388794dc5fdb73a4ea.diff (included upstream) + +- add bluez-5.59-0388794dc5fdb73a4ea.diff, fixes a2dp on newly + paired devices, https://github.com/bluez/bluez/issues/157 + - * new tool: mesh-cfgtest - * new manpages: btmon.1, bluetooth-meshd.8 +- new tool: mesh-cfgtest +- new manpages: btmon.1, bluetooth-meshd.8 +- rebased bluez-test-2to3.diff + +- remove upstreamed + bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch + +- add bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch + Fix Bluetooth headphones disconnect periodically(bsc#1183821) + -- remove obsolete upstreamed patches: - shared-gatt-server-Fix-not-properly-checking-for-sec.patch - (bsc#1186463 CVE-2021-0129) - gatt-Fix-potential-buffer-out-of-bound.patch - (bsc#1187165 CVE-2021-3588) - shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch - (bsc#1187165 CVE-2021-3588) - gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch - (bsc#1187165 CVE-2021-3588) -- refresh other patches -- Add gatt-Fix-potential-buffer-out-of-bound.patch - * When client features is read check if the offset is within the cli_feat - bounds. (bsc#1187165 CVE-2021-3588) -- Add shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch - * This enables user to inform if an attribute has a fixed length so it can - automatically perform bounds checking. (bsc#1187165 CVE-2021-3588) -- Add gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch - * This makes use of gatt_db_attribute_set_fixed_length so the database is - aware of the length of the values and perform bounds checking. - (bsc#1187165 CVE-2021-3588) +- add bluez-test-2to3.diff to get rid of python2 dependency -- Add - shared-gatt-server-Fix-not-properly-checking-for-sec.patch - * Fix not properly checking for secure flags - (bsc#1186463 CVE-2021-0129 CVE-2020-26558) +- Packaging: remove _service and accompanying README.md, + maintenance in git did not work out as well as intended. +- remove input-hog-Attempt-to-set-security-level-if-not-bonde.patch, + input-Add-LEAutoSecurity-setting-to-input.conf.patch: upstream +- use autopatch, spec-cleaner + +- Add --enable-external-ell to actually make use of pkgconfig(ell). + +- Pull in python3 packages, the tests are py3 based so it does not + make sense to pull in py2 packages. + -- update to bluez-5.53: +- bluez-5.53: +- remove obsolete upstreamed patches: + * HOGP-must-only-accept-data-from-bonded-devices.patch + * HID-accepts-bonded-device-connections-only.patch +- refresh other patches + +- Add + HOGP-must-only-accept-data-from-bonded-devices.patch + HOGP 1.0 Section 6.1 establishes that the HOGP must require + bonding.(bsc#1166751)(CVE-2020-0556) + HID-accepts-bonded-device-connections-only.patch + This change adds a configuration for platforms to choose a more + secure posture for the HID profile.(bsc#1166751)(CVE-2020-0556) + input-hog-Attempt-to-set-security-level-if-not-bonde.patch + Attempt to set security level if not bonded. + (bsc#1166751)(CVE-2020-0556) + input-Add-LEAutoSecurity-setting-to-input.conf.patch + Add LEAutoSecurity setting to input.conf. + (bsc#1166751)(CVE-2020-0556) + +- Fix path to systemctl in %post script + +- add NoSource tag for omitting README.md from src.rpm + +- move all deprecated tools into bluez-deprecated package which can + be disabled by prjconf in OBS. +- bluez-deprecated will go away before end of 2020 in Tumbleweed! + +- BuildIgnore shared-mime-info, pulled in by libgio-2_0-0, not + required for building, but causes a build loop. +- Add bcond for mesh, also enable mesh on Leap 15.2/SLE15SP2. +- Properly conditionalize all files which are only built with enabled + mesh functionality, fixes build on Leap 15.1 and earlier. + +- fix udev directory from %_libexecdir to %_prefix/lib + +- remove obsolete 0001-mesh-Fix-segmentation-fault-on-Join-call.patch +- disable one more segfaulting patch + +- add 0001-mesh-Fix-segmentation-fault-on-Join-call.patch + (boo#1152672) + +- add _service to use github.com/seifes-obs-packages/bluez.git + as source for the package + +- Combine multiple %service_* to reduce generated boilerplate. + +- disable mesh service due to security concerns, see boo#1151518 +- add README-mesh.SUSE to explain the issue +- remove no longer necessary temporary-rpmlintrc + +- removed obsoleted patches: + * 0001-obexd-use-AM_LDFLAGS-for-linking.patch + * 0001-policy-Add-logic-to-connect-a-Sink.patch + * 0001-tools-Fix-build-after-y2038-changes-in-glibc.patch (bsc#1156544) + * bluez-5.50-a2dp-backports.patch + * bluez-5.50-gcc9.patch + * disable_some_obex_tests.patch + * bluez-5.45-disable-broken-tests.diff +- add bluez-disable-broken-tests.diff +- add temporary rpmlintrc until security team approves + +- Fix build with GCC 9 (boo#1121404, bko#202213): + * Add bluez-5.50-gcc9.patch. + +- Fix 43xx firmware path for RPi3 bluetooth support (bsc#1140688) + - Add RPi-Move-the-43xx-firmware-into-lib-firmware.patch + +- Add 0001-tools-Fix-build-after-y2038-changes-in-glibc.patch: Fix + build after y2038 changes in glibc (bsc#1156544) + +- Add avinfo to bluez-test, useful for debugging. +- Only BuildRequires pkgconfig(ell) on Tumbleweed. +- Add bluez-5.50-a2dp-backports.patch: A2DP fixes for newer codecs + (upstream backport). + +- Connect Sink profile which HSP profile connects (boo#1131772). + - Add 0001-policy-Add-logic-to-connect-a-Sink.patch + +- install bluetoothd sample config file as %doc for reference + +- use gcc8 for now to work around boo#1121404 + +- add btmgmt to bluez-test + +- add btgatt-client to bluez-test + +- remove 0001-Don-t-refresh-adv_manager-for-non-LE-devices.patch, + fixed upstream + +- Add + CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch + * Fix hcidump memory leak in pin_code_reply_dump(). + (bsc#1013721)(CVE-2016-9800) + CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch + * Fix hcidump buffer overflow in commands_dump(). + (bsc#1013877)(CVE-2016-9804) + +- add 0001-Don-t-refresh-adv_manager-for-non-LE-devices.patch + (boo#1086731) + -- Add --enable-external-ell to actually make use of pkgconfig(ell). -- remove obsolete upstreamed patches: - * 0001-obexd-use-AM_LDFLAGS-for-linking.patch - * 0001-core-Fixes-order-InterfaceAdded.patch - * tools-Fix-build-after-y2038-changes-in-glibc.patch - * hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch - * 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch - * 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch - * 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch - * 0004-btmon-Fix-crash-caused-by-integer-underflow.patch - * 0005-btmon-fix-stack-buffer-overflow.patch - * 0006-btmon-fix-multiple-segfaults.patch - * 0007-btmon-fix-segfault-caused-by-integer-underflow.patch - * 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch - * 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch - * 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch - * 0011-btmon-fix-segfault-caused-by-integer-underflow.patch - * 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch -- use autopatch, spec-cleaner -- refresh other patches - -- Add tools-Fix-build-after-y2038-changes-in-glibc.patch - * The 32-bit SIOCGSTAMP has been deprecated. Use the deprecated - name to fix the build.(bsc#1156544) - -- Add - hcidump-Fixed-malformed-segment-frame-length.patch - * Ensure the L2CAP SDUs whose length field match the actual frame - length.(bsc#1013712)(CVE-2016-9798) -- Modify bluez.changes: - Remove (bsc#1013712)(CVE-2016-9798) tag from patch - hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch +- remove 0001-core-Fixes-order-InterfaceAdded.patch (upstream) -- Add - hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch - * amp_assoc_dump() didn't check the length of amp assoc struct. - (bsc#1013712)(CVE-2016-9798)(bsc#1013708)(CVE-2016-9797) - Add hcidump-Fix-memory-leak-with-malformed-packet.patch - * Do not allow to read more than allocated data buffer size. - (bsc#1015171)(CVE-2016-9917) -- Refresh patches: - patches/bluez-cups-libexec.patch - patches/bluez-5.45-disable-broken-tests.diff -- fix bluez.changes: - add (bsc#1013893)(CVE-2016-9802) tag for last log. - -- Add:btmon: multiple memory management vulnerabilities fixed - Multiple different memory management vulnerabilities were discovered - in btmon while fuzzing it with American Fuzzy Lop. Purpose of this - fuzzing effort was to find some bugs in btmon, analyse and fix them - but also try to exploit them. Also goal was to prove that fuzzing is - low effort way to find bugs that could end up being severe ones. - Most common weakness appeared to be buffer over-read which was - usually caused by missing boundary checks before accessing array. - Integer underflows were also quite common. Most interesting bug was - simple buffer overflow that was actually discovered already couple - years ago by op7ic: - https://www.spinics.net/lists/linux-bluetooth/msg68898.html - but it was still not fixed. This particular vulnerability ended up - being quite easily exploitable if certain mitigation technics were - disabled.(bsc#1015173)(CVE-2016-9918)(bsc#1013893)(CVE-2016-9802) - 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch - 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch - 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch - 0004-btmon-Fix-crash-caused-by-integer-underflow.patch - 0005-btmon-fix-stack-buffer-overflow.patch - 0006-btmon-fix-multiple-segfaults.patch - 0007-btmon-fix-segfault-caused-by-integer-underflow.patch - 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch - 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch - 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch - 0011-btmon-fix-segfault-caused-by-integer-underflow.patch - 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch - -- Add hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch - to replace - CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch - (PATCH-FIX-UPSTREAM)(bsc#1013721)(CVE-2016-9800) - Add hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch - to fix global buffer overflow (PATCH-FIX-UPSTREAM) - (bsc#1013732)(CVE-2016-9801) -- Fix %ifarch range. - -- add 0001-core-Fixes-order-InterfaceAdded.patch (boo#1101119) - to fix headset connect after suspend/resume - -- Add lost patches for RPi3 bluetooth support (bsc#995059)(bsc#1094902) - 0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch - 0002-rpi3-Move-the-43xx-firmware-into-lib-firmware.patch - -- Add - CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch - * Fix hcidump memory leak in pin_code_reply_dump(). - (bsc#1013721)(CVE-2016-9800) - CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch - * Fix hcidump buffer overflow in commands_dump(). - (bsc#1013877)(CVE-2016-9804) +- add 0001-core-Fixes-order-InterfaceAdded.patch (boo#1076898)(boo#1101119) +- fix python shebang rpmlint warning for bluez-test calligra +- Add the monthly poppler compatibility fixes. Replace + poppler-22.03.0.patch with: + * poppler-22.04_1.patch + * poppler-22.04_2.patch + +- Add poppler-22.03.0.patch to fix build with poppler-22.03.0 + celt -- Update to version 0.7.1 -- Patch celt-0.7.1-libceltsuffix.patch removes the suffix from - libcelt to keep the build service happy. - * improves the quality of the packet loss concealment (PLC), - but does not change the rest of the codec. For this reason it - is the first release not to break bit-stream compatibility with - the previous release (0.7.0). - The default name of the library was changed to libcelt0.so to - make it easier to do the transition when the final 1.0 release - comes out (with frozen bit-stream and API). - * CELT 0.7.0 again improves the stereo quality, reduces artefacts - at low bitrates (birdies and speech roughness) and fixes many - bugs. In addition to the usual bitstream incompatibilities, - the API has also changed in this release. - -- Updated to version 0.6.1: - * Breaks bit-stream compatibility! - * Improves the stereo quality, especially at lower bit-rates. - * Many quality improvements, including better stereo coupling, - better handling of transients, and better handling of highly - tonal signals, packet loss robustness, larger dynamic range, - suitable for encoding 24-bit audio, VBR implementation. - * Pitch prediction improved and simplified. - * New bit allocation algorithm. - * VQ search has been improved, small CPU reduction. - * Fixing some quality problems with low frequency tones. - * Many bug fixes. - certmonger +- Use "pkgconfig(systemd)" for the BR to allow hacksaw systemd-mini + package to satisfy dependencies in the openSUSE Build Service. + +- Add buildrequires on systemd which is required for correct installation + of the .service file. + +- Update to 0.79.13 + chromium +- Chromium 107.0.5304.87 (boo#1204819) + * CVE-2022-3723: Type Confusion in V8 + +- Chromium 107.0.5304.68 (boo#1204732) + * CVE-2022-3652: Type Confusion in V8 + * CVE-2022-3653: Heap buffer overflow in Vulkan + * CVE-2022-3654: Use after free in Layout + * CVE-2022-3655: Heap buffer overflow in Media Galleries + * CVE-2022-3656: Insufficient data validation in File System + * CVE-2022-3657: Use after free in Extensions + * CVE-2022-3658: Use after free in Feedback service on Chrome OS + * CVE-2022-3659: Use after free in Accessibility + * CVE-2022-3660: Inappropriate implementation in Full screen mode + * CVE-2022-3661: Insufficient data validation in Extensions +- Added patches: + * chromium-107-compiler.patch + * chromium-107-system-zlib.patch +- Removed patches: + * chromium-105-compiler.patch + * chromium-105-Bitmap-include.patch + * chromium-106-AutofillPopupControllerImpl-namespace.patch +- Unbundle libyuv and libavif on TW +- Prepare 15.5 +- Use qt on 15.4+ (15.3 too old) + +- Chromium 106.0.5249.119 (boo#1204223) + * CVE-2022-3445: Use after free in Skia + * CVE-2022-3446: Heap buffer overflow in WebSQL + * CVE-2022-3447: Inappropriate implementation in Custom Tabs + * CVE-2022-3448: Use after free in Permissions API + * CVE-2022-3449: Use after free in Safe Browsing + * CVE-2022-3450: Use after free in Peer Connection + +- Chromium 106.0.5249.103: + * fix possible cache manager deadlock + * Fix right-click menu appearing unexpectedly affecting screen + readers + cpupower +- Update to latest turbostat version 2022.07.28 + jsc#PED-394 + Includes: + Add ADL-N platform to Turbostat + jsc#PED-393 + Add RPL-P platform to Turbostat + jsc#PED-391 +- Explicitly add patch to support Raptorlake-S + jsc#PED-2065 + A tools-power-turbostat-add-support-for-RPL-S.diff + curl +- Security Fix: [bsc#1204383, CVE-2022-32221] + * POST following PUT confusion + * Add curl-CVE-2022-32221.patch +- Security Fix: [bsc#1204386, CVE-2022-42916] + * HSTS bypass via IDN + * Add curl-CVE-2022-42916.patch + dbus-1 -- Remove pointless %%post scriptlet leveraging non-existent systemd env - variables - FIRST_ARG has been used in our systemd macros, but this has now been gone for - years. Thus the true branch of the if has never been executed for years and is - only causing warnings when installing dbus. - -- Add missing patch for CVE-2020-12049 - * fix-upstream-CVE-2020-12049_2.patch - -- Fix CVE-2020-12049 truncated messages lead to resource exhaustion - (CVE-2020-12049, bsc#1172505) - * fix-upstream-CVE-2020-12049.patch -- Rebased fix-CVE-2019-12749.patch - -- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105) - * fix-upstream-userdb-constpointer.patch - * fix-upstream-CVE-2020-35512.patch - -- Fix CVE-2019-12749 Authentication bypass (CVE-2019-12749 bsc#1137832) - * added fix-CVE-2019-12749.patch - -- Make libdbus-1-3 own the %{_datadir}/dbus-1/system.d directory - -- Use %license instead of %doc [bsc#1082318] - -- Avoid bashisms in scriptlets. - -- Avoid ugly error message from %pre(install) script when installing - for the first time. - -- Don't spit out a warning if /usr/bin/dbus-daemon does not exist - when we run the pre-script. - -- Swap a missed libdir to libexecdir - -- Do not hide errors during useradd. - -- Fix dbus-daemon-launch-helper to use proper ref to libexecdir - -- use %{_libexecdir}/dbus-1 as libexecdir - -- Update to 1.12.2 - Deprecations: - • Eavesdropping is officially deprecated in favour of BecomeMonitor. - See the release notes for spec version 0.31 (in dbus 1.11.14). - • [Unix] Flag files in /var/run/console/${username} are deprecated. - See the release notes for 1.11.18. - New APIs: - • and rules in dbus-daemon configuration can now - include send_broadcast="true", send_broadcast="false", - max_unix_fds="N", min_unix_fds="N" (for some integer N). - See the release notes for 1.11.18. - • dbus_try_get_local_machine_id() is like - dbus_get_local_machine_id(), but returns a DBusError. - • New APIs around DBusMessageIter to simplify cleanup. - See the release notes for 1.11.16. - • The message bus daemon now implements the standard Introspectable, - Peer and Properties interfaces. See the release notes for - dbus 1.11.14 and spec version 0.31. - • DTDs for introspection XML and bus configuration are installed. - • [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but - never uses Linux abstract sockets, which is advantageous for - containers. On non-Linux it is equivalent to unix:tmpdir=…. - See the release notes for dbus 1.11.14 and spec version 0.31. - • [Unix] New option "dbus-launch --exit-with-x11". - • [Unix] Session managers can create transient .service files in - $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. - • [Unix] A sysusers.d snippet can create the messagebus user on-demand. - Miscellaneous behaviour changes: - • [Unix] The session bus now logs to syslog if it was started by - dbus-launch. - • [Unix] Internal warnings are logged to syslog if configured. - • [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, - or to stderr. -- Enabled "make check test suite" -- Patches removed, fixed upstream - * fix-upstream-drop-install-sections-from-user-services.patch - * fix-upstream-increase-backlog.patch - * fix-upstream-timeout-reset-1.patch - * fix-upstream-timeout-reset-2.patch - -- boo#1027201 dbus-daemon not found -- boo#978477 systemd reseting under heavy load - * fix-upstream-timeout-reset-1.patch - * fix-upstream-timeout-reset-2.patch - -- boo#1027200 don't generate machine-id in %post systemd will do it - on first boot. -- swap usage of /bin/false to /usr/bin/false -- Use libexecdir=%{_libdir}/dbus-1 rather then /lib/dbus-1 - -- No need to set --libdir anymore now that prefix is /usr/bin, - * fixes boo#1047532 -- No need to set --bindir, bindir in dbus-1-x11 was incorrect -- Other fixes required to properly change prefix -- Don't pass --with-initscripts we don't use them anymore. - -- Update to 1.10.20 - * Fixes: - + Fix a reference leak when blocking on a pending call on a - connection that has been disconnected (fdo#101481, Shin-ichi - MORITA) - + Don't put timestamps in the Doxygen-generated documentation, - for closer-to-reproducible builds (fdo#100692, Simon - McVittie) - + Avoid an assertion failure when connecting to a - semicolon-separated series of addresses, one of which fails - (fdo#101257, Simon McVittie) - * Documentation: - + Update git URIs in HACKING document to sync up with - cgit.freedesktop.org (fdo#100715, Simon McVittie) - -- swap to /usr/bin bsc#1029968 -- Add the following fixes from SLE12 - * bsc#980928 increase listen() backlog of AF_UNIX sockets to - SOMAXCONN fix-upstream-increase-backlog.patch -- The following bugs were already fixed but are missing changelog - entries - * bsc#867256 (No longer applicable) - * bsc#916785 (No longer applicable) - * bsc#1012564 (Not applicable) - * fdo#90004 (Fixed Upstream) -- Rename the following patches as a tidy up - * dbus-log-deny.patch to feature-suse-log-deny.patch - * dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch - * 0001-Add-RefuseManualStartStop.patch to - feature-suse-refuse-manual-start-stop.patch - * 0001-Drop-Install-sections-from-user-services.patch to - fix-upstream-drop-install-sections-from-user-services.patch - -- Update to 1.10.18 - * Fixes - + Re-order dbus-daemon startup so that on SELinux systems, the - thread that reads AVC notifications retains the ability to - write to the audit log (fdo#92832, Debian #857660; Laurent - Bigonville) - + Fix a harmless read overflow and some memory leaks in a unit - test (fdo#100568, Philip Withnall) - -- Update to 1.10.16 - Fixes: - * Prevent symlink attacks in the nonce-tcp transport on Unix that could - allow an attacker to overwrite a file named "nonce", in a directory - that the user running dbus-daemon can write, with a random value - known only to the user running dbus-daemon. This is unlikely to be - exploitable in practice, particularly since the nonce-tcp transport - is really only useful on Windows. - (fd.o #99828, Simon McVittie) (bsc#1025950) - * Avoid symlink attacks in the "embedded tests", which are not enabled - by default and should never be enabled in production builds of dbus. - (fd.o #99828, Simon McVittie) (bsc#1025951) - * Work around an undesired effect of the fix for CVE-2014-3637 - (fd.o #80559), in which processes that frequently send fds, such as - logind during a flood of new PAM sessions, can get disconnected for - continuously having at least one fd "in flight" for too long; - dbus-daemon interprets that as a potential denial of service attack. - The workaround is to disable that check for uid 0 process such as - logind, with a message in the system log. The bug remains open while - we look for a more general solution. - (fd.o #95263, LP#1591411; Simon McVittie) - * Don't run the test test-dbus-launch-x11.sh if X11 autolaunching - was disabled at compile time. That test is not expected to work - in that configuration. (fd.o #98665, Simon McVittie) - Enhancements: - * Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian - stable and Debian testing in addition to the older Ubuntu that is - the default (fd.o #98889, Simon McVittie) - -- A note for scripts bsc#974092 (remove sysvinit script) is already - fixed here. - -- Don't restart dbus on upgrade - Includes temporary work around - for last version boo#1020301 -- Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually - start or stop dbus. - -- Add systemd unit files to start session bus via systemd -- Added patch: - * 0001-Drop-Install-sections-from-user-services.patch - + remove install section from socket unit because it does not - need to be enabled explicitly (see fdo#92402) - -- Requires systemd >= 209 and drop the compatibility pkg-config - names that don't exist in newer systemd - -- Drop useless --with-pic which is only for static libs -- Abort installation when user/group creation fails -- Avoid calling %service_* more than once - -- Build the dbus-1 package without X in the dbus-1.spec -- Move the dbus-launch.nox11 to the dbus-1 package and install - it by default -- Build devel-doc package in dbus-1.spec and don't build any - documentation in dbus-1-x11 -- Make dbus-1-x11 package contains only the X11-enabled dbus-launch -- Fix some rpmlint warnings -- Delete the dbus-1-x11.spec.in file, since maintaining it is - more complicated then keeping in sync a dbus-1-x11.spec file of - less then 120 lines - -- Create new subpackage: dbus-1-nox11 - - contains dbus-launch without x11 support -- Rename dbus-launch to dbus-launch.x11 -- use update-alternatives to switch between dbus-launch with and - without X11 -- Solves [bnc#934214] - -- Update to 1.10.12 - * Security fixes: - + Do not treat ActivationFailure message received from - root-owned systemd name as a format string. In principle this - is a security vulnerability, but we do not believe it is - exploitable in practice, because only privileged processes can - own the org.freedesktop.systemd1 bus name, and systemd does - not appear to send activation failures that contain "%". - Please note that this probably *was* exploitable in dbus - versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing - check which at the time was only thought to be a denial of - service vulnerability (CVE-2015-0245). If you are still - running one of those versions, patch or upgrade immediately. - (fdo#98157, bsc#1003898, Simon McVittie) - * Other fixes: - + Harden dbus-daemon against malicious or incorrect - ActivationFailure messages by rejecting them if they do not - come from a privileged process, or if systemd activation is - not enabled (fdo#98157, Simon McVittie) - + Avoid undefined behaviour when setting reply serial number - without going via union DBusBasicValue (fdo#98035, Marc Mutz) - + autogen.sh: fail cleanly if autoconf fails (Simon McVittie) - -- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296) - -- Update to 1.10.10 - * Fixes: - + On Linux, when dbus-daemon is run with reduced susceptibility - to the OOM killer (typically via systemd), do not let child - processes inherit that setting (fdo#32851; - Kimmo Hämäläinen, WaLyong Cho) - + Output valid shell syntax in ~/.dbus/session-bus/ if the bus - address contains a semicolon (fdo#94746, Thiago Macieira) - + Fix memory leaks and thread safety in subprocess starting on - Windows (fdo#95191, Ralf Habacker) - + Do not require systemd to have a service file if using it for - activation (fdo#93194; Simon McVittie; backport from 1.11.0) - + Stop test-dbus-daemon incorrectly failing on platforms that - cannot discover the process ID of clients (fdo#96653, - Руслан Ижбулатов) - + In tests that exercise correct handling of crashing D-Bus - services, suppress Windows crash handler (fdo#95155; - Yiyang Fei, Ralf Habacker) - + Explicitly check for stdint.h (Ioan-Adrian Ratiu) - + update-activation-environment: produce better diagnostics on - error (fdo#96653, Simon McVittie) - + Don't fail the build with an unused const variable warning - under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie) - + Merge dbus-1.10-ci branch, containing backports from 1.11.0 - in build/test code to support continuous integration - (fdo#93194, Simon McVittie) - - Avoid -Wunused-label when compiling with libselinux but no - libaudit - - In development builds, allow OOM tests to be disabled as - documented - - Accept and ignore the --tap argument in all "embedded - tests", and run all automated tests with that argument for - better diagnostics - - Fix the systemd activation test under CMake by installing - the required files - - In Automake, fix shell syntax for installcheck-local with - no DESTDIR - - In Automake, don't try to run manual tests in installcheck - - In CMake, don't run manual-tcp test as an automated test - - Add travis-ci.org build machinery - -- Update to 1.10.8 - * Fixes: - + Enable "large file support" on systems where it exists: - dbus-daemon is not expected to open large files, but it might - need to stat files that happen to have large inode numbers - (fdo#93545, Hongxu Jia) - + Eliminate padding inside DBusMessageIter on 64-bit platforms, - which might result in a pedantic C compiler not copying the - entire contents of a DBusMessageIter; statically assert that - this is not an ABI change in practice (fdo#94136, Simon - McVittie) - + Document dbus-test-tool echo --sleep-ms=N instead of - incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko) - + Correctly report test failures in C tests from run-test.sh - (fdo#93379; amit tewari, Simon McVittie) - + When tests are enabled, run all the marshal-validate tests, - not just the even-numbered ones (fdo#93908, Nick Lewycky) - + Correct the expected error from one marshal-validate test, - which was previously not run due to the above bug(fdo#93908, - Simon McVittie) - -- Update to 1.10.6 - * Fixes: - - On Unix when running tests as root, don't assert that root - and the dbus-daemon user can still call - UpdateActivationEnvironment; assert that those privileged - users can call BecomeMonitor instead (fdo#93036, Simon - McVittie) - - On Windows, fix a memory leak in the autolaunch transport - (fdo#92899, Simon McVittie) - - On Windows Autotools builds, don't run tests that rely on - dbus-run-session and other Unix-specifics (fdo#92899, Simon - McVittie) - -- Update to 1.10.4 - * Changes between 1.10.2 and 1.10.4 - - Enhancements: - + GetConnectionCredentials, GetConnectionUnixUser and - GetConnectionUnixProcessID with argument - "org.freedesktop.DBus" will now return details of the - dbus-daemon itself. This is required to be able to call - SetEnvironment on systemd. (fdo#92857, Jan Alexander - Steffens) - - Fixes: - + Make UpdateActivationEnvironment always fail with - AccessDenied on the system bus. Previously, it was - possible to configure it so root could call it, but the - environment variables were not actually used, because the - launch helper would discard them. (fdo#92857, Jan Alexander - Steffens) - + On Unix with --systemd-activation on a user bus, make - UpdateActivationEnvironment pass on its arguments to - systemd's SetEnvironment method, solving inconsistency - between the environments used for traditional activation - and systemd user-service activation. (fdo#92857, Jan - Alexander Steffens) - + On Windows, don't crash if or --syslog is used - (fdo#92538, Ralf Habacker) - + On Windows, fix a memory leak when setting a DBusError from - a Windows error (fdo#92721, Ralf Habacker) - + On Windows, don't go into infinite recursion if we abort the - process with backtraces enabled (fdo#92721, Ralf Habacker) - + Fix various failing tests, variously on Windows and - cross-platform: - . don't test system.conf features (users, groups) that only - make sense on the system bus, which is not supported on - Windows - . don't call _dbus_warn() when we skip a test, since it is - fatal - . fix computation of expected - . when running TAP tests, translate newlines to Unix format, - fixing cross-compiled tests under Wine on Linux - . don't stress-test refcounting under Wine, where it's - really slow - . stop assuming that a message looped-back to the test will - be received immediately - . skip some system bus tests on Windows since they make no - sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon - McVittie) - * Changes between 1.10.0 and 1.10.2 - - Fixes: - + Correct error handling for activation: if there are multiple - attempts to activate the same service and it fails - immediately, the first attempt would get the correct reply, - but the rest would time out. We now send the same error - reply to each attempt. (fdo#92200, Simon McVittie) - + If BecomeMonitor is called with a syntactically invalid - match rule, don't crash with an assertion failure, fixing a - regression in 1.9.10. This was not exploitable as a denial - of service, because the check for a privileged user is done - first. (fdo#92298, Simon McVittie) - + On Linux with --enable-user-session, add the bus address to - the environment of systemd services for better backwards - compatibility (fdo#92612, Jan Alexander Steffens) - + On Windows, fix the logic for replacing the installation - prefix in service files' Exec lines (fdo#83539; Milan Crha, - Simon McVittie) - + On Windows, if installed in the conventional layout with - ${prefix}/etc and ${prefix}/share, use relative paths - between bus configuration files to allow the tree to be - relocated (fdo#92028, Simon McVittie) - + Make more of the regression tests pass in Windows builds - (fdo#92538, Simon McVittie) - * Summary of major changes since 1.8.0: - - The basic setup for the well-known system and session buses is - now done in read-only files in ${datadir} (normally /usr/share). - - AppArmor integration has been merged, with features similar to - the pre-existing SELinux integration. It is mostly compatible - with the patches previously shipped by Ubuntu, with one - significant change: Ubuntu's GetConnectionAppArmorSecurityContext - method has been superseded by GetConnectionCredentials and was - not included. - - The --enable-user-session configure option can be enabled - by OS integrators intending to use systemd to provide a - session bus per user (in effect, treating all concurrent - graphical and non-graphical login sessions as one large session). - - The new listenable address mode "unix:runtime=yes" listens on - $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the - systemd user session. libdbus and "dbus-launch --autolaunch" - will connect to this address by default. GLib >= 2.45.3 and - sd-bus >= 209 have a matching default. - - All executables are now dynamically linked to libdbus-1. - Previously, some executables, most notably dbus-daemon, were - statically linked to a specially-compiled variant of libdbus. - This results in various private functions in the _dbus - namespace being exposed by the shared library. These are not - API, and must not be used outside the dbus source tree. - - On platforms with ELF symbol versioning, all public symbols - are versioned LIBDBUS_1_3. - * New bus APIs: - - org.freedesktop.DBus.GetConnectionCredentials returns - LinuxSecurityLabel where supported - - org.freedesktop.DBus.Monitoring interface (privileged) - . BecomeMonitor method supersedes match rules with eavesdrop=true, - which are now deprecated - - org.freedesktop.DBus.Stats interface (semi-privileged) - . now enabled by default - . new GetAllMatchRules method - - org.freedesktop.DBus.Verbose interface (not normally compiled) - . toggles the effect of DBUS_VERBOSE - * New executables: - - dbus-test-tool - - dbus-update-activation-environment - * New optional dependencies: - - The systemd: pseudo-transport requires libsystemd or libsd-daemon - - Complete documentation requires Ducktype and yelp-tools - - Full test coverage requires GLib 2.36 and PyGI - - AppArmor integration requires libapparmor and optionally libaudit - * Dependencies removed: - - dbus-glib - -- Update to 1.8.20: - * Fixes: - - Fix a memory leak when GetConnectionCredentials() succeeds - (fdo#91008, Jacek Bukarewicz) - - Ensure that dbus-monitor does not reply to messages intended - for others (fdo#90952, Simon McVittie) - -- Account for openSUSE:Leap in the conditional for chosing right - local state directories (boo#941352) - -- Move common-begin sections around to make pre_checkin work again -- Unconditionally build with systemd features, there are no cycles - now, systemd no longer buildrequires dbus-1-devel - -- Update to 1.8.18: - * Security hardening: - - On Unix platforms, change the default configuration for the - session bus to only allow EXTERNAL authentication (secure - kernel-mediated credentials-passing), as was already done for - the system bus. - This avoids falling back to DBUS_COOKIE_SHA1, which relies on - strongly unpredictable pseudo-random numbers; under certain - circumstances (/dev/urandom unreadable or malloc() returns - NULL), dbus could fall back to using rand(), which does not - have the desired unpredictability. The fallback to rand() has - not been changed in this stable-branch since the necessary - code changes for correct error-handling are rather intrusive. - If you are using D-Bus over the (unencrypted!) tcp: or - nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 - and a shared home directory using NFS or similar, you will - need to reconfigure the session bus to accept DBUS_COOKIE_SHA1 - by commenting out the element. This configuration is - not recommended. (bsc#931066, fdo#90414, Simon McVittie) - * Other fixes: - - Add locking to DBusCounter's reference count and notify - function (fdo#89297, Adrian Szyndela) - - Ensure that DBusTransport's reference count is protected by - the corresponding DBusConnection's lock (fdo#90312, - Adrian Szyndela) - - On Windows, listen on the same port for IPv4 and IPv6 - (previously broken by an endianness mistake), and fix a - failure to bind TCP sockets on approximately 1 attempt in 256 - (fdo#87999, Ralf Habacker) - - Correctly release DBusServer mutex before early-return if we - run out of memory while copying authentication mechanisms - (fdo#90021, Ralf Habacker) - - Correctly initialize all fields of DBusTypeReader (fdo#90021, - Ralf Habacker, Simon McVittie) - - Fix some missing \n in verbose (debug log) messages - (fdo#90021, Ralf Habacker) - - Clean up some memory leaks in test code (fdo#90021, - Ralf Habacker) - -- Sync changes from SLE12 conditionalized for suse_version <= 1315 - -- Update to 1.8.16: - * Security fixes: - - Do not allow non-uid-0 processes to send forged - ActivationFailure messages. On Linux systems with systemd - activation, this would allow a local denial of service: - unprivileged processes could flood the bus with these forged - messages, winning the race with the actual service activation - and causing an error reply to be sent back when service - auto-activation was requested. This does not prevent the real - service from being started, so it only works while the real - service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; - Simon McVittie) - * Other fixes: - - fix a Windows build failure (fdo#88009, Ralf Habacker) - - on Windows, allow up to 8K connections to the dbus-daemon - instead of the previous 64, completing a previous fix which - only worked under Autotools (fdo#71297, Ralf Habacker) - -- Update to 1.8.14 - * Security hardening: - - Do not allow calls to UpdateActivationEnvironment from uids - other than the uid of the dbus-daemon. If a system service - installs unsafe security policy rules that allow arbitrary - method calls (such as CVE-2014-8148) then this prevents - memory consumption and possible privilege escalation via - UpdateActivationEnvironment. - We believe that in practice, privilege escalation here is - avoided by dbus-daemon-launch-helper sanitizing its - environment; but it seems better to be safe. - - Do not allow calls to UpdateActivationEnvironment or the - Stats interface on object paths other than - /org/freedesktop/DBus. Some system services install unsafe - security policy rules that allow arbitrary method calls to - any destination, method and interface with a specified object - path; while less bad than allowing arbitrary method calls, - these security policies are still harmful, since dbus-daemon - normally offers the same API on all object paths and other - system services might behave similarly. - * Other fixes: - - Add missing initialization so GetExtendedTcpTable doesn't - crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko) - -- Update to 1.8.12: - * Fixes: - - Partially revert the CVE-2014-3639 patch by increasing the - default authentication timeout on the system bus from 5 - seconds back to 30 seconds, since this has been reported to - cause boot regressions for some users, mostly with parallel - boot (systemd) on slower hardware. - On fast systems where local users are considered particularly - hostile, administrators can return to the 5 second timeout - (or any other value in milliseconds) by saving this as - /etc/dbus-1/system-local.conf: - - 5000 - - (fdo#86431, Simon McVittie) - - Add a message in syslog/the Journal when the auth_timeout is - exceeded (fdo#86431, Simon McVittie) - - Send back an AccessDenied error if the addressed recipient is - not allowed to receive a message (and in builds with - assertions enabled, don't assert under the same conditions). - (fdo#86194, Jacek Bukarewicz) - -- Update to 1.8.10: - * Security fixes: - - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 - so that CVE-2014-3636 part A cannot exhaust the system bus' - file descriptors, completing the incomplete fix in 1.8.8. - (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy) - dbus-1-x11 +- Fix a potential crash that could be triggered by an invalid signature. + (CVE-2022-42010, bsc#1204111) + * fix-upstream-CVE-2022-42010.patch +- Fix an out of bounds read caused by a fixed length array (CVE-2022-42011, + bsc#1204112) + * fix-upstream-CVE-2022-42011.patch +- A message in non-native endianness with out-of-band Unix file descriptors + would cause a use-after-free and possible memory corruption CVE-2022-42012, + bsc#1204113) + * fix-upstream-CVE-2022-42012.patch +- Disable asserts (bsc#1087072) +- Refreshed patches + * fix-upstream-CVE-2020-35512.patch + digikam +- Update to 7.8.0 + * https://www.digikam.org/news/2022-09-03-7.8.0_release_announcement/ +- New features (from NEWS): + * General : HIF files recognized as HEIF images. + * IconView: Add support of GrayScale and 16 bits PSD images. + * General : Libraw updated to 2022-07-14 snapshot. + Camera format support: + Phase One/Leaf IIQ-S v2 support + Canon CR3 filmrolls/RawBurst + Canon CRM (movie) files + iled bit-packed (and 16-bit unpacked) DNGs + (non-standard) Deflate-compressed integer + DNG files are allowed + Camera support: + Canon EOS R3, R7 and R10 + Fujifilm X-H2S, X-T30 II + OM System OM-1 + Leica M11 + Sony A7-IV (ILCE-7M4) + DJI Mavic 3 + Nikon Z9: standard compression formats only + * Plugins : GMicQt tool updated to last version 3.1. +- 49 bugs fixed +- Add libheif build dependency to enable the HEIF decoder +- Use macro for soversion +- Remove no longer needed conflict with libdigikamcore7 +- Remove explicitly versioned libopencv_dnn dependency, should no + longer be needed with opencv's new soversion rules +- Explicitly enable kfilemetadata and akonadi-contact support, they + are disabled by default now + +- Updated 0001-Revert-Exiv2-is-now-released-with-exported-targets-u.patch + +- Update to 7.7.0 + * https://www.digikam.org/news/2022-06-26-7.7.0_release_announcement/ +- New features (from NEWS): + * Remove internal libheif and libde265 from core in favor to + system libraries. + * Update internal Libraw snashot to 2022-06-17 with Olympus OM-1 + support. +- 81 bugs fixed +- Removed now included Fix-build-with-akonadi-contacts-22.04.patch + +- Resolve rpmlint error "libdigikamcore7.x86_64: E: shlib-policy-name-error + SONAME: libdigikamcore.so.7.6.0, expected package suffix: 7_6_0" +- Move documentation out of libdigikamcore7. + +- Add Fix-build-with-akonadi-contacts-22.04.patch to fix build with + the latest Akonadi versions + +- Update to 7.6.0 + * https://www.digikam.org/news/2022-03-05-7.6.0_release_announcement/ +- New features (from NEWS): + General: Use Qt5.15 LTS patches collection git repository from KDE + to build AppImage Linux bundle (snapshot 2022-01-23). + General: All bundles use last KF5 framework 5.90. + General: All bundles generate a manifest text file listing git + revisions of all upstream libraries used by application. + General: AppImage Linux bundle now support ICU to perform search + with UTF-8 characters in all text fields. + General: Update internal Libraw to snapshot 2022-02-10. + General: New FlowView generic plugin for digiKam and Showfoto + (https://github.com/cathaysia/digikamflowplugin). +- 847 bugs fixed + dracut +- Update to version 055+suse.325.g6780025c: + * fix(network-manager): always install the library plugins directory (bsc#1202014) + * feat(dracut-init.sh): add inst_libdir_dir() helper (bsc#1202014) + A series of fixes for NVMeoF boot (bsc#1203368): + * fix(man): dracut.cmdline.7: clarify "rd.nvmf.discover=fc,auto" + * fix(network): avoid double brackets around IPv6 address + * feat(nvmf): set rd.neednet=1 if tcp records encountered + * fix(man): dracut.cmdline(7): correct syntax for rd.nonvmf + * fix(network): don't use same ifname multiple times + * fix(nvmf): run cmdline hook before parse-ip-opts.sh + * fix(nvmf): avoid calling "exit" in a cmdline hook + * fix(nvmf): make sure "rd.nvmf.discover=fc,auto" takes precedence + * fix(nvmf): don't use "finished" queue for autoconnect + * fix(nvmf): don't create did-setup file + * fix(nvmf): no need to load the nvme module + * fix(nvmf): don't try to validate network connections in cmdline hook + * fix(nvmf): nvme list-subsys prints the address using commas as separator + * fix(nvmf): deprecate old nvmf cmdline options + * fix(nvmf): set executable bit on nvmf-autoconnect.sh + +- Update to version 055+suse.306.g5b4feffc: + * fix(network-legacy): misleading duplicate address detection using wicked (bsc#1201235) + * fix(dmsquash-live): correct regression introduced with shellcheck changes (bsc#1203894) + exiv2 +- add CVE-2021-37621.patch (CVE-2021-37621, bsc#1189333) +- add CVE-2021-32617.patch (CVE-2021-32617, bsc#1186192) +- add CVE-2020-19716.patch (CVE-2020-19716, bsc#1188645) +- add CVE-2019-14368.patch (CVE-2019-14368, bsc#1143278) +- add CVE-2019-20421.patch (CVE-2019-20421, bsc#1161901) + +- add CVE-2018-10772.patch (CVE-2018-10772, bsc#1092096) +- add CVE-2018-18915.patch (CVE-2018-18915, bsc#1114690) +- add CVE-2021-37620.patch (CVE-2021-37620, bsc#1189332) +- add CVE-2021-29470.patch (CVE-2021-29470, bsc#1185447) + +- add CVE-2018-5772.patch (CVE-2018-5772, bsc#1076579) +- add CVE-2018-8976.patch (CVE-2018-8976, bsc#1086810) +- add CVE-2018-8977.patch (CVE-2018-8977, bsc#1086798) +- add CVE-2020-18898.patch (CVE-2020-18898, bsc#1189780) +- add CVE-2021-31291.patch (CVE-2021-29457 and CVE-2021-31291, bsc#1185002 and bsc#1188733) +- add CVE-2021-31292.patch (CVE-2021-31292, bsc#1188756) +- add CVE-2021-37618.patch (CVE-2021-37618, bsc#1189330) +- add CVE-2021-37619.patch (CVE-2021-37619, bsc#1189331) +- add CVE-2020-18899.patch (CVE-2020-18899, bsc#1189636) + + * Includes fix for CVE-2019-14982 (bsc#1146294) ffmpegthumbnailer +- Add patches from upstream git to remove references to deprecated + functions in ffmpeg4 and fix building against ffmpeg5: + * 372cd422e57a9a3531eb9a30559d665caecff1ba.patch + * efb5b618f1c1471c1a7900aed3a59d851ea9a210.patch + -- build against ffmpeg new API. - freecell-solver +- Add missing runtime requirements + +- skip python dependencies as they're only for the testsuite + frei0r-plugins +- Use opencv 4 for building frei0r-plugins when possible. + opencv 3 doesn't support FFmpeg 5. + gnome-sudoku +- Update to version 43.0: + + Updated application screenshot. + + Updated translations. +- Add desktop-file-utils BuildRequires: New dependency. +- Following the above new BuildRequires, add optional + appstream-glib BuildRequires and a check section and + verify desktop file and metadata during build. +- Stop packaging help files as documentation. +- Replace gcc-c++ with generic c++_compiler and c_compiler + BuildRequires. +- Drop gobject-introspection BuildRequires: Package does not do + introspection any more. + +- Update to version 43.beta: + + Warnings now flag when solution to puzzle is violated. + + Updated translations. + +- Update to version 43.alpha: + + Add setting to initialize earmarks. + + Fix redundant undo stack entries for earmarks. + gnutls +- FIPS: Set error state when jent init failed in FIPS mode [bsc#1202146] + * Add patch gnutls-FIPS-Set-error-state-when-jent-init-failed.patch + +- FIPS: Make XTS key check failure not fatal [bsc#1203779] + * Add gnutls-Make-XTS-key-check-failure-not-fatal.patch + +- FIPS: Zeroize the calculated hmac and new_hmac in the + check_binary_integrity() function. [bsc#1191021] + * Add gnutls-FIPS-Zeroize-check_binary_integrity.patch + +- FIPS: Additional modifications to the SLI. [bsc#1190698] + * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2(). + * Mark HMAC keylength less than 112 bits as non-approved in + gnutls_pbkfd2(). + * Adapt the pbkdf2 selftest and the regression tests accordingly. + * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch + +- FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941] + * Add new dependency on jitterentropy + * Add gnutls-FIPS-jitterentropy.patch + +- Security fix: [bsc#1202020, CVE-2022-2509] + * Fixed double free during verification of pkcs7 signatures + * Add gnutls-CVE-2022-2509.patch + +- FIPS: + * Modify gnutls-FIPS-force-self-test.patch [bsc#1198979] + - gnutls_fips140_run_self_tests now properly releases fips_context + +- FIPS: + * Add gnutls_ECDSA_signing.patch [bsc#1190698] + - Check minimum keylength for symmetric key generation + - Only allows ECDSA signature with valid set of hashes + (SHA2 and SHA3) + * Add gnutls-FIPS-force-self-test.patch [bsc#1198979] + - Provides interface for running library self tests on-demand + - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1598 + +- FIPS: Make sure zeroization is performed in all API functions + * Add gnutls-zeroization-API-functions.patch [bsc#1191021] + * Upsream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1573 + +- FIPS: Add missing requirements for the SLI [bsc#1190698] + * Remove 3DES from FIPS approved algorithms: + - gnutls-Remove-3DES-from-FIPS-approved-algos.patch + - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1570 + * DRBG service (gnutls_rnd) should be considered approved: + - gnutls-Add-missing-FIPS-service-indicator-transitions.patch + - gnutls-Add-missing-FIPS-service-indicator-transitions-tests.patch + - gnutls-pkcs12-tighten-algorithm-checks-under-FIPS.patch + - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1569 + +- FIPS: Mark AES-GCM as approved in the TLS context [bsc#1194907] + * Add gnutls-FIPS-Mark-HKDF-and-AES-GCM-as-approved-when-used-in-TLS.patch + * Upstream issue: https://gitlab.com/gnutls/gnutls/issues/1311 + +- FIPS: Additional PBKDF2 requirements for KAT [bsc#1184669] + * The IG 10.3.A and SP800-132 require some minimum parameters for + the salt length, password length and iteration count. These + parameters should be also used in the KAT. + * Add gnutls-FIPS-PBKDF2-KAT-requirements.patch + * Upstream: https://gitlab.com/gnutls/gnutls/merge_requests/1561 +- Enable to run the regression tests also in FIPS mode. + +- Update to 3.7.3: [bsc#1190698, bsc#1190796] + * libgnutls: The allowlisting configuration mode has been added + to the system-wide settings. In this mode, all the algorithms + are initially marked as insecure or disabled, while the + applications can re-enable them either through the [overrides] + section of the configuration file or the new API (#1172). + * The build infrastructure no longer depends on GNU AutoGen for + generating command-line option handling, template file parsing + in certtool, and documentation generation (#773, #774). This + change also removes run-time or bundled dependency on the + libopts library, and requires Python 3.6 or later to regenerate + the distribution tarball. Note that this brings in known backward + incompatibility in command-line tools, such as long options are + now case sensitive, while previously they were treated in a case + insensitive manner: for example --RSA is no longer a valid option + of certtool. The existing scripts using GnuTLS tools may need + adjustment for this change. + * libgnutls: The tpm2-tss-engine compatible private blobs can be loaded + and used as a gnutls_privkey_t (#594). The code was originally written + for the OpenConnect VPN project by David Woodhouse. To generate such + blobs, use the tpm2tss-genkey tool from tpm2-tss-engine: + https://github.com/tpm2-software/tpm2-tss-engine/#rsa-operations + or the tpm2_encodeobject tool from unreleased tpm2-tools. + * libgnutls: The library now transparently enables Linux KTLS (kernel + TLS) when the feature is compiled in with --enable-ktls configuration + option (#1113). If the KTLS initialization fails it automatically falls + back to the user space implementation. + * certtool: The certtool command can now read the Certificate Transparency + (RFC 6962) SCT extension (#232). New API functions are also provided to + access and manipulate the extension values. + * certtool: The certtool command can now generate, manipulate, and evaluate + x25519 and x448 public keys, private keys, and certificates. + * libgnutls: Disabling a hashing algorithm through "insecure-hash" + configuration directive now also disables TLS ciphersuites that use it + as a PRF algorithm. + * libgnutls: PKCS#12 files are now created with modern algorithms by default + (!1499). Previously certtool used PKCS12-3DES-SHA1 for key derivation and + HMAC-SHA1 as an integity measure in PKCS#12. Now it uses AES-128-CBC with + PBKDF2 and SHA-256 for both key derivation and MAC algorithms, and the + default PBKDF2 iteration count has been increased to 600000. + * libgnutls: PKCS#12 keys derived using GOST algorithm now uses + HMAC_GOSTR3411_2012_512 instead of HMAC_GOSTR3411_2012_256 for integrity, + to conform with the latest TC-26 requirements (#1225). + * libgnutls: The library now provides a means to report the status + of approved cryptographic operations (!1465). To adhere to the + FIPS140-3 IG 2.4.C., this complements the existing mechanism to + prohibit the use of unapproved algorithms by making the library + unusable state. + * gnutls-cli: The gnutls-cli command now provides a --list-config + option to print the library configuration (!1508). + * libgnutls: Fixed possible race condition in + gnutls_x509_trust_list_verify_crt2 when a single trust list object + is shared among multiple threads (#1277). [GNUTLS-SA-2022-01-17, + CVSS: low] + * API and ABI modifications: + GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: new flag in + gnutls_privkey_flags_t + GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: new flag in + gnutls_certificate_verify_flags + gnutls_ecc_curve_set_enabled: Added. + gnutls_sign_set_secure: Added. + gnutls_sign_set_secure_for_certs: Added. + gnutls_digest_set_secure: Added. + gnutls_protocol_set_enabled: Added. + gnutls_fips140_context_init: New function + gnutls_fips140_context_deinit: New function + gnutls_fips140_push_context: New function + gnutls_fips140_pop_context: New function + gnutls_fips140_get_operation_state: New function + gnutls_fips140_operation_state_t: New enum + gnutls_transport_is_ktls_enabled: New function + gnutls_get_library_configuration: New function + * Remove patches fixed in the update: + - gnutls-FIPS-module-version.patch + - gnutls-FIPS-service-indicator.patch + - gnutls-FIPS-service-indicator-public-key.patch + - gnutls-FIPS-service-indicator-symmetric-key.patch + - gnutls-FIPS-RSA-PSS-flags.patch + - gnutls-FIPS-RSA-mod-sizes.patch + +- FIPS: Fix regression tests in fips and non-fips mode [bsc#1194468] + * Add gnutls-FIPS-disable-failing-tests.patch + * Remove patches: + - gnutls-temporarily_disable_broken_guile_reauth_test.patch + - gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + - disable-psk-file-test.patch + +- FIPS: Provide module identifier and version [bsc#1190796] + * Add configurable options to output the module name/identifier + (--with-fips140-module-name) and the module version + (--with-fips140-module-version). + * Add the CLI option list-config that reports the configuration + of the library. + * Add gnutls-FIPS-module-version.patch + +- FIPS: Provide a service-level indicator [bsc#1190698] + * Add support for a "service indicator" as required in + the FIPS140-3 Implementation Guidance in section 2.4.C + * Add patches: + - gnutls-FIPS-service-indicator.patch + - gnutls-FIPS-service-indicator-public-key.patch + - gnutls-FIPS-service-indicator-symmetric-key.patch + - gnutls-FIPS-RSA-PSS-flags.patch + +- FIPS: RSA KeyGen/SigGen fail with 4096 bit key sizes [bsc#1192008] + * fips: allow more RSA modulus sizes + * Add gnutls-FIPS-RSA-mod-sizes.patch + * Delete gnutls-3.6.7-fips-rsa-4096.patch + +- Drop bogus condition "> 1550": that would mean 'more recent than + Tumbleweed' which is technically impossible, as Tumbleweed is the + leading project (and the condition causes issues as Tumbleweed + needs to move away from 1550 due to CODE 15 SP5 plans). + +- Add crypto-policies support in SLE-15-SP4 [jsc#SLE-20287] + +- Account for the libnettle soname bump [jsc#SLE-19765] + +- Update to 3.7.2 in SLE-15-SP4: [jsc#SLE-19765, jsc#SLE-18139] + - Add gnutls-temporarily_disable_broken_guile_reauth_test.patch + - Rebased patches: + * disable-psk-file-test.patch + * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + * gnutls-fips_mode_enabled.patch + - Remove patches merged upstream: + * gnutls-CVE-2020-11501.patch + * gnutls-CVE-2020-13777.patch + * gnutls-CVE-2020-24659.patch + * gnutls-CVE-2021-20231.patch + * gnutls-CVE-2021-20232.patch + * gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch + * gnutls-fips_XTS_key_check.patch + * 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch + * 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch + * 0003-x509-trigger-fallback-verification-path-when-cert-is.patch + * 0004-tests-add-test-case-for-certificate-chain-supersedin.patch + * 0001-Add-Full-Public-Key-Check-for-DH.patch + * 0001-Add-test-to-ensure-DH-exchange-behaves-correctly.patch + * 0002-Add-test-to-ensure-ECDH-exchange-behaves-correctly.patch + * 0003-Add-plumbing-to-handle-Q-parameter-in-DH-exchanges.patch + * 0004-Always-pass-in-and-check-Q-in-TLS-1.3.patch + * 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch + * 0006-Pass-down-Q-for-FFDHE-in-al-pre-TLS1.3-as-well.patch + * 0001-dh-primes-add-MODP-primes-from-RFC-3526.patch + * 0002-dhe-check-if-DH-params-in-SKE-match-the-FIPS-approve.patch + * 0001-dh-check-validity-of-Z-before-export.patch + * 0002-ecdh-check-validity-of-P-before-export.patch + * 0003-dh-primes-make-the-FIPS-approved-check-return-Q-valu.patch + * 0004-dh-perform-SP800-56A-rev3-full-pubkey-validation-on-.patch + * 0005-ecdh-perform-SP800-56A-rev3-full-pubkey-validation-o.patch + * 0001-Vendor-in-XTS-functionality-from-Nettle.patch + * 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch + * gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch + * gnutls-3.6.7-fix-FTBFS-2024.patch + * gnutls-3.6.7-reproducible-date.patch + +- Update to version 3.7.2 + * Added Linux kernel AF_ALG based acceleration + * Fixed timing of early data exchange + * The priority string option DISABLE_TLS13_COMPAT_MODE was added + to disable TLS 1.3 middlebox compatibility mode + * The GNUTLS_NO_EXPLICIT_INIT envvar has been renamed to + GNUTLS_NO_IMPLICIT_INIT to reflect the purpose + * certtool: + * When signing a CSR, CRL distribution point (CDP) is no + longer copied from the signing CA by default + * When producing certificates and certificate requests, subject + DN components that are provided individually will now be + ordered by assumed scale + +- Add gnutls-3.6.7-fix-FTBFS-2024.patch to let tests pass after 2024 (boo#1186579) +- Add gnutls-3.6.7-reproducible-date.patch to override build date (boo#1047218) + +- Security fix: [bsc#1183456, CVE-2021-20232] + * A use after free issue in client_send_params + in lib/ext/pre_shared_key.c may lead to memory + corruption and other potential consequences. +- Add gnutls-CVE-2021-20232.patch + +- Security fix: [bsc#1183457, CVE-2021-20231] + * A use after free issue in client sending key_share extension + may lead to memory corruption and other consequences. +- Add gnutls-CVE-2021-20231.patch + +- Update to 3.7.1: + [bsc#1183456, CVE-2021-20232] [bsc#1183457, CVE-2021-20231] + * Fixed potential use-after-free in sending "key_share" and + "pre_shared_key" extensions. + * Fixed a regression in handling duplicated certs in a chain. + * Fixed sending of session ID in TLS 1.3 middlebox compatibility + mode. In that mode the client shall always send a non-zero + session ID to make the handshake resemble the TLS 1.2 + resumption; this was not true in the previous versions. + * Removed dependency on the external 'fipscheck' package, + when compiled with --enable-fips140-mode. + * Added padlock acceleration for AES-192-CBC. +- Remove patches upstream: + * gnutls-gnutls-cli-debug.patch + * gnutls-ignore-duplicate-certificates.patch + * gnutls-test-fixes.patch + +- Fix the test suite for tests/gnutls-cli-debug.sh [bsc#1171565] + * Don't unset system priority settings in gnutls-cli-debug.sh + * Upstream: gitlab.com/gnutls/gnutls/merge_requests/1387 +- Add gnutls-gnutls-cli-debug.patch + +- Fix: Test certificates in tests/testpkcs11-certs have expired + * Upstream bug: gitlab.com/gnutls/gnutls/issues/1135 +- Add gnutls-test-fixes.patch + +- gnutls_x509_trust_list_verify_crt2: ignore duplicate certificates + * Upstream bug: https://gitlab.com/gnutls/gnutls/issues/1131 +- Add gnutls-ignore-duplicate-certificates.patch + +- Update to 3.7.0 + * Depend on nettle 3.6 + * Added a new API that provides a callback function to retrieve + missing certificates from incomplete certificate chains + * Added a new API that provides a callback function to output the + complete path to the trusted root during certificate chain + verification + * OIDs exposed as gnutls_datum_t no longer account for the + terminating null bytes, while the data field is null terminated. + The affected API functions are: gnutls_ocsp_req_get_extension, + gnutls_ocsp_resp_get_response, and gnutls_ocsp_resp_get_extension + * Added a new set of API to enable QUIC implementation + * The crypto implementation override APIs deprecated in 3.6.9 are + now no-op + * Added MAGMA/KUZNYECHIK CTR-ACPKM and CMAC support + * Support for padlock has been fixed to make it work with Zhaoxin CPU + * The maximum PIN length for PKCS #11 has been increased from 31 + bytes to 255 bytes +- Remove patch fixed upstream: + * gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch +- Fix threading bug in libgnutls [bsc#1173434] + * Upstream bug: gitlab.com/gnutls/gnutls/issues/1044 + +- Avoid spurious audit messages about incompatible signature algorithms + (bsc#1172695) + * add 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch + +- FIPS: Use 2048 bit prime in DH selftest (bsc#1176086) + * add gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch +- FIPS: Add TLS KDF selftest (bsc#1176671) + * add gnutls-FIPS-TLS_KDF_selftest.patch + +- Escape rpm command %%expand when used in comment. + +- FIPS: Use 2048 bit prime in DH selftest (bsc#1176086) + * add gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch + +- FIPS: Add TLS KDF selftest (bsc#1176671) + * add gnutls-FIPS-TLS_KDF_selftest.patch + +- Fix heap buffer overflow in handshake with no_renegotiation alert sent + * CVE-2020-24659 (bsc#1176181) +- add gnutls-CVE-2020-24659.patch + +- FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086) +- add patches + * 0001-Add-Full-Public-Key-Check-for-DH.patch + * 0001-Add-test-to-ensure-DH-exchange-behaves-correctly.patch + * 0002-Add-test-to-ensure-ECDH-exchange-behaves-correctly.patch + * 0003-Add-plumbing-to-handle-Q-parameter-in-DH-exchanges.patch + * 0004-Always-pass-in-and-check-Q-in-TLS-1.3.patch + * 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch + * 0006-Pass-down-Q-for-FFDHE-in-al-pre-TLS1.3-as-well.patch + * 0001-dh-primes-add-MODP-primes-from-RFC-3526.patch + * 0002-dhe-check-if-DH-params-in-SKE-match-the-FIPS-approve.patch + * 0001-dh-check-validity-of-Z-before-export.patch + * 0002-ecdh-check-validity-of-P-before-export.patch + * 0003-dh-primes-make-the-FIPS-approved-check-return-Q-valu.patch + * 0004-dh-perform-SP800-56A-rev3-full-pubkey-validation-on-.patch + * 0005-ecdh-perform-SP800-56A-rev3-full-pubkey-validation-o.patch +- drop obsolete gnutls-3.6.7-fips_DH_ECDH_key_tests.patch + +- Update to 3.6.15 + * libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing. + [GNUTLS-SA-2020-09-04, CVSS: medium] + * libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now + indicates that with a false return value (!1306). + * libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked + accordingly to SP800-56A rev 3 (!1295, !1299). + * libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than + the size of the internal base64 blob (#1025). + * libgnutls: Certificate verification failue due to OCSP must-stapling is not + honered is now correctly marked with the GNUTLS_CERT_INVALID flag + * libgnutls: The audit log message for weak hashes is no longer printed twice + * libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is + disabled in the priority string. Previously, even when TLS 1.2 is explicitly + disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is + enabled (#1054). +- drop upstreamed patches: + * gnutls-detect_nettle_so.patch + * 0001-crypto-api-always-allocate-memory-when-serializing-i.patch + +- Correctly detect gmp, nettle, and hogweed libraries (bsc#1172666) + * add gnutls-detect_nettle_so.patch + +- Fix a memory leak that could lead to a DoS attack against Samba + servers (bsc#1172663) + * add 0001-crypto-api-always-allocate-memory-when-serializing-i.patch +- Temporarily disable broken guile reauth test (bsc#1171565) + * add gnutls-temporarily_disable_broken_guile_reauth_test.patch + +- GNUTLS-SA-2020-06-03 (Fixed insecure session ticket key construction) + The TLS server would not bind the session ticket encryption key with a + value supplied by the application until the initial key rotation, allowing + attacker to bypass authentication in TLS 1.3 and recover previous + conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777) + * add patches: + + gnutls-CVE-2020-13777.patch +- Fixed handling of certificate chain with cross-signed intermediate + CA certificates (#1008). (bsc#1172461) + * add patches: + + 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch + + 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch + + 0003-x509-trigger-fallback-verification-path-when-cert-is.patch + + 0004-tests-add-test-case-for-certificate-chain-supersedin.patch + +- Update to 3.6.14 + * libgnutls: Fixed insecure session ticket key construction, since 3.6.4. + The TLS server would not bind the session ticket encryption key with a + value supplied by the application until the initial key rotation, allowing + attacker to bypass authentication in TLS 1.3 and recover previous + conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777) + [GNUTLS-SA-2020-06-03, CVSS: high] + * libgnutls: Fixed handling of certificate chain with cross-signed + intermediate CA certificates (#1008). (bsc#1172461) + * libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997). + * libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName + (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority + Key Identifier (AKI) properly (#989, #991). + * certtool: PKCS #7 attributes are now printed with symbolic names (!1246). + * libgnutls: Use accelerated AES-XTS implementation if possible (!1244). + Also both accelerated and non-accelerated implementations check key block + according to FIPS-140-2 IG A.9 (!1233). + * libgnutls: Added support for AES-SIV ciphers (#463). + * libgnutls: Added support for 192-bit AES-GCM cipher (!1267). + * libgnutls: No longer use internal symbols exported from Nettle (!1235) + * API and ABI modifications: + GNUTLS_CIPHER_AES_128_SIV: Added + GNUTLS_CIPHER_AES_256_SIV: Added + GNUTLS_CIPHER_AES_192_GCM: Added + gnutls_pkcs7_print_signature_info: Added +- Add key D605848ED7E69871: public key "Daiki Ueno " to + the keyring +- Drop gnutls-fips_correct_nettle_soversion.patch (upstream) + +- Add RSA 4096 key generation support in FIPS mode (bsc#1171422) + * add gnutls-3.6.7-fips-rsa-4096.patch + +- Don't check for /etc/system-fips which we don't have (bsc#1169992) + * add gnutls-fips_mode_enabled.patch + +- Backport AES XTS support (bsc#1168835) + * add 0001-Vendor-in-XTS-functionality-from-Nettle.patch + * add gnutls-fips_XTS_key_check.patch + +- Use correct nettle .so version when looking for a FIPS checksum + (bsc#1166635) + * add gnutls-fips_correct_nettle_soversion.patch + +- Update to 3.6.13 + * libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support) + The DTLS client would not contribute any randomness to the DTLS negotiation, + breaking the security guarantees of the DTLS protocol (#960) + [GNUTLS-SA-2020-03-31, CVSS: high] (bsc#1168345) + * libgnutls: Added new APIs to access KDF algorithms (#813). + * libgnutls: Added new callback gnutls_keylog_func that enables a custom + logging functionality. + * libgnutls: Added support for non-null terminated usernames in PSK + negotiation (#586). + * gnutls-cli-debug: Improved support for old servers that only support + SSL 3.0. + +- Fix zero random value in DTLS client hello + (CVE-2020-11501, bsc#1168345) + * add gnutls-CVE-2020-11501.patch + +- Split off FIPS checksums into a separate libgnutls30-hmac + subpackage (bsc#1152692) + * update baselibs.conf + +- bsc#1166881 - FIPS: gnutls: cfb8 decryption issue + * No longer truncate output IV if input is shorter than block size. + * Added gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch + +- bsc#1155327 jira#SLE-9518 - FIPS: add DH key test + * Added Diffie Hellman public key verification test. + * gnutls-3.6.7-fips_DH_ECDH_key_tests.patch + +- gnutls 3.6.12 + * libgnutls: Introduced TLS session flag (gnutls_session_get_flags()) + to identify sessions that client request OCSP status request (#829). + * libgnutls: Added support for X448 key exchange (RFC 7748) and Ed448 + signature algorithm (RFC 8032) under TLS (#86). + * libgnutls: Added the default-priority-string option to system configuration; + it allows overriding the compiled-in default-priority-string. + * libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by + draft-smyshlyaev-tls12-gost-suites-07). + By default this ciphersuite is disabled. It can be enabled by adding + +GOST to priority string. In the future this priority string may enable + other GOST ciphersuites as well. Note, that server will fail to negotiate + GOST ciphersuites if TLS 1.3 is enabled both on a server and a client. It + is recommended for now to disable TLS 1.3 in setups where GOST ciphersuites + are enabled on GnuTLS-based servers. + * libgnutls: added priority shortcuts for different GOST categories like + CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, SIGN-GOST-ALL, GROUP-GOST-ALL. + * libgnutls: Reject certificates with invalid time fields. That is we reject + certificates with invalid characters in Time fields, or invalid time formatting + To continue accepting the invalid form compile with --disable-strict-der-time + * libgnutls: Reject certificates which contain duplicate extensions. We were + previously printing warnings when printing such a certificate, but that is + not always sufficient to flag such certificates as invalid. Instead we now + refuse to import them (#887). + * libgnutls: If a CA is found in the trusted list, check in addition to + time validity, whether the algorithms comply to the expected level prior + to accepting it. This addresses the problem of accepting CAs which would + have been marked as insecure otherwise (#877). + * libgnutls: The min-verification-profile from system configuration applies + for all certificate verifications, not only under TLS. The configuration can + be overriden using the GNUTLS_SYSTEM_PRIORITY_FILE environment variable. + * libgnutls: The stapled OCSP certificate verification adheres to the convention + used throughout the library of setting the 'GNUTLS_CERT_INVALID' flag. + * libgnutls: On client side only send OCSP staples if they have been requested + by the server, and on server side always advertise that we support OCSP stapling + * libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible + with gnutls_ocsp_req_t but const. + * certtool: Added the --verify-profile option to set a certificate + verification profile. Use '--verify-profile low' for certificate verification + to apply the 'NORMAL' verification profile. + * certtool: The add_extension template option is considered even when generating + a certificate from a certificate request. + +- gnutls 3.6.11.1: + * libgnutls: Corrected issue with TLS 1.2 session ticket + handling as client during resumption + * libgnutls: gnutls_base64_decode2() succeeds decoding the empty + string to the empty string. This is a behavioral change of the + API but it conforms to the RFC4648 expectations + * libgnutls: Fixed AES-CFB8 implementation, when input is shorter + than the block size. Fix backported from nettle. + * certtool: CRL distribution points will be set in CA + certificates even when non self-signed + * gnutls-cli/serv: added raw public-key handling capabilities + (RFC7250). Key material can be set via the --rawpkkeyfile and + - -rawpkfile flags. + +- gnutls 3.6.10: + * Add support for deterministic ECDSA/DSA (RFC6979) + * Add functions for in-place encryption/decryption of data buffers + * server now selects the highest TLS protocol version, if TLS 1.3 + is enabled and the client advertises an older protocol version + first + * Add support for GOST 28147-89 cipher in CNT (GOST counter) mode + and MAC generation based on GOST 28147-89 (IMIT) + * certtool: when outputting an encrypted private key do not + insert the textual description of it + +- Install checksums for binary integrity verification which are + required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) + +- gnutls 3.6.9: + * add support for copying digest or MAC contexts + * Mark the crypto implementation override APIs as deprecated + * Add support for AES-GMAC, as a separate to GCM, MAC algorithm + * Add support for Generalname registeredID + * The priority configuration was enhanced to allow more elaborate + system-wide configuration of the library +- includes changes from 3.6.8: + * Add support for AES-XTS cipher + * Fix calculation of Streebog digests + * During Diffie-Hellman operations in TLS, verify that the peer's + public key is on the right subgroup (y^q=1 mod p), when q is + available (under TLS 1.3 and under earlier versions when RFC7919 + parameters are used). + * Apply STD3 ASCII rules in gnutls_idna_map() to prevent + hostname/domain crafting via IDNA conversion + * certtool: allow the digital signature key usage flag in CA + certificates + * gnutls-cli/serv: add the --keymatexport and --keymatexportsize + options. These allow testing the RFC5705 using these tools +- drop patches to re-enable tests: + * disable-psk-file-test.patch + * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + +- Explicitly require libnettle 3.4.1 (bsc#1134856) + * The RSA decryption code was rewritten in GnuTLS 3.6.5 in order + to fix CVE-2018-16868, the new implementation makes use of a new + rsa_sec_decrypt() function introduced in libnettle 3.4.1 + * libnettle was recently updated to the 3.4.1 version but we need + to add explicit dependency on it to prevent missing symbol errors + with the older versions + +- Restored autoreconf in build. +- Removed gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch + since the version requirements of required libraries are once again + automatically determined. +- Added gnutls-3.6.7-SUSE_SLE15_guile_site_directory.patch because it is a + better patch name for handling the '--with-guile-site-dir=' problem in + 3.6.7. + +- Trim useless %if..%endif guards that do not affect the build. +- Fix language errors in description again. + +- Update gnutls to 3.6.7 + * * libgnutls, gnutls tools: Every gnutls_free() will automatically set + the free'd pointer to NULL. This prevents possible use-after-free and + double free issues. Use-after-free will be turned into NULL dereference. + The counter-measure does not extend to applications using gnutls_free(). + * * libgnutls: Fixed a memory corruption (double free) vulnerability in the + certificate verification API. Reported by Tavis Ormandy; addressed with + the change above. [GNUTLS-SA-2019-03-27, #694] [bsc#1130681] (CVE-2019-3829) + * * libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; + Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] [bsc#1130682] (CVE-2019-3836) + * * libgnutls: enforce key usage limitations on certificates more actively. + Previously we would enforce it for TLS1.2 protocol, now we enforce it + even when TLS1.3 is negotiated, or on client certificates as well. When + an inappropriate for TLS1.3 certificate is seen on the credentials structure + GnuTLS will disable TLS1.3 support for that session (#690). + * * libgnutls: the default number of tickets sent under TLS 1.3 was increased to + two. This makes it easier for clients which perform multiple connections + to the server to use the tickets sent by a default server. + * * libgnutls: enforce the equality of the two signature parameters fields in + a certificate. We were already enforcing the signature algorithm, but there + was a bug in parameter checking code. + * * libgnutls: fixed issue preventing sending and receiving from different + threads when false start was enabled (#713). + * * libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable + session, as non-writeable security officer sessions are undefined in PKCS#11 + (#721). + * * libgnutls: no longer send downgrade sentinel in TLS 1.3. + Previously the sentinel value was embedded to early in version + negotiation and was sent even on TLS 1.3. It is now sent only when + TLS 1.2 or earlier is negotiated (#689). + * * gnutls-cli: Added option --logfile to redirect informational messages output. +- Disabled dane support since dane is not shipped with SLE-15 +- Changed configure script to hardware guile site directory since command-line + option '--with-guile-site-dir=' was removed from the configure script in 3.6.7. + * * Modified gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch +- Modified gnutls-3.6.0-disable-flaky-dtls_resume-test.patch to fix + compilation issues on PPC +- Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification + and padding oracle verification (in 3.6.5) [bsc#1118087] (CVE-2018-16868) + +- FATE#327114 - Update gnutls to 3.6.6 to support TLS 1.3 + * * libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits + on the public key (#640). + * * libgnutls: Added support for raw public-key authentication as defined in RFC7250. + Raw public-keys can be negotiated by enabling the corresponding certificate + types via the priority strings. The raw public-key mechanism must be explicitly + enabled via the GNUTLS_ENABLE_RAWPK init flag (#26, #280). + * * libgnutls: When on server or client side we are sending no extensions we do + not set an empty extensions field but we rather remove that field competely. + This solves a regression since 3.5.x and improves compatibility of the server + side with certain clients. + * * libgnutls: We no longer mark RSA keys in PKCS#11 tokens as RSA-PSS capable if + the CKA_SIGN is not set (#667). + * * libgnutls: The priority string option %NO_EXTENSIONS was improved to completely + disable extensions at all cases, while providing a functional session. This + also implies that when specified, TLS1.3 is disabled. + * * libgnutls: GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated. + The previous definition was non-functional (#609). + * Removed patches: + 0001-dummy_wait-correctly-account-the-length-field-in-SHA.patch + 0002-dummy_wait-always-hash-the-same-amount-of-blocks-tha.patch + 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch + 0004-hmac-sha384-and-sha256-ciphersuites-were-removed-fro.patch + * Added Patches: + * * disable failing psk-file test (race condition): + disable-psk-file-test.patch + * * Patch configure script to accept specific versions of autotools and guile + that are present in SUSE-SLE15. (A bug prevents configure from accepting + a range of compatible versions. Upstream's solution is to hardwire for + the most current versions.) + gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch + * Modified: + * * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch +- drop no longer needed gnutls-enbale-guile-2.2.patch +- refresh disable-psk-file-test.patch + +- Update to 3.6.5 + * * libgnutls: Provide the option of transparent re-handshake/reauthentication + when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571). + * * libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127) + * * libgnutls: The priority functions will ignore and not enable TLS1.3 if + requested with legacy TLS versions enabled but not TLS1.2. That is because + if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled) + servers which do not support TLS1.3 will negotiate TLS1.2 which will be + rejected by the client as disabled (#621). + * * libgnutls: Change RSA decryption to use a new side-channel silent function. + This addresses a security issue where memory access patterns as well as timing + on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher + attacks. Side-channel resistant code is slower due to the need to mask + access and timings. When used in TLS the new functions cause RSA based + handshakes to be between 13% and 28% slower on average (Numbers are indicative, + the tests where performed on a relatively modern Intel CPU, results vary + depending on the CPU and architecture used). This change makes nettle 3.4.1 + the minimum requirement of gnutls (#630). [CVSS: medium] + * * libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword + in the priority string. It is only accepted as legacy option and is ignored. + * * libgnutls: Added support for EdDSA under PKCS#11 (#417) + * * libgnutls: Added support for AES-CFB8 cipher (#357) + * * libgnutls: Added support for AES-CMAC MAC (#351) + * * libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers + have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D + S-BOXes). They are fixed now. + * * libgnutls: Added support for GOST key unmasking and unwrapped GOST private + keys parsing, as specified in R 50.1.112-2016. + * * gnutls-serv: It applies the default settings when no --priority option is given, + using gnutls_set_default_priority(). + * * p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin + option (#561) + * * certtool: Add parameter --no-text that prevents certtool from outputting + text before PEM-encoded private key, public key, certificate, CRL or CSR. +- minimum required libnettle is now 3.4.1 +- refresh + * disable-psk-file-test.patch + * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + +- search for guile-2.2 during configure, part of boo#1117121 + add patches: + * gnutls-enbale-guile-2.2.patch: search for guile-2.2 + refresh patches: + * disable-psk-file-test.patch: disable psk-file in Makefile.am + +- Temporarily disable failing psk-file test (race condition) + * add disable-psk-file-test.patch + +- Version update to 3.6.4 (bsc#1111757): + * * libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol. + * * libgnutls: Corrected regression since 3.6.3 in the callbacks set with + gnutls_certificate_set_retrieve_function() which could not handle the case where + no certificates were returned, or the callbacks were set to NULL (see #528). + * * libgnutls: gnutls_handshake() on server returns early on handshake when no + certificate is presented by client and the gnutls_init() flag GNUTLS_ENABLE_EARLY_START + is specified. + * * libgnutls: Added session ticket key rotation on server side with TOTP. + The key set with gnutls_session_ticket_enable_server() is used as a + master key to generate time-based keys for tickets. The rotation + relates to the gnutls_db_set_cache_expiration() period. + * * libgnutls: The 'record size limit' extension is added and preferred to the + 'max record size' extension when possible. + * * libgnutls: Provide a more flexible PKCS#11 search of trust store certificates. + This addresses the problem where the CA certificate doesn't have a subject key + identifier whereas the end certificates have an authority key identifier (#569) + * * libgnutls: gnutls_privkey_export_gost_raw2(), gnutls_privkey_import_gost_raw(), + gnutls_pubkey_export_gost_raw2(), gnutls_pubkey_import_gost_raw() import + and export GOST parameters in the "native" little endian format used for these + curves. This is an intentional incompatible change with 3.6.3. + * * libgnutls: Added support for seperately negotiating client and server certificate types + as defined in RFC7250. This mechanism must be explicitly enabled via the + GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init(). +- Drop upstreamed patch: + * gnutls-3.6.3-backport-upstream-fixes.patch + +- gnutls-3.6.0-disable-flaky-dtls_resume-test.patch: refresh to also patch + test/Makefile.in as autoreconf does not work + +- Backport of upstream fixes (boo#1108450) + * gnutls-3.6.3-backport-upstream-fixes.patch + Fixes taken from upstream commits: + * * 3df5b7bc8a64 ("cert-cred: fix possible segfault when resetting cert retrieval function") + * * 42945a7aab6d ("allow no certificates to be reported by the gnutls_certificate_retrieve_function callbacks") + * * 10f83e36ed92 ("hello_ext_parse: apply the test for pre-shared key ext being last on client hello") + The patch was taken from https://github.com/weechat/weechat/issues/1231 + +- Security update + Improve mitigations against Lucky 13 class of attacks + * "Just in Time" PRIME + PROBE cache-based side channel attack + can lead to plaintext recovery (CVE-2018-10846, bsc#1105460) + * HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of + wrong constant (CVE-2018-10845, bsc#1105459) + * HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not + enough dummy function calls (CVE-2018-10844, bsc#1105437) + * add patches: + 0001-dummy_wait-correctly-account-the-length-field-in-SHA.patch + 0002-dummy_wait-always-hash-the-same-amount-of-blocks-tha.patch + 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch + 0004-hmac-sha384-and-sha256-ciphersuites-were-removed-fro.patch + +- Update to 3.6.3 + Fixes security issues: + CVE-2018-10846, CVE-2018-10845, CVE-2018-10844, CVE-2017-10790 + (bsc#1105437, bsc#1105460, bsc#1105459, bsc#1047002) + Other Changes: + * * libgnutls: Introduced support for draft-ietf-tls-tls13-28 + * * libgnutls: Apply compatibility settings for existing applications running with TLS1.2 or + earlier and TLS 1.3. + * * Added support for Russian Public Key Infrastructure according to RFCs 4491/4357/7836. + * * Provide a uniform cipher list across supported TLS protocols + * * The SSL 3.0 protocol is disabled on compile-time by default. + * * libgnutls: Introduced function to switch the current FIPS140-2 operational + mode + * * libgnutls: Introduced low-level function to assist applications attempting client + hello extension parsing, prior to GnuTLS' parsing of the message. + * * libgnutls: When exporting an X.509 certificate avoid re-encoding if there are no + modifications to the certificate. + * * libgnutls: on group exchange honor the %SERVER_PRECEDENCE and select the groups + which are preferred by the server. + * * Improved counter-measures for TLS CBC record padding. + * * Introduced the %FORCE_ETM priority string option. This option prevents the negotiation + of legacy CBC ciphersuites unless encrypt-then-mac is negotiated. + * * libgnutls: gnutls_privkey_import_ext4() was enhanced with the + GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag. + * * libgnutls: gnutls_pkcs11_copy_secret_key, gnutls_pkcs11_copy_x509_privkey2, + gnutls_pkcs11_privkey_generate3 will mark objects as sensitive by default + unless GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified. This is an API + change for these functions which make them err towards safety. + * * libgnutls: improved aarch64 cpu features detection by using getauxval(). + * * certtool: It is now possible to specify certificate and serial CRL numbers greater + than 2**63-2 as a hex-encoded string both when prompted and in a template file. + Default certificate serial numbers are now fully random. +- don't run autoreconf to avoid pulling in gtk-doc + +- Require pkgconfig(autoopts) for building + +- Simplify the DANE support %ifdef condition + * build with DANE on openSUSE only + +- Adjust RPM groups. Drop %if..%endif guards that are idempotent. + +- build without DANE support on SLE-15, as it doesn't have unbound + (bsc#1086428) + +- add back refreshed gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + the dtls-resume test still keeps randomly failing on PPC + +- remove gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + patch does not apply any more and apparently the build + suceeds even if the formerly flaky testcase is run (bsc#1086579) + +- gnutls.keyring: Nikos key refreshed to be unexpired + +- GnuTLS 3.6.2: + * libgnutls: When verifying against a self signed certificate ignore issuer. + That is, ignore issuer when checking the issuer's parameters strength, + resolving issue #347 which caused self signed certificates to be + additionally marked as of insufficient security level. + * libgnutls: Corrected MTU calculation for the CBC ciphersuites. The data + MTU calculation now, it correctly accounts for the fixed overhead due to + padding (as 1 byte), while at the same time considers the rest of the + padding as part of data MTU. + * libgnutls: Address issue of loading of all PKCS#11 modules on startup + on systems with a PKCS#11 trust store (as opposed to a file trust store). + Introduced a multi-stage initialization which loads the trust modules, and + other modules are deferred for the first pure PKCS#11 request. + * libgnutls: The SRP authentication will reject any parameters outside + RFC5054. This protects any client from potential MitM due to insecure + parameters. That also brings SRP in par with the RFC7919 changes to + Diffie-Hellman. + * libgnutls: Added the 8192-bit parameters of SRP to the accepted parameters + for SRP authentication. + * libgnutls: Addressed issue in the accelerated code affecting + interoperability with versions of nettle >= 3.4. + * libgnutls: Addressed issue in the AES-GCM acceleration under aarch64. + * libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by + Vitezslav Cizek). + * srptool: the --create-conf option no longer includes 1024-bit parameters. + * p11tool: Fixed the deletion of objects in batch mode. +- Dropped gnutls-check_aes_keysize.patch as it is included upstream now. + +- Use %license (boo#1082318) + +- Sanity check key size in SSSE3 AES cipher implementation (bsc#1074303) + * add gnutls-check_aes_keysize.patch + +- GnuTLS 3.6.1: + * Fix interoperability issue with openssl when safe renegotiation + was used + * gnutls_x509_crl_sign, gnutls_x509_crt_sign, + gnutls_x509_crq_sign, were modified to sign with a better + algorithm than SHA1. They will now sign with an algorithm that + corresponds to the security level of the signer's key. + * gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign() + accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That + will signal the function to auto-detect an appropriate hash + algorithm to use. + * Remove support for signature algorithms using SHA2-224 in TLS. + TLS 1.3 no longer uses SHA2-224 and it was never a widespread + algorithm in TLS 1.2 + * Refuse to use client certificates containing disallowed + algorithms for a session, reverting a change on 3.5.5 + * Refuse to resume a session which had a different SNI advertised + That improves RFC6066 support in server side. + * p11tool: Mark all generated objects as sensitive by default. + * p11tool: added options --sign-params and --hash. This allows + testing signature with multiple algorithms, including RSA-PSS. + +- Disable flaky dtls_resume test on Power + * add gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + +- GnuTLS 3.6.0: + * Introduce a lock-free random generator which operates per- + thread and eliminates random-generator related bottlenecks in + multi-threaded operation. + * Replace the Salsa20 random generator with one based on CHACHA. + The goal is to reduce code needed in cache (CHACHA is also + used for TLS), and the number of primitives used by the + library. That does not affect the AES-DRBG random generator + used in FIPS140-2 mode. + * Add support for RSA-PSS key type as well as signatures in + certificates, and TLS key exchange + * Add support for Ed25519 signing in certificates and TLS key + exchange following draft-ietf-tls-rfc4492bis-17 + * Enable X25519 key exchange by default, following + draft-ietf-tls-rfc4492bis-17. + * Add support for Diffie-Hellman group negotiation following + RFC7919. + * Introduce various sanity checks on certificate import + * Introduce gnutls_x509_crt_set_flags(). This function can set + flags in the crt structure. The only flag supported at the + moment is GNUTLS_X509_CRT_FLAG_IGNORE_SANITY which skips the + certificate sanity checks on import. + * PKIX certificates with unknown critical extensions are rejected + on verification with status GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS + * Refuse to generate a certificate with an illegal version, or an + illegal serial number. That is, gnutls_x509_crt_set_version() + and gnutls_x509_crt_set_serial(), will fail on input considered + to be invalid in RFC5280. + * Call to gnutls_record_send() and gnutls_record_recv() prior to + handshake being complete are now refused + * Add support for PKCS#12 files with no salt (zero length) in + their password encoding, and PKCS#12 files using SHA384 and + SHA512 as MAC. + * libgnutls: Exported functions to encode and decode DSA and ECDSA + r,s values. + * Add new callback setting function to gnutls_privkey_t for + external keys. The new function (gnutls_privkey_import_ext4), + allows signing in addition to previous algorithms (RSA PKCS#1 + 1.5, DSA, ECDSA), with RSA-PSS and Ed25519 keys. + * Introduce the %VERIFY_ALLOW_BROKEN and + %VERIFY_ALLOW_SIGN_WITH_SHA1 priority string options. These + allows enabling all broken and SHA1-based signature algorithms + in certificate verification, respectively. + * 3DES-CBC is no longer included in the default priorities list. + It has to be explicitly enabled, e.g., with a string like + "NORMAL:+3DES-CBC". + * SHA1 was marked as insecure for signing certificates. + Verification of certificates signed with SHA1 is now considered + insecure and will fail, unless flags intended to enable broken + algorithms are set. Other uses of SHA1 are still allowed. + * RIPEMD160 was marked as insecure for certificate signatures. + Verification of certificates signed with RIPEMD160 hash + algorithm is now considered insecure and will fail, unless + flags intended to enable broken algorithms are set. + * No longer enable SECP192R1 and SECP224R1 by default on TLS + handshakes. These curves were rarely used for that purpose, + provide no advantage over x25519 and were deprecated by TLS 1.3. + * Remove support for DEFLATE, or any other compression method. + * OpenPGP authentication was removed; the resulting library is ABI + compatible, with the openpgp related functions being stubs that + fail on invocation. + Drop gnutls-broken-openpgp-tests.patch, no longer required. + * Remove support for libidn (i.e., IDNA2003); gnutls can now be + compiled only with libidn2 which provides IDNA2008. + * certtool: The option '--load-ca-certificate' can now accept + PKCS#11 URLs in addition to files. + * certtool: The option '--load-crl' can now be used when + generating PKCS#12 files (i.e., in conjunction with '--to-p12' option). + * certtool: Keys with provable RSA and DSA parameters are now + only read and exported from PKCS#8 form, following + draft-mavrogiannopoulos-pkcs8-validated-parameters-00.txt. + This removes support for the previous a non-standard key format. + * certtool: Added support for generating, printing and handling + RSA-PSS and Ed25519 keys and certificates. + * certtool: the parameters --rsa, --dsa and --ecdsa to + - -generate-privkey are now deprecated, replaced by the + - -key-type option. + * p11tool: The --generate-rsa, --generate-ecc and --generate-dsa + options were replaced by the --generate-privkey option. + * psktool: Generate 256-bit keys by default. + * gnutls-server: Increase request buffer size to 16kb, and added + the --alpn and --alpn-fatal options, allowing testing of ALPN + negotiation. + * Enables FIPS 140-2 mode during build + +- Buildrequire iproute2: the test suite calls /usr/bin/ss and as + such we have to ensure to pull it in. + +- GnuTLS 3.5.15: + * libgnutls: Disable hardware acceleration on aarch64/ilp32 mode + * certtool: Keys with provable RSA and DSA parameters are now + only exported in PKCS#8 form + +- RPM group fix. Diversification of summaries. +- Avoid aims and future plans in description. Say what it does now. + +- Drop the deprecated openssl compat ; discussed and suggested by + vcizek +- Cleanup a bit with spec-cleaner + +- GnuTLS 3.5.14: + * Handle specially HSMs which request explicit authentication + * he GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs + * do not set leading zeros when copying integers on HSMs + * Fix issue discovering certain OCSP signers, and improved the + discovery of OCSP signer in the case where the Subject Public + Key identifier field matches + * ensure OCSP responses are saved with --save-ocsp even if + certificate verification fails. + +- GnuTLS 3.5.13: + * libgnutls: fixed issue with AES-GCM in-place encryption and + decryption in aarch64 + * libgnutls: no longer parse the ResponseID field of the status + response TLS extension. The field is not used by GnuTLS nor is + made available to calling applications. That addresses a null + pointer dereference on server side caused by packets containing + the ResponseID field. GNUTLS-SA-2017-4, bsc#1043398 + * libgnutls: tolerate certificates which do not have strict DER + time encoding. It is possible using 3rd party tools to generate + certificates with time fields that do not conform to DER + requirements. Since 3.4.x these certificates were rejected and + cannot be used with GnuTLS, however that caused problems with + existing private certificate infrastructures, which were + relying on such certificates. Tolerate reading and using these + certificates. + * minitasn1: updated to libtasn1 4.11. + * certtool: allow multiple certificates to be used in --p7-sign + with the --load-certificate option + +- GnuTLS 3.5.12: + * libgnutls: gnutls_x509_crt_check_hostname2() no longer matches + IP addresses against DNS fields of certificate (CN or DNSname). + The previous behavior was to tolerate some misconfigured + servers, but that was non-standard and skipped any IP + constraints present in higher level certificates. + * libgnutls: when converting to IDNA2008, fallback to IDNA2003 + (i.e., transitional encoding) if the domain cannot be converted. + That provides maximum compatibility with browsers like firefox + that perform the same conversion. + * libgnutls: fix issue in RSA-PSK client callback which resulted + in no username being sent to the peer + * libgnutls: fix regression causing stapled extensions in trust + modules not to be considered. + * certtool: introduced the email_protection_key option. This + option was introduced in documentation for certtool without an + implementation of it. It is a shortcut for option + 'key_purpose_oid = 1.3.6.1.5.5.7.3.4'. + * certtool: made printing of key ID and key PIN consistent + between certificates, public keys, and private keys. That is + the private key printing now uses the same format as the rest. + * gnutls-cli: introduced the --sni-hostname option. This allows + overriding the hostname advertised to the peer. + +- skip trust-store tests to avoid build cycle with + ca-certificates-mozilla, add gnutls-3.5.11-skip-trust-store-tests.patch + +- GnuTLS 3.5.11: + * gnutls.pc: do not include libtool options into Libs.private. + * libgnutls: Fixed issue when rehandshaking without a client certificate in + a session which initially used one + * libgnutls: Addressed read of 4 bytes past the end of buffer in OpenPGP + certificate parsing (bsc#1038337) + * libgnutls: Introduced locks in gnutls_pkcs11_privkey_t structure access. + That allows PKCS#11 operations such as signing to be performed with the + same object from multiple threads. + * libgnutls: when disabling OpenPGP authentication, the resulting library + is ABI compatible (will openpgp related functions being stubs that fail + on invocation). + +- call gzip -n to make build fully reproducible + +- update to 3.5.10 + * addresses GNUTLS-SA-2017-3 CVE-2017-7869 bsc#1034173 + * gnutls.pc: do not include libidn2 in Requires.private + * libgnutls: optimized access to subject alternative names (SANs) in parsed + certificates + * libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469 + when printing certificate information. + * libgnutls: gnutls_ocsp_resp_verify_direct() and gnutls_ocsp_resp_verify() + flags can be set from the gnutls_certificate_verify_flags enumeration. + This allows the functions to pass the same flags available for certificates + to the verification function (e.g., GNUTLS_VERIFY_DISABLE_TIME_CHECKS or + GNUTLS_VERIFY_ALLOW_BROKEN). + * libgnutls: gnutls_store_commitment() can accept flag + GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN. This is to allow the function to operate + in applications which use SHA1 for example, after SHA1 is deprecated. + * certtool: No longer ignore the 'add_critical_extension' template option if + the 'add_extension' option is not present. + * gnutls-cli: Added LMTP, POP3, NNTP, Sieve and PostgreSQL support to the + starttls-proto command- drop gnutls-3.5.9-pkgconfig.patch (upstream) +- drop gnutls-3.5.9-pkgconfig.patch (upstream) +- remove unknown --disable-srp flag (bsc#901857) + +- disable the deprecated OpenPGP authentication support + * see https://gitlab.com/gnutls/gnutls/issues/102 +- add gnutls-broken-openpgp-tests.patch + +- GnuTLS 3.5.9: + * libgnutls: OpenPGP references removed, functionality deprecated + * libgnutls: Improve detection of AVX support + * libgnutls: Add support for IDNA2008 with libidn2 FATE#321897 + * p11tool: re-use ID from corresponding objects when writing + certificates. + * API and ABI modifications: + gnutls_idna_map: Added + gnutls_idna_reverse_map: Added +- prevent pkgconfig issues due to libidn2 when building with GnuTLS + add gnutls-3.5.9-pkgconfig.patch + +- Version 3.5.8 (released 2016-01-09) + * libgnutls: Ensure that multiple calls to the gnutls_set_priority_* + functions will not leave the verification profiles field to an + undefined state. The last call will take precedence. + * libgnutls: Ensure that GNUTLS_E_DECRYPTION_FAIL will be returned + by PKCS#8 decryption functions when an invalid key is provided. This + addresses regression on decrypting certain PKCS#8 keys. + * libgnutls: Introduced option to override the default priority string + used by the library. The intention is to allow support of system-wide + priority strings (as set with --with-system-priority-file). The + configure option is --with-default-priority-string. + * libgnutls: Require a valid IV size on all ciphers for PKCS#8 decryption. + This prevents crashes when decrypting malformed PKCS#8 keys. + * libgnutls: Fix crash on the loading of malformed private keys with certain + parameters set to zero. + * libgnutls: Fix double free in certificate information printing. If the PKIX + extension proxy was set with a policy language set but no policy specified, + that could lead to a double free. + * libgnutls: Addressed memory leaks in client and server side error paths + (issues found using oss-fuzz project) + * libgnutls: Addressed memory leaks in X.509 certificate printing error paths + (issues found using oss-fuzz project) + * libgnutls: Addressed memory leaks and an infinite loop in OpenPGP certificate + parsing. Fixes by Alex Gaynor. (issues found using oss-fuzz project) + * libgnutls: Addressed invalid memory accesses in OpenPGP certificate parsing. + (issues found using oss-fuzz project) +- security issues fixed: GNUTLS-SA-2017-1 GNUTLS-SA-2017-2 + +- GnuTLS 3.5.7, the next stable branch, with the following + highlights: + * SHA3 as a certificate signature algorithm + * X25519 (formerly curve25519) for ephemeral EC diffie-hellman + key exchange + * TLS false start + * New APIs to access the Shawe-Taylor-based provable RSA and DSA + parameter generation + * Prevent the change of identity on rehandshakes by default + +- GnuTLS 3.4.17: + * libgnutls: Introduced time and constraints checks in the end + certificate in the gnutls_x509_crt_verify_data2() and + gnutls_pkcs7_verify_direct() functions. + * libgnutls: Set limits on the maximum number of alerts handled. + That is, applications using gnutls could be tricked into an + busy loop if the peer sends continuously alert messages. + Applications which set a maximum handshake time (via + gnutls_handshake_set_timeout) will eventually recover but + others may remain in a busy loops indefinitely. This is related + but not identical to CVE-2016-8610, due to the difference in + alert handling of the libraries (gnutls delegates that handling + to applications). boo#1005879 + * libgnutls: Enhanced the PKCS#7 parser to allow decoding old + (pre-rfc5652) structures with arbitrary encapsulated content. + * libgnutls: Backported cipher priorities order from 3.5.x branch + That adds CHACHA20-POLY1305 ciphersuite to SECURE priority + strings. + * certtool: When exporting a CRQ in DER format ensure no text data + are intermixed. + * API and ABI modifications: + gnutls_pkcs7_get_embedded_data_oid: Added +- includes changes from 3.4.16: + * libgnutls: Ensure proper cleanups on + gnutls_certificate_set_*key() failures due to key mismatch. + This prevents leaks or double freeing on such failures. + * libgnutls: Increased the maximum size of the handshake message + hash. This will allow the library to cope better with larger + packets, as the ones offered by current TLS 1.3 drafts. + * libgnutls: Allow to use client certificates despite them + containing disallowed algorithms for a session. That allows for + example a client to use DSA-SHA1 due to his old DSA + certificate, without requiring him to enable DSA-SHA1 (and thus + make it acceptable for the server's certificate). + * guile: Backported all improvements from 3.5.x branch. + * guile: Update code to the I/O port API of Guile >= 2.1.4 + This makes sure the GnuTLS bindings will work with the + forthcoming 2.2 stable series of Guile, of which 2.1 is a + preview. + +- GnuTLS 3.4.15: + * libgnutls: Corrected the comparison of the serial size in OCSP + response. Previously the OCSP certificate check wouldn't verify + the serial length and could succeed in cases it shouldn't + (GNUTLS-SA-2016-3). + * libgnutls: Fixes in gnutls_x509_crt_list_import2, which was + ignoring flags if all certificates in the list fit within the + initially allocated memory. + * libgnutls: Corrected issue which made + gnutls_certificate_get_x509_crt() to return invalid pointers + when returned more than a single certificate. + * libgnutls: Fix gnutls_pkcs12_simple_parse to always extract the + complete chain. + * libgnutls: Added support for decrypting PKCS#8 files which use + the HMAC-SHA256 as PRF. + * libgnutls: Addressed issue with PKCS#11 signature generation on + ECDSA keys. The signature is now written as unsigned integers + into the DSASignatureValue structure. Previously signed + integers could be written depending on what the underlying + module would produce. Addresses #122. +- fix build error for 13.2, 42.1 and 42.2 + +- GnuTLS 3.4.14: + * libgnutls: Address issue when utilizing the p11-kit trust store + for certificate verification (GNUTLS-SA-2016-2, boo#988276) + * libgnutls: Fixed DTLS handshake packet reconstruction. + * libgnutls: Fixed issues with PKCS#11 reading of sensitive + objects from SafeNet Network HSM + * libgnutls: Corrected the writing of PKCS#11 CKA_SERIAL_NUMBER +- drop upstreamed + 0001-tests-use-datefudge-in-name-constraints-test.patch + +- Fix a problem with expired test certificate by using datefudge + (boo#987139) + * add 0001-tests-use-datefudge-in-name-constraints-test.patch + +- Version 3.4.13 (released 2016-06-06) + * libgnutls: Consider the SSLKEYLOGFILE environment to be compatible with + NSS instead of using a separate variable; in addition append any keys to + the file instead of overwriting it. + * libgnutls: use secure_getenv() where available to obtain environment + variables. Addresses GNUTLS-SA-2016-1. +- Version 3.4.12 (released 2016-05-20) + * libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. This + cipher is prioritized after AES-GCM. + * libgnutls: Fixes in gnutls_privkey_import_ecc_raw(). + * libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the + GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that + operation could fail on certain PKCS#11 modules. + * libgnutls: gnutls_pkcs11_obj_import_url() and gnutls_x509_crt_import_url() + can accept the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. + * libgnutls: gnutls_certificate_set_key() was enhanced to import the DNS + name of the certificates if the provided names are NULL. + * libgnutls: when receiving SNI names, only save and expose to application + the supported DNS names. + * libgnutls: when importing the certificate names at the + gnutls_certificate_set* functions, only consider the CN as a fallback + if DNS names are provided via the alternative name extension. + * gnutls-cli: on OCSP verification do not fail if we have a single valid + reply. Report and reproducer by Thomas Klute. + * libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to + log session keys in client side. These session keys are compatible with + the NSS Key Log Format and can be used to decrypt the session for + debugging using wireshark. + +- enabled guile support +- removed duplicates + +- Updated to 3.4.11 + * Version 3.4.11 (released 2016-04-11) + * * libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. + Reported by Fridolin Pokorny. + * * libgnutls: Fixes in DSA key generation under PKCS #11. Report and + patches by Jan Vcelak. + * * libgnutls: Corrected behavior of ALPN extension parsing during + session resumption. Report and patches by Yuriy M. Kaminskiy. + * * libgnutls: Corrected regression (since 3.4.0) in + gnutls_server_name_set() which caused it not to accept non-null- + terminated hostnames. Reported by Tim Ruehsen. + * * libgnutls: Corrected printing of the IP Adress name constraints. + * * ocsptool: use HTTP/1.0 for requests. This avoids issue with servers + serving chunk encoding which ocsptool doesn't support. Reported by + Thomas Klute. + * * certtool: do not require a CA for OCSP signing tag. This follows the + recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate + OCSP signing to another certificate without requiring it to be a CA. + Reported by Thomas Klute. + * Version 3.4.10 (released 2016-03-03) + * * libgnutls: Eliminated issues preventing buffers more than 2^32 bytes + to be used with hashing functions. + * * libgnutls: Corrected leaks and other issues in + gnutls_x509_crt_list_import(). + * * libgnutls: Fixes in DSA key handling for PKCS #11. Report and + patches by Jan Vcelak. + * * libgnutls: Several fixes to prevent relying on undefined behavior + of C (found with libubsan). + * Version 3.4.9 (released 2016-02-03) + * * libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would + negotiate the last commonly supported protocol, rather than the + first. Reported by Remi Denis-Courmont (#63). + * * libgnutls: Tolerate empty DN fields in informational output + functions. + * * libgnutls: Corrected regression causes by incorrect fix in + gnutls_x509_ext_export_key_usage() at 3.4.8 release. + +- follow the work in the unbound package and use the + libunbound-devel symbol for the buildrequires. we override it for + the distro build with libunbound-devel-mini to avoid build loops. + +- reenable dane support, require unbound-devel bsc#964346 +- split out libgnutls-dane-devel to try to avoid build cycle. + +- Update to 3.4.8 + All changes since 3.4.4: + * libgnutls: Corrected memory leak in gnutls_pubkey_import_privkey() + when used with PKCS #11 keys. + * libgnutls: For DSA and ECDSA keys in PKCS #11 objects, import + their public keys from either a public key object or a certificate. + That is, because private keys do not contain all the required + parameters for a direct import. + * libgnutls: Fixed issue when writing ECDSA private keys in PKCS #11 + tokens. + * libgnutls: Fixed out-of-bounds read in + gnutls_x509_ext_export_key_usage() + * libgnutls: The CHACHA20-POLY1305 ciphersuites were updated to + conform to draft-ietf-tls-chacha20-poly1305-02. + * libgnutls: Several fixes in PKCS #7 signing which improve + compatibility with the MacOSX tools. + * libgnutls: The max-record extension not negotiated on DTLS. This + resolves issue with the max-record being negotiated but ignored. + * certtool: Added the --p7-include-cert and --p7-show-data options. + * libgnutls: Properly require TLS 1.2 in all CBC-SHA256 and CBC-SHA384 + ciphersuites. This solves an interoperability issue with openssl. + * libgnutls: Corrected the setting of salt size in + gnutls_pkcs12_mac_info(). + * libgnutls: On a rehandshake allow switching from anonymous to ECDHE + and DHE ciphersuites. + * libgnutls: Corrected regression from 3.3.x which prevented + ARCFOUR128 from using arbitrary key sizes. + * libgnutls: Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs + skipping the implicit global initialization. + * gnutls.pc: Don't include libtool specific options to link flags. + * tools: Better support for FTP AUTH TLS negotiation + * libgnutls: Added new simple verification functions. That avoids the + need to install a callback to perform certificate verification. See + doc/examples/ex-client-x509.c for usage. + * libgnutls: Introduced the security parameter 'future' which is at + the 256-bit level of security, and 'ultra' was aligned to its + documented size at 192-bits. + * libgnutls: When writing a certificate into a PKCS #11 token, ensure + that CKA_SERIAL_NUMBER and CKA_ISSUER are written. + * libgnutls: Allow the presence of legacy ciphers and key exchanges in + priority strings and consider them a no-op. + * libgnutls: Handle the extended master secret as a mandatory + extension. That fixes incompatibility issues with Chromium (#45). + * libgnutls: Added the ability to copy a public key into a PKCS #11 + token. + * tools: Added support for LDAP and XMPP negotiation for STARTTLS. + * p11tool: Allow writing a public key into a PKCS #11 token. + * certtool: Key generation security level was switched to HIGH. That + is, by default the tool generates 3072 bit keys for RSA and DSA. + * libgnutls: When re-importing CRLs to a trust list ensure that there + no duplicate entries. + * certtool: Removed any arbitrary limits imposed on input file sizes + and maximum number of certificates imported. + * certtool: Allow specifying fixed dates on CRL generation. + * gnutls-cli-debug: Added check for inappropriate fallback support + (RFC7507). + +- Update to 3.4.4 + This update contains a fix for a denial of service vulnerability: + * Allow the parsing of very long DNs. Also fixes double free + in DN decoding [GNUTLS-SA-2015-3]. boo#941794 CVE-2015-6251 + Other changes: + * Add high level API (gnutls_prf_rfc5705) to access the PRF as + specified by RFC5705. + * Link to trousers (TPM library) dynamically when this + functionality is requested. (disabled in SUSE package) + * Fix issue with server side sending the status request extension + even when not requested. + * Add support for RFC7507 by introducing the %FALLBACK_SCSV + priority string option. + * gnutls_pkcs11_privkey_generate2() will store the generated + public key, unless the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY + flag is specified. + * Correct regression from 3.4.3 in loading PKCS #8 keys as fallback. + * API and ABI modifications: + gnutls_prf_rfc5705: Added + gnutls_hex_encode2: Added + gnutls_hex_decode2: Added +- build with autogen for libopts compatibility +- fix failures in test suite, add upstream commits + 0001-certtool-lifted-limits-on-file-size-to-load.patch + 0002-certtool-eliminated-memory-leaks-due-to-new-cert-loa.patch + +- update to 3.4.3 + * * libgnutls: Follow closely RFC5280 recommendations and use UTCTime for + dates prior to 2050. + * * libgnutls: Force 16-byte alignment to all input to ciphers (previously it + was done only when cryptodev was enabled). + * * libgnutls: Removed support for pthread_atfork() as it has undefined + semantics when used with dlopen(), and may lead to a crash. + * * libgnutls: corrected failure when importing plain files + with gnutls_x509_privkey_import2(), and a password was provided. + * * libgnutls: Don't reject certificates if a CA has the URI or IP address + name constraints, and the end certificate doesn't have an IP address + name or a URI set. + * * libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites. + * * p11tool: Added --list-token-urls option, and print the token module name + in list-tokens. + * * libgnutls: DTLS blocking API is more robust against infinite blocking, + and will notify of more possible timeouts. + * * libgnutls: corrected regression with Camellia-256-GCM cipher. Reported + by Manuel Pegourie-Gonnard. + * * libgnutls: Introduced the GNUTLS_NO_SIGNAL flag to gnutls_init(). That + allows to disable SIGPIPE for writes done within gnutls. + * * libgnutls: Enhanced the PKCS #7 API to allow signing and verification + of structures. API moved to gnutls/pkcs7.h header. + * * certtool: Added options to generate PKCS #7 bundles and signed + structures. +- includes changes from 3.4.2: + * DTLS blocking API is more robust against infinite blocking, + and will notify of more possible timeouts. + * Correct regression with Camellia-256-GCM cipher. + * Introduce the GNUTLS_NO_SIGNAL flag to gnutls_init(). That + allows to disable SIGPIPE for writes done within gnutls. + * Enhance the PKCS #7 API to allow signing and verification + of structures. Move API to gnutls/pkcs7.h header. + * certtool: Added options to generate PKCS #7 bundles and signed + structures. + +- disable testsuite run against valgrind on aarch64 + +- Updated to 3.4.1 (released 2015-05-03) + * * libgnutls: gnutls_certificate_get_ours: will return the certificate even + if a callback was used to send it. + * * libgnutls: Check for invalid length in the X.509 version field. Without + the check certificates with invalid length would be detected as having an + arbitrary version. Reported by Hanno Böck. + * * libgnutls: Handle DNS name constraints with a leading dot. Patch by + Fotis Loukos. + * * libgnutls: Updated system-keys support for windows to compile in more + versions of mingw. Patch by Tim Kosse. + * * libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by + Karthikeyan Bhargavan [GNUTLS-SA-2015-2]. bsc#929690 + * * libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout + by default. That caused issues with non-blocking programs. + * * certtool: It can generate SHA256 key IDs. + * * gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos. + * * API and ABI modifications: gnutls_x509_crt_get_pk_ecc_raw: Added +- gnutls-fix-double-mans.patch: fixed upstream + +- Disable buggy valgrind on armv7l + +- updated to 3.4.0 (released 2015-04-08) + * * libgnutls: Added support for AES-CCM and AES-CCM-8 (RFC6655 and RFC7251) + ciphersuites. The former are enabled by default, the latter need to be + explicitly enabled, since they reduce the overall security level. + * * libgnutls: Added support for Chacha20-Poly1305 ciphersuites following + draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10. + That is currently provided as technology preview and is not enabled by + default, since there are no assigned ciphersuite points by IETF and there + is no guarrantee of compatibility between draft versions. The ciphersuite + priority string to enable it is "+CHACHA20-POLY1305". + * * libgnutls: Added support for encrypt-then-authenticate in CBC + ciphersuites (RFC7366 -taking into account its errata text). This is + enabled by default and can be disabled using the %NO_ETM priority + string. + * * libgnutls: Added support for the extended master secret + (triple-handshake fix) following draft-ietf-tls-session-hash-02. + * * libgnutls: Added a new simple and hard to misuse AEAD API (crypto.h). + * * libgnutls: SSL 3.0 is no longer included in the default priorities + list. It has to be explicitly enabled, e.g., with a string like + "NORMAL:+VERS-SSL3.0". + * * libgnutls: ARCFOUR (RC4) is no longer included in the default priorities + list. It has to be explicitly enabled, e.g., with a string like + "NORMAL:+ARCFOUR-128". + * * libgnutls: DSA signatures and DHE-DSS are no longer included in the + default priorities list. They have to be explicitly enabled, e.g., with + a string like "NORMAL:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1". The + DSA ciphersuites were dropped because they had no deployment at all + on the internet, to justify their inclusion. + * * libgnutls: The priority string EXPORT was completely removed. The string + was already defunc as support for the EXPORT ciphersuites was removed in + GnuTLS 3.2.0. + * * libgnutls: Added API to utilize system specific private keys in + "gnutls/system-keys.h". It is currently provided as technology preview + and is restricted to windows CNG keys. + * * libgnutls: gnutls_x509_crt_check_hostname() and friends will use + RFC6125 comparison of hostnames. That introduces a dependency on libidn. + * * libgnutls: Depend on p11-kit 0.23.1 to comply with the final + PKCS #11 URLs draft (draft-pechanec-pkcs11uri-21). + * * libgnutls: Depend on nettle 3.1. + * * libgnutls: Use getrandom() or getentropy() when available. That + avoids the complexity of file descriptor handling and issues with + applications closing all open file descriptors on startup. + * * libgnutls: Use pthread_atfork() to detect fork when available. + * * libgnutls: The gnutls_handshake() process will enforce a timeout by + default. + * * libgnutls: If a key purpose (extended key usage) is specified for verification, + it is applied into intermediate certificates. The verification result + GNUTLS_CERT_PURPOSE_MISMATCH is also introduced. + * * libgnutls: When gnutls_certificate_set_x509_key_file2() is used in + combination with PKCS #11, or TPM URLs, it will utilize the provided + password as PIN if required. That removes the requirement for the + application to set a callback for PINs in that case. + * * libgnutls: priority strings VERS-TLS-ALL and VERS-DTLS-ALL are + restricted to the corresponding protocols only, and the VERS-ALL + string is introduced to catch all possible protocols. + * * libgnutls: Added helper functions to obtain information on PKCS #8 + structures. + * * libgnutls: Certificate chains which are provided to gnutls_certificate_credentials_t + will automatically be sorted instead of failing with GNUTLS_E_CERTIFICATE_LIST_UNSORTED. + * * libgnutls: Added functions to export and set the record state. That + allows for gnutls_record_send() and recv() to be offloaded (to kernel, + hardware or any other subsystem). + * * libgnutls: Added the ability to register application specific URL + types, which express certificates and keys using gnutls_register_custom_url(). + * * libgnutls: Added API to override existing ciphers, digests and MACs, e.g., + to override AES-GCM using a system-specific accelerator. That is, (crypto.h) + gnutls_crypto_register_cipher(), gnutls_crypto_register_aead_cipher(), + gnutls_crypto_register_mac(), and gnutls_crypto_register_digest(). + * * libgnutls: Added gnutls_ext_register() to register custom extensions. + Contributed by Thierry Quemerais. + * * libgnutls: Added gnutls_supplemental_register() to register custom + supplemental data handshake messages. Contributed by Thierry Quemerais. + * * libgnutls-openssl: it is no longer built by default. + * * certtool: Added --p8-info option, which will print PKCS #8 information + even if the password is not available. + * * certtool: --key-info option will print PKCS #8 encryption information + when available. + * * certtool: Added the --key-id and --fingerprint options. + * * certtool: Added the --verify-hostname, --verify-email and --verify-purpose + options to be used in certificate chain verification, to simulate verification + for specific hostname and key purpose (extended key usage). + * * certtool: --p12-info option will print PKCS #12 MAC and cipher information + when available. + * * certtool: it will print the A-label (ACE) names in addition to UTF-8. + * * p11tool: added options --set-id and --set-label. + * * gnutls-cli: added options --priority-list and --save-cert. + * * guile: Deprecated priority API has been removed. The old priority API, + which had been deprecated for some time, is now gone; use 'set-session-priorities!' + instead. + * * guile: Remove RSA parameters and related procedures. This API had been + deprecated. + * * guile: Fix compilation on MinGW. Previously only the static version of the + 'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile. + +- updated to 3.3.13 (released 2015-03-30) + * * libgnutls: When retrieving OCTET STRINGS from PKCS #12 ContentInfo + structures use BER to decode them (requires libtasn1 4.3). That allows + to decode some more complex structures. + * * libgnutls: When an end-certificate with no name is present and there + are CA name constraints, don't reject the certificate. This follows RFC5280 + advice closely. Reported by Fotis Loukos. + * * libgnutls: Fixed handling of supplemental data with types > 255. + Patch by Thierry Quemerais. + * * libgnutls: Fixed double free in the parsing of CRL distribution points certificate + extension. Reported by Robert Święcki. + * * libgnutls: Fixed a two-byte stack overflow in DTLS 0.9 protocol. That + protocol is not enabled by default (used by openconnect VPN). + * * libgnutls: The maximum user data send size is set to be the same for + block and non-block ciphersuites. This addresses a regression with wine: + https://bugs.winehq.org/show_bug.cgi?id=37500 + * * libgnutls: When generating PKCS #11 keys, set CKA_ID, CKA_SIGN, + and CKA_DECRYPT when needed. + * * libgnutls: Allow names with zero size to be set using + gnutls_server_name_set(). That will disable the Server Name Indication. + Resolves issue with wine: https://gitlab.com/gnutls/gnutls/issues/2 +- new main library major version .so.30 +- requires new libnettle >= 3.1, p11-kit-devel >= 0.23.1 +- Now need to configure --enable-openssl-compatibility (might go away) +- added gnutls-fix-double-mans.patch: avoid double installing manpages +- dropped gnutls-3.0.26-skip-test-fwrite.patch: does not seem to be needed + anymore +- install_info_delete moved from %postun to %preun + +- for DANE support, use bcond_with +- for tpm support, same +- note p11-kit >= 0.20.7 requirement +- note libtasn1 3.9 requirement (built-in lib used otherwise) + +- disable trousers and unbound again for now, as it causes too long + build cycles. + +- added unbound-devel (for DANE) and trousers-devel (for TPM support) +- removed now upstreamed gnutls-implement-trust-store-dir-3.2.8.diff +- libgnutls-dane0 new library added +- updated to 3.3.13 (released 2015-02-25) + * * libgnutls: Enable AESNI in GCM on x86 + * * libgnutls: Fixes in DTLS message handling + * * libgnutls: Check certificate algorithm consistency, i.e., + check whether the signatureAlgorithm field matches the signature + field inside TBSCertificate. + * * gnutls-cli: Fixes in OCSP verification. +- Version 3.3.12 (released 2015-01-17) + * * libgnutls: When negotiating TLS use the lowest enabled version in + the client hello, rather than the lowest supported. In addition, do + not use SSL 3.0 as a version in the TLS record layer, unless SSL 3.0 + is the only protocol supported. That addresses issues with servers that + immediately drop the connection when the encounter SSL 3.0 as the record + version number. See: + http://lists.gnutls.org/pipermail/gnutls-help/2014-November/003673.html + * * libgnutls: Corrected encoding and decoding of ANSI X9.62 parameters. + * * libgnutls: Handle zero length plaintext for VIA PadLock functions. + This solves a potential crash on AES encryption for small size plaintext. + Patch by Matthias-Christian Ott. + * * libgnutls: In DTLS don't combine multiple packets which exceed MTU. + Reported by Andreas Schultz. https://savannah.gnu.org/support/?108715 + * * libgnutls: In DTLS decode all handshake packets present in a record + packet, in a single pass. Reported by Andreas Schultz. + https://savannah.gnu.org/support/?108712 + * * libgnutls: When importing a CA file with a PKCS #11 URL, simply + import the certificates, if the URL specifies objects, rather than + treating it as trust module. + * * libgnutls: When importing a PKCS #11 URL and we know the type of + object we are importing, don't require the object type in the URL. + * * libgnutls: fixed openpgp authentication when gnutls_certificate_set_retrieve_function2 + was used by the server. + * * certtool: --pubkey-info will also attempt to load a public key from stdin. + * * gnutls-cli: Added --starttls-proto option. That allows to specify a + protocol for starttls negotiation. +- Version 3.3.11 (released 2014-12-11) + * * libgnutls: Corrected regression introduced in 3.3.9 related to + session renegotiation. Reported by Dan Winship. + * * libgnutls: Corrected parsing issue with OCSP responses. +- Version 3.3.10 (released 2014-11-10) + * * libgnutls: Refuse to import v1 or v2 certificates that contain + extensions. + * * libgnutls: Fixes in usage of PKCS #11 token callback + * * libgnutls: Fixed bug in gnutls_x509_trust_list_get_issuer() when used + with a PKCS #11 trust module and without the GNUTLS_TL_GET_COPY flag. + Reported by David Woodhouse. + * * libgnutls: Removed superfluous random generator refresh on every call + of gnutls_deinit(). That reduces load and usage of /dev/urandom. + * * libgnutls: Corrected issue in export of ECC parameters to X9.63 format. + Reported by Sean Burford [GNUTLS-SA-2014-5]. + * * libgnutls: When gnutls_global_init() is called for a second time, it + will check whether the /dev/urandom fd kept is still open and matches + the original one. That behavior works around issues with servers that + close all file descriptors. + * * libgnutls: Corrected behavior with PKCS #11 objects that are marked + as CKA_ALWAYS_AUTHENTICATE. + * * certtool: The default cipher for PKCS #12 structures is 3des-pkcs12. + That option is more compatible than AES or RC4. +- Version 3.3.9 (released 2014-10-13) + * * libgnutls: Fixes in the transparent import of PKCS #11 certificates. + Reported by Joseph Peruski. + * * libgnutls: Fixed issue with unexpected non-fatal errors resetting the + handshake's hash buffer, in applications using the heartbeat extension + or DTLS. Reported by Joeri de Ruiter. + * * libgnutls: When both a trust module and additional CAs are present + account the latter as well; reported by David Woodhouse. + * * libgnutls: added GNUTLS_TL_GET_COPY flag for + gnutls_x509_trust_list_get_issuer(). That allows the function to be used + in a thread safe way when PKCS #11 trust modules are in use. + * * libgnutls: fix issue in DTLS retransmission when session tickets + were in use; reported by Manuel Pégourié-Gonnard. + * * libgnutls-dane: Do not require the CA on a ca match to be direct CA. + * * libgnutls: Prevent abort() in library if getrusage() fails. Try to + detect instead which of RUSAGE_THREAD and RUSAGE_SELF would work. + * * guile: new 'set-session-server-name!' procedure; see the manual for + details. + * * certtool: The authority key identifier will be set in a certificate only + if the CA's subject key identifier is set. +- Version 3.3.8 (released 2014-09-18) + * * libgnutls: Updates in the name constraints checks. No name constraints + will be checked for intermediate certificates. As our support for name + constraints is limited to e-mail addresses in DNS names, it is pointless + to check them on intermediate certificates. + * * libgnutls: Fixed issues in PKCS #11 object listing. Previously multiple + object listing would fail completely if a single object could not be exported. + * * libgnutls: Improved the performance of PKCS #11 object listing/retrieving, + by retrieving them in large batches. Report and suggestion by David + Woodhouse. + * * libgnutls: Fixed issue with certificates being sanitized by gnutls prior + to signature verification. That resulted to certain non-DER compliant modifications + of valid certificates, being corrected by libtasn1's parser and restructured as + the original. Issue found and reported by Antti Karjalainen and Matti Kamunen from + Codenomicon. + * * libgnutls: Fixes in gnutls_x509_crt_set_dn() and friends to properly handle + strings with embedded spaces and escaped commas. + * * libgnutls: when comparing a CA certificate with the trusted list compare + the name and key only instead of the whole certificate. That is to handle + cases where a CA certificate was superceded by a different one with the same + name and the same key. + * * libgnutls: when verifying a certificate against a p11-kit trusted + module, use the attached extensions in the module to override the CA's + extensions (that requires p11-kit 0.20.7). + * * libgnutls: In DTLS prevent sending zero-size fragments in certain cases + of MTU split. Reported by Manuel Pégourié-Gonnard. + * * libgnutls: Added gnutls_x509_trust_list_verify_crt2() which allows + verifying using a hostname and a purpose (extended key usage). That + enhances PKCS #11 trust module verification, as it can now check the purpose + when this function is used. + * * libgnutls: Corrected gnutls_x509_crl_verify() which would always report + a CRL signature as invalid. Reported by Armin Burgmeier. + * * libgnutls: added option --disable-padlock to allow disabling the padlock + CPU acceleration. + * * p11tool: when listing tokens, list their type as well. + * * p11tool: when listing objects from a trust module print any attached + extensions on certificates. +- Version 3.3.7 (released 2014-08-24) + * * libgnutls: Added function to export the public key of a PKCS #11 + private key. Contributed by Wolfgang Meyer zu Bergsten. + * * libgnutls: Explicitly set the exponent in PKCS #11 key generation. + That improves compatibility with certain PKCS #11 modules. Contributed by + Wolfgang Meyer zu Bergsten. + * * libgnutls: When generating a PKCS #11 private key allow setting + the WRAP/UNWRAP flags. Contributed by Wolfgang Meyer zu Bergsten. + * * libgnutls: gnutls_pkcs11_privkey_t will always hold an open session + to the key. + * * libgnutls: bundle replacements of inet_pton and inet_aton if not + available. + * * libgnutls: initialize parameters variable on PKCS #8 decryption. + * * libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1 + algorithms. + * * libgnutls: gnutls_x509_crt_check_hostname() will follow the RFC6125 + requirement of checking the Common Name (CN) part of DN only if there is + a single CN present in the certificate. + * * libgnutls: The environment variable GNUTLS_FORCE_FIPS_MODE can be used + to force the FIPS mode, when set to 1. + * * libgnutls: In DTLS ignore only errors that relate to unexpected packets + and decryption failures. + * * p11tool: Added --info parameter. + * * certtool: Added --mark-wrap parameter. + * * danetool: --check will attempt to retrieve the server's certificate + chain and verify against it. + * * danetool/gnutls-cli-debug: Added --app-proto parameters which can + be used to enforce starttls (currently only SMTP and IMAP) on the connection. + * * danetool: Added openssl linking exception, to allow linking + with libunbound. +- Version 3.3.6 (released 2014-07-23) + * * libgnutls: Use inet_ntop to print IP addresses when available + * * libgnutls: gnutls_x509_crt_check_hostname and friends will also check + IP addresses, and match documented behavior. Reported by David Woodhouse. + * * libgnutls: DSA key generation in FIPS140-2 mode doesn't allow 1024 + bit parameters. + * * libgnutls: fixed issue in gnutls_pkcs11_reinit() which prevented tokens + being usable after a reinitialization. + * * libgnutls: fixed PKCS #11 private key operations after a fork. + * * libgnutls: fixed PKCS #11 ECDSA key generation. + * * libgnutls: The GNUTLS_CPUID_OVERRIDE environment variable can be used to + explicitly enable/disable the use of certain CPU capabilities. Note that CPU + detection cannot be overriden, i.e., VIA options cannot be enabled on an Intel + CPU. The currently available options are: + 0x1: Disable all run-time detected optimizations + 0x2: Enable AES-NI + 0x4: Enable SSSE3 + 0x8: Enable PCLMUL + 0x100000: Enable VIA padlock + 0x200000: Enable VIA PHE + 0x400000: Enable VIA PHE SHA512 + * * libdane: added dane_query_to_raw_tlsa(); patch by Simon Arlott. + * * p11tool: use GNUTLS_SO_PIN to read the security officer's PIN if set. + * * p11tool: ask for label when one isn't provided. + * * p11tool: added --batch parameter to disable any interactivity. + * * p11tool: will not implicitly enable so-login for certain types of + objects. That avoids issues with tokens that require different login + types. + * * certtool/p11tool: Added the --curve parameter which allows to explicitly + specify the curve to use. +- Version 3.3.5 (released 2014-06-26) + * * libgnutls: Added gnutls_record_recv_packet() and gnutls_packet_deinit(). + These functions provide a variant of gnutls_record_recv() that avoids + the final memcpy of data. + * * libgnutls: gnutls_x509_crl_iter_crt_serial() was added as a + faster variant of gnutls_x509_crl_get_crt_serial() when coping with + very large structures. + * * libgnutls: When the decoding of a printable DN element fails, then treat + it as unknown and print its hex value rather than failing. That works around + an issue in a TURKTRST root certificate which improperly encodes the + X520countryName element. + * * libgnutls: gnutls_x509_trust_list_add_trust_file() will return the number + of certificates present in a PKCS #11 token when loading it. + * * libgnutls: Allow the post client hello callback to put the handshake on + hold, by returning GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED. + * * certtool: option --to-p12 will now consider --load-ca-certificate + * * certtol: Added option to specify the PKCS #12 friendly name on command line. + * * p11tool: Allow marking a certificate copied to a token as a CA. +- Version 3.3.4 (released 2014-05-31) + * * libgnutls: Updated Andy Polyakov's assembly code. That prevents a + crash on certain CPUs. +- Version 3.3.3 (released 2014-05-30) + * * libgnutls: Eliminated memory corruption issue in Server Hello parsing. + Issue reported by Joonas Kuorilehto of Codenomicon. + * * libgnutls: gnutls_global_set_mutex() was modified to operate with the + new initialization process. + * * libgnutls: Increased the maximum certificate size buffer + in the PKCS #11 subsystem. + * * libgnutls: Check the return code of getpwuid_r() instead of relying + on the result value. That avoids issue in certain systems, when using + tofu authentication and the home path cannot be determined. Issue reported + by Viktor Dukhovni. + * * libgnutls-dane: Improved dane_verify_session_crt(), which now attempts to + create a full chain. This addresses points from https://savannah.gnu.org/support/index.php?108552 + * * gnutls-cli: --dane will only check the end certificate if PKIX validation + has been disabled. + * * gnutls-cli: --benchmark-soft-ciphers has been removed. That option cannot + be emulated with the implicit initialization of gnutls. + * * certtool: Allow multiple organizations and organizational unit names to + be specified in a template. + * * certtool: Warn when invalid configuration options are set to a template. + * * ocsptool: Include path in ocsp request. This resolves #108582 + (https://savannah.gnu.org/support/?108582), reported by Matt McCutchen. +- Version 3.3.2 (released 2014-05-06) + * * libgnutls: Added the 'very weak' certificate verification profile + that corresponds to 64-bit security level. + * * libgnutls: Corrected file descriptor leak on random generator + initialization. + * * libgnutls: Corrected file descriptor leak on PSK password file + reading. Issue identified using the Codenomicon TLS test suite. + * * libgnutls: Avoid deinitialization if initialization has failed. + * * libgnutls: null-terminate othername alternative names. + * * libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly + on a PKCS #11 trust list. + * * libgnutls: Several small bug fixes identified using valgrind and + the Codenomicon TLS test suite. + * * libgnutls-dane: Accept a certificate using DANE if there is at least one + entry that matches the certificate. Patch by simon [at] arlott.org. + * * libgnutls-guile: Fixed compilation issue. + * * certtool: Allow exporting a CRL on DER format. + * * certtool: The ECDSA keys generated by default use the SECP256R1 curve + which is supported more widely than the previously used SECP224R1. +- Version 3.3.1 (released 2014-04-19) + * * libgnutls: Enforce more strict checks to heartbeat messages + concerning padding and payload. Suggested by Peter Dettman. + * * libgnutls: Allow decoding PKCS #8 files with ECC parameters + from openssl. + * * libgnutls: Several small bug fixes found by coverity. + * * libgnutls: The conditionally available self-test functions + were moved to self-test.h. + * * libgnutls: Fixed issue with the check of incoming data when two + different recv and send pointers have been specified. Reported and + investigated by JMRecio. + * * libgnutls: Fixed issue in the RSA-PSK key exchange, which would + result to illegal memory access if a server hint was provided. Reported + by André Klitzing. + * * libgnutls: Fixed client memory leak in the PSK key exchange, if a + server hint was provided. + * * libgnutls: Corrected the *get_*_othername_oid() functions. +- Version 3.3.0 (released 2014-04-10) + * * libgnutls: The initialization of the library was moved to a + constructor. That is, gnutls_global_init() is no longer required + unless linking with a static library or a system that does not + support library constructors. + * * libgnutls: static libraries are not built by default. + * * libgnutls: PKCS #11 initialization is delayed to first usage. + That avoids long delays in gnutls initialization due to broken PKCS #11 + modules. + * * libgnutls: The PKCS #11 subsystem is re-initialized "automatically" + on the first PKCS #11 API call after a fork. + * * libgnutls: certificate verification profiles were introduced + that can be specified as flags to verification functions. They + are enumerations in gnutls_certificate_verification_profiles_t + and can be converted to flags for use in a verification function + using GNUTLS_PROFILE_TO_VFLAGS(). + * * libgnutls: Added the ability to read system-specific initial + keywords, if they are prefixed with '@'. That allows a compile-time + specified configuration file to be used to read pre-configured priority + strings from. That can be used to impose system specific policies. + * * libgnutls: Increased the default security level of priority + strings (NORMAL and PFS strings require at minimum a 1008 DH prime), + and set a verification profile by default. The LEGACY keyword is + introduced to set the old defaults. + * * libgnutls: Added support for the name constraints PKIX extension. + Currently only DNS names and e-mails are supported (no URIs, IPs + or DNs). + * * libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to + SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL. + * * libgnutls: Added new API in x509-ext.h to handle X.509 extensions. + This API handles the X.509 extensions in isolation, allowing to parse + similarly formatted extensions stored in other structures. + * * libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS + can be used to specify a particular subgroup as the number of bits in + gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256). + * * libgnutls: DH parameter generation is now delegated to nettle. + That unfortunately has the side-effect that DH parameters longer than + 3072 bits, cannot be generated (not without a nettle update). + * * libgnutls: Separated nonce RNG from the main RNG. The nonce + random number generator is based on salsa20/12. + * * libgnutls: The buffer alignment provided to crypto backend is + enforced to be 16-byte aligned, when compiled with cryptodev + support. That allows certain cryptodev drivers to operate more + efficiently. + * * libgnutls: Return error when a public/private key pair that doesn't + match is set into a credentials structure. + * * libgnutls: Depend on p11-kit 0.20.0 or later. + * * libgnutls: The new padding (%NEW_PADDING) experimental TLS extension has + been removed. It was not approved by IETF. + * * libgnutls: The experimental xssl library is removed from the gnutls + distribution. + * * libgnutls: Reduced the number of gnulib modules used in the main library. + * * libgnutls: Added priority string %DISABLE_WILDCARDS. + * * libgnutls: Added the more extensible verification function + gnutls_certificate_verify_peers(), that allows checking, in addition + to a peer's DNS hostname, for the key purpose of the end certificate + (via PKIX extended key usage). + * * certtool: Timestamps for serial numbers were increased to 8 bytes, + and in batch mode to 12 (appended with 4 random bytes). + * * certtool: When no CRL number is provided (or value set to -1), then + a time-based number will be used, similarly to the serial generation + number in certificates. + * * certtool: Print the SHA256 fingerprint of a certificate in addition + to SHA1. + * * libgnutls: Added --enable-fips140-mode configuration option (unsupported). + That option enables (when running on FIPS140-enabled system): + o RSA, DSA and DH key generation as in FIPS-186-4 (using provable primes) + o The DRBG-CTR-AES256 deterministic random generator from SP800-90A. + o Self-tests on initialization on ciphers/MACs, public key algorithms + and the random generator. + o HMAC-SHA256 verification of the library on load. + o MD5 is included for TLS purposes but cannot be used by the high level + hashing functions. + o All ciphers except AES are disabled. + o All MACs and hashes except GCM and SHA are disabled (e.g., HMAC-MD5). + o All keys (temporal and long term) are zeroized after use. + o Security levels are adjusted to the FIPS140-2 recommendations (rather + than ECRYPT). + +- build with PIE for commandline tools + +- Updated to 3.2.21 (released 2014-12-11) + - libgnutls: Corrected regression introduced in 3.2.19 related to + session renegotiation. Reported by Dan Winship. + - libgnutls: Corrected parsing issue with OCSP responses. + +- Updated to 3.2.20 (released 2014-11-10) + * * libgnutls: Removed superfluous random generator refresh on every + call of gnutls_deinit(). That reduces load and usage of /dev/urandom. + * * libgnutls: Corrected issue in export of ECC parameters to X9.63 + format. Reported by Sean Burford [GNUTLS-SA-2014-5]. + (CVE-2014-8564 bnc#904603) +- Updated to 3.2.19 (released 2014-10-13) + * * libgnutls: Fixes in the transparent import of PKCS #11 certificates. + Reported by Joseph Peruski. + * * libgnutls: Fixed issue with unexpected non-fatal errors resetting the + handshake's hash buffer, in applications using the heartbeat extension + or DTLS. Reported by Joeri de Ruiter. + * * libgnutls: fix issue in DTLS retransmission when session tickets were + in use; reported by Manuel Pégourié-Gonnard. + * * libgnutls: Prevent abort() in library if getrusage() fails. Try to + detect instead which of RUSAGE_THREAD and RUSAGE_SELF would work. + * * guile: new 'set-session-server-name!' procedure; see the manual + for details. + grub2 +- NVMeoFC support on grub (jsc#PED-996) + * 0001-ieee1275-add-support-for-NVMeoFC.patch + * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch + * 0003-ieee1275-change-the-logic-of-ieee1275_get_devargs.patch + * 0004-ofpath-controller-name-update.patch +- TDX: Enhance grub2 measurement to TD RTMR (jsc#PED-1265) + * 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch + * 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch + * 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch +- Measure the kernel on POWER10 and extend TPM PCRs (PED-1990) + * 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch + * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch + +- Include loopback into signed grub2 image (jsc#PED-2150) + +- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276) + * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch + * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch + * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch + * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch + * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch + * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch + * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch + * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch + * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch + * 0010-protectors-Add-key-protectors-framework.patch + * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch + * 0012-protectors-Add-TPM2-Key-Protector.patch + * 0013-cryptodisk-Support-key-protectors.patch + * 0014-util-grub-protect-Add-new-tool.patch +- Fix no disk unlocking happen (bsc#1196668) + * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch +- Fix build error + * fix-tpm2-build.patch + +- Fix installation failure due to unavailable nvram device on + ppc64le (bsc#1201361) + * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch + inxi +- Updated to version 3.3.21: + * /usr/share/doc/packages/inxi/inxi.changelog. + +- update to 3.3.20: + 1a. More or less completed verification of AMD cpu microarch/built/process, and + added more accurate fallback cases for stray model IDs. + 1b. Extended Intel cpu data a bit more as well. Thanks linuxdaddy from slackware + for the research help there. + 2. Tentative support for finit init system (fast init). Runs in /proc/1/comm, + uses initctl, which may have been revived from its upstart days, not sure. Added + potential support for nosh, linux only, don't know how to detect other bsd init + system. + 3. Added amd/intel gpu product IDs. + 4. Added shortcut --filter-all/--za, activates all filters: -z, --zl, --zu, + - -zv. Why not? + 5. Added support for dm types kdmctl and xdmctl, opensuse and maybe redhat use + the latter to start the actual dm running the desktop/wm. You want to see that + because you need to do systemctl restart xdm to restart the actual dm. Thanks + mrmazda for pointing out this one. + 6. Added AlmaLinux, RockyLinux, CentosStream to system base (RHEL derived). + 7. Basic Raptor Lake gpu/apu support added, with patterns to detect since few + product ids yet. Same applies to Arctic and Alchemist, which still have no + product IDs. + 8. More disk vendors and disk vendor ids, never stops - the waters flow on, the + rain falls, then the sun comes out. Until one day it doesn't. + * /usr/share/doc/packages/inxi/inxi.changelog. + irqbalance +- run tests +- add Avoid-double-free-on-deinit_thermal.patch (bsc#1204607) + +- add uninitialized.patch (bsc#1204371) +- build with thermald support on x86_64 (jsc#PED-1039) + +- update to 1.9.1: + * get irq->module relationship from /sys/bus/pci/*/driver + * ensure --banmod is respected + * check whether savedptr is NULL before invoking strlen + * add meson + * support thermal events + * fix irqbalance never exits + * irqbalance-ui: able to scroll and show coulist and irqs' name +- drop proc-interrupts.patch (upstream) + D proc-interrupts.patch + +- Update to version 1.9.0: + * correct wait time in oneshot mode + * Document updates + * disable irqbalance when we only have a single cpu/cache domain + * fix UI to fetch full messages from UNIX socket + * avoid some buffer overflows + * fix UI printf style formatting + * drop bounding set from irqbalance + +- proc-interrupts.patch: parse_proc_interrupts: fix parsing interrupt + counts + jack +- Added 0001-Make-jack_control-python2-3-compatible.patch from git + to fix boo#1132458. + +- Remove unnecessary requires for libjack0 and remove obsolete + comments. +- Use %license on "COPYING" + +- Add upstream patch to fix return value check of mmap() (boo#1108981): + fix-mmap-return-value-check.patch + +- Update the waf code to the 2.0 series in order to work under + python3.7 taken from upstream git: + * jack-waf2.patch + -- Update to release 1.9.10 -- Removed patches jack-wafdocbuild.patch and aarch64.patch as they - are now in upstream. -- Upstream changes: - * Correct JackPortAudioDriver::Open : special case for ASIO drivers. - * Correct JackEngine::NotifyGraphReorder : graph-order callback now notified after port latencies update. - * netjack/opus: don't re-init en/decoders. - * Use string ids in the alsa device list. - * controlapi: fix double free on master switch. - * netjack1/netone opus support. - * netjack1/2 Opus: use only 2bytes for encoded-length. - * wscript: add header defines and libs for example-clients/netsource. - * fix duplicate prog.includes. - * More robust channel mapping handling in JackCoreAudioDriver. - * Add opus support to NetJack2. - * jack_control: fix epr command. - * Update JackCoreAudioDriver and JackCoreAudioAdapter with more recent API. - * Devin Anderson patch for Jack/CoreMIDI duplicated messages. - * Fix in ALSA adapter. - * Fix alsa driver parameter order. - * Control API: Enforce driver/internal parameter order. - * Extend jack_control to have parameter reset commands. - * Align buffers to 32 byte boundaries to allow AVX processing. - * New jack_get_cycle_times() implementation from Fons Adriennsen. - * Update waf. - * [firewire] Introduce UpdateLatencies() in FFADO backend. - * [firewire] Allow FFADO backend to change the buffer size. - * Rework JackMessageBuffer. - * POST_PACKED_STRUCTURE used for jack_latency_range_t type. - * Remove JACK_32_64 flag, so POST_PACKED_STRUCTURE now always used. - * Improve libjacknet master mode. - * In control API, UNIX like sigset_t replaced by more abstract jackctl_sigmask_t * opaque struct. - * Check server API callback from notification thread. - * Use a time-out in notification channel write function. - * Fix lock management in JackEngine. - * A bit more robust JackMessageBuffer implementation (in progress). - * Rename JackProcessSync in JackPosixProcessSync. - * Fix NetJack2 initialisation bug. - * Improve ShutDown in NetManager. - * Correct ShutDown in JackInternalClient and JackLibClient. - * Implement shutdown for in server clients. - * Better time-out management in NetJack2. - * More robust server/client protocol. - * Factorize code the server/client request in JackRequestDecoder class. - * Cleanup drivers and internals loading code. - * jackctl_driver_params_parse API moved in public control.h. - * More general drivers/internals loading model on Windows. - * Fix library symbols export issue. - * Adrian Knoth fix in midiseq.c. - -- Enable firewire only for 12.1+ due to lack of libffado-devel - -- add aarch64.patch - -- license update: GPL-2.0+ and LGPL-2.1+ - jack server is licensed under GPL-2.0+ - -- Added url as source. - Please see http://en.opensuse.org/SourceUrls - -- Update to release 1.9.9.5 for bnc#801442 -- Removed patches: jack-uc_regs.patch, jack-segfault.patch they are - incorporated. -- Doxygen build doesn't work created jack-wafdocbuild.patch. -- Upstream changes : - * Adrian Knoth fix in midiseq.c. - * Fix library symbols export issue. - * Cleanup drivers and internals loading code. - * jackctl_driver_params_parse API moved in public control.h. - * Factorize code the server/client request in JackRequestDecoder class. - * More robust server/client protocol. - * Better time-out management in NetJack2. - * Improve ShutDown in NetManager. - * Correct ShutDown in JackInternalClient and JackLibClient. - * Fix NetJack2 initialisation bug. Add EndTime function. - * Rename JackProcessSync in JackPosixProcessSync. - * A bit more robust JackMessageBuffer implementation. - * Check server API callback from notification thread. - * Use a time-out in notification channel write function. - * Fix lock management in JackEngine. - * In control API, UNIX like sigset_t replaced by more abstract jackctl_sigmask_t * opaque struct. - * Improve libjacknet master mode. - * Remove JACK_32_64 flag, so POST_PACKED_STRUCTURE now always used. POST_PACKED_STRUCTURE used for jack_latency_range_t type. - * Rework JackMessageBuffer. - * [firewire] Introduce UpdateLatencies() in FFADO backend. - * [firewire] Allow FFADO backend to change the buffer size. - * Update waf. - * New jack_get_cycle_times() implementation from Fons Adriennsen. - * Align buffers to 32 byte boundaries to allow AVX processing. - * Extend jack_control to have parameter reset commands. - * Fix alsa driver parameter order. - * Control API: Enforce driver/internal parameter order. - * Fix in ALSA adapter. - * Devin Anderson patch for Jack/CoreMIDI duplicated messages. - * Change framework installation hierarchy for OSX Mountain Lion. - * Update JackCoreAudioDriver and JackCoreAudioAdapter with more recent API. - * jack_control: fix epr command. - * Add opus support to NetJack2. - * More robust channel mapping handling in JackCoreAudioDriver. - * netjack1/netone opus support. controlapi: fix double free on master switch. - * Use string ids in the alsa device list. netjack/opus: don't re-init en/decoders. - * Correct JackPortAudioDriver::Open : special case for ASIO drivers. - * waf: configure option for enforcing autostart method - * ALSA devices reservation fixes. - -- fix R_PPC64_ADDR32 fff85e94858 for symbol `' out of range -- fix jack_connect segfault - -- Disable parallel build to limit resource usage and prevent hung - build hosts. - -- Update to version 1.9.8 -- Remade jack-celt-build-fix.diff -- Upstream changes : -- Merge newer-midi branch (Devin Anderson redesign of the - MIDI drivers: alsarawmidi, ffado, coremidi and winmme). -- Correction in jackdmp.cpp: notify_server_stop should be done - after server destruction. -- Correct driver lifetime management. -- Add XRun detection in PortAudio driver. -- CELT code for NetJack2. -- Merge branch switch-master-port-registration-notifications: - correct driver port registration. -- Libjacknet in progress. -- Correct MIDI in NetJack2. -- Correct OSX real-time thread setup. -- Correct rd_acquire in dbus code. -- Correct NetJack2 connection handling. -- SaveConnections/RestoreConnections in NetDriver and JackAudioDriver. -- Special version of jack_attach_shm/jack_release_shm on client - side for POSIX shared memory, to solve a memory leak issue. -- Another round of code improvements to handle completely - buggy Digidesign CoreAudio user-land driver. -- Special CATCH_CLOSE_EXCEPTION_RETURN to handle Close API calls. -- Add JACK_NETJACK_PORT and JACK_NETJACK_MULTICAST environment - variables for NetJack2. -- NetJack2 now only send data on network only is ports are connected - both sides. -- Fix for "starting two instances of same app in parallel does not - work" bug. -- Enable explicit channel mapping in CoreAudio driver. -- New JackTimedDriver class to be used by JackDummyDriver, - JackNetDriver and JackNetOneDriver classes. -- More robust code in synchronization primitives and JackMessageBuffer. -- More robust Control API implementation. -- Add jackctl_driver_get_type in Control API. -- Singleton behaviour for JackCoreMidiDriver and JackWinMMEDriver. -- John Emmas patch for DSP CPU computation. -- John Emmas Windows server launching patch. -- Fix jack_set_port_name API. -- Enable local access in NetJack2 code. -- Dynamic port management in JACK/CoreMidi bridge. - -- ppc64 doesn't have uc_regs - -- drop jack-CAS.diff patch to fix non ia32/x86_64/ppc build, - seems to be fixed upstream similar - -- Enabled dbus support requested on multimedia list -- Disabled engine profiling - -- Removed malfunctioning services - -- Update to version 1.9.7 -- Upstream changes : - * Sync JackAlsaDriver::alsa_driver_check_card_type with JACK1 backend. - * Improve backend error handling: fatal error returned by Read/Write - now cause a Process failure (so a thread exit for blocking backends). - * Recoverable ones (XRuns..) are now treated internally in ALSA and - FFADO backends. - * In jackdmp.cpp, jackctl_setup_signals moved before jackctl_server_start. - * Correct dummy driver. - * Adrian Knoth jack_lsp patch. - * Remove JackPortIsActive flag. - * New latency API implementation. - * ComputeTotalLatencies now a client/server call. - * Add latent test client for latency API. - * Also print playback and capture latency in jack_lsp. - * jack_client_has_session_callback implementation. - * Check requested buffer size and limit to 1..8192 avoids weird - behaviour caused by jack_bufsize foobar. - * jack_port_type_get_buffer_size implementation. - * Stop using alloca and allocate buffer on the heap for alsa_io. - * Rename jdelay to jack_iodelay as per Fons' request. - * Call buffer size callback in activate (actually this is done on - client side in the RT thread Init method). - * Add jack_midi_dump client. Synchronize net JACK1 with JACK1 version. - * Synchronize jack_connect/jack_disconnect with JACK1 version. - * Correct JackNetMaster::SetBufferSize. - * Use jack_default_audio_sample_t instead of float consistently, - fix ticket #201. -X now allows to add several slave backends, add -I - to load several internal clients. - * Rework internal slave driver management, JackServerGlobals now - handle same parameters as jackdmp. - * Correct JackEngine::NotifyGraphReorder, update JackDebugClient - with latest API. - * Devin Anderson server-ctl-proposal branch merged on trunk: improved - control API, slave backend reworked. - * Implement renaming in JackDriver::Open to avoid name collision. - * Correct alsa_driver_restart (thanks Devin Anderson). - * Correction of jack_connect/jack_disconnect: use of jack_activate - and volatile keyword for thread shared variable. - * Correction of JackNetOneDriver for latest CELT API. - * Synchronize JackWeakAPI.cpp with new APIs. - -- Added jack-celt-build-fix.diff to fix jack build with celt-0.9.1 - -- Update to version 1.9.6 -- Upstream changes : - * Improve JackCoreAudioDriver and JackCoreAudioAdapter : when no - devices are described, takes default input and output and - aggregate them. - * Correct JackGraphManager::DeactivatePort. - * Correct JackMachServerChannel::Execute : keep running even in - error cases. - * Raise JACK_PROTOCOL_VERSION number. Arnold Krille firewire patch. - * Fix some file header to have library side code use LGPL. - * ffado-portname-sync.patch from ticket #163 applied. - * Remove call to exit in library code. - * Make jack_connect/jack_disconnect wait for effective port - connection/disconnection. - * Add tests to validate intclient.h API. - * On Linux, inter-process synchronization primitive switched to - POSIX semaphore. - * In JackCoreAudioDriver, move code called in MeasureCallback to be - called once in IO thread. - * David Garcia Garzon netone patch. - * Fix from Fernando Lopez-Lezcano for compilation on fc13. - * Fix JackPosixSemaphore::TimedWait : same behavior as - JackPosixSemaphore::Wait regarding EINTR. - * David Garcia Garzon unused_pkt_buf_field_jack2 netone patch. - * Arnold Krille firewire snooping patch. - * Jan Engelhardt patch for get_cycles on SPARC. - * Adrian Knoth hurd.patch, kfreebsd-fix.patch and - alpha_ia64-sigsegv.patch from ticket 177. - * Adrian Knoth fix for linux cycle.h (ticket 188). - * In JackCoreAudioDriver, fix an issue when no value is given for - input. - -- Enable ffado firewire support - -- Provide missing functions to enable SPARC compilation - -- Build fix: make sure $RPM_OPT_FLAGS is in CFLAGS (SPARC _needs_ - its -march=ultrasparc from prjconf to make atomic ops available) -- Strip remaining CFLAGS since they are the same as in prjconf - -- use _smp_mflags instead of -j'percent'{jobs} - -- Update to jack-1.9.5 which now has support for distributing audio - processing across a network. -- Removed jack-shmat-check-fix.diff. - -- remove libfreebob dependency - -- minor spec file clean-ups - -- update to 0.118.0 -- don't use gcc4 patch and all that autotool stuff before ./configure -- fixed dependencies (missing versions) - -- add baselibs.conf as a source - -- fix minor strdup memory leaks (bnc#539096) - -- fix requires of devel package (libjack requires libsamplerate now) - -- add libsndfile and libsamplerate to buildrequires to support - netjack driver - -- fix mismatching pclose() (bnc#514072) - -- updated to version 0.116.2: - * Stable version update since 0.109.2: quite lots of fixes and - updates. See - http://jackaudio.org/node/20 - http://jackaudio.org/node/21 - http://jackaudio.org/node/22 - jasper +- security update: + * CVE-2022-2963 [bsc#1202642] + + jasper-CVE-2022-2963.patch + kdump +- fix broken URL in manpage (bsc#1187312) +- kdumptool calibrate: modify fadump suggestions (jsc#IBM-1027) + kernel-default +- scsi: qedi: Remove redundant flush_workqueue() calls + (jsc#PED-1525). +- Refresh + patches.suse/scsi-iscsi-Fix-session-removal-on-shutdown.patch. +- commit 57a0d4f + +- scsi: qedf: Fix a UAF bug in __qedf_probe() (jsc#PED-1524). +- scsi: qedf: Fix typo in comment (jsc#PED-1524). +- scsi: qedf: Remove redundant variable op (jsc#PED-1524). +- scsi: qedf: Remove an unneeded NULL check on list iterator + (jsc#PED-1524). +- scsi: qedf: Remove unnecessary code (jsc#PED-1524). +- scsi: qedf: Stop using the SCSI pointer (jsc#PED-1524). +- scsi: qedf: Change context reset messages to ratelimited + (jsc#PED-1524). +- scsi: qedf: Fix refcount issue when LOGO is received during TMF + (jsc#PED-1524). +- scsi: qedf: Add stag_work to all the vports (jsc#PED-1524). +- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting + (jsc#PED-1525). +- scsi: qedi: Remove set but unused 'page' variable + (jsc#PED-1525). +- scsi: qedi: Fix cmd_cleanup_cmpl counter mismatch issue + (jsc#PED-1525). +- commit a20fd84 + +- Update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1 +- commit a5edbce + +- usb: gadget: pxa25x_udc: Constify static struct pxa25x_ep_ops + (jsc#PED-1817). +- commit ecf622b + +- usb: gadget: udc: core: Use pr_fmt() to prefix messages + (jsc#PED-1817). +- commit 986d674 + +- USB: gadget: Rename usb_gadget_probe_driver() (jsc#PED-1817). +- commit ec7b016 + +- ALSA: hiface: fix repeated words in comments (git-fixes). +- commit 1897e56 + +- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support + (git-fixes). +- ALSA: scarlett2: Add support for the internal "standalone" + switch (git-fixes). +- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections + (git-fixes). +- ALSA: usb-audio: scarlett2: Use struct_size() helper in + scarlett2_usb() (git-fixes). +- commit 51a746f + +- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos + (git-fixes). +- Refresh + patches.suse/ALSA-usb-audio-More-comprehensive-mixer-map-for-ASUS.patch. +- commit aad3dbe + +- ALSA: line6: remove line6_set_raw declaration (git-fixes). +- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support + (git-fixes). +- ALSA: usb-audio: make read-only array marker static const + (git-fixes). +- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes). +- ALSA: usb/6fire: fix repeated words in comments (git-fixes). +- ALSA: usb-audio: remove redundant assignment to variable c + (git-fixes). +- commit 7b36d72 + +- ring-buffer: Check for NULL cpu_buffer in + ring_buffer_wake_waiters() (bsc#1204705). +- commit 2e712ad + +- USB / dwc3: Fix three doc-build warnings (jsc#PED-1817). +- commit 654acff + +- usb: dwc3: fix backwards compat with rockchip devices + (jsc#PED-1817). +- commit c7590b2 + +- usb: dwc3: core: do not use 3.0 clock when operating in 2.0 mode + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-core-Enable-GUCTL1-bit-10-for-fixing-termin.patch. +- commit 02bd07f + +- usb: dwc3: imx8mp: rename iomem base pointer (jsc#PED-1817). +- commit 0504947 + +- usb: dwc3: drd: Don't check against CONFIG_OF (jsc#PED-1817). +- commit ce7e9f1 + +- usb: dwc3: Program GFLADJ (jsc#PEd-1817). +- commit daeb10e + +- usb: dwc3: Calculate REFCLKPER based on reference clock + (jsc#PED-1817). +- commit a22b861 + +- usb: dwc3: Get clocks individually (jsc#PED-1817). +- blacklist.conf: +- commit 3423db7 + +- usb: dwc3: drd: Add support for usb-conn-gpio based + usb-role-switch (jsc#PED-1817). +- commit 80843c9 + +- Correct JIRA reference for these patches (jsc#PED-1496). + Use implementation, not the Epic: +- Update + patches.suse/scsi-be2iscsi-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- Update patches.suse/scsi-bnx2i-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Fix-harmless-double-shift-bug.patch + (jsc#PED-1496). +- Update patches.suse/scsi-iscsi-Merge-suspend-fields.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Remove-iscsi_get_task-back_lock-requirement.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Rename-iscsi_conn_queue_work.patch + (jsc#PED-1496). +- Update patches.suse/scsi-iscsi-Stop-using-the-SCSI-pointer.patch + (jsc#PED-1496). +- Update patches.suse/scsi-qedi-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- commit 71bf164 + +- scsi: core: Fix early registration of sysfs attributes for + scsi_device (jsc#PED-1561). +- commit dfe7dcb + +- scsi: core: Remove two host template members that are no longer + used (jsc#PED-1561). +- scsi: usb: Switch to attribute groups (jsc#PED-1561). +- scsi: staging: unisys: Remove the shost_attrs member + (jsc#PED-1561). +- commit 036b753 + +- scsi: zfcp: Switch to attribute groups (jsc#PED-1561). +- scsi: message: fusion: Switch to attribute groups + (jsc#PED-1561). +- scsi: RDMA/srp: Switch to attribute groups (jsc#PED-1561). +- scsi: firewire: sbp2: Switch to attribute groups (jsc#PED-1561). +- commit ad14a91 + +- scsi: ata: Switch to attribute groups (jsc#PED-1561). +- libata: Introduce ncq_prio_supported sysfs sttribute + (jsc#PED-1561). +- libata: print feature list on device scan (jsc#PED-1561). +- libata: fix ata_read_log_page() warning (jsc#PED-1561). +- commit dc4d292 + +- libata: cleanup NCQ priority handling (jsc#PED-1561). +- Update + patches.suse/libata-Add-ATA_HORKAGE_NO_NCQ_ON_ATI-for-Samsung-860.patch + (jsc#PED-1561). +- commit d313a88 + +- libata: cleanup ata_dev_configure() (jsc#PED-1561). +- libata: cleanup device sleep capability detection + (jsc#PED-1561). +- libata: simplify ata_scsi_rbuf_fill() (jsc#PED-1561). +- commit 01272a8 + +- scsi: qla2xxx: Switch to attribute groups (jsc#PED-1561). +- Refresh + patches.suse/scsi-qla2xxx-edif-remove-old-doorbell-interface.patch. +- commit 6464680 + +- scsi: lpfc: Switch to attribute groups (jsc#PED-1561). +- Refresh + patches.suse/scsi-lpfc-Remove-Menlo-Hornet-related-code.patch. +- Refresh + patches.suse/scsi-lpfc-Remove-SANDiags-related-code.patch. +- Refresh + patches.suse/scsi-lpfc-Remove-failing-soft_wwn-support.patch. +- Refresh + patches.suse/scsi-lpfc-move-scsi_host_template-outside-dynamically.patch. +- commit 4aeb242 + +- scsi: snic: Switch to attribute groups (jsc#PED-1561). +- scsi: smartpqi: Switch to attribute groups (jsc#PED-1561). +- scsi: qla4xxx: Switch to attribute groups (jsc#PED-1561). +- scsi: qedf: Switch to attribute groups (jsc#PED-1561). +- scsi: pm8001: Switch to attribute groups (jsc#PED-1561). +- scsi: sym53c500_cs: Switch to attribute groups (jsc#PED-1561). +- scsi: ncr53c8xx: Switch to attribute groups (jsc#PED-1561). +- scsi: myrs: Switch to attribute groups (jsc#PED-1561). +- scsi: myrb: Switch to attribute groups (jsc#PED-1561). +- scsi: mvsas: Switch to attribute groups (jsc#PED-1561). +- scsi: mpt3sas: Switch to attribute groups (jsc#PED-1561). +- scsi: megaraid_sas: Switch to attribute groups (jsc#PED-1561). +- scsi: megaraid_mbox: Switch to attribute groups (jsc#PED-1561). +- scsi: isci: Switch to attribute groups (jsc#PED-1561). +- scsi: ipr: Switch to attribute groups (jsc#PED-1561). +- scsi: ibmvfc: Switch to attribute groups (jsc#PED-1561). +- scsi: ibmvscsi: Switch to attribute groups (jsc#PED-1561). +- scsi: hptiop: Switch to attribute groups (jsc#PED-1561). +- scsi: hpsa: Switch to attribute groups (jsc#PED-1561). +- scsi: hisi_sas: Switch to attribute groups (jsc#PED-1561). +- scsi: fnic: Switch to attribute groups (jsc#PED-1561). +- scsi: cxlflash: Switch to attribute groups (jsc#PED-1561). +- scsi: csiostor: Switch to attribute groups (jsc#PED-1561). +- scsi: bnx2fc: Switch to attribute groups (jsc#PED-1561). +- scsi: bfa: Switch to attribute groups (jsc#PED-1561). +- scsi: arcmsr: Switch to attribute groups (jsc#PED-1561). +- scsi: aacraid: Switch to attribute groups (jsc#PED-1561). +- scsi: 53c700: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-xxxx: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-sas: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-9xxx: Switch to attribute groups (jsc#PED-1561). +- commit 3ddf4fd + +- Update patch references to + patches.suse/0001-floppy-disable-FDRAWCMD-by-default.patch + (bsc#1200692 CVE-2022-33981). +- commit 913147c + +- usb: dwc3: Drop unneeded calls to platform_get_resource_byname() + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-disable-USB-core-PHY-management.patch. +- commit cb5354a + +- usb: gadget: remove unnecessary AND operation when get ep maxp + (jsc#PED-1817). +- commit 528613b + +- usb: gadget: udc: core: Introduce check_config to verify USB + configuration (jsc#PEd-1817). +- commit 69ec7cd + +- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914). +- commit 0d14223 + +- iommu/vt-d: Do not falsely log intel_iommu is unsupported + kernel option (bsc#1204947). +- commit 440c18c + +- wifi: brcmfmac: Fix potential buffer overflow in + brcmf_fweh_event_worker() (CVE-2022-3628 bsc#1204868). +- commit 968feec + +- usb: dwc3: gadget: Support Multi-Stream Transfer (jsc#PED-531). +- commit 0ed805f + +- usb: dwc3: gadget: Skip resizing EP's TX FIFO if already resized + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch. +- commit b389709 + +- usb: dwc3: reference clock period configuration (jsc#PED-1817). +- commit 8ce586b + +- Drop Dell Dock regression fix patch again (bsc#1204719) + It tunred out to be bogus, a different fix is needed +- commit 2c62bb9 + +- usb: dwc3: drd: use helper to get role-switch-default-mode + (jsc#PED-1817). +- commit 7f03301 + +- usb: dwc3: Resize TX FIFOs to meet EP bursting requirements + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-core-Fix-tx-rx-threshold-settings.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-starting-DWC3-gadget-during-UD.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch. +- commit 68d4f6e + +- scsi: lpfc: Update the obsolete adapter list (bsc#1204142). +- commit dc8f2da + +- scsi: qla2xxx: Use transport-defined speed mask for + supported_speeds (bsc#1204963). +- scsi: qla2xxx: Fix serialization of DCBX TLV data request + (bsc#1204963). +- commit d6d1732 + +- Move upstreamed sound patches into sorted section +- commit a5b0f8c + +- ALSA: usb-audio: Fix regression with Dell Dock jack detection + (bsc#1204719). +- commit ec69ec6 + +- Kbuild: add -Wno-shift-negative-value where -Wextra is used + (bsc#1204877). +- Kbuild: use -Wdeclaration-after-statement (bsc#1204877). +- Refresh patches.suse/Kbuild-move-to-std-gnu11.patch. +- Refresh + patches.suse/Kbuild-use-std-gnu11-for-KBUILD_USERCFLAGS.patch. +- commit e76ac45 + +- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957). +- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for + transceiver info (bsc#1204957). +- scsi: lpfc: Log when congestion management limits are in effect + (bsc#1204957). +- scsi: lpfc: Fix hard lockup when reading the rx_monitor from + debugfs (bsc#1204957). +- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is + turned off (bsc#1204957). +- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited" + (bsc#1204957). +- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957). +- commit f06c1f8 + +- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes) + [#] Conflicts: + [#] series.conf +- commit cc60033 + +- RDMA/irdma: Use net_type to check network type (git-fixes) + [#] Conflicts: + [#] series.conf +- commit cc0ac5a + +- Drop verbose nvme logging feature (bsc#1200567) + This feature caused regressions by logging all failed NVMe + commands. Though not all of them are actually a real + error. E.g. libnvme is probing for features and handling fails + correctly. Upstream fixed this by disabling this feature and looking + into making this an opt-in option. +- Delete patches.suse/nvme-add-verbose-error-logging.patch. +- Delete + patches.suse/nvme-don-t-print-verbose-errors-for-internal-passthr.patch. +- commit a82baa8 + +- RDMA/irdma: Validate udata inlen and outlen (git-fixes) +- commit c66230c + +- RDMA/irdma: Add support for address handle re-use (git-fixes) +- commit 456aa9c + +- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes) +- commit 01da806 + +- selftests/livepatch: better synchronize test_klp_callbacks_busy + (bsc#1071995). +- commit 82010dd + +- livepatch: Add a missing newline character in + klp_module_coming() (bsc#1071995). +- commit 82368b9 + +- RDMA/srp: Support more than 255 rdma ports (git-fixes) +- commit 6da7233 + +- RDMA/srp: Handle dev_set_name() failure (git-fixes) +- commit 2aa5768 + +- RDMA/srp: Use the attribute group mechanism for sysfs attributes (git-fixes) +- commit ee393a3 + +- RDMA/srp: Rework the srp_add_port() error path (git-fixes) +- commit cf4fa33 + +- livepatch: fix race between fork and KLP transition + (bsc#1071995). +- commit bc0a77a + +- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes) +- commit fecc405 + +- RDMA/srpt: Fix a use-after-free (git-fixes) +- commit e0cd3e8 + +- RDMA/srpt: Duplicate port name members (git-fixes) +- commit accb2fe + +- Input: applespi - avoid efivars API and invoke EFI services + directly (jsc#PED-1409). +- brcmfmac: Switch to appropriate helper to load EFI variable + contents (jsc#PED-1409). +- iwlwifi: Switch to proper EFI variable store interface + (jsc#PED-1409). +- media: atomisp_gmin_platform: stop abusing efivar API + (jsc#PED-1409). +- commit af0a2c9 + +- Update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch + (bsc#1204693). +- commit 9cde40b + +- efi: libstub: check Shim mode using MokSBStateRT (jsc#PED-1409). +- efi: x86: Wipe setup_data on pure EFI boot (jsc#PED-1409). +- efi: efibc: Guard against allocation failure (jsc#PED-1409). +- efi/x86: libstub: remove unused variable (jsc#PED-1409). +- efi: vars: Move efivar caching layer into efivarfs + (jsc#PED-1409). +- efi: vars: Switch to new wrapper layer (jsc#PED-1409). +- efi: vars: Remove deprecated 'efivars' sysfs interface + (jsc#PED-1409). + Update config files. + Refresh + patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch. +- efi: vars: Drop __efivar_entry_iter() helper which is no longer + used (jsc#PED-1409). +- efi: pstore: Omit efivars caching EFI varstore access layer + (jsc#PED-1409). +- pstore: Add priv field to pstore_record for backend specific + use (jsc#PED-1409). +- pstore: Don't use semaphores in always-atomic-context code + (jsc#PED-1409). +- commit db34623 + +- drivers: fix typo in firmware/efi/memmap.c (jsc#PED-1409). +- efi: vars: Use locking version to iterate over efivars linked + lists (jsc#PED-1409). +- efi: vars: Add thin wrapper around EFI get/set variable + interface (jsc#PED-1409). +- efi: vars: Don't drop lock in the middle of efivar_init() + (jsc#PED-1409). +- efi: efibc: avoid efivar API for setting variables + (jsc#PED-1409). +- efi: avoid efivars layer when loading SSDTs from variables + (jsc#PED-1409). +- efi: Correct comment on efi_memmap_alloc (jsc#PED-1409). +- efi: Make code to find mirrored memory ranges generic + (jsc#PED-1409). + Refresh + patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch. +- commit 8075b46 + +- blacklist.conf: scripts/gdb: Allow to read printk log buffer on + 32-bit systems; hardly needed by anyone +- commit c5107b2 + +- printk: wake waiters for safe and NMI contexts (bsc#1204934). +- commit ccf6fd7 + +- printk: use atomic updates for klogd work (bsc#1204934). +- commit 42aa5d7 + +- printk: add missing memory barrier to wake_up_klogd() + (bsc#1204934). +- commit 91ae0ab + +- Revert "workqueue: remove unused cancel_work()" (bsc#1204933). +- commit a8f292e + +- signal: break out of wait loops on kthread_stop() (bsc#1204926). +- commit 1f81ec4 + +- net/mlx5e: Properly disable vlan strip on non-UL reps + (git-fixes). +- commit ea8a4bd + +- net: ipvtap - add __init/__exit annotations to module init/exit + funcs (git-fixes). +- commit bcfb537 + +- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes). +- commit 0446df6 + +- net: moxa: get rid of asymmetry in DMA mapping/unmapping + (git-fixes). +- commit 6609905 + +- net: ipa: don't assume SMEM is page-aligned (git-fixes). +- commit 41f9dec + +- stmmac: intel: Add a missing clk_disable_unprepare() call in + intel_eth_pci_remove() (git-fixes). +- commit bb8b4d3 + +- Update metadata references +- commit bdfc8f9 + +- Refresh + patches.suse/drm-bridge-lt8912b-fix-corrupted-image-output.patch. + Alt-commit +- commit f154e04 + +- Refresh + patches.suse/drm-bridge-lt8912b-set-hdmi-or-dvi-mode.patch. + Alt-commit +- commit 54a25a3 + +- Refresh patches.suse/drm-bridge-lt8912b-add-vsync-hsync.patch. + Alt-commit +- commit 6755cca + +- Refresh + patches.suse/drm-amdgpu-don-t-register-a-dirty-callback-for-non-a.patch. + Alt-commit +- commit 5548e46 + +- Refresh + patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-SDM660.patch. + Alt-commit +- commit c51fb10 + +- Refresh + patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-msm8996_dsi.patch. + Alt-commit +- commit e910e60 + +- Refresh + patches.suse/drm-msm-dp-delete-DP_RECOVERED_CLOCK_OUT_EN-to-fix-t.patch. + Alt-commit +- commit 8f4fbd6 + +- Refresh + patches.suse/drm-amdgpu-make-sure-to-init-common-IP-before-gmc.patch. + Alt-commit +- commit d839738 + +- Refresh + patches.suse/drm-amdgpu-move-nbio-sdma_doorbell_range-into-sdma-c.patch. + Alt-commit +- commit 4202af7 + +- Refresh + patches.suse/drm-amdgpu-move-nbio-ih_doorbell_range-into-ih-code-.patch. + Alt-commit +- commit 6a84f94 + +- Refresh + patches.suse/drm-simpledrm-Fix-return-type-of-simpledrm_simple_di.patch. + Alt-commit +- commit c6e149e + +- Refresh + patches.suse/drm-nouveau-fix-another-off-by-one-in-nvbios_addr.patch. + Alt-commit +- commit 7c051d6 + +- Refresh + patches.suse/drm-amd-display-Only-use-depth-36-bpp-linebuffers-on.patch. + Alt-commit +- commit e1c296d + +- Refresh + patches.suse/Revert-drm-amdgpu-display-set-vblank_disable_immedia.patch. + Alt-commit +- commit 1bf4062 + +- Refresh + patches.suse/drm-fourcc-fix-integer-type-usage-in-uapi-header.patch. + Alt-commit +- commit 174b777 + +- Refresh + patches.suse/drm-bridge-ti-sn65dsi83-Handle-dsi_lanes-0-as-invali.patch. + Alt-commit +- commit d529823 + +- Refresh + patches.suse/Revert-drm-amd-pm-keep-the-BACO-feature-enabled-for-.patch. + Alt-commit +- commit b27902a + +- docs: security: Add secrets/coco documentation (jsc#PED-1409). +- efi: Register efi_secret platform device if EFI secret area + is declared (jsc#PED-1409). +- commit df905cf + +- virt: Add efi_secret module to expose confidential computing + secrets (jsc#PED-1409). + Refresh patches.suse/virt-Add-SEV-SNP-guest-driver. + Update config files. + CONFIG_EFI_SECRET=y in x86_64/default +- commit edb96ab + +- efi: sysfb_efi: remove unnecessary include + (jsc#PED-1409). +- x86: Fix all occurences of the "the the" typo (jsc#PED-1409). +- efi: clean up Kconfig dependencies on CONFIG_EFI (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. +- efi/x86: libstub: Make DXE calls mixed mode safe (jsc#PED-1409). +- efifb: Remove redundant efifb_setup_from_dmi stub + (jsc#PED-1409). +- efi/cper: Reformat CPER memory error location to more readable + (jsc#PED-1409). +- EDAC/ghes: Unify CPER memory error location reporting + (jsc#PED-1409). +- efi/cper: Add a cper_mem_err_status_str() to decode error + description (jsc#PED-1409). +- efi: stub: prefer mirrored memory for randomized allocations + (jsc#PED-1409). +- efi/arm64: libstub: run image in place if randomized by the + loader (jsc#PED-1409). +- efi: libstub: pass image handle to handle_kernel_image() + (jsc#PED-1409). +- efi: libstub: ensure allocated memory to be executable + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. +- efi: libstub: declare DXE services table (jsc#PED-1409). +- efi: Save location of EFI confidential computing area + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. + CONFIG_EFI_COCO_SECRET=y in x86_64/default, arm64/default and armv7hl/default +- commit 6b0cf79 + +- scsi: iscsi: Remove iscsi_get_task back_lock requirement + (jsc#PED-868). +- scsi: iscsi: Rename iscsi_conn_queue_work() (jsc#PED-868). +- scsi: iscsi: Fix harmless double shift bug (jsc#PED-868). +- commit 5723646 + +- scsi: iscsi: Merge suspend fields (jsc#PED-868). +- Refresh + patches.suse/scsi-iscsi-Fix-NOP-handling-during-conn-recovery.patch. +- commit 1473e45 + +- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes) +- commit a0cf107 + +- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes) +- commit e49e34a + +- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes) +- commit 6b44016 + +- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes) +- commit 61cef3e + +- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes) +- commit 296a57b + +- RDMA/srp: Fix srp_abort() (git-fixes) +- commit 7984b35 + +- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes) +- commit c55a705 + +- RDMA/rxe: Fix the error caused by qp->sk (git-fixes) +- commit 85ed907 + +- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes) +- commit 94f5187 + +- RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey (git-fixes) +- commit cbf3855 + +- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes) +- commit 7306409 + +- RDMA/irdma: Return correct WC error for bind operation failure (git-fixes) +- commit bb7b5cd + +- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes) +- commit e8ec2a2 + +- RDMA/irdma: Report the correct max cqes from query device (git-fixes) +- commit 2b8a0ed + +- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes) +- commit c54f89a + +- usb: typec: Remove retimers properly (jsc#PED-1211). +- commit e583265 + +- usb: typec: retimer: Add missing id check in match callback + (jsc#PED-1211). +- commit cf4d688 + +- USB: xhci: Fix comment typo (jsc#PED-531 jsc#PED-1211). +- commit 2b3e84d + +- usb/typec/tcpm: fix repeated words in comments (jsc#PED-531 + jsc#PED-1211). +- commit 46257dd + +- usb: typec: Add retimer handle to port (jsc#PED-1211). +- commit dde8f08 + +- usb: typec: Add support for retimers (jsc#PED-1211). +- commit cacdd0d + +- usb: typec: mux: Allow muxes to specify mode-switch + (jsc#PED-1211). +- usb: typec: tcpm: Register USB Power Delivery Capabilities + (jsc#PED-531). +- commit f8dc487 + +- usb: typec: USB Power Delivery helpers for ports and partners + (jsc#PED-531 jsc#PED-1211). +- Refresh patches.suse/0001-typeC-add-kABI-padding.patch. +- Refresh patches.suse/typeC-Add-kABI-placeholders.patch. +- commit 629af64 + +- usb: typec: Separate USB Power Delivery from USB Type-C + (jsc#PED-531 jsc#PED-1211). +- commit d284c3e + +- usb: gadget: bdc: fix typo in comment (git-fixes). +- commit 0b9f194 + +- usb: typec: tcpm: fix typo in comment (git-fixes). +- commit a66c855 + +- usb: common: usb-conn-gpio: Allow wakeup from system suspend + (jsc#PED-531). +- commit 61abc68 + +- powerpc/pseries: Move vas_migration_handler early during + migration (bsc#1204799 ltc#200177). +- commit b7aa6a0 + +- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes) +- commit 458db53 + +- RDMA/cma: Fix arguments order in net device validation (git-fixes) +- commit 81952c8 + +- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes) +- commit f572d06 + +- kbuild: Add skip_encoding_btf_enum64 option to pahole + (git-fixes). +- commit 934e48d + +- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes) +- commit 6e82f19 + +- RDMA/rxe: Fix rnr retry behavior (git-fixes) +- commit 7a75da5 + +- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes) +- commit 66293aa + +- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes) +- commit c8934f1 + +- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes) +- commit 79b1a39 + +- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes) +- commit 706d0f6 + +- RDMA: remove useless condition in siw_create_cq() (git-fixes) +- commit 6f61f5a + +- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes) +- commit 026149f + +- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes) +- commit f75f6bd + +- RDMA/irdma: Fix a window for use-after-free (git-fixes) +- commit 5ca4a5f + +- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes) +- commit afef467 + +- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes) +- commit 735c971 + +- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes) +- commit ccc988f + +- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes) +- commit c6a81d4 + +- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes) +- commit 2b22d3a + +- RDMA/hns: Add the detection for CMDQ status in the device initialization process (git-fixes) +- commit 7090c13 + +- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes) +- commit 2a9e949 + +- blacklist.conf: Clarify status of 6f5c672d17f583b081e283927f5040f726c54598. +- commit cfc21b5 + +- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing + pavgroup (git-fixes). +- commit 3602f60 + +- x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly + (jsc#PED-1816). +- x86/fpu: Exclude dynamic states from init_fpstate + (jsc#PED-1816). +- x86/fpu: Fix the init_fpstate size check with the actual size + (jsc#PED-1816). +- x86/fpu: Configure init_fpstate attributes orderly + (jsc#PED-1816). +- commit d47f5a0 + +- drm/amdkfd: export svm_range_list_lock_and_flush_work + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit c19d328 + +- amd/amdkfd: remove svms declaration to avoid werror + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 4bffdd8 + +- drm/amdkfd: fix KFDSVMRangeTest.PartialUnmapSysMemTest fails + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 77d4811 + +- Kbuild: use -std=gnu11 for KBUILD_USERCFLAGS (bsc#1204877). +- Kbuild: move to -std=gnu11 (bsc#1204877). +- commit 00462f0 + +- fbdev: cyber2000fb: fix missing pci_disable_device() + (git-fixes). +- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes). +- iio: bmc150-accel-core: Fix unsafe buffer attributes + (git-fixes). +- iio: adxl372: Fix unsafe buffer attributes (git-fixes). +- iio: temperature: ltc2983: allocate iio channels once + (git-fixes). +- iio: adc: mcp3911: use correct id bits (git-fixes). +- iio: light: tsl2583: Fix module unloading (git-fixes). +- usb: dwc3: gadget: Don't set IMI for no_interrupt (git-fixes). +- usb: dwc3: gadget: Stop processing more requests on IMI + (git-fixes). +- usb: bdc: change state when port disconnected (git-fixes). +- hwmon/coretemp: Handle large core ID value (git-fixes). +- ACPI: video: Make backlight class device registration a separate + step (v2) (git-fixes). +- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes). +- net: usb: r8152: Add in new Devices that are supported for + Mac-Passthru (git-fixes). +- arm64/mm: Consolidate TCR_EL1 fields (git-fixes). +- commit 510527f + +- objtool,efi: Update __efi64_thunk annotation (jsc#PED-1409). + Refresh + patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch. +- efi/mokvar: move up init order (jsc#PED-1409). +- commit de5f614 + +- scsi: iscsi: Stop using the SCSI pointer (jsc#PED-868). +- scsi: qedi: Switch to attribute groups (jsc#PED-868). +- scsi: bnx2i: Switch to attribute groups (jsc#PED-868). +- scsi: be2iscsi: Switch to attribute groups (jsc#PED-868). +- commit 4dde282 + +- tracing: Disable interrupt or preemption before acquiring + arch_spinlock_t (git-fixes). +- commit 2afc9ce + +- tracing: Wake up ring buffer waiters on closing of the file + (git-fixes). +- kABI: Fix after adding trace_iterator.wait_index (git-fixes). +- commit c6de351 + +- tracing: Fix reading strings from synthetic events (git-fixes). +- commit b3d60fe + +- tracing: Add "(fault)" name injection to kernel probes + (git-fixes). +- commit e8dfbfa + +- tracing: Move duplicate code of trace_kprobe/eprobe.c into header + (git-fixes). +- commit 4676a84 + +- ftrace: Fix char print issue in print_ip_ins() (git-fixes). +- commit 40cb188 + +- tracing: Do not free snapshot if tracer is on cmdline + (git-fixes). +- commit 9e07624 + +- tracing: Simplify conditional compilation code in + tracing_set_tracer() (git-fixes). +- commit 35b9e24 + +- ring-buffer: Fix race between reset page and reading page + (git-fixes). +- commit e172e8c + +- tracing: Wake up waiters when tracing is disabled (git-fixes). +- commit e65663f + +- tracing: Add ioctl() to force ring buffer waiters to wake up + (git-fixes). +- commit d726bd0 + +- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes). +- commit 3f155a7 + +- ALSA: rme9652: use explicitly signed char (git-fixes). +- ALSA: au88x0: use explicitly signed char (git-fixes). +- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600 + (git-fixes). +- commit 1285ea5 + +- device property: Fix documentation for *_match_string() APIs + (git-fixes). +- PM: domains: Fix handling of unavailable/disabled idle states + (git-fixes). +- PM: hibernate: Allow hybrid sleep to work with s2idle + (git-fixes). +- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO + (git-fixes). +- mmc: core: Fix kernel panic when remove non-standard SDIO card + (git-fixes). +- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake + (git-fixes). +- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit + bus (git-fixes). +- mtd: rawnand: marvell: Use correct logic for nand-keep-config + (git-fixes). +- ALSA: aoa: Fix I2S device accounting (git-fixes). +- ALSA: Use del_timer_sync() before freeing timer (git-fixes). +- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() + (git-fixes). +- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile + (git-fixes). +- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile + (git-fixes). +- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() + (git-fixes). +- drm/i915/dp: Reset frl trained flag before restarting FRL + training (git-fixes). +- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() + (git-fixes). +- drm/msm/dp: fix IRQ lifetime (git-fixes). +- drm/msm/hdmi: fix memory corruption with too many bridges + (git-fixes). +- drm/msm/dsi: fix memory corruption with too many bridges + (git-fixes). +- drm/msm: fix use-after-free on probe deferral (git-fixes). +- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid + (git-fixes). +- commit a89c8ce + +- efi: Allow to enable EFI runtime services by default on RT + (jsc#PED-1409). + Update config files. +- efi: use default_groups in kobj_type (jsc#PED-1409). +- efi/libstub: measure loaded initrd info into the TPM + (jsc#PED-1409). +- efi/libstub: consolidate initrd handling across architectures + (jsc#PED-1409). +- efi/libstub: x86/mixed: increase supported argument count + (jsc#PED-1409). + Refresh + patches.suse/x86-prepare-asm-files-for-straight-line-speculation.patch. + patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch. +- efi/libstub: add prototype of + efi_tcg2_protocol::hash_log_extend_event() (jsc#PED-1409). +- include/linux/efi.h: Remove unneeded whitespaces before tabs + (jsc#PED-1409). +- efi: Move efifb_setup_from_dmi() prototype from arch headers + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. +- commit fa39fcf + +- blacklist.conf: add reverted ASoC patches +- commit 67ca727 + +- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter + (git-fixes). +- commit a23c712 + +- net: dsa: sja1105: fix buffer overflow in + sja1105_setup_devlink_regions() (git-fixes). +- commit 9684564 + +- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry + (git-fixes). +- commit bcb13eb + +- Update patch reference for USB fix (bsc#1196018 CVE-2022-28748 bsc#1202686 CVE-2022-2964) +- commit 0ee154e + +- i40e: Fix to stop tx_timeout recovery if GLOBR fails + (git-fixes). +- commit 9ae1da4 + +- iavf: Fix reset error handling (git-fixes). +- commit d4babdd + +- iavf: Fix adminq error handling (git-fixes). +- commit 403a1a3 + +- net: moxa: pass pdev instead of ndev to DMA functions + (git-fixes). +- commit e117a5b + +- mlxsw: spectrum: Clear PTP configuration after unregistering + the netdevice (git-fixes). +- commit 6677912 + +- net: dsa: mv88e6060: prevent crash on an unused port + (git-fixes). +- commit 00d6b8c + +- fec: Fix timer capture timing in `fec_ptp_enable_pps()` + (git-fixes). +- commit 1a47f16 + +- dpaa2-eth: trace the allocated address instead of page struct + (git-fixes). +- commit 1020d1e + +- net: atlantic: fix aq_vec index out of range error (git-fixes). +- commit 46d90a2 + +- plip: avoid rcu debug splat (git-fixes). +- commit eb203b2 + +- net: bgmac: Fix a BUG triggered by wrong bytes_compl + (git-fixes). +- commit cb50cd4 + +- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes). +- commit 1147d60 + +- xen/netback: fix incorrect usage of + RING_HAS_UNCONSUMED_REQUESTS() (bsc#1204570). +- commit 3c5f57f + +- can: j1939: transport: j1939_session_skb_drop_old(): + spin_unlock_irqrestore() before kfree_skb() (git-fixes). +- can: kvaser_usb: Fix possible completions during init_completion + (git-fixes). +- openvswitch: switch from WARN to pr_warn (git-fixes). +- can: mcp251x: mcp251x_can_probe(): add missing + unregister_candev() in error path (git-fixes). +- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing + put_clock() in error path (git-fixes). +- mac802154: Fix LQI recording (git-fixes). +- media: vivid: set num_in/outputs to 0 if not supported + (git-fixes). +- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check + 'interlaced' (git-fixes). +- media: v4l2-dv-timings: add sanity checks for blanking values + (git-fixes). +- media: vivid: dev->bitmap_cap wasn't freed in all cases + (git-fixes). +- media: vivid: s_fbuf: add more sanity checks (git-fixes). +- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency + regression (git-fixes). +- commit 78420ce + +- Add CVE reference to + patches.suse/net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch + (bsc#1196018 CVE-2022-28748 CVE-2022-2964). +- commit 1298a2a + +- hmm-tests: add test for migrate_device_range() (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit ec3f1d0 + +- nouveau/dmem: evict device private memory during release + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit ca9fd32 + +- nouveau/dmem: refactor nouveau_dmem_fault_copy_one() + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 521539d + +- mm/migrate_device.c: add migrate_device_range() (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 63236a4 + +- firmware_loader: move firmware sysctl to its own files + (PED-1263). +- Refresh + patches.suse/firmware_loader-Split-sysfs-support-from-fallback.patch. +- commit 8ae5e5b + +- mm/migrate_device.c: refactor migrate_vma and + migrate_deivce_coherent_page() (jsc#PED-1294, bsc#1204363, + CVE-2022-3523). +- commit 7f2a998 + +- mm/memremap.c: take a pgmap reference on page allocation + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 123f2df + +- mm/memremap: fix memunmap_pages() race with get_dev_pagemap() + (git-fixes). +- commit 980c32f + +- mm/pagealloc: sysctl: change watermark_scale_factor max limit + to 30% (bnc#1189998 (PREEMPT_RT prerequisite backports)). +- Refresh + patches.suse/sysctl-move-some-boundary-constants-from-sysctl.c-to.patch. + This was previously in the SLE15-SP4-RT branch to avoid a change in + behaviour of a sysctl after GA. +- commit dce66e6 + +- fpga: stratix10-soc: Do not use ret uninitialized in s10_probe() + (jsc#PED-1263). +- commit 1865695 + +- fpga: m10bmc-sec: d5005 bmc secure update driver (jsc#PED-1263). +- commit a8f024e + +- fpga: dfl-pci: Add IDs for Intel N6000, N6001 and C6100 cards + (jsc#PED-1263). +- commit 81df1d8 + +- uio: dfl: add IOPLL user-clock feature id (jsc#PED-1263). +- commit b574954 + +- mfd: intel-m10-bmc: Add d5005 bmc secure update driver + (jsc#PED-1263). +- commit ccd0f1e + +- memory: dfl-emif: Update the dfl emif driver support revision 1 + (jsc#PED-1263). +- commit ec569a6 + +- regmap: spi-avmm: Use swabXX_array() helpers (jsc#PED-1263). +- commit 4057de5 + +- swab: Add array operations (jsc#PED-1263). +- commit b633743 + +- fpga: m10bmc-sec: Fix possible memory leak of flash_buf + (jsc#PED-1263). +- commit c627d9d + +- firmware_loader: Fix memory leak in firmware upload + (jsc#PED-1263). +- commit 19ff7e8 + +- firmware_loader: Fix use-after-free during unregister + (jsc#PED-1263). +- commit 4f92a6e + +- fpga: m10bmc-sec: add max10 secure update functions + (jsc#PED-1263). +- commit fb127c6 + +- fpga: m10bmc-sec: expose max10 canceled keys in sysfs + (jsc#PED-1263). +- commit 4d15a2d + +- fpga: m10bmc-sec: expose max10 flash update count + (jsc#PED-1263). +- commit 490a9aa + +- fpga: m10bmc-sec: create max10 bmc secure update (jsc#PED-1263). +- commit bb9fcc7 + +- mfd: intel-m10-bmc: Rename n3000bmc-secure driver + (jsc#PED-1263). +- commit fc33834 + +- firmware_loader: describe 'module' parameter of + firmware_upload_register() (jsc#PED-1263). +- commit 103bb65 + +- firmware_loader: Move definitions from sysfs_upload.h to sysfs.h + (jsc#PED-1263). +- commit 87bae5e + +- firmware_loader: Fix configs for sysfs split (jsc#PED-1263). +- commit 6a7a9b1 + +- firmware_loader: Add sysfs nodes to monitor fw_upload + (jsc#PED-1263). +- commit 7b04b8b + +- firmware_loader: Add firmware-upload support (jsc#PED-1263). +- commit d2144d4 + +- firmware_loader: Split sysfs support from fallback + (jsc#PED-1263). +- commit e6134c4 + +- firmware_loader: Check fw_state_is_done in loading_store + (jsc#PED-1263). +- commit 87cb66d + +- firmware_loader: Clear data and size in fw_free_paged_buf + (jsc#PED-1263). +- commit a0106fc + +- fpga: dfl: Allow Port to be linked to FME's DFL (jsc#PED-1263). +- commit 54d7dcd + +- Documentation: fpga: dfl: add link address of feature id table + (jsc#PED-1263). +- commit ae7ccad + +- fpga: dfl: check feature type before parse irq info + (jsc#PED-1263). +- commit 7ba0e05 + +- fpga: fpga-region: fix kernel-doc formatting issues + (jsc#PED-1263). +- commit 8305210 + +- fpga: fpga-mgr: fix kernel-doc warnings (jsc#PED-1263). +- commit 4a86d8b + +- fpga: fix for coding style issues (jsc#PED-1263). +- commit eefb2bb + +- uio: dfl: add HSSI subsystem feature id (jsc#PED-1263). +- commit 942ce55 + +- hwmon: (intel-m10-bmc-hwmon) use devm_hwmon_sanitize_name() + (jsc#PED-1263). +- commit f3a8650 + +- hwmon: introduce hwmon_sanitize_name() (jsc#PED-1263). +- commit 1fef75a + +- fpga: dfl: pci: Remove usage of the deprecated + "pci-dma-compat.h" API (jsc#PED-1263). +- commit 0f81b21 + +- fpga: region: fix kernel-doc (jsc#PED-1263). +- commit 7e5c728 + +- fpga: region: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 3acc62e + +- fpga: bridge: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 3c81c95 + +- fpga: mgr: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 9311bde + +- fpga: dfl: Avoid reads to AFU CSRs during enumeration + (jsc#PED-1263). +- commit 9490eba + +- mfd: intel-m10-bmc: Add N5010 variant (jsc#PED-1263). +- commit bffc1db + +- spi: spi-altera-dfl: support n5010 feature revision + (jsc#PED-1263). +- Refresh + patches.suse/spi-spi-altera-dfl-Fix-an-error-handling-path.patch. +- commit 88965da + +- fpga: dfl: expose feature revision from struct dfl_device + (jsc#PED-1263). +- commit ac856ca + +- fpga: fpga-mgr: wrap the write_sg() op (jsc#PED-1263). +- commit 8064ded + +- fpga: fpga-mgr: wrap the fpga_remove() op (jsc#PED-1263). +- commit 67d203e + +- fpga: fpga-mgr: wrap the state() op (jsc#PED-1263). +- commit 93c376a + +- fpga: fpga-mgr: wrap the status() op (jsc#PED-1263). +- commit 69714b3 + +- fpga: fpga-mgr: wrap the write() op (jsc#PED-1263). +- commit 5cae3b0 + +- fpga: fpga-mgr: make write_complete() op optional + (jsc#PED-1263). +- commit 58d2ca4 + +- fpga: fpga-mgr: wrap the write_init() op (jsc#PED-1263). +- commit a678a0d + +- fpga: dfl: pci: add device IDs for Silicom N501x PAC cards + (jsc#PED-1263). +- commit decfdaa + +- mm: free device private pages have zero refcount (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 476ed92 + +- fpga: fpga-bridge: removed repeated word (jsc#PED-1263). +- commit 9fd1af8 + +- fpga: fix spelling mistakes (jsc#PED-1263). +- commit 52e3a64 + +- docs: driver-api: fpga: avoid using UTF-8 chars (jsc#PED-1263). +- commit d967010 + +- hwmon: intel-m10-bmc-hwmon: add n5010 sensors (jsc#PED-1263). +- commit 1130849 + +- Update config and supported.conf for Intel FPGA (jsc#PED-1263) + CONFIG_FW_LOADER_SYSFS=y + CONFIG_FW_UPLOAD=y + CONFIG_FPGA_M10_BMC_SEC_UPDATE=m + CONFIG_MFD_INTEL_M10_BMC=m + CONFIG_SENSORS_INTEL_M10_BMC_HWMON=m + CONFIG_REGMAP_SPI_AVMM=m +- commit 20596f5 + +- HID: hidraw: fix memory leak in hidraw_release() (git-fixes). +- commit 0e980ee + +- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register + configuration (git-fixes). +- commit cc822b8 + +- octeontx2-af: Fix key checking for source mac (git-fixes). +- commit 2b15002 + +- octeontx2-af: Fix mcam entry resource leak (git-fixes). +- commit 1934a04 + +- octeontx2-af: suppress external profile loading warning + (git-fixes). +- commit f03aa66 + +- octeontx2-af: Apply tx nibble fixup always (git-fixes). +- commit 127ded0 + +- net: tap: NULL pointer derefence in dev_parse_header_protocol + when skb->dev is null (git-fixes). +- commit fd012c5 + +- nfp: ethtool: fix the display error of `ethtool -m DEVNAME` + (git-fixes). +- commit 145a612 + +- net/ice: fix initializing the bitmap in the switch code + (git-fixes). +- commit 1864c2e + +- s390/pai: Fix multiple concurrent event installation + (jsc#PED-598). +- s390/pai: Prevent invalid event number for pai_crypto PMU + (jsc#PED-598). +- s390/pai: add support for cryptography counters (jsc#PED-598). +- entry: Rename arch_check_user_regs() to + arch_enter_from_user_mode() (jsc#PED-598). +- commit 4a60553 + +- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ + size (git-fixes). +- commit 0f9b4b8 + +- net/mlx5e: Remove WARN_ON when trying to offload an unsupported + TLS cipher/version (git-fixes). +- commit 26fe2e5 + +- netdevsim: fib: Fix reference count leak on route deletion + failure (git-fixes). +- commit ef84aaa + +- ice: do not setup vlan for loopback VSI (git-fixes). +- commit 2f72810 + +- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | + RS) (git-fixes). +- commit c63938e + +- can: kvaser_usb: replace run-time checks with struct + kvaser_usb_driver_info (git-fixes). +- commit 435b54b + +- sfc: disable softirqs for ptp TX (git-fixes). +- commit def7cc9 + +- octeontx2-pf: Fix UDP/TCP src and dst port tc filters + (git-fixes). +- commit a2053ff + +- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes). +- commit 36a8155 + +- selftests: cgroup: add a selftest for memory.reclaim + (jsc#PED-808). +- selftests: cgroup: fix alloc_anon_noexit() instantly freeing + memory (jsc#PED-808). +- selftests: cgroup: return -errno from cg_read()/cg_write() + on failure (jsc#PED-808). +- memcg: introduce per-memcg reclaim interface (jsc#PED-808). +- commit ee3f4a3 + +- thermal: intel_powerclamp: Use first online CPU as control_cpu + (git-fixes). +- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id + (git-fixes). +- staging: rtl8723bs: fix a potential memory leak in + rtw_init_cmd_priv() (git-fixes). +- staging: vt6655: fix potential memory leak (git-fixes). +- usb: add quirks for Lenovo OneLink+ Dock (git-fixes). +- thunderbolt: Explicitly enable lane adapter hotplug events at + startup (git-fixes). +- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes). +- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination + error after resume bug (git-fixes). +- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes). +- usb: host: xhci: Fix potential memory leak in + xhci_alloc_stream_info() (git-fixes). +- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes). +- usb: host: xhci-plat: suspend and resume clocks (git-fixes). +- soundwire: intel: fix error handling on dai registration issues + (git-fixes). +- soundwire: cadence: Don't overwrite msg->buf during write + commands (git-fixes). +- kselftest/arm64: Fix validatation termination record after + EXTRA_CONTEXT (git-fixes). +- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA + (git-fixes). +- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails + (git-fixes). +- spi: Ensure that sg_table won't be used after being freed + (git-fixes). +- wifi: rt2x00: correctly set BBP register 86 for MT7620 + (git-fixes). +- wifi: rt2x00: set SoC wmac clock register (git-fixes). +- wifi: rt2x00: set VGC gain for both chains of MT7620 + (git-fixes). +- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 + (git-fixes). +- wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 + (git-fixes). +- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up + hw value (git-fixes). +- wifi: brcmfmac: fix use-after-free bug in + brcmf_netdev_start_xmit() (git-fixes). +- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() + (git-fixes). +- thunderbolt: Add back Intel Falcon Ridge end-to-end flow + control workaround (git-fixes). +- wifi: brcmfmac: fix invalid address access when enabling SCAN + log level (git-fixes). +- selinux: use "grep -E" instead of "egrep" (git-fixes). +- thermal: cpufreq_cooling: Check the policy first in + cpufreq_cooling_register() (git-fixes). +- thermal: intel_powerclamp: Use get_cpu() instead of + smp_processor_id() to avoid crash (git-fixes). +- selinux: allow FIOCLEX and FIONCLEX with policy capability + (git-fixes). +- commit 2b3f1b5 + +- gcov: support GCC 12.1 and newer compilers (git-fixes). +- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n + (git-fixes). +- drm/amd/display: Fix vblank refcount in vrr transition + (git-fixes). +- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes). +- kbuild: remove the target in signal traps when interrupted + (git-fixes). +- clk: bcm2835: Make peripheral PLLC critical (git-fixes). +- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate + (git-fixes). +- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes). +- staging: rtl8723bs: fix potential memory leak in + rtw_init_drv_sw() (git-fixes). +- iio: pressure: dps310: Reset chip after timeout (git-fixes). +- iio: pressure: dps310: Refactor startup procedure (git-fixes). +- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to + prevent overflow (git-fixes). +- power: supply: adp5061: fix out-of-bounds read in + adp5061_get_chg_type() (git-fixes). +- HID: roccat: Fix use-after-free in roccat_read() (git-fixes). +- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() + (git-fixes). +- drm/amd/display: Remove interface for periodic interrupt 1 + (git-fixes). +- drm/meson: explicitly remove aggregate driver at module unload + time (git-fixes). +- drm/amdgpu: fix initial connector audio value (git-fixes). +- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 + (git-fixes). +- drm: bridge: dw_hdmi: only trigger hotplug event on link change + (git-fixes). +- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes). +- gpu: lontium-lt9611: Fix NULL pointer dereference in + lt9611_connector_init() (git-fixes). +- drm/komeda: Fix handling of atomic commits in the + atomic_commit_tail hook (git-fixes). +- drm/virtio: Check whether transferred 2D BO is shmem + (git-fixes). +- drm: Prevent drm_copy_field() to attempt copying a NULL pointer + (git-fixes). +- drm: Use size_t type for len variable in drm_copy_field() + (git-fixes). +- drm/nouveau/nouveau_bo: fix potential memory leak in + nouveau_bo_alloc() (git-fixes). +- platform/x86: msi-laptop: Change DMI match / alias strings to + fix module autoloading (git-fixes). +- platform/chrome: cros_ec: Notify the PM of wake events during + resume (git-fixes). +- mmc: sdhci-msm: add compatible string check for sdm670 + (git-fixes). +- regulator: core: Prevent integer underflow (git-fixes). +- hwmon: (sht4x) do not overflow clamping operation on 32-bit + platforms (git-fixes). +- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses + (git-fixes). +- openvswitch: Fix overreporting of drops in dropwatch + (git-fixes). +- openvswitch: Fix double reporting of drops in dropwatch + (git-fixes). +- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329 + (git-fixes). +- ima: fix blocking of security.ima xattrs of unsupported + algorithms (git-fixes). +- commit 73e3036 + +- arm64: topology: move store_cpu_topology() to shared code + (git-fixes). +- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to + USB nodes (git-fixes). +- ata: libahci_platform: Sanity check the DT child nodes number + (git-fixes). +- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power + supply (git-fixes). +- ARM: dts: imx6sx: add missing properties for sram (git-fixes). +- ARM: dts: imx6sll: add missing properties for sram (git-fixes). +- ARM: dts: imx6sl: add missing properties for sram (git-fixes). +- ARM: dts: imx6qp: add missing properties for sram (git-fixes). +- ARM: dts: imx6dl: add missing properties for sram (git-fixes). +- ARM: dts: imx6q: add missing properties for sram (git-fixes). +- ARM: dts: imx7d-sdb: config the max pressure for tsc2046 + (git-fixes). +- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n + (git-fixes). +- ASoC: SOF: pci: Change DMI match info to support all Chrome + platforms (git-fixes). +- ALSA: usb-audio: Fix last interface check for registration + (git-fixes). +- ALSA: usb-audio: Register card at the last interface + (git-fixes). +- Bluetooth: L2CAP: Fix user-after-free (git-fixes). +- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple + times (git-fixes). +- Bluetooth: L2CAP: initialize delayed works at + l2cap_chan_create() (git-fixes). +- Bluetooth: RFCOMM: Fix possible deadlock on socket + shutdown/release (git-fixes). +- Bluetooth: btintel: Mark Intel controller to support LE_STATES + quirk (git-fixes). +- can: bcm: check the result of can_send() in bcm_can_tx() + (git-fixes). +- ARM: decompressor: Include .data.rel.ro.local (git-fixes). +- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk + (git-fixes). +- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for + StorageD3Enable (git-fixes). +- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid + phys address (git-fixes). +- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE + (git-fixes). +- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes). +- commit de318d1 + +- blacklist.conf: update blacklist +- commit 78ca650 + +- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state + is toggled (git-fixes). +- commit 8343da0 + +- kABI: Fix kABI after backport Refactoring find_arch_event() to + pmc_perf_hw_id() (git-fixes). +- commit 44b42bd + +- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size + hugetlb page (bsc#1204575). +- commit e6fc5be + +- kABI: Fix kABI after backport Update vPMCs when retiring branch + instructions (git-fixes). +- commit 4209455 + +- kABI: Fix kABI after backport Add pmc->intr to refactor + kvm_perf_overflow{_intr}() (git-fixes). +- commit 9fc8292 + +- platform/x86/intel: pmc/core: Add Raptor Lake support to pmc + core driver (jsc#PED-1035). +- platform/x86/intel/vsec: Add support for Raptor Lake + (jsc#PED-1036). +- commit e86728a + +- drm/amdkfd: use kvcalloc() instead of kvmalloc() in kfd_migrate + (jsc#PED-1294). +- commit ceef9d9 + +- drm/amdkfd: Handle incomplete migration to system memory + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 002b524 + +- drm/amdkfd: Avoid thrashing of stack and heap (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 61d33f6 + +- drm/amdkfd: avoid conflicting address mappings (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- Refresh + patches.suse/drm-amdkfd-process_info-lock-not-needed-for-svm.patch. +- commit aa4245a + +- drm/amdkfd: unregistered svm range not overlap with TTM range + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit eb3c57d + +- Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573). +- commit 0605d12 + +- drm/amdkfd: Fix SVM_ATTR_PREFERRED_LOC (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 2022943 + +- mm/memory.c: fix race when faulting a device private page + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit fa41dd0 + +- drm/amdkfd: debug message to count successfully migrated pages + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit a83f8ae + +- drm/amdkfd: clarify the origin of cpages returned by migration + functions (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit b72c8a9 + +- drm/amdkfd: handle svm partial migration cpages 0 (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 51450c1 + +- drm/amdkfd: ratelimited svm debug messages (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit f314d31 + +- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors + (git-fixes). +- commit 22e05f5 + +- overflow.h: restore __ab_c_size (git-fixes). +- commit 9dbc158 + +- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes). +- commit 3acb74c + +- KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating + a perf event (git-fixes). +- commit 9a723c2 + +- overflow: Implement size_t saturating arithmetic helpers + (jsc#PED-1211). +- commit fecede0 + +- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset + (bsc#1204753). +- commit d072831 + +- blacklist.conf: Add cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id +- commit 382b2e7 + +- blacklist.conf: Add c530a3c716b9 sched/psi: Fix periodic aggregation shut off +- commit 56b9a2a + +- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which + is a result of RSM (git-fixes). +- commit 274c60f + +- powerpc/fadump: align destination address to pagesize + (bsc#1204728 ltc#200074). +- commit 5377513 + +- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved + state (git-fixes). +- commit cd056ba + +- KVM: x86: nSVM: fix potential NULL derefernce on nested + migration (git-fixes). +- commit 272884f + +- KVM: x86: Sync the states size with the XCR0/IA32_XSS at, + any time (git-fixes). +- commit c927187 + +- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes). +- commit c61458a + +- KVM: x86: Forcibly leave nested virt when SMM state is toggled + (git-fixes). +- commit f22036a + +- Update patches.suse/usb-mon-make-mmapped-memory-read-only.patch + (bsc#1204653 CVE-2022-43750). + Added CVE and bsc +- commit 93b1d48 + +- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES + event (git-fixes). +- commit 436d9eb + +- KVM: x86: Update vPMCs when retiring branch instructions + (git-fixes). +- Refresh + patches.suse/kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch. +- commit 1f8391b + +- KVM: x86: Update vPMCs when retiring instructions (git-fixes). +- commit c4d4a64 + +- KVM: x86/pmu: Add pmc->intr to refactor + kvm_perf_overflow{_intr}() (git-fixes). +- commit 91025b1 + +- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id() + (git-fixes). +- commit 8080b0e + +- kABI: Fix kABI after backport Always set kvm_run->if_flag + (git-fixes). +- KVM: x86: Always set kvm_run->if_flag (git-fixes). +- commit daa5fd4 + +- KVM: x86/mmu: Don't advance iterator after restart due to + yielding (git-fixes). +- commit 86c02c7 + +- KVM: x86/mmu: Retry page fault if root is invalidated by + memslot update (git-fixes). +- commit c96dbdc + +- KVM: fix avic_set_running for preemptable kernels (git-fixes). +- commit 457ae39 + +- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER + (git-fixes). +- commit 58e3def + +- xen/gntdev: Prevent leaking grants (git-fixes). +- commit 73a7df7 + +- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in + WFS (git-fixes). +- commit 8c88ccd + +- KVM: nVMX: Unconditionally purge queued/injected events on + nested "exit" (git-fixes). +- commit f7976c7 + +- KVM: x86/emulator: Fix handing of POP SS to correctly set + interruptibility (git-fixes). +- commit 938654e + +- usb: gadget: f_fs: stricter integer overflow checks (git-fixes). +- commit 07d2846 + +- blacklist.conf: prerequisites too risky +- commit 93c5479 + +- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels + (bnc#1204498). +- commit e73c4d3 + +- lib/string_helpers: Consolidate string helpers implementation + (jsc#PED-1211). +- commit fa50192 + +- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair + (git-fixes). +- commit a0de208 + +- iommu: Add capability for pre-boot DMA protection + (jsc#PED-1211). +- commit 531fe4a + +- iommu: Use right way to retrieve iommu_ops (jsc#PED-1211). +- commit 48ca01b + +- Update patch reference for + patches.suse/devlink-Fix-use-after-free-after-a-failed-reload.patch + (git-fixes bsc#1204637 CVE-2022-3625). +- commit fd50fbc + +- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes). +- dyndbg: let query-modname override actual module name + (git-fixes). +- dyndbg: fix module.dyndbg handling (git-fixes). +- dyndbg: fix static_branch manipulation (git-fixes). +- commit afe6697 + +- io_uring: use original request task for inflight tracking + (CVE-2022-40476 bsc#1203435). +- commit 941d6b4 + +- Update + patches.suse/powerpc-pseries-vas-Pass-hw_cpu_id-to-node-associati.patch + (bsc#1194869 bsc#1204428 ltc#200180). +- commit fe8b379 + +- ring-buffer: Check pending waiters when doing wake ups as well + (git-fixes). +- commit d934ca7 + +- ring-buffer: Have the shortest_full queue be the shortest not + longest (git-fixes). +- commit ed18dc7 + +- ring-buffer: Allow splice to read previous partially read pages + (git-fixes). +- commit 4649dee + +- iommu: Introduce device_iommu_capable() (jsc#PED-1211). +- commit 7a5b8e8 + +- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes). +- commit 554a8e9 + +- net: mvpp2: fix mvpp2 debugfs leak (bsc#1204417 CVE-2022-3535). +- bnx2x: fix potential memory leak in bnx2x_tpa_stop() + (bsc#1204402 CVE-2022-3542). +- nfp: fix use-after-free in area_cache_get() (bsc#1204415 + CVE-2022-3545). +- commit 8e53774 + +- tracing/osnoise: Fix possible recursive locking in + stop_per_cpu_kthreads (git-fixes). +- commit f81f58f + +- tracing: Replace deprecated CPU-hotplug functions (git-fixes). +- Refresh + patches.suse/tracing-osnoise-Fix-missed-cpus_read_unlock-in-start_per_cpu_kthreads.patch. +- commit b1bca55 + +- tracing: kprobe: Make gen test module work in arm and riscv + (git-fixes). +- commit 57b2377 + +- tracing: kprobe: Fix kprobe event gen test module on exit + (git-fixes). +- commit 81447e5 + +- thunderbolt: Add support for XDomain lane bonding + (jsc#PEd-1211). +- commit 75a8fa9 + +- thunderbolt: Ignore port locked error in + tb_port_wait_for_link_width() (jsc#PED-1211). +- commit bf76347 + +- thunderbolt: Split setting link width and lane bonding into + own functions (jsc#PEd-1211). +- commit fc051e6 + +- thunderbolt: Move tb_port_state() prototype to correct place + (jsc#PED-1211). +- commit d0ed8bf + +- nilfs2: fix leak of nilfs_root in case of writer thread creation + failure (CVE-2022-3646 bsc#1204646). +- nilfs2: fix use-after-free bug of struct nilfs_root + (CVE-2022-3649 bsc#1204647). +- commit af91749 + +- Update patch reference for vsock fix (CVE-2022-3629 bsc#1204635) +- commit 6c49703 + +- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() + (CVE-2022-3640 bsc#1204619). +- commit 5d68cf0 + +- can: j1939: j1939_session_destroy(): fix memory leak of skbs + (CVE-2022-3633 bsc#1204650). +- commit da3122e + +- thunderbolt: Add debug logging when lane is enabled/disabled + (jesc#PEd-531). +- commit ca2d7e5 + +- thunderbolt: Link USB4 ports to their USB Type-C connectors + (jsc#PED-1211). +- commit f9e0651 + +- thunderbolt: Make iommu_dma_protection more accurate + (jsc#PED-1211). +- commit 318d5c5 + +- thunderbolt: Dump path config space entries during discovery + (jsc#PED-1211). +- commit 1ac89ca + +- Reference JIRA Impl instead Epic: jsc#PED-448 -> jsc#PED-594 +- Reference JIRA Impl instead Epic: jsc#PED-455 -> jsc#PED-588 +- commit 64fa841 + +- s390/airq: use DMA memory for summary indicators (jsc#PED-596). +- s390/zcrypt: Provide target domain for EP11 cprbs to scheduling + function (jsc#PED-596). +- s390/zcrypt: change reply buffer size offering (jsc#PED-596). +- s390/zcrypt: Support CPRB minor version T7 (jsc#PED-596). +- s390/zcrypt: handle checkstopped cards with new state + (jsc#PED-596). +- s390/zcrypt: CEX8S exploitation support (jsc#PED-596). +- s390/ap/zcrypt: debug feature improvements (jsc#PED-596). +- s390/zcrypt: rework of debug feature messages (jsc#PED-596). +- commit caf5220 + +- KVM: s390x: fix SCK locking (git-fixes). +- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes). +- commit aa7345b + +- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter + (git-fixes). +- media: venus: dec: Handle the case where find_format fails + (git-fixes). +- media: atomisp: prevent integer overflow in + sh_css_set_black_frame() (git-fixes). +- media: ipu3-imgu: Fix NULL pointer dereference in active + selection access (git-fixes). +- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation + (git-fixes). +- media: mceusb: set timeout to at least timeout provided + (git-fixes). +- commit fbd2a07 + +- Update patches.suse/watchdog-hpwdt-Include-nmi.h-only-if-CONFIG_HPWDT_NM.patch (git-fixes, jsc#PED-1694). + Add reference to jsc#PED-1694. +- commit 2064b90 + +- watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-1694) + Enable HP ProLiant iLO2+ Hardware Watchdog Timer +- commit f0e3a55 + +- scsi: core: Remove the 'done' argument from SCSI + queuecommand_lck functions (jsc#PED-1561). +- scsi: fas216: Introduce the function + fas216_queue_command_internal() (jsc#PED-1561). +- scsi: core: Call scsi_done directly (jsc#PED-1561). +- scsi: usb: Call scsi_done() directly (jsc#PED-1561). +- scsi: target: tcm_loop: Call scsi_done() directly + (jsc#PED-1561). +- scsi: staging: rts5208: Call scsi_done() directly + (jsc#PED-1561). +- scsi: xen-scsifront: Call scsi_done() directly (jsc#PED-1561). +- scsi: wd719x: Call scsi_done() directly (jsc#PED-1561). +- scsi: wd33c93: Call scsi_done() directly (jsc#PED-1561). +- scsi: vmw_pvscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: virtio_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: ufs: Call scsi_done() directly (jsc#PED-1561). +- scsi: sym53c8xx_2: Call scsi_done() directly (jsc#PED-1561). +- scsi: storvsc_drv: Call scsi_done() directly (jsc#PED-1561). +- scsi: stex: Call scsi_done() directly (jsc#PED-1561). +- scsi: snic: Call scsi_done() directly (jsc#PED-1561). +- scsi: smartpqi: Call scsi_done() directly (jsc#PED-1561). +- scsi: scsi_debug: Call scsi_done() directly (jsc#PED-1561). +- scsi: qlogicpti: Call scsi_done() directly (jsc#PED-1561). +- scsi: qlogicfas408: Call scsi_done() directly (jsc#PED-1561). +- scsi: qla4xxx: Call scsi_done() directly (jsc#PED-1561). +- commit baefb85 + +- scsi: qla2xxx: Call scsi_done() directly (jsc#PED-1561). +- Refresh + patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch. +- Refresh + patches.suse/scsi-qla2xxx-Stop-using-the-SCSI-pointer.patch. +- commit 47bbcd3 + +- scsi: qla1280: Call scsi_done() directly (jsc#PED-1561). +- scsi: qedf: Call scsi_done() directly (jsc#PED-1561). +- scsi: ps3rom: Call scsi_done() directly (jsc#PED-1561). +- scsi: ppa: Call scsi_done() directly (jsc#PED-1561). +- commit b80549e + +- scsi: pmcraid: Call scsi_done() directly (jsc#PED-1561). +- commit 881416d + +- scsi: pcmcia: Call scsi_done() directly (jsc#PED-1561). +- scsi: nsp32: Call scsi_done() directly (jsc#PED-1561). +- scsi: ncr53c8xx: Call scsi_done() directly (jsc#PED-1561). +- scsi: myrs: Call scsi_done() directly (jsc#PED-1561). +- scsi: myrb: Call scsi_done() directly (jsc#PED-1561). +- scsi: mvumi: Call scsi_done() directly (jsc#PED-1561). +- scsi: mpt3sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: mpi3mr: Call scsi_done() directly (jsc#PED-1561). +- scsi: mesh: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid_sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid_mbox: Call scsi_done() directly (jsc#PED-1561). +- scsi: mac53c94: Call scsi_done() directly (jsc#PED-1561). +- scsi: lpfc: Call scsi_done() directly (jsc#PED-1561). +- scsi: libsas: Call scsi_done() directly (jsc#PED-1561). +- scsi: libiscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: libfc: Call scsi_done() directly (jsc#PED-1561). +- scsi: ips: Call scsi_done() directly (jsc#PED-1561). +- scsi: ipr: Call scsi_done() directly (jsc#PED-1561). +- scsi: initio: Call scsi_done() directly (jsc#PED-1561). +- scsi: imm: Call scsi_done() directly (jsc#PED-1561). +- commit 76ef02d + +- cpufreq: qcom: fix writes in read-only memory region + (git-fixes). +- cpufreq: qcom: fix memory leak in error path (git-fixes). +- ACPI: extlog: Handle multiple records (git-fixes). +- HID: magicmouse: Do not set BTN_MOUSE on double report + (git-fixes). +- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in + convert_context() (git-fixes). +- commit a940189 + +- ALSA: hda/realtek: Add another HP ZBook G9 model quirks + (bsc#1203699). +- commit 9b4cf06 + +- scsi: ibmvscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: hptiop: Call scsi_done() directly (jsc#PED-1561). +- scsi: hpsa: Call scsi_done() directly (jsc#PED-1561). +- scsi: fnic: Call scsi_done() directly (jsc#PED-1561). +- scsi: fdomain: Call scsi_done() directly (jsc#PED-1561). +- scsi: fas216: Stop using scsi_cmnd.scsi_done (jsc#PED-1561). +- scsi: esp_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: esas2r: Call scsi_done() directly (jsc#PED-1561). +- scsi: dpt_i2o: Call scsi_done() directly (jsc#PED-1561). +- scsi: dc395x: Call scsi_done() directly (jsc#PED-1561). +- scsi: cxlflash: Call scsi_done() directly (jsc#PED-1561). +- scsi: csiostor: Call scsi_done() directly (jsc#PED-1561). +- scsi: bnx2fc: Call scsi_done() directly (jsc#PED-1561). +- scsi: bfa: Call scsi_done() directly (jsc#PED-1561). +- scsi: atp870u: Call scsi_done() directly (jsc#PED-1561). +- scsi: arcmsr: Call scsi_done() directly (jsc#PED-1561). +- scsi: aic7xxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: aha1542: Call scsi_done() directly (jsc#PED-1561). +- scsi: aha152x: Call scsi_done() directly (jsc#PED-1561). +- scsi: advansys: Call scsi_done() directly (jsc#PED-1561). +- scsi: acornscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: aacraid: Call scsi_done() directly (jsc#PED-1561). +- scsi: aacraid: Introduce aac_scsi_done() (jsc#PED-1561). +- scsi: a100u2w: Call scsi_done() directly (jsc#PED-1561). +- scsi: NCR5380: Call scsi_done() directly (jsc#PED-1561). +- commit 4088abf + +- scsi: BusLogic: Call scsi_done() directly (jsc#PED-1561). +- scsi: 53c700: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-xxxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-9xxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: zfcp_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: message: fusion: Call scsi_done() directly (jsc#PED-1561). +- scsi: ib_srp: Call scsi_done() directly (jsc#PED-1561). +- scsi: firewire: sbp2: Call scsi_done() directly (jsc#PED-1561). +- scsi: ata: Call scsi_done() directly (jsc#PED-1561). +- commit 8b9488f + +- scsi: core: Rename scsi_mq_done() into scsi_done() and export it + (jsc#PED-1561). +- scsi: core: Use a structure member to track the SCSI command + submitter (jsc#PED-1561). +- commit 217e4e6 + +- efi: Simplify arch_efi_call_virt() macro (jsc#PED-1408). +- commit 736e2d1 + +- scsi: pmcraid: Fix missing resource cleanup in error case + (jsc#PED-1561). +- scsi: pmcraid: Fix typo in comment (jsc#PED-1561). +- scsi: pmcraid: Remove unneeded semicolon (jsc#PED-1561). +- scsi: pmcraid: Remove the PMCRAID_PASSTHROUGH_IOCTL ioctl + implementation (jsc#PED-1561). +- scsi: pmcraid: Don't use GFP_DMA in pmcraid_alloc_sglist() + (jsc#PED-1561). +- scsi: pmcraid: Fix a kernel-doc warning (jsc#PED-1561). +- scsi: pmcraid: Switch to attribute groups (jsc#PED-1561). +- scsi: core: Register sysfs attributes earlier (jsc#PED-1561). +- commit 65ed53e + +- blacklist.conf: add an entry for IDXD that has been already fixed +- commit 7531ae1 + +- dmaengine: idxd: force wq context cleanup on device disable path + (git-fixes). +- commit e06ba18 + +- nilfs2: fix NULL pointer dereference at + nilfs_bmap_lookup_at_level() (CVE-2022-3621 bsc#1204574). +- commit f8016b1 + +- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41 + (bsc#1203922). +- commit 1d187cf + +- Move upstreamed sound patches into sorted section +- commit 4c058b6 + +- Bluetooth: L2CAP: Fix memory leak in vhci_write (CVE-2022-3619 + bsc#1204569). +- commit b649754 + +- iommu: Introduce a callback to struct iommu_resv_region + (jsc#PED-1408). +- commit 480aace + +- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes). +- net: phy: dp83822: disable MDI crossover status change interrupt + (git-fixes). +- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() + (git-fixes). +- net: phy: dp83867: Extend RX strap quirk for SGMII mode + (git-fixes). +- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes). +- commit 273eb71 + +- arm64: topology: Remove redundant setting of llc_id in CPU + topology (jsc#PED-1408). +- commit 2ac7bb1 + +- hisi_lpc: Use acpi_dev_for_each_child() (jsc#PED-1408). +- soundwire: Use acpi_dev_for_each_child() (jsc#PED-1408). +- commit a5a010e + +- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU + is not set (bsc#1204413 ltc#200176). +- commit 0850b12 + +- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176). +- Refresh patches.suse/powerpc-Rename-PPC_NATIVE-to-PPC_HASH_MMU_NATIVE.patch. +- commit abb9ade + +- thunderbolt: ACPI: Replace tb_acpi_find_port() with + acpi_find_child_by_adr() (jsc#PED-1408). +- commit b06ed1f + +- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176). +- Refresh patches.suse/lkdtm-disable-return-thunks-in-rodata-c.patch. + Update config files. +- commit 5b2abcf + +- platform/x86/thinkpad_acpi: Use acpi_dev_for_each_child() + (jsc#PED-1408). +- platform/x86: Replace acpi_bus_get_device() (jsc#PED-1408). +- commit e8f90ff + +- fuse: fix deadlock between atomic O_TRUNC and page invalidation + (bsc#1204533). +- commit a0e6630 + +- USB: ACPI: Replace usb_acpi_find_port() with + acpi_find_child_by_adr() (jsc#PED-1408). +- commit 1538aed + +- Correct JIRA reference to Impl entries (jsc#PED-588 jsc#PED-594 jsc#PED-812 jsc#PED-826 jsc#PED-827 jsc#PED-831 jsc#PED-840 jsc#PED-858 jsc#PED-859 jsc#PED-1033 jsc#PED-1035 jsc#PED-1038 jsc#PED-1044 jsc#PED-1046 jsc#PED-1052 jsc#PED-1054 jsc#PED-1096 jsc#PED-1165 jsc#PED-1213 jsc#PED-1516 jsc#PED-1817 jsc#PED-1820) +- commit 048beb0 + +- Correct JIRA reference to Impl entries (jsc#PED-833 jsc#PED-850 jsc#PED-825 jsc#PED-822 jsc#PED-846 jsc#PED-817 jsc#PED-851 jsc#PED-857 jsc#PED-842 jsc#PED-813 jsc#PED-1084 jsc#PED-1096 jsc#PED-1085 jsc#PED-1649 jsc#PED-1082 jsc#PED-856) +- commit c7d3570 + +- mfd: core: Use acpi_dev_for_each_child() (jsc#PED-1408). +- commit 4d37bd2 + +- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413 + ltc#200176). +- powerpc: Ignore DSI error caused by the copy/paste instruction + (bsc#1204413 ltc#200176). +- powerpc/64s: Move hash MMU support code under + CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176). +- Refresh patches.suse/Revert-powerpc-rtas-Implement-reentrant-rtas-call.patch +- Refresh patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch +- Refresh patches.suse/powerpc-pseries-wire-up-rng-during-setup_arch.patch +- powerpc: make memremap_compat_align 64s-only (bsc#1204413 + ltc#200176). +- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e + or radix (bsc#1204413 ltc#200176). +- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c + (bsc#1204413 ltc#200176). +- powerpc/64s: Make flush_and_reload_slb a no-op when radix is + enabled (bsc#1204413 ltc#200176). +- powerpc/pseries: lparcfg don't include slb_size line in radix + mode (bsc#1204413 ltc#200176). +- powerpc/64s: Move and rename do_bad_slb_fault as it is not + hash specific (bsc#1204413 ltc#200176). +- Refresh patches.suse/powerpc-64s-hash-Make-hash-faults-work-in-NMI-contex.patch +- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413 + ltc#200176). + Update config files. +- commit da125ff + +- devdax: Fix soft-reservation memory description (jsc#PED-1408). +- ACPI: property: Remove default association from integer maximum + values (jsc#PED-1408). +- ACPI: property: Ignore already existing data node tags + (jsc#PED-1408). +- ACPI: property: Fix type detection of unified integer reading + functions (jsc#PED-1408). +- arm64: cacheinfo: Fix incorrect assignment of signed error + value to unsigned fw_level (jsc#PED-1408). +- ACPI: property: Fix error handling in acpi_init_properties() + (jsc#PED-1408). +- ACPI: property: Read buffer properties as integers + (jsc#PED-1408). +- ACPI: property: Add support for parsing buffer property UUID + (jsc#PED-1408). +- commit 5677edc + +- ACPI: property: Unify integer value reading functions + (jsc#PED-1408). +- ACPI: property: Switch node property referencing from ifs to + a switch (jsc#PED-1408). +- ACPI: property: Move property ref argument parsing into a new + function (jsc#PED-1408). +- ACPI: property: Use acpi_object_type consistently in property + ref parsing (jsc#PED-1408). +- ACPI: property: Tie data nodes to acpi handles (jsc#PED-1408). +- ACPI: VIOT: Do not dereference fwnode in struct device + (jsc#PED-1408). +- ACPI/IORT: Fix build error implicit-function-declaration + (jsc#PED-1408). +- ACPI/IORT: Add a helper to retrieve RMR info directly + (jsc#PED-1408). +- ACPI/IORT: Add support to retrieve IORT RMR reserved regions + (jsc#PED-1408). +- ACPI/IORT: Provide a generic helper to retrieve reserve regions + (jsc#PED-1408). +- ACPI/IORT: Make iort_iommu_msi_get_resv_regions() return void + (jsc#PED-1408). +- ACPI: PPTT: Leave the table mapped for the runtime usage + (jsc#PED-1408). +- ACPI: Remove the unused find_acpi_cpu_cache_topology() + (jsc#PED-1408). +- ACPI: PPTT: Use table offset as fw_token instead of virtual + address (jsc#PED-1408). +- ACPI: Move PRM config option under the main ACPI config + (jsc#PED-1408). + Update config files. +- ACPI: Enable Platform Runtime Mechanism(PRM) support on ARM64 + (jsc#PED-1408). + Update config files. +- ACPI: PRM: Change handler_addr type to void pointer + (jsc#PED-1408). +- ACPI/PCI: Remove useless NULL pointer checks (jsc#PED-1408). +- ACPI: video: Use native backlight on Dell Inspiron N4010 + (jsc#PED-1408). +- ACPI: video: Drop X86 dependency from Kconfig (jsc#PED-1408). + Update config files. +- ACPI: resource: skip IRQ override on AMD Zen platforms + (jsc#PED-1408). +- ACPI: PM: x86: Print messages regarding LPS0 idle support + (jsc#PED-1408). +- ACPI: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is + unset (jsc#PED-1408). +- Revert "ACPI / PM: LPIT: Register sysfs attributes based on + FADT" (jsc#PED-1408). +- ACPI: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008 + (jsc#PED-1408). +- ACPI: EC: Drop unused ident initializers from dmi_system_id + tables (jsc#PED-1408). +- ACPI: EC: Re-use boot_ec when possible even when + EC_FLAGS_TRUST_DSDT_GPE is set (jsc#PED-1408). +- ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP (jsc#PED-1408). +- ACPI: APEI: Fix double word in a comment (jsc#PED-1408). +- ACPI: processor: Drop leftover acpi_processor_get_limit_info() + declaration (jsc#PED-1408). +- ACPI: processor: Split out thermal initialization from ACPI PSS + (jsc#PED-1408). +- ACPI: bus: Drop unused list heads from struct acpi_device + (jsc#PED-1408). +- ACPI: bus: Drop driver member of struct acpi_device + (jsc#PED-1408). +- ACPI: bus: Drop redundant check in acpi_device_remove() + (jsc#PED-1408). +- ACPI / MMC: PM: Unify fixing up device power (jsc#PED-1408). +- ACPI: scan: Walk ACPI device's children using driver core + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_dev_for_each_child_reverse() + (jsc#PED-1408). +- ACPI: video: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: bus: Export acpi_dev_for_each_child() to modules + (jsc#PED-1408). +- ACPI: property: Use acpi_dev_for_each_child() for child lookup + (jsc#PED-1408). +- ACPI: container: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: glue: Introduce acpi_find_child_by_adr() (jsc#PED-1408). +- ACPI: glue: Introduce acpi_dev_has_children() (jsc#PED-1408). +- ACPI: glue: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: irq: Allow acpi_gsi_to_irq() to have an arch-specific + fallback (jsc#PED-1408). +- APCI: irq: Add support for multiple GSI domains (jsc#PED-1408). +- mmc: sdhci-acpi: Remove special handling for GPD win/pocket + devices (jsc#PED-1408). +- commit 3b82889 + +- r8152: Rate limit overflow messages (CVE-2022-3594 bsc#1204479). +- commit a745ef5 + +- Update patch reference for HID fix (CVE-2022-3577 bsc#1204470) +- commit 3ac3b39 + +- kcm: avoid potential race in kcm_tx_work (bsc#1204355 + CVE-2022-3521). +- commit 2d76ec0 + +- tcp/udp: Fix memory leak in ipv6_renew_options() (bsc#1204354 + CVE-2022-3524). +- commit f8049de + +- Update metadata references +- commit d0bf0fb + +- PCI: hv: Fix synchronization between channel callback and + hv_pci_bus_exit() (bsc#1204017). +- commit ea6713d + +- PCI: hv: Fix synchronization between channel callback and + hv_compose_msi_msg() (bsc#1204017). +- commit 230768b + +- PCI: hv: Use vmbus_requestor to generate transaction IDs for + VMbus hardening (bsc#1204017). +- commit a19c478 + +- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() + (bsc#1204017). +- commit bc36cf4 + +- Drivers: hv: vmbus: Introduce vmbus_request_addr_match() + (bsc#1204017). +- commit 40cb8e4 + +- Drivers: hv: vmbus: Fix handling of messages with transaction + ID of zero (bsc#1204017). +- commit a5b4ebf + +- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() + (bsc#1204017). +- commit 2e0386a + +- sch_sfb: Also store skb len before calling child enqueue + (CVE-2022-3586 bsc#1204439). +- sch_sfb: Don't assume the skb is still around after enqueueing + to child (CVE-2022-3586 bsc#1204439). +- commit 6788943 + +- Update patch reference for mISDN fix (CVE-2022-3565 bsc#1204431) +- commit 5d0836e + +- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() + (git-fixes). +- commit 1ad6725 + +- blacklist.conf: add upstream commit that's too invasive +- commit a605c6e + +- Update config files: enable CONFIG_DMABUF_MOVE_NOTIFY (jsc#PED-975) +- commit a10be66 + +- dmaengine: idxd: deprecate token sysfs attributes for read + buffers (jsc#PED-679). +- commit c137213 + +- dmaengine: idxd: change bandwidth token to read buffers + (jsc#PED-679). +- Refresh + patches.suse/dmaengine-idxd-restore-traffic-class-defaults-after-.patch. +- commit d0c1256 + +- powercap: intel_rapl: Add support for RAPTORLAKE_S + (jsc#PED-1812). +- commit 213e719 + +- Update config files: enable CONFIG_PINCTRL_METEORLAKE (jsc#PED-732) +- supported.conf: add pinctrl-meteorlake +- commit efb9d9f + +- pinctrl: intel: Add Intel Meteor Lake pin controller support + (jsc#PED-732). +- commit 0540896 + +- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732). +- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732). +- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732). +- commit 11c983f + +- Update patch reference for Intel MTL-P USB patch (jsc#PED-732) +- commit 4ca8c18 + +- pinctrl: alderlake: Fix register offsets for ADL-N variant + (jsc#PED-676). +- pinctrl: alderlake: Add Intel Alder Lake-N pin controller + support (jsc#PED-676). +- commit 5492389 + +- Update patch reference for Intel ADL-N eMMC patch (jsc#PED-676) +- commit 4c38b45 + +- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634). +- commit 0ec42f9 + +- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634). +- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs + (jsc#PED-634). +- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S + (jsc#PED-634). +- commit 06d5787 + +- Update patch references for intel_th RPL-S support (jsc#PED-634) +- commit 900e952 + +- i2c: i801: Add support for Intel Raptor Lake PCH-S + (jsc#PED-634). +- i2c: i801: Improve handling of chip-specific feature definitions + (jsc#PED-634). +- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634). +- commit 46a17cc + +- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707). +- commit 356d2a6 + +- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_RPRES.patch (git-fixes, jsc#PED-1159) + Add reference to jsc#PED-1599 +- commit 27aeba3 + +- thermal: int340x: Mode setting with new OS handshake + (jsc#PED-678). +- commit c03fef0 + +- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_AFP.patch (git-fixes, jsc#PED-1159) + Add reference to jsc#PED-1599 +- commit fb87f4f + +- thermal: int340x: Update OS policy capability handshake + (jsc#PED-678). +- commit 2487fcb + +- supported.conf: Add CN10K DDR PMU driver to supported modules (jsc#PED-1765) +- commit ee9c6f0 + +- supported.conf: Add CN10K RNG driver to supported modules (jsc#PED-1765) +- commit f38a789 + +- supported.conf: Add CN10K LLC PMU driver to supported modules (jsc#PED-1765) +- commit ff62505 + +- hwrng: cn10k - Make check_rng_health() return an error code (jsc#PED-1765) +- commit e96e350 + +- hwrng: cn10k - Optimize cn10k_rng_read() (jsc#PED-1765) +- commit 18234b8 + +- hwrng: cn10k - Add random number generator support (jsc#PED-1765) + Update config/arm64/default +- commit 80a71af + +- perf/marvell: Fix !CONFIG_OF build for CN10K DDR PMU driver (jsc#PED-1765) + Update config/arm64/default +- commit d86ecb5 + +- perf/marvell: cn10k DDR perf event core ownership (jsc#PED-1765) +- commit ccedd1a + +- perf/marvell: cn10k DDR perfmon event overflow handling (jsc#PED-1765) +- commit b6ab0c5 + +- perf/marvell: CN10k DDR performance monitor support (jsc#PED-1765) +- commit b13d58a + +- dt-bindings: perf: marvell: cn10k ddr performance monitor (jsc#PED-1765) +- commit 705f151 + +- Update patch reference for macvlan fix (CVE-2022-3526 bsc#1204353) +- commit 740e86c + +- rpm/check-for-config-changes: loosen pattern for AS_HAS_* + This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128. +- commit bdc0bf7 + +- perf/marvell_cn10k: Fix TAD PMU register offset (jsc#PED-1765) +- commit 4ccd5d2 + +- perf/marvell_cn10k: Remove useless license text when (jsc#PED-1765) +- commit b1994db + +- perf/marvell_cn10k: Fix tad_pmu_event_init() to check pmu type first (jsc#PED-1765) +- commit cb2eb6b + +- perf/marvell_cn10k: Fix unused variable warning when W=1 and (jsc#PED-1765) +- commit 4f19277 + +- drivers: perf: marvell_cn10k: fix an IS_ERR() vs NULL check (jsc#PED-1765) +- commit 9e52366 + +- drivers: perf: Add LLC-TAD perf counter support (jsc#PED-1765) + Update config/arm64/default +- commit 15db243 + +- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729). +- powerpc/powernv: add missing of_node_put() in + opal_export_attrs() (bsc#1065729). +- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729). +- commit 7c692ec + +- powerpc/kprobes: Fix null pointer reference in + arch_prepare_kprobe() (jsc#SLE-13847 git-fixes). +- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 + git-fixes). +- commit 5521322 + +- thunderbolt: Use decimal number with port numbers (jsc#PED-531 + jsc#PED-1211). +- commit 1ef4993 + +- thunderbolt: Replace usage of found with dedicated list iterator + variable (jsc#PED-531 jsc#PED-1211). +- commit 3fecfc9 + +- thunderbolt: Clarify register definitions for + `tb_cap_plug_events` (jsc#PED-531). +- commit 68d4307 + +- thunderbolt: Add internal xHCI connect flows for Thunderbolt + 3 devices (jsc#PED-531). +- commit ec0de67 + +- thunderbolt: Do not make DROM read success compulsory + (jsc#PED-531). +- commit 24436e4 + +- thunderbolt: Do not resume routers if UID is not set + (jsc#PED-531). +- thunderbolt: Retry DROM reads for more failure scenarios + (jsc#PED-531). +- commit a78e01a + +- thunderbolt: Drop duplicate NULL checks around + nvmem_unregister() (jsc#PED-531). +- commit 3ea3344 + +- thunderbolt: Replace acpi_bus_get_device() (jsc#PED-531). +- commit 920924a + +- thunderbolt: Remove useless DMA-32 fallback configuration + (jsc#PED-531). +- commit 871dcd2 + +- usb: host: Initiate urb ep with udev ep0 (jsc#PED-531). +- commit f03f8e4 + +- arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes) +- commit 2f51dd9 + +- blacklist.conf: ("arm64/mm: drop HAVE_ARCH_PFN_VALID") +- commit f836660 + +- clk: at91: fix the build with binutils 2.27 (git-fixes). +- commit a34e36d + +- Input: xpad - add supported devices as contributed on github + (git-fixes). +- efi: libstub: drop pointless get_memory_map() call (git-fixes). +- misc: pci_endpoint_test: Fix + pci_endpoint_test_{copy,write,read}() panic (git-fixes). +- misc: pci_endpoint_test: Aggregate params checking for xfer + (git-fixes). +- USB: serial: qcserial: add new usb-id for Dell branded EM7455 + (git-fixes). +- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes). +- commit 4dee064 + +- ALSA: oss: Fix potential deadlock at unregistration (git-fixes). +- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() + (git-fixes). +- ALSA: hda/realtek: Add Intel Reference SSID to support headset + keys (git-fixes). +- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes). +- commit c900b4a + +- ACPI: HMAT: Release platform device in case of + platform_device_add_data() fails (git-fixes). +- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() + (git-fixes). +- ALSA: hda/realtek: Correct pin configs for ASUS G533Z + (git-fixes). +- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 + (git-fixes). +- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or + restored (git-fixes). +- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in + 'performance_levels' (git-fixes). +- Revert "drm/amdgpu: use dirty framebuffer helper" (git-fixes). +- drm/i915/ehl: Update MOCS table for EHL (git-fixes). +- commit 3ca51e4 + +- s390/qeth: Remove OSN deprecation notice (jsc#PED-448 + LTC#198619). +- commit 42319b3 + +- qeth: remove a copy of the NAPI_POLL_WEIGHT define (jsc#PED-448 + LTC#198619). +- Refresh + patches.suse/net-make-drivers-set-the-TSO-limit-not-the-GSO-limit.patch. +- Refresh patches.suse/net-switch-to-netif_napi_add_tx.patch. +- commit f8ee04c + +- s390/qeth: split up L2 netdev_ops (jsc#PED-448 LTC#198619). +- commit f50bd13 + +- s390/qeth: don't keep track of Input Queue count (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qdio-split-do_QDIO. +- commit f07e1f9 + +- s390/qeth: move qdio's QAOB cache into qeth (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qdio-split-do_QDIO. +- commit 7ee14b3 + +- s390/qeth: clean up device_type management (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qeth-Register-switchdev-event-handler. +- commit 4489d18 + +- s390/qeth: Fix typo 'the the' in comment (jsc#PED-448 + LTC#198619). +- s390/ctcm: fix typo "length to short" -> "length too short" + (jsc#PED-448 LTC#198619). +- s390/net: sort out physical vs virtual pointers usage + (jsc#PED-448 LTC#198619). +- s390/qeth: Remove redundant 'flush_workqueue()' calls + (jsc#PED-448 LTC#198619). +- s390/qeth: remove check for packing mode in + qeth_check_outbound_queue() (jsc#PED-448 LTC#198619). +- s390/qeth: fine-tune .ndo_select_queue() (jsc#PED-448 + LTC#198619). +- s390/qeth: don't offer .ndo_bridge_* ops for OSA devices + (jsc#PED-448 LTC#198619). +- s390/lcs: add braces around empty function body (jsc#PED-448 + LTC#198619). +- s390/ctcm: add __printf format attribute to ctcm_dbf_longtext + (jsc#PED-448 LTC#198619). +- s390/ctcm: fix format string (jsc#PED-448 LTC#198619). +- s390/qeth: allocate RX queue at probe time (jsc#PED-448 + LTC#198619). +- s390/qeth: update kerneldoc for qeth_add_hw_header() + (jsc#PED-448 LTC#198619). +- s390/qeth: fix kernel doc comments (jsc#PED-448 LTC#198619). +- s390/qeth: add __printf format attribute to qeth_dbf_longtext + (jsc#PED-448 LTC#198619). +- s390/qeth: fix various format strings (jsc#PED-448 LTC#198619). +- s390/qeth: clarify remaining dev_kfree_skb_any() users + (jsc#PED-448 LTC#198619). +- s390/qeth: remove .do_ioctl() callback from driver discipline + (jsc#PED-448 LTC#198619). +- s390/qeth: improve trace entries for MAC address + (un)registration (jsc#PED-448 LTC#198619). +- net: s390: constify and use eth_hw_addr_set() (jsc#PED-448 + LTC#198619). +- s390/netiucv: remove incorrect kernel doc indicators + (jsc#PED-448 LTC#198619). +- s390/lcs: remove incorrect kernel doc indicators (jsc#PED-448 + LTC#198619). +- s390/ctcm: remove incorrect kernel doc indicators (jsc#PED-448 + LTC#198619). +- s390/net: replace in_irq() with in_hardirq() (jsc#PED-448 + LTC#198619). +- s390/qeth: clean up QETH_PROT_* naming (jsc#PED-448 LTC#198619). +- commit 595cfd6 + +- x86/cpu: Add CPU model numbers for Meteor Lake (jsc#PED-637). +- x86/cpu: Add new Raptor Lake CPU model number (jsc#PED-716). +- commit 612dc8d + +- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes). +- openvswitch: add nf_ct_is_confirmed check before assigning + the helper (git-fixes). +- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 + (git-fixes). +- wifi: iwlwifi: mvm: fix double list_add at + iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes). +- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of + small packets (git-fixes). +- wifi: mac80211: fix decap offload for stations on AP_VLAN + interfaces (git-fixes). +- wifi: mac80211: fix probe req HE capabilities access + (git-fixes). +- wifi: mac80211: do not drop packets smaller than the LLC-SNAP + header on fast-rx (git-fixes). +- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes). +- can: kvaser_usb_leaf: Fix TX queue out of sync after restart + (git-fixes). +- can: kvaser_usb: Fix use of uninitialized completion + (git-fixes). +- macvlan: enforce a consistent minimal mtu (git-fixes). +- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq + (git-fixes). +- net: ieee802154: return -EINVAL for unknown addr type + (git-fixes). +- watchdog: armada_37xx_wdt: Fix .set_timeout callback + (git-fixes). +- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure + (git-fixes). +- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING + (git-fixes). +- commit cb006e7 + +- Drop a incorrectly doubly applied WiFi fix patch +- commit 9d35b83 + +- s390/qdio: Fix spelling mistake (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify logical vs absolute in QIB's kerneldoc + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unneeded sanity check in qdio_do_sqbs() + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: split do_QDIO() (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: split qdio_inspect_queue() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify handler logic for + qdio_handle_activate_check() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clean up access to queue in + qdio_handle_activate_check() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: avoid allocating the qdio_irq with GFP_DMA + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: improve handling of CIWs (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: remove QDIO_SBAL_SIZE macro (jsc#PED-455 bsc#1203836 + LTC#198623). +- scsi: zfcp: fix kernel doc comments (jsc#PED-455 bsc#1203836 + LTC#198623). +- scsi: zfcp: Use scsi_cmd_to_rq() instead of scsi_cmnd.request + (jsc#PED-455 bsc#1203836 LTC#198623). +- scsi: zfcp: Use the proper SCSI midlayer interfaces for PI + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unused support for SLIB parameters + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: consolidate QIB code (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: use dev_info() in qdio_print_subchannel_info() + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: fine-tune the queue sync (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clean up SIGA capability tracking (jsc#PED-455 + bsc#1203836 LTC#198623). +- s390/qdio: remove unused sync-after-IRQ infrastructure + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: use absolute data address in ESTABLISH ccw + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unused macros (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify reporting of errors to the drivers + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unneeded siga-sync for Output Queue + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove remaining tasklet & timer code (jsc#PED-455 + bsc#1203836 LTC#198623). +- commit ccb8c7b + +- wifi: cfg80211: update hidden BSSes to avoid WARN_ON + (git-fixes). +- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate + (git-fixes). +- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes). +- commit b28d368 + +- Move upstramed WiFi fix patches into sorted section +- commit bef1692 + +- net: ethernet: move from strlcpy with unused retval to strscpy + (jsc#PED-1302). +- net: add skb_[inner_]tcp_all_headers helpers (jsc#PED-1302). +- ethernet: Remove vf rate limit check for drivers (jsc#PED-1302). +- rtnetlink: add extack support in fdb del handlers + (jsc#PED-1302). +- net: switch to netif_napi_add_tx() (jsc#PED-1302). +- qlcnic: remove redundant assignment to variable index + (jsc#PED-1302). +- net: qlcnic: use time_is_before_jiffies() instead of open + coding it (jsc#PED-1302). +- qlcnic: Simplify DMA setting (jsc#PED-1302). +- qlcnic: Remove redundant initialization of variable ret + (jsc#PED-1302). +- qlcnic: switch from 'pci_' to 'dma_' API (jsc#PED-1302). +- qlcnic: make the array random_data static const, makes object + smaller (jsc#PED-1302). +- commit c7136a6 + +- clk: bcm: rpi: Add support for VEC clock (bsc#1196632) +- commit 188fe72 + +- nvmem: core: Check input parameter for NULL in + nvmem_unregister() (bsc#1204241). +- commit 66b047b + +- clk: bcm2835: Round UART input clock up (bsc#1188238) +- commit f465b19 + +- ALSA: hda/hdmi: Fix the converter allocation for the silent + stream (git-fixes). +- ALSA: hda/hdmi: change type for the 'assigned' variable + (git-fixes). +- commit 6c73200 + +- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types + (git-fixes). +- irqchip/ls-extirq: Fix invalid wait context by avoiding to + use regmap (git-fixes). +- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes). +- docs: update mediator information in CoC docs (git-fixes). +- mmc: core: Terminate infinite loop in SD-UHS voltage switch + (git-fixes). +- drm/amd/display: skip audio setup when audio stream is enabled + (git-fixes). +- drm/amd/display: update gamut remap if plane has changed + (git-fixes). +- drm/amd/display: Assume an LTTPR is always present on fixed_vs + links (git-fixes). +- drm/amd/display: Fix double cursor on non-video RGB MPO + (git-fixes). +- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer + (git-fixes). +- firmware: arm_scmi: Add SCMI PM driver remove routine + (git-fixes). +- firmware: arm_scmi: Harden accesses to the sensor domains + (git-fixes). +- firmware: arm_scmi: Improve checks in the info_get operations + (git-fixes). +- net/ieee802154: fix uninit value bug in dgram_sendmsg + (git-fixes). +- dmaengine: xilinx_dma: Report error in case of + dma_set_mask_and_coherent API failure (git-fixes). +- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores + property (git-fixes). +- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource + error handling (git-fixes). +- ALSA: hda/hdmi: Fix the converter reuse for the silent stream + (git-fixes). +- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() + (git-fixes). +- mmc: core: Replace with already defined values for readability + (git-fixes). +- commit 07f5789 + +- Drop TI clk patch that has been reverted in 5.15.y stable +- commit bfab74f + +- mm/hmm/test: use char dev with struct device to get device node + (jsc#PED-1294). +- commit 2a441da + +- lib/test_hmm: avoid accessing uninitialized pages + (jsc#PED-1294). +- commit 629e407 + +- mm/memremap: fix wrong function name above memremap_pages() + (jsc#PED-1294). +- commit 99ceafe + +- Updated metadata references for bsc#1200788 CVE-2022-2153: + Updated patches (from Juergen Gross) +- patches.suse/KVM-x86-Avoid-theoretical-NULL-pointer-dereference-i.patch +- patches.suse/KVM-x86-Check-lapic_in_kernel-before-attempting-to-s.patch +- patches.suse/KVM-x86-Forbid-VMM-to-set-SYNIC-STIMER-MSRs-when-Syn.patch +- commit e9364fc + +- selftests/vm: use top_srcdir instead of recomputing relative + paths (jsc#PED-1294). +- commit fcd00bf + +- Kselftests: remove support of libhugetlbfs from kselftests + (jsc#PED-1294). +- commit 5314c14 + +- tools/testing/selftests/vm/hmm-tests.c: fix build + (jsc#PED-1294). +- commit d4e3629 + +- mm/hmm: add a test for cross device private faults + (jsc#PED-1294). +- commit 113260c + +- mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault + (jsc#PED-1294). +- commit 81464f0 + +- tools: update hmm-test to support device coherent type + (jsc#PED-1294). +- commit 7b24afa + +- mm: fix the handling Non-LRU pages returned by follow_page + (jsc#PED-1294). +- commit a0abdab + +- mm/huge_memory: use helper macro IS_ERR_OR_NULL in + split_huge_pages_pid (jsc#PED-1294). +- commit 64365f4 + +- mm: remove unneeded local variable follflags (jsc#PED-1294). +- commit f1da2a0 + +- mm/migrate_device.c: fix a misleading and outdated comment + (jsc#PED-1294). +- commit 2496c30 + +- mm: migration: fix the FOLL_GET failure on following huge page + (jsc#PED-1294). +- commit 7c67379 + +- mm: re-allow pinning of zero pfns (again) (jsc#PED-1294). +- commit 4e32fd5 + +- nvdimm/pmem: cleanup the disk if pmem_release_disk() is yet + assigned (jsc#PED-1294). +- commit 519f490 + +- thunderbolt: Fix buffer allocation of devices with no + DisplayPort adapters (git-fixes). +- commit 2534904 + +- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-2978 + bsc#1202700). +- commit e1802d7 + +- thunderbolt: Add missing device ID to + tb_switch_is_alpine_ridge() (git-fixes). +- commit 9447425 + +- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes). +- commit 9dce26f + +- usb/hcd: Fix dma_map_sg error check (git-fixes). +- commit 82f7672 + +- mm/gup.c: fix formatting in check_and_migrate_movable_page() + (jsc#PED-1294). +- commit 6bb21eb + +- tools: add selftests to hmm for COW in device memory + (jsc#PED-1294). +- commit fbb5441 + +- tools: add hmm gup tests for device coherent type + (jsc#PED-1294). +- commit ccae011 + +- tools: update test_hmm script to support SP config + (jsc#PED-1294). +- commit 32be4d6 + +- lib: add support for device coherent type in test_hmm + (jsc#PED-1294). +- commit 5bcf5a6 + +- lib: test_hmm add module param for zone device type + (jsc#PED-1294). +- commit e22f0bf + +- lib: test_hmm add ioctl to get zone device type (jsc#PED-1294). +- commit 87c4e9c + +- drm/amdkfd: add SPM support for SVM (jsc#PED-1294). +- commit 9d8092a + +- drm/amdkfd: fix resource_size.cocci warnings (jsc#PED-1294). +- commit 589703d + +- mm/gup: migrate device coherent pages when pinning instead of + failing (jsc#PED-1294). +- commit f57d4bb + +- kabi/severities: ignore CS35L41-specific exports (bsc#1203699) +- commit 9f486fe + +- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699). +- ALSA: hda: cs35l41: Remove suspend/resume hda hooks + (bsc#1203699). +- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls + (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before + reading/writing controls (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code + removal (bsc#1203699). +- commit 54175bd + +- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3 + (git-fixes). +- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges + (git-fixes). +- dt-bindings: PCI: microchip,pcie-host: fix missing clocks + properties (git-fixes). +- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge + (git-fixes). +- PCI: Fix used_buses calculation in pci_scan_child_bus_extend() + (git-fixes). +- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes). +- PCI/ASPM: Ignore L1 PM Substates if device lacks capability + (git-fixes). +- i2c: designware: Fix handling of real but unexpected device + interrupts (git-fixes). +- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return + value check (git-fixes). +- pinctrl: armada-37xx: Checks for errors in gpio_request_enable + callback (git-fixes). +- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 + (git-fixes). +- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes). +- Input: i8042 - fix refount leak on sparc (git-fixes). +- Input: synaptics-rmi4 - fix firmware update operations with + bootloader v8 (git-fixes). +- Input: xpad - fix wireless 360 controller breaking after suspend + (git-fixes). +- commit 6628947 + +- Add cherry-picked ID for AMDGPU patch +- commit 005b431 + +- mm: add device coherent vma selection for memory migration + (jsc#PED-1294). +- commit c7f49b6 + +- mm: handling Non-LRU pages returned by vm_normal_pages + (jsc#PED-1294). +- commit e689445 + +- mm/migration: fix possible do_pages_stat_array racing with + memory offline (jsc#PED-1294). +- commit f5b7a8c + +- mm: add zone device coherent type memory support (jsc#PED-1294). +- commit c80982a + +- mm: re-allow pinning of zero pfns (jsc#PED-1294). +- commit 541ae7e + +- octeontx2-pf: cn10k: Fix egress ratelimit configuration + (git-fixes). +- commit dfc0a0a + +- net: sungem_phy: Add of_node_put() for reference returned by + of_get_parent() (git-fixes). +- commit cc0874b + +- net: pcs: xpcs: propagate xpcs_read error to + xpcs_get_state_c37_sgmii (git-fixes). +- commit 6750e0f + +- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication + (git-fixes). +- commit 6f3b54a + +- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy + (git-fixes). +- commit afc53c0 + +- iavf: Fix handling of dummy receive descriptors (git-fixes). +- commit e9bd3c0 + +- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings + (git-fixes). +- commit 155ccd4 + +- net: dsa: sja1105: silent spi_device_id warnings (git-fixes). +- commit ee0b547 + +- net: stmmac: remove redunctant disable xPCS EEE call + (git-fixes). +- commit 9493b1a + +- ixgbe: Add locking to prevent panic when setting sriov_numvfs + to zero (git-fixes). +- commit 53fbc66 + +- net: stmmac: fix dma queue left shift overflow issue + (git-fixes). +- commit 1deb58f + +- net: dsa: microchip: ksz_common: Fix refcount leak bug + (git-fixes). +- commit c46e25b + +- net: stmmac: fix unbalanced ptp clock issue in suspend/resume + flow (git-fixes). +- commit dff326f + +- net: stmmac: fix pm runtime issue in stmmac_dvr_remove() + (git-fixes). +- commit e347cfb + +- ip: Fix data-races around sysctl_ip_fwd_update_priority + (git-fixes). +- commit 4ea8f18 + +- sfc: fix kernel panic when creating VF (git-fixes). +- commit 33eba8c + +- sfc: fix use after free when disabling sriov (git-fixes). +- commit 2fa14d7 + +- net: stmmac: fix leaks in probe (git-fixes). +- commit 97831ef + +- mm: move page zone helpers from mm.h to mmzone.h (jsc#PED-1294). +- commit 57ef364 + +- KVM: x86: Register perf callbacks after calling vendor's + hardware_setup() (git-fixes). +- Refresh + patches.suse/KVM-x86-Register-Processor-Trace-interrupt-hook-iff-.patch. +- commit 871c62a + +- mm: build migrate_vma_* for all configs with ZONE_DEVICE support + (jsc#PED-1294). +- Update config files. +- commit 0314c06 + +- USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM + (git-fixes). +- commit 31ce443 + +- KVM: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes). +- commit cc0ea0c + +- usb: ehci: Fix a function name in comments (git-fixes). +- commit 610087d + +- usb: host: remove dead EHCI support for on-chip PMC MSP71xx + USB controller (jsc#PED-531). +- commit 62f8e77 + +- x86/mce: Retrieve poison range from hardware (jsc#PED-1408). +- ACPI: CPPC: Don't require flexible address space if + X86_FEATURE_CPPC is supported (jsc#PED-1408). +- ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory + (jsc#PED-1408). +- commit ac7776e + +- xhci: remove unused lpm_failed_dev member from struct xhci_hcd + (jsc#PED-531). +- commit 85de64c + +- xhci: remove unused command member from struct xhci_hcd struct + (jsc#PED-531). +- commit 5e975fe + +- USB: xhci: make xhci_get_endpoint_address static (jsc#PED-531). +- commit dcf3baa + +- ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported + (jsc#PED-1408). +- tools headers cpufeatures: Sync with the kernel sources + (jsc#PED-1408). +- x86/cpufeatures: Add AMD Collaborative Processor Performance + Control feature flag (jsc#PED-1408). + Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch. +- commit bf4cd56 + +- USB: hcd-pci: Drop the unused id parameter from + usb_hcd_pci_probe() (jsc#PED-531). +- commit b826b6a + +- xen: update ring.h (jsc#PED-531). +- commit 4472a2b + +- xen/xenbus: add xenbus_setup_ring() service function + (jsc#PED-531). +- commit f043eec + +- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled + (git-fixes). +- commit 93cdb54 + +- net: ftgmac100: Hold reference returned by + of_get_child_by_name() (git-fixes). +- commit 0961942 + +- bnxt_en: Fix bnxt_refclk_read() (git-fixes). +- commit 4187bc1 + +- bnxt_en: fix livepatch query (git-fixes). +- commit cc62415 + +- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes). +- commit e387d75 + +- bnxt_en: reclaim max resources if sriov enable fails + (git-fixes). +- commit 9161aa5 + +- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes). +- commit 7fdc3a9 + +- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded + (git-fixes). +- commit 5e19505 + +- KVM: x86: do not report preemption if the steal time cache is + stale (git-fixes). +- commit c293d6b + +- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence + (git-fixes). +- commit 385f6b7 + +- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness + conversion (git-fixes). +- commit 368984e + +- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct + length to read dev_id (git-fixes). +- commit 809cb98 + +- usb: renesas-xhci: Do not print any log while fw verif success + (jsc#PED-531). +- commit bad9850 + +- xen/usbfront: use xenbus_setup_ring() and xenbus_teardown_ring() + (jsc#PED-531). +- commit 41ef599 + +- xen/usb: switch xen-hcd to use INVALID_GRANT_REF (jsc#PED-531). +- commit e4f01cd + +- xen/usb: harden xen_hcd against malicious backends + (jsc#PED-531). +- commit 36bb0d3 + +- xen/grant-table: remove readonly parameter from functions + (jsc#PED-531). +- Refresh + patches.suse/xen-blkfront-force-data-bouncing-when-backend-is-unt.patch. +- commit 80f5ba9 + +- xen/usb: don't use arbitrary_virt_to_machine() (jsc#PED-531). +- commit 71d02c4 + +- mm: move the migrate_vma_* device migration code into its own + file (jsc#PED-1294). +- Update config files. +- commit ffdaa32 + +- mm/migrate: remove redundant variables used in a for-loop + (jsc#PED-1294). +- commit 53fa906 + +- x86/PCI: Revert "x86/PCI: Clip only host bridge windows for + E820 regions" (jsc#PED-1408). +- ACPI: clean up white space in a few places for consistency + (jsc#PED-1408). +- ACPI: video: improve PM notifer callback (jsc#PED-1408). +- ACPI: battery: Make "not-charging" the default on no charging + or full info (jsc#PED-1408). +- ACPI: CPPC: fix typo in comment (jsc#PED-1408). +- ACPI: processor: idle: Expose max_cstate/nocst/bm_check_disable + read-only in sysfs (jsc#PED-1408). +- ACPI: glue: Rearrange find_child_checks() (jsc#PED-1408). +- ACPI: DPTF: Support Meteor Lake (jsc#PED-1408). +- ACPI: NFIT: Drop nfit_device_lock() (jsc#PED-1408). +- PCI/ACPI: negotiate CXL _OSC (jsc#PED-1408). +- PCI/ACPI: Prefer CXL _OSC instead of PCIe _OSC for CXL host + bridges (jsc#PED-1408). +- PCI/ACPI: add a helper for retrieving _OSC Control DWORDs + (jsc#PED-1408). +- acpi/nfit: rely on mce->misc to determine poison granularity + (jsc#PED-1408). +- x86/PCI: Disable E820 reserved region clipping starting in 2023 + (jsc#PED-1408). +- x86/PCI: Disable E820 reserved region clipping via quirks + (jsc#PED-1408). +- x86/PCI: Add kernel cmdline options to use/ignore E820 reserved + regions (jsc#PED-1408). +- x86/PCI: Clip only host bridge windows for E820 regions + (jsc#PED-1408). +- x86: Log resource clipping for E820 regions (jsc#PED-1408). +- x86/PCI: Eliminate remove_e820_regions() common subexpressions + (jsc#PED-1408). +- device property: Add irq_get to fwnode operation (jsc#PED-1408). +- ACPI: property: Move acpi_fwnode_device_get_match_data() up + (jsc#PED-1408). +- device property: Convert device_{dma_supported,get_dma_attr} + to fwnode (jsc#PED-1408). +- cpufreq: CPPC: Enable fast_switch (jsc#PED-1408). +- ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is + supported (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. +- ACPI: CPPC: Check _OSC for flexible address space + (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. +- x86/ACPI: Preserve ACPI-table override during hibernation + (jsc#PED-1408). +- x86: ACPI: Make mp_config_acpi_gsi() a void function + (jsc#PED-1408). +- ACPI: DPTF: Add support for high frequency impedance + notification (jsc#PED-1408). +- ACPI: DPTF: Correct description of INT3407 / INT3532 attributes + (jsc#PED-1408). +- ACPI, APEI, EINJ: Refuse to inject into the zero page + (jsc#PED-1408). +- ACPI: APEI: Fix missing ERST record id (jsc#PED-1408). +- ACPI: BGRT: use static for BGRT_SHOW kobj_attribute defines + (jsc#PED-1408). +- ACPI: SPCR: Add support for NVIDIA 16550-compatible port subtype + (jsc#PED-1408). +- ACPI: bus: Avoid non-ACPI device objects in walks over children + (jsc#PED-1408). +- PCI: ACPI: PM: Power up devices in D3cold before scanning them + (jsc#PED-1408). +- ACPI: PM: Introduce acpi_dev_power_up_children_with_adr() + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: PM: Always print final debug message in + acpi_device_set_power() (jsc#PED-1408). +- ACPI: PM: Unify debug messages in acpi_device_set_power() + (jsc#PED-1408). +- ACPI: PM: Change pr_fmt() in device_pm.c (jsc#PED-1408). +- ACPI: PM: Convert debug message in acpi_device_get_power() + (jsc#PED-1408). +- Revert "ACPICA: executer/exsystem: Warn about sleeps greater + than 10 ms" (jsc#PED-1408). +- ACPICA: Update version to 20220331 (jsc#PED-1408). +- ACPICA: exsystem.c: Use ACPI_FORMAT_UINT64 for 64-bit output + (jsc#PED-1408). +- ACPICA: IORT: Updates for revision E.d (jsc#PED-1408). +- ACPICA: executer/exsystem: Fix some typo mistakes + (jsc#PED-1408). +- ACPICA: iASL/MADT: Add OEM-defined subtable (jsc#PED-1408). +- ACPICA: executer/exsystem: Warn about sleeps greater than 10 ms + (jsc#PED-1408). +- ACPICA: executer/exsystem: Inform users about ACPI spec + violation (jsc#PED-1408). +- ACPICA: Add support for ARM Performance Monitoring Unit Table + (jsc#PED-1408). +- ACPICA: executer/exsystem: Add units to time variable names + (jsc#PED-1408). +- ACPICA: Headers: Replace zero-length array with flexible-array + member (jsc#PED-1408). +- ACPICA: Removed some tabs and // comments (jsc#PED-1408). +- ACPICA: Update copyright notices to the year 2022 + (jsc#PED-1408). +- ACPICA: Clean up double word in comment (jsc#PED-1408). +- ACPICA: Add new ACPI 6.4 semantics for LoadTable() operator + (jsc#PED-1408). +- ACPICA: Add new ACPI 6.4 semantics to the Load() operator + (jsc#PED-1408). +- ACPICA: iASL: NHLT: Rename linux specific strucures to + device_info (jsc#PED-1408). +- ACPICA: iASL: NHLT: Fix parsing undocumented bytes at the end + of Endpoint Descriptor (jsc#PED-1408). +- ACPICA: iASL: NHLT: Treat Terminator as specific_config + (jsc#PED-1408). +- ACPICA: Add the subtable CFMWS to the CEDT table (jsc#PED-1408). +- ACPICA: Add support for the Windows 11 _OSI string + (jsc#PED-1408). +- ACPI: utils: include UUID in _DSM evaluation warning + (jsc#PED-1408). +- ACPI: Add perf low power callback (jsc#PED-1408). + Refresh + patches.suse/ACPI-acpi_pad-Do-not-launch-acpi_pad-threads-on-idle-cpus.patch. +- commit 54d6015 + +- ACPI: APEI: do not add task_work to kernel thread to avoid + memory leak (git-fixes). +- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall + (git-fixes). +- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property + (git-fixes). +- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle + (git-fixes). +- crypto: cavium - prevent integer overflow loading firmware + (git-fixes). +- crypto: marvell/octeontx - prevent integer overflows + (git-fixes). +- crypto: inside-secure - Replace generic aes with libaes + (git-fixes). +- Revert "crypto: qat - reduce size of mapped region" (git-fixes). +- crypto: inside-secure - Change swab to swab32 (git-fixes). +- crypto: ccp - Release dma channels before dmaengine unrgister + (git-fixes). +- crypto: akcipher - default implementation for setting a private + key (git-fixes). +- crypto: qat - fix default value of WDT timer (git-fixes). +- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr + (git-fixes). +- crypto: sahara - don't sleep when in softirq (git-fixes). +- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes). +- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes). +- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes). +- drm/amd/display: Correct MPC split policy for DCN301 + (git-fixes). +- commit 353fbde + +- Update + patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch + (CVE-2022-42703, bsc#1204168, git-fixes, bsc#1203098). +- commit fef8e31 + +- mm/migrate.c: rework migration_entry_wait() to not take a + pageref (jsc#PED-1294). +- commit 313eb0c + +- blacklist.conf: 30ea703a38ef x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype +- commit fdb1f20 + +- misc: sgi-gru: fix use-after-free error in + gru_set_context_option, gru_fault and gru_handle_user_call_os + (CVE-2022-3424 bsc#1204166). +- commit bbc730f + +- wifi: mac80211: fix crash in beacon protection for P2P-device + (CVE-2022-42722 bsc#1204125). +- commit 38da0b9 + +- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC + (git-fixes). +- blacklist.conf: outside kABI fixes build fixes are important +- Update config files. +- commit 8852d4a + +- powerpc/kvm: Remove obsolete and unneeded select (git-fixes). +- blacklist.conf: outside kABI freezes, build fixes are important +- commit 329cacc + +- net: delete redundant function declaration (git-fixes). +- blacklist.conf: broke kABI, applicable in SP5 +- commit b7a266b + +- habanalabs: select CRC32 (git-fixes). +- blacklist.conf: outside kABI freezes build fixes are important +- commit 33fa2e9 + +- tracing: Fix smatch warning for do while check in + event_hist_trigger_parse() (git-fixes). +- blacklist.conf: no longer unreasonable in SP5 +- commit 7c1653b + +- tracing: Tag trace_percpu_buffer as a percpu pointer + (git-fixes). +- blacklist.conf: broke kABI in a hard to fix way, hence can be applied + in SP5 +- commit 36fd9f7 + +- x86/Kconfig: Fix an unused variable error in dell-smm-hwmon + (git-fixes). +- blacklist.conf: can be unblacklisted in SP5 and will make backporting + easier +- commit 59cf2b3 + +- wifi: mac80211: fix MBSSID parsing use-after-free + (CVE-2022-42719 bsc#1204051). +- commit bab6e58 + +- mac80211: fix memory leaks with element parsing (CVE-2022-42719 + bsc#1204051). +- commit f9a2be2 + +- wifi: mac80211: refactor elements parsing with parameter struct + (CVE-2022-42719 bsc#1204051). +- mac80211: always allocate struct ieee802_11_elems + (CVE-2022-42719 bsc#1204051). +- mac80211: mlme: find auth challenge directly (CVE-2022-42719 + bsc#1204051). +- mac80211: move CRC into struct ieee802_11_elems (CVE-2022-42719 + bsc#1204051). +- commit b28a982 + +- ipv4: Handle attempt to delete multipath route when fib_info + contains an nh reference (bsc#1204171 CVE-2022-3435). +- commit 1b0c1c8 + +- selftests: net: fix nexthop warning cleanup double ip typo + (bsc#1204171 CVE-2022-3435). +- commit e3962a5 + +- selftests: net: add delete nexthop route warning test + (bsc#1204171 CVE-2022-3435). +- commit 85deab0 + +- wifi: cfg80211: avoid nontransmitted BSS list corruption + (CVE-2022-42721 bsc#1204060). +- wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720 + bsc#1204059). +- commit 82311e4 + +- net: ipv4: fix route with nexthop object delete warning + (bsc#1204171 CVE-2022-3435). +- commit a94edc1 + +- Update metadata references +- commit 61773f9 + +- powercap: RAPL: Add Power Limit4 support for Alder Lake-N and + Raptor Lake-P (jsc#PED-769). +- powercap: intel_rapl: Add support for RAPTORLAKE_P + (jsc#PED-686). +- powercap: intel_rapl: add support for ALDERLAKE_N (jsc#PED-695). +- powercap: RAPL: Add Power Limit4 support for RaptorLake + (jsc#PED-769). +- powercap: intel_rapl: add support for RaptorLake (jsc#PED-769). +- powercap: intel_rapl: support new layout of Psys PowerLimit + Register on SPR (jsc#PED-648). +- powercap: Add Power Limit4 support for Alder Lake SoC + (jsc#PED-769). +- commit ee363a4 + +- selftests/powerpc: Skip energy_scale_info test on older firmware + (git-fixes). +- commit 1eff3d6 + +- Revert "SUNRPC: Remove unreachable error condition" (git-fixes). +- NFS: Fix another fsync() issue after a server reboot + (git-fixes). +- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes). +- commit 80742b5 + +- blacklist.conf: and unwanted md patches +- commit 96bda12 + +- scsi: stex: Properly zero out the passthrough command structure + (bsc#1203514 CVE-2022-40768). +- commit f2b2e4a + +- ALSA: hda: Fix position reporting on Poulsbo (git-fixes). +- ALSA: usb-audio: Fix potential memory leaks (git-fixes). +- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes). +- commit 6c7f2c9 + +- sbitmap: Avoid leaving waitqueue in invalid state in + __sbq_wake_up() (git-fixes). +- commit 3c6ffc4 + +- staging: vt6655: fix some erroneous memory clean-up loops + (git-fixes). +- virt: vbox: convert to use dev_groups (git-fixes). +- usb: mtu3: fix failed runtime suspend in host only mode + (git-fixes). +- Revert "usb: storage: Add quirk for Samsung Fit flash" + (git-fixes). +- usb: mon: make mmapped memory read only (git-fixes). +- xhci: Don't show warning for reinit on known broken suspend + (git-fixes). +- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes). +- commit 4feb234 + +- usb: gadget: function: fix dangling pnp_string in f_printer.c + (git-fixes). +- USB: serial: console: move mutex_unlock() before + usb_serial_put() (git-fixes). +- usb: common: debug: Check non-standard control requests + (git-fixes). +- tty: serial: fsl_lpuart: disable dma rx/tx use flags in + lpuart_dma_shutdown (git-fixes). +- tty: xilinx_uartps: Fix the ignore_status (git-fixes). +- uas: ignore UAS for Thinkplus chips (git-fixes). +- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes). +- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes). +- thunderbolt: Explicitly reset plug events delay back to USB4 + spec value (git-fixes). +- commit d8ee195 + +- soc: sunxi_sram: Make use of the helper function + devm_platform_ioremap_resource() (git-fixes). +- Refresh + patches.suse/soc-sunxi-sram-Prevent-the-driver-from-being-unbound.patch. +- commit a85e811 + +- spmi: pmic-arb: correct duplicate APID to PPID mapping logic + (git-fixes). +- spmi: pmic-arb: do not ack and clear peripheral interrupts in + cleanup_irq (git-fixes). +- slimbus: qcom-ngd: cleanup in probe error path (git-fixes). +- slimbus: qcom-ngd: use correct error in message of + pdr_add_lookup() failure (git-fixes). +- soc: qcom: smem_state: Add refcounting for the 'state->of_node' + (git-fixes). +- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() + (git-fixes). +- soc: sunxi: sram: Fix probe function ordering issues + (git-fixes). +- commit 3e1f43f + +- serial: 8250: Fix restoring termios speed after suspend + (git-fixes). +- drivers: serial: jsm: fix some leaks in probe (git-fixes). +- remoteproc: imx_rproc: Simplify some error message (git-fixes). +- sbitmap: fix possible io hung due to lost wakeup (git-fixes). +- platform/x86: msi-laptop: Fix resource cleanup (git-fixes). +- platform/x86: msi-laptop: Fix old-ec check for backlight + registering (git-fixes). +- commit a448666 + +- misc: ocxl: fix possible refcount leak in afu_ioctl() + (git-fixes). +- phy: qualcomm: call clk_disable_unprepare in the error handling + (git-fixes). +- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference + returned by of_get_parent() (git-fixes). +- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes). +- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() + (git-fixes). +- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes). +- mtd: rawnand: intel: Don't re-define NAND_DATA_IFACE_CHECK_ONLY + (git-fixes). +- mtd: rawnand: intel: Remove undocumented compatible string + (git-fixes). +- mtd: rawnand: intel: Read the chip-select line from the correct + OF node (git-fixes). +- mtd: devices: docg3: check the return value of devm_ioremap() + in the probe (git-fixes). +- platform/x86: asus-wmi: Document the panel_od sysfs attribute + (git-fixes). +- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute + (git-fixes). +- platform/x86: asus-wmi: Document the dgpu_disable sysfs + attribute (git-fixes). +- platform/chrome: cros_ec_typec: Correct alt mode index + (git-fixes). +- platform/chrome: fix memory corruption in ioctl (git-fixes). +- platform/chrome: fix double-free in chromeos_laptop_prepare() + (git-fixes). +- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT + failure (git-fixes). +- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() + (git-fixes). +- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() + (git-fixes). +- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 + (git-fixes). +- commit b26b1a7 + +- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg + (git-fixes). +- mailbox: mpfs: account for mbox offsets while sending + (git-fixes). +- mailbox: mpfs: fix handling of the reg property (git-fixes). +- mfd: sm501: Add check for platform_driver_register() + (git-fixes). +- mfd: fsl-imx25: Fix check for platform_get_irq() errors + (git-fixes). +- mfd: lp8788: Fix an error handling path in lp8788_irq_init() + and lp8788_irq_init() (git-fixes). +- mfd: lp8788: Fix an error handling path in lp8788_probe() + (git-fixes). +- mfd: fsl-imx25: Fix an error handling path in + mx25_tsadc_setup_irq() (git-fixes). +- mfd: intel_soc_pmic: Fix an error handling path in + intel_soc_pmic_i2c_probe() (git-fixes). +- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init + (git-fixes). +- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes). +- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes). +- media: meson: vdec: add missing clk_disable_unprepare on error + in vdec_hevc_start() (git-fixes). +- media: cedrus: Fix endless loop in cedrus_h265_skip_bits() + (git-fixes). +- media: cedrus: Set the platform driver data earlier (git-fixes). +- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() + (git-fixes). +- memory: of: Fix refcount leak bug in of_get_ddr_timings() + (git-fixes). +- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() + (git-fixes). +- media: v4l2-compat-ioctl32.c: zero buffer passed to + v4l2_compat_get_array_args() (git-fixes). +- commit f4e8a30 + +- iio: adc: ad7923: fix channel readings for some variants + (git-fixes). +- iio: ltc2497: Fix reading conversion results (git-fixes). +- iio: dac: ad5593r: Fix i2c read protocol requirements + (git-fixes). +- iio: magnetometer: yas530: Change data type of hard_offsets + to signed (git-fixes). +- iio: ABI: Fix wrong format of differential capacitance channel + ABI (git-fixes). +- iio: inkern: fix return value in + devm_of_iio_channel_get_by_name() (git-fixes). +- iio: inkern: only release the device node when done with it + (git-fixes). +- iio: adc: at91-sama5d2_adc: disable/prepare buffer on + suspend/resume (git-fixes). +- iio: adc: at91-sama5d2_adc: lock around oversampling and sample + freq (git-fixes). +- iio: adc: at91-sama5d2_adc: check return status for pressure + and touch (git-fixes). +- commit b02859c + +- firmware: google: Test spinlock on panic path to avoid lockups + (git-fixes). +- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX + (git-fixes). +- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() + (git-fixes). +- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells + property (git-fixes). +- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property + (git-fixes). +- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value + (git-fixes). +- dt-bindings: mtd: intel: lgm-nand: Fix compatible string + (git-fixes). +- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes). +- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes). +- HID: multitouch: Add memory barriers (git-fixes). +- hid: hid-logitech-hidpp: avoid unnecessary assignments in + hidpp_connect_event (git-fixes). +- drm/omap: dss: Fix refcount leak bugs (git-fixes). +- drm/msm/dp: correct 1.62G link rate at + dp_catalog_ctrl_config_msa() (git-fixes). +- drm/msm/dp: Silence inconsistent indent warning (git-fixes). +- drm/msm/dpu: Fix comment typo (git-fixes). +- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes). +- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table + (git-fixes). +- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table + (git-fixes). +- commit 71c6639 + +- drm/scheduler: quieten kernel-doc warnings (git-fixes). +- commit 95b96ec + +- drm/amdgpu: add missing pci_disable_device() in + amdgpu_pmops_runtime_resume() (git-fixes). +- drm/bridge: megachips: Fix a null pointer dereference bug + (git-fixes). +- drm: fix drm_mipi_dbi build errors (git-fixes). +- drm/msm: Make .remove and .shutdown HW shutdown consistent + (git-fixes). +- drm:pl111: Add of_node_put() when breaking out of + for_each_available_child_of_node() (git-fixes). +- drm/bridge: parade-ps8640: Fix regulator supply order + (git-fixes). +- drm/virtio: Unlock reservations on + virtio_gpu_object_shmem_init() error (git-fixes). +- drm/mipi-dsi: Detach devices when removing the host (git-fixes). +- commit f6c9019 + +- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration + (git-fixes). +- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes). +- dmaengine: ioat: stop mod_timer from resurrecting deleted + timer in __cleanup() (git-fixes). +- dmaengine: mxs: use platform_driver_register (git-fixes). +- dmaengine: hisilicon: Add multi-thread support for a DMA channel + (git-fixes). +- dmaengine: hisilicon: Fix CQ head update (git-fixes). +- dmaengine: hisilicon: Disable channels when unregister hisi_dma + (git-fixes). +- drm/bridge: Avoid uninitialized variable warning (git-fixes). +- drm/nouveau: fix a use-after-free in + nouveau_gem_prime_import_sg_table() (git-fixes). +- drm: bridge: adv7511: fix CEC power down control register offset + (git-fixes). +- commit 89292ab + +- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent + (git-fixes). +- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes). +- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD + (git-fixes). +- clk: imx: scu: fix memleak on platform_device_add() fails + (git-fixes). +- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical + (git-fixes). +- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying + num_parents (git-fixes). +- clk: ast2600: BCLK comes from EPLL (git-fixes). +- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent + (git-fixes). +- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe + (git-fixes). +- commit c248e05 + +- clk: tegra20: Fix refcount leak in tegra20_clock_init + (git-fixes). +- clk: tegra: Fix refcount leak in tegra114_clock_init + (git-fixes). +- clk: tegra: Fix refcount leak in tegra210_clock_init + (git-fixes). +- clk: sprd: Hold reference returned by of_get_parent() + (git-fixes). +- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes). +- clk: qoriq: Hold reference returned by of_get_parent() + (git-fixes). +- clk: oxnas: Hold reference returned by of_get_parent() + (git-fixes). +- clk: meson: Hold reference returned by of_get_parent() + (git-fixes). +- ata: fix ata_id_has_dipm() (git-fixes). +- ata: fix ata_id_has_ncq_autosense() (git-fixes). +- ata: fix ata_id_has_devslp() (git-fixes). +- ata: fix ata_id_sense_reporting_enabled() and + ata_id_has_sense_reporting() (git-fixes). +- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe + (git-fixes). +- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe + (git-fixes). +- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe + (git-fixes). +- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe + (git-fixes). +- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes). +- ASoC: da7219: Fix an error handling path in + da7219_register_dai_clks() (git-fixes). +- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx + API (git-fixes). +- ASoC: wm_adsp: Handle optional legacy support (git-fixes). +- commit 8f6277f + +- Move upstreamed DRM, NVMe and sound patches into sorted section +- commit 48ff6f0 + +- arm64: ftrace: fix module PLTs with mcount (git-fixes). +- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes). +- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen + (git-fixes). +- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family + (git-fixes). +- ARM: dts: turris-omnia: Add label for wan port (git-fixes). +- ARM: dts: armada-38x: Add gpio-ranges for pin muxing + (git-fixes). +- ARM: dts: kirkwood: lsxl: remove first ethernet port + (git-fixes). +- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes). +- ARM: dts: turris-omnia: Fix mpp26 pin name and comment + (git-fixes). +- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes). +- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes). +- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus + (git-fixes). +- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes). +- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes). +- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes). +- ARM: defconfig: clean up multi_v4t and multi_v5 configs + (git-fixes). +- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes). +- ASoC: tas2764: Fix mute/unmute (git-fixes). +- ASoC: tas2764: Drop conflicting set_bias_level power setting + (git-fixes). +- ASoC: tas2764: Allow mono streams (git-fixes). +- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes). +- ASoC: mt6359: fix tests for platform_get_irq() failure + (git-fixes). +- ALSA: hda/hdmi: Don't skip notification handling during PM + operation (git-fixes). +- ALSA: dmaengine: increment buffer pointer atomically + (git-fixes). +- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() + (git-fixes). +- ASoC: wcd934x: fix order of Slimbus unprepare/disable + (git-fixes). +- ASoC: wcd9335: fix order of Slimbus unprepare/disable + (git-fixes). +- ARM: dts: integrator: Tag PCI host with device_type (git-fixes). +- commit 5a02ba2 + +- i40e: Fix dropped jumbo frames statistics (git-fixes). +- commit b407b7d + +- net: bonding: fix use-after-free after 802.3ad slave unbind + (git-fixes). +- commit 05b9579 + +- net: bonding: fix possible NULL deref in rlb code (git-fixes). +- commit 8542934 + +- net: dp83822: disable rx error interrupt (git-fixes). +- commit f74888c + +- net: dp83822: disable false carrier interrupt (git-fixes). +- commit ba1cc16 + +- net: dsa: bcm_sf2: force pause link settings (git-fixes). +- commit 5258d4a + +- net/dsa/hirschmann: Add missing of_node_get() in + hellcreek_led_setup() (git-fixes). +- commit 29e4721 + +- ice: Fix switchdev rules book keeping (git-fixes). +- commit 5c21799 + +- igb: Make DMA faster when CPU is active on the PCIe link + (git-fixes). +- commit db90cd9 + +- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers + (git-fixes). +- commit da7ba2e + +- igb: fix a use-after-free issue in igb_clean_tx_ring + (git-fixes). +- commit 12acd2f + +- net: bgmac: Fix an erroneous kfree() in bgmac_remove() + (git-fixes). +- commit 547f6a9 + +- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes). +- commit f2c7808 + +- net: hns3: don't push link state to VF if unalive (git-fixes). +- commit 7f6680c + +- net: hns3: set port base vlan tbl_sta to false before removing + old vlan (git-fixes). +- commit 8c8d58b + +- i40e: Fix call trace in setup_tx_descriptors (git-fixes). +- commit 7d70f11 + +- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes). +- commit 6a72a8e + +- ixgbe: fix bcast packets Rx on VF after promisc removal + (git-fixes). +- commit ddb5b75 + +- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling + an_complete (git-fixes). +- commit b8286fc + +- net: altera: Fix refcount leak in altera_tse_mdio_create + (git-fixes). +- commit e80ff1b + +- net/mlx4_en: Fix wrong return value on ioctl EEPROM query + failure (git-fixes). +- commit a76859c + +- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list + (git-fixes). +- commit 04259d9 + +- stmmac: intel: Fix an error handling path in + intel_eth_pci_probe() (git-fixes). +- commit fed21d9 + +- net: ethernet: bgmac: Fix refcount leak in + bcma_mdio_mii_register (git-fixes). +- commit 2227ee5 + +- net: bgmac: support MDIO described in DT (git-fixes). +- commit bf1f5f9 + +- mm/migrate.c: remove MIGRATE_PFN_LOCKED (jsc#PED-1294). +- commit 53d0a98 + +- mm: refactor the ZONE_DEVICE handling in migrate_vma_pages + (jsc#PED-1294). +- commit 5ff0982 + +- mm: refactor the ZONE_DEVICE handling in migrate_vma_insert_page + (jsc#PED-1294). +- commit c27db83 + +- mm: refactor check_and_migrate_movable_pages (jsc#PED-1294). +- commit a588dc0 + +- mm: generalize the pgmap based page_free infrastructure + (jsc#PED-1294). +- commit 2037cd5 + +- fsdax: depend on ZONE_DEVICE || FS_DAX_LIMITED (jsc#PED-1294). +- commit 00cc65d + +- mm: remove the extra ZONE_DEVICE struct page refcount + (jsc#PED-1294). +- commit 0cba7f0 + +- memremap: remove support for external pgmap refcounts + (jsc#PED-1294). +- commit 2a29910 + +- nvdimm/pmem: stop using q_usage_count as external pgmap refcount + (jsc#PED-1294). +- commit fa7e3a6 + +- mm/memremap: add ZONE_DEVICE support for compound pages + (jsc#PED-1294). +- commit fabe0fa + +- mm/page_alloc: refactor memmap_init_zone_device() page init + (jsc#PED-1294). +- commit f04239b + +- mm/page_alloc: split prep_compound_page into head and tail + subparts (jsc#PED-1294). +- commit a82c6bd + +- drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472) + Backporting notes: + * context changes +- commit 0261ec2 + +- drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472) + Backporting notes: + * remove changes to non-existing 201 and 31 directories +- commit e6a9bdd + +- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472) + Backporting notes: + * replace IP_VERSION() with CHIP_ constants +- commit d27747b + +- blacklist.conf: Append 'drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled' +- commit e1d0d55 + +- blacklist.conf: Append 'drm/amd/display: Fix wrong format specifier in amdgpu_dm.c' +- commit debed4c + +- blacklist.conf: Append 'drm/amdgpu: Fix resource leak on probe error path' +- commit 116f3cc + +- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472) + Backporting notes: + * also fix default branch +- commit 0bf8eb3 + +- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489) + Backporting notes: + * update additional patch on top +- commit 1550ef2 + +- Update + patches.suse/ACPI-processor-idle-Practically-limit-Dummy-wait-wor.patch + (bsc#1203767,bsc#1203802). +- commit c6ebacb + +- Update + patches.suse/x86-cpu-Add-new-Alderlake-and-Raptorlake-CPU-model-n.patch + (jsc#PED-743 jsc#PED-740). + Add a reference. +- commit 1883c41 + +- mm: don't include in + (jsc#PED-1294). +- commit b73066e + +- mm: simplify freeing of devmap managed pages (jsc#PED-1294). +- commit e54adcf + +- mm: move free_devmap_managed_page to memremap.c (jsc#PED-1294). +- commit e5afda3 + +- nvme: ensure subsystem reset is single threaded (bsc#1203290 + CVE-2022-3169). +- commit f73d666 + +- mm: remove pointless includes from (jsc#PED-1294). +- commit 5917f7a + +- mm: remove the __KERNEL__ guard from + (jsc#PED-1294). +- commit 1864b4d + +- mm: remove a pointless CONFIG_ZONE_DEVICE check in + memremap_pages (jsc#PED-1294). +- commit b4b9519 + +- nvme: restrict management ioctls to admin (bsc#1203290 + CVE-2022-3169). +- commit c28a770 + +- net/mlx5e: Update netdev features after changing XDP state + (git-fixes). +- commit 5d7478c + +- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race + condition (git-fixes). +- commit 92e1426 + +- hinic: Avoid some over memory allocation (git-fixes). +- commit 41f381d + +- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc() + (git-fixes). +- commit b92d6d0 + +- net: chelsio: cxgb4: Avoid potential negative array offset + (git-fixes). +- commit 4cc759d + +- net/mlx5e: TC, fix decap fallback to uplink when int port not + supported (git-fixes). +- commit 35c9b8d + +- net: dsa: ksz9477: port mirror sniffing limited to one port + (git-fixes). +- commit 9996ff6 + +- nvme: don't print verbose errors for internal passthrough + requests (bsc#1202187). +- commit eaa4989 + +- blacklist.conf: update the list +- commit 78eff9b + +- s390/smp: enforce lowcore protection on CPU restart (git-fixes). +- KVM: s390: pv: don't present the ecall interrupt twice + (bsc#1203229 LTC#199905). +- commit aed7a32 + +- x86: Expose init_freq_invariance() to topology header + (jsc#PED-1408). +- commit c0d8e97 + +- ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init() + (jsc#PED-1408). +- ACPI, APEI: Use the correct variable for sizeof() + (jsc#PED-1408). +- ACPI: tables: Make LAPIC_ADDR_OVR address readable in message + (jsc#PED-1408). +- ACPI: IPMI: replace usage of found with dedicated list iterator + variable (jsc#PED-1408). +- ACPI: CPPC: Change default error code and clean up debug + messages in probe (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. + patches.suse/ACPI-CPPC-Do-not-prevent-CPPC-from-working-in-the-fu.patch. +- ACPI / x86: Add support for LPS0 callback handler + (jsc#PED-1408). +- Input: soc_button_array - add support for Microsoft Surface 3 + (MSHW0028) buttons (jsc#PED-1408). +- PM: hibernate: Honour ACPI hardware signature by default for + virtual guests (jsc#PED-1408). +- ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and + Reset device (jsc#PED-1408). + Update config files. +- ACPI: APEI: rename ghes_init() with an "acpi_" prefix + (jsc#PED-1408). + Refresh patches.suse/ACPI-VIOT-Fix-ACS-setup.patch. +- ACPI: LPSS: Provide an SSP type to the driver (jsc#PED-1408). +- ACPI: LPSS: Constify properties member in struct + lpss_device_desc (jsc#PED-1408). +- ACPI: platform: Constify properties parameter in + acpi_create_platform_device() (jsc#PED-1408). +- ACPI: fan: Add additional attributes for fine grain control + (jsc#PED-1408). +- ACPI: fan: Properly handle fine grain control (jsc#PED-1408). +- ACPI: fan: Optimize struct acpi_fan_fif (jsc#PED-1408). +- ACPI: fan: Separate file for attributes creation (jsc#PED-1408). +- ACPI: fan: Fix error reporting to user space (jsc#PED-1408). +- x86, ACPI: rename init_freq_invariance_cppc() to + arch_init_invariance_cppc() (jsc#PED-1408). +- ACPI: EC: Rearrange code in acpi_ec_submit_event() + (jsc#PED-1408). +- ACPI: EC: Reduce indentation level in acpi_ec_submit_event() + (jsc#PED-1408). +- ACPI: EC: Do not return result from advance_transaction() + (jsc#PED-1408). +- x86/ACPI: CPPC: Move init_freq_invariance_cppc() into x86 CPPC + (jsc#PED-1408). +- x86/ACPI: CPPC: Move AMD maximum frequency ratio setting + function into x86 CPPC (jsc#PED-1408). +- x86/ACPI: CPPC: Rename cppc_msr.c to cppc.c (jsc#PED-1408). +- ACPI / x86: Add skip i2c clients quirk for Lenovo Yoga Tablet + 1050F/L (jsc#PED-1408). +- ACPI / x86: Add skip i2c clients quirk for Nextbook Ares 8 + (jsc#PED-1408). +- ACPI: clean up double words in two comments (jsc#PED-1408). +- ACPI: property: Get rid of redundant 'else' (jsc#PED-1408). +- ACPI: EC / PM: Print additional debug message in + acpi_ec_dispatch_gpe() (jsc#PED-1408). +- ACPI: PM: Print additional debug message in acpi_s2idle_wake() + (jsc#PED-1408). +- ACPI: tables: Add AGDI to the list of known table signatures + (jsc#PED-1408). +- ACPI: tables: Add CEDT signature to the list of known tables + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_bus_for_each_dev() (jsc#PED-1408). +- ACPI: OSL: Fix and clean up acpi_os_read/write_port() + (jsc#PED-1408). +- ACPICA: Use uintptr_t and offsetof() in Linux kernel builds + (jsc#PED-1408). +- ACPI: scan: Use ida_alloc() instead of ida_simple_get() + (jsc#PED-1408). +- commit 2486d41 + +- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment. +- commit 20a025b + +- Clean up kernel-config settings via run_oldconfig.sh + Invoke run_oldconfig.sh to clean the kernel-config settings from + unset symbols. Otherwise these settings interfere with actual config + changes. +- commit 8a799ae + +- blacklist.conf: not relevant in our configurations +- commit 586058b + +- media: imx-jpeg: Disable slot interrupt when frame done + (git-fixes). +- commit 36d622f + +- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes). +- commit e2ddfcf + +- media: imx-jpeg: Fix potential array out of bounds in + queue_setup (git-fixes). +- commit 8041860 + +- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes). +- commit d514aa5 + +- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969). +- commit c020446 + +- media: imx-jpeg: Leave a blank space before the configuration + data (git-fixes). +- commit a2d45c7 + +- blacklist.conf: Append 'sysfb: Enable boot time VESA graphic mode selection' +- commit b93ba64 + +- media: imx-jpeg: Correct some definition according specification + (git-fixes). +- commit bdf4126 + +- blacklist.conf: not relevant in our configurations +- commit 8171bfe + +- media: vsp1: Fix offset calculation for plane cropping. +- commit dc309b5 + +- media: exynos4-is: Change clk_disable to clk_disable_unprepare + (git-fixes). +- commit 332ca3f + +- media: st-delta: Fix PM disable depth imbalance in delta_probe + (git-fixes). +- commit 30518b0 + +- media: exynos4-is: Fix PM disable depth imbalance in + fimc_is_probe (git-fixes). +- commit f62e31e + +- media: aspeed: Fix an error handling path in + aspeed_video_probe() (git-fixes). +- commit c014d5c + +- media: coda: Add more H264 levels for CODA960 (git-fixes). +- commit 75d6462 + +- media: coda: Fix reported H264 profile (git-fixes). +- commit 1533555 + +- Revert "constraints: increase disk space for all architectures" + (bsc#1203693). + This reverts commit 43a9011f904bc7328d38dc340f5e71aecb6b19ca. +- commit 3d33373 + +- blacklist.conf: Append 'fbdev: Hot-unplug firmware fb devices on forced removal' +- commit 0b6410b + +- blacklist.conf: Append 'Revert "fbdev: fbmem: add a helper to determine if an aperture is used by a fw fb"' +- commit b1ae504 + +- spi: s3c64xx: Fix large transfers with DMA (git-fixes). +- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes). +- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes). +- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM + (git-fixes). +- wifi: ath11k: fix number of VHT beamformee spatial streams + (git-fixes). +- wifi: mt76: mt7915: do not check state before configuring + implicit beamform (git-fixes). +- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in + mt7615_sta_set_decap_offload (git-fixes). +- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes). +- wifi: rtl8xxxu: Remove copy-paste leftover in + gen2_update_rate_mask (git-fixes). +- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration + (git-fixes). +- wifi: rtl8xxxu: Fix skb misuse in TX queue selection + (git-fixes). +- wifi: rtw88: add missing destroy_workqueue() on error path in + rtw_core_init() (git-fixes). +- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() + (git-fixes). +- wifi: ath10k: add peer map clean up for peer delete in + ath10k_sta_state() (git-fixes). +- wifi: mac80211: allow bw change during channel switch in mesh + (git-fixes). +- wifi: rtlwifi: 8192de: correct checking of IQK reload + (git-fixes). +- commit 3bb5d97 + +- spi/omap100k:Fix PM disable depth imbalance in + omap1_spi100k_probe (git-fixes). +- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe + (git-fixes). +- spi: meson-spicc: do not rely on busy flag in pow2 clk ops + (git-fixes). +- spi: qup: add missing clk_disable_unprepare on error in + spi_qup_pm_resume_runtime() (git-fixes). +- spi: qup: add missing clk_disable_unprepare on error in + spi_qup_resume() (git-fixes). +- spi: mt7621: Fix an error message in mt7621_spi_probe() + (git-fixes). +- regulator: qcom_rpm: Fix circular deferral regression + (git-fixes). +- net: wwan: iosm: Call mutex_init before locking it (git-fixes). +- mwifiex: fix sleep in atomic context bugs caused by + dev_coredumpv (git-fixes). +- net: thunderbolt: Enable DMA paths only after rings are enabled + (git-fixes). +- commit e714654 + +- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase + mp2888 controller (git-fixes). +- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API + (git-fixes). +- i2c: mlxbf: support lock mechanism (git-fixes). +- mISDN: fix use-after-free bugs in l1oip timer handlers + (git-fixes). +- eth: alx: take rtnl_lock on resume (git-fixes). +- Bluetooth: hci_core: Fix not handling link timeouts propertly + (git-fixes). +- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() + failure (git-fixes). +- Bluetooth: btusb: mediatek: fix WMT failure during runtime + suspend (git-fixes). +- can: rx-offload: can_rx_offload_init_queue(): fix typo + (git-fixes). +- commit ac7ee01 + +- blacklist.conf: df5b035b5683 x86/cacheinfo: Add a cpu_llc_shared_mask() UP variant +- commit bc73e4e + +- blacklist.conf: 00da0cb385d0 Documentation/ABI: Mention retbleed vulnerability info file for sysfs +- commit 4726e8f + +- Drop the ACPI patch temporarily as it causes a regression (bsc#1203794) + Delete patches.suse/ACPI-resource-skip-IRQ-override-on-AMD-Zen-platforms.patch +- commit 8842ef4 + +- fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472) +- commit 7656242 + +- parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489) +- commit dee3343 + +- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489) +- commit daa8575 + +- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489) +- commit f86cf76 + +- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472) + Backporting changes: + * context fixes in other patch + * update config +- commit 68203bf + +- parisc/sticon: fix reverse colors (bsc#1152489) +- commit f94c66b + +- char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops + (CVE-2022-41848 bsc#1203987). +- commit a144c48 + +- fbdev: smscufx: Fix use-after-free in ufx_ops_open() + (CVE-2022-41849 bsc#1203992). +- commit db3bfe7 + +- net: mana: Add rmb after checking owner bits (git-fixes). +- commit 85bfc78 + +- Makefile.debug: re-enable debug info for .S files (git-fixes). +- commit 50458f2 + +- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL + (bsc#1194869). +- commit 48283d1 + +- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() + (git-fixes). +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch. +- commit 0719451 + +- usb: typec: ucsi: Remove incorrect warning (git-fixes). +- media: rkvdec: Disable H.264 error detection (git-fixes). +- media: dvb_vb2: fix possible out of bound access (git-fixes). +- ASoC: cs42l42: Only report button state if there was a button + interrupt (git-fixes). +- commit 06be809 + +- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529). +- commit 209f0a1 + +- Add cherry-picked commit id for an AMDGPU patch (git-fixes) +- commit 505fbbc + +- usb: dwc3: gadget: Refactor pullup() (git-fixes). +- commit f481a77 + +- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind + (git-fixes). +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Prevent-repeat-pullup.patch. +- commit 6d90a05 + +- wifi: mac80211: fix regression with non-QoS drivers (git-fixes). +- selftests: Fix the if conditions of in test_extra_filter() + (git-fixes). +- net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume() + (git-fixes). +- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes). +- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes). +- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes). +- soc: sunxi: sram: Prevent the driver from being unbound + (git-fixes). +- soc: sunxi: sram: Actually claim SRAM regions (git-fixes). +- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx + accounting (git-fixes). +- serial: tegra: Use uart_xmit_advance(), fixes icount.tx + accounting (git-fixes). +- serial: Create uart_xmit_advance() (git-fixes). +- USB: serial: option: add Quectel RM520N (git-fixes). +- USB: serial: option: add Quectel BG95 0x0203 composition + (git-fixes). +- thunderbolt: Add support for Intel Maple Ridge single port + controller (git-fixes). +- Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes). +- usb: add quirks for Lenovo OneLink+ Dock (git-fixes). +- commit ce89825 + +- gpio: mvebu: Fix check for pwm support on non-A8K platforms + (git-fixes). +- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address + (git-fixes). +- Input: iqs62x-keys - drop unused device node references + (git-fixes). +- Input: melfas_mip4 - fix return value check in mip4_probe() + (git-fixes). +- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 + (git-fixes). +- mmc: hsq: Fix data stomping during mmc recovery (git-fixes). +- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width + (git-fixes). +- commit 02160f0 + +- drm/i915/gt: Restrict forced preemption to the active context + (git-fixes). +- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare + in suspend/resume time" (git-fixes). +- drm/bridge: lt8912b: fix corrupted image output (git-fixes). +- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes). +- drm/bridge: lt8912b: add vsync hsync (git-fixes). +- Revert "firmware: arm_scmi: Add clock management to the SCMI + power domain" (git-fixes). +- drm/amdgpu: don't register a dirty callback for non-atomic + (git-fixes). +- firmware: arm_scmi: Fix the asynchronous reset requests + (git-fixes). +- firmware: arm_scmi: Harden accesses to the reset domains + (git-fixes). +- commit 509f7ae + +- clk: iproc: Do not rely on node name for correct PLL setup + (git-fixes). +- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI + clocks (git-fixes). +- clk: ingenic-tcu: Properly enable registers before accessing + timers (git-fixes). +- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes). +- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes). +- ASoC: tas2770: Reinit regcache on reset (git-fixes). +- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes). +- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid + (git-fixes). +- drm/gma500: Fix BUG: sleeping function called from invalid + context errors (git-fixes). +- drm/amdgpu: make sure to init common IP before gmc (git-fixes). +- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline + for stack usage (git-fixes). +- drm/amd/display: Reduce number of arguments of dml31's + CalculateFlipSchedule() (git-fixes). +- drm/amd/display: Reduce number of arguments of dml31's + CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes). +- drm/amd/display: Limit user regamma to a valid value + (git-fixes). +- drm/amdgpu: use dirty framebuffer helper (git-fixes). +- drm/amd/pm: disable BACO entry/exit completely on several + sienna cichlid cards (git-fixes). +- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV + (git-fixes). +- drm/amdgpu: Separate vf2pf work item init from virt data + exchange (git-fixes). +- commit 931f4f4 + +- Add blacklist and alt-commit for ASoC cs35l41 patches (bsc#1203699) +- commit b1bfeae + +- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529). +- commit 6f3c833 + +- scsi: smartpqi: Add module param to disable managed ints + (bsc#1203893). +- commit e1af9a1 + +- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939). +- scsi: lpfc: Fix various issues reported by tools (bsc#1203939). +- scsi: lpfc: Add reporting capability for Link Degrade Signaling + (bsc#1203939). +- scsi: lpfc: Rework FDMI attribute registration for unintential + padding (bsc#1203939). +- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and + consistency (bsc#1203939). +- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd + (bsc#1203939). +- scsi: lpfc: Update congestion mode logging for Emulex SAN + Manager application (bsc#1203939). +- scsi: lpfc: Move scsi_host_template outside dynamically + allocated/freed phba (bsc#1185032 bsc#1203939). + Dropped: + patches.suse/lpfc-decouple-port_template-and-vport_template.patch +- scsi: lpfc: Fix multiple NVMe remoteport registration calls + for the same NPort ID (bsc#1203939). +- scsi: lpfc: Add missing free iocb and nlp kref put for early + return VMID cases (bsc#1203939). +- scsi: lpfc: Fix mbuf pool resource detected as busy at driver + unload (bsc#1203939). +- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology + (bsc#1203939). +- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling + (bsc#1203939). +- scsi: lpfc: Remove unneeded result variable (bsc#1203939). +- scsi: lpfc: Remove the unneeded result variable (bsc#1203939). +- commit 23fee86 + +- supported.conf: mark spi-pxa2xx-platform as supported (bsc#1203699) + It's required for the sound on recent Intel machines +- commit d17d5e0 + +- scsi: lpfc: Add missing destroy_workqueue() in error path + (bsc#1203939). +- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of + DID_REQUEUE (bsc#1203939). +- commit 495ecbc + +- wifi: cfg80211: ensure length byte is present before access + (CVE-2022-41674 bsc#1203770). +- wifi: cfg80211/mac80211: reject bad MBSSID elements + (CVE-2022-41674 bsc#1203770). +- wifi: cfg80211: fix u8 overflow in + cfg80211_update_notlisted_nontrans() (CVE-2022-41674 + bsc#1203770). +- commit 79b409a + +- scsi: qla2xxx: Remove unused declarations for qla2xxx + (bsc#1203935). +- scsi: qla2xxx: Fix spelling mistake "definiton" -> "definition" + (bsc#1203935). +- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935). +- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935). +- scsi: qla2xxx: Define static symbols (bsc#1203935). +- scsi: qla2xxx: Enhance driver tracing with separate tunable + and more (bsc#1203935). +- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image + Status (bsc#1203935). +- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935). +- scsi: qla2xxx: Fix response queue handler reading stale packets + (bsc#1203935). +- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue + handler reading stale packets" (bsc#1203935). +- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as + informational (bsc#1203935). +- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935). +- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from + qlt_stop_phase1() (bsc#1203935). +- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935). +- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935). +- commit 76fee71 + +- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() + (bsc#1203935). +- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port + ISP27XX (bsc#1203935). +- commit df43957 + +- mm: rename is_pinnable_page() to is_longterm_pinnable_page() + (jsc#PED-1294). +- commit 8c9ae5e + +- mm: fix is_pinnable_page against a cma page (jsc#PED-1294). +- commit e5e0125 + +- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() + (bsc#1196869). +- commit 421a33e + +- ALSA: hda/realtek: More robust component matching for CS35L41 + (bsc#1203699). +- commit 13ee63f + +- kABI: fix adding another field to scsi_device (bsc#1203039). +- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD + (bsc#1203039). +- Refresh + patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch. +- Refresh patches.kabi/kABI-fix-adding-field-to-scsi_device.patch. +- commit 38a6998 + +- mm: Fix PASID use-after-free issue (bsc#1203908). +- commit e2ea645 + +- cgroup: cgroup_get_from_id() must check the looked-up kn is + a directory (bsc#1203906). +- commit 2c277d7 + +- spi: propagate error code to the caller of + acpi_spi_device_alloc() (bsc#1203699). +- spi: Return deferred probe error when controller isn't yet + available (bsc#1203699). +- commit 719f957 + +- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock + (bsc#1196869). +- commit 20ffc1f + +- kABI workaround for spi changes (bsc#1203699). +- commit 57d4f4f + +- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902). +- commit ec3105d + +- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model + (bsc#1203699). +- commit 274acc0 + +- cs-dsp and serial-multi-instantiate enablement (bsc#1203699) +- Update config files +- Update supported.conf +- commit 6b0538d + +- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop + (bsc#1203699). +- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699). +- ACPI / scan: Create platform device for CS35L41 (bsc#1203699). +- platform/x86: serial-multi-instantiate: Add SPI support + (bsc#1203699). +- platform/x86: serial-multi-instantiate: Reorganize I2C functions + (bsc#1203699). +- platform/x86: i2c-multi-instantiate: Rename it for a generic + serial driver name (bsc#1203699). +- spi: Add API to count spi acpi resources (bsc#1203699). +- spi: Support selection of the index of the ACPI Spi Resource + before alloc (bsc#1203699). +- spi: Create helper API to lookup ACPI info for spi device + (bsc#1203699). +- i2c: acpi: Add an i2c_acpi_client_count() helper function + (bsc#1203699). +- commit 66cfc1c + +- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699). +- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7 + (bsc#1203699). +- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD + Properties (bsc#1203699). +- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41 + (bsc#1203699). +- ASoC: cs35l41: Read System Name from ACPI _SUB to identify + firmware (bsc#1203699). +- commit 3025b3b + +- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- commit d934822 + +- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699). +- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define + (bsc#1203699). +- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops + (bsc#1203699). +- commit 6e401a7 + +- Revert "ALSA: hda: cs35l41: Allow compilation test on non-ACPI + configurations" (bsc#1203699). +- ALSA: hda: cs35l41: Add module parameter to control firmware + load (bsc#1203699). +- ALSA: hda: cs35l41: Support Firmware switching and reloading + (bsc#1203699). +- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config + sequence (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699). +- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI + variables (bsc#1203699). +- ALSA: hda: cs35l41: Support Hibernation during Suspend + (bsc#1203699). +- commit 8707600 + +- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID + (bsc#1203699). +- ASoC: cs35l41: Do not print error when waking from hibernation + (bsc#1203699). +- ASoC: cs35l41: Add common cs35l41 enter hibernate function + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared + code (bsc#1203699). +- ALSA: hda: cs35l41: Support Speaker ID for laptops + (bsc#1203699). +- ALSA: hda: cs35l41: Support multiple load paths for firmware + (bsc#1203699). +- ALSA: hda: cs35l41: Support reading subsystem id from ACPI + (bsc#1203699). +- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver + (bsc#1203699). +- ALSA: hda: cs35l41: Add initial DSP support and firmware loading + (bsc#1203699). +- ALSA: hda: cs35l41: Save codec object inside component struct + (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls + directly (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA + controls (bsc#1203699). +- ALSA: hda: cs35l41: Consolidate selections under + SND_HDA_SCODEC_CS35L41 (bsc#1203699). +- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699). +- ALSA: hda: cs35l41: Allow compilation test on non-ACPI + configurations (bsc#1203699). +- ALSA: hda: cs35l41: Don't dereference fwnode handle + (bsc#1203699). +- ALSA: hda: cs35l41: Improve dev_err_probe() messaging + (bsc#1203699). +- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate + reference (bsc#1203699). +- commit 0179f7c + +- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to + static (bsc#1203699). +- ASoC: cs35l41: Add ASP TX3/4 source to register patch + (bsc#1203699). +- ASoC: cs35l41: Correct some control names (bsc#1203699). +- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver + (bsc#1203699). +- commit f2b0e66 + +- ASoC: cs35l41: Fix an out-of-bounds access in + otp_packed_element_t (bsc#1203699). +- ASoC: cs35l41: Add one more variable in the debug log + (bsc#1203699). +- commit a26b9a2 + +- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP + Laptops (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch. +- commit 342e19c + +- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41 + s-codec (bsc#1203699). +- commit 0fd2db1 + +- ALSA: hda: cs35l41: Add Amp Name based on channel and index + (bsc#1203699). +- ASoC: cs35l41: Move cs_dsp config struct into shared code + (bsc#1203699). +- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic + boost on EliteBook 845/865 G9 (bsc#1203699). +- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN + (bsc#1203699). +- ASoC: cs35l41: Add one more variable in the debug log + (bsc#1203699). +- commit 4800a47 + +- ASoC: cs35l41: Move cs35l41 fs errata into shared code + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code + (bsc#1203699). +- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops + (bsc#1203699). +- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699). +- ALSA: hda: cs35l41: Remove Set Channel Map api from binding + (bsc#1203699). +- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop + (bsc#1203699). +- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name + (bsc#1203699). +- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock + (bsc#1203699). +- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg + (bsc#1203699). +- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699). +- commit 346d9b0 + +- ALSA: hda/cs8409: Support manual mode detection for CS42L42 + (bsc#1203699). +- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda + driver (bsc#1203699). +- ASoC: cs35l41: Support external boost (bsc#1203699). +- ALSA: hda: cs35l41: Move external boost handling to lib for + ASoC use (bsc#1203699). +- ALSA: hda: cs35l41: Handle all external boost setups the same + way (bsc#1203699). +- ALSA: hda: cs35l41: Reorganize log for playback actions + (bsc#1203699). +- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct + (bsc#1203699). +- ALSA: hda: cs35l41: Move boost config to initialization code + (bsc#1203699). +- ALSA: cs35l41: Enable Internal Boost in shared lib + (bsc#1203699). +- ALSA: hda: cs35l41: Mute the device before shutdown + (bsc#1203699). +- commit e34c590 + +- ASoC: cs42l42: Move CS42L42 register descriptions to general + include (bsc#1203699). +- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START + (bsc#1203699). +- ASoC: cs42l42: Handle system suspend (bsc#1203699). +- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ + handling (bsc#1203699). +- ASoC: cs42l42: Report full jack status when plug is detected + (bsc#1203699). +- ASoC: cs42l42: Report initial jack state (bsc#1203699). +- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699). +- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699). +- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG + masks (bsc#1203699). +- ASoC: cs42l42: Remove redundant writes to DETECT_MODE + (bsc#1203699). +- ASoC: cs42l42: Add control for audio slow-start switch + (bsc#1203699). +- ASoC: cs42l42: free_irq() before powering-down on probe() fail + (bsc#1203699). +- ASoC: cs42l42: Reset and power-down on remove() and failed + probe() (bsc#1203699). +- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler + (bsc#1203699). +- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume + callbacks (bsc#1203699). +- ASoC: cs42l42: Use two thresholds and increased wait time for + manual type detection (bsc#1203699). +- ASoC: cs42l42: Implement Manual Type detection as fallback + (bsc#1203699). +- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl + script (bsc#1203699). +- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts + (bsc#1203699). +- ASoC: cs42l42: Fix WARN in remove() if running without an + interrupt (bsc#1203699). +- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile + (bsc#1203699). +- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699). +- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable + (bsc#1203699). +- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699). +- ASoC: cs42l42: Don't claim to support 192k (bsc#1203699). +- ASoC: cs42l42: Don't reconfigure the PLL while it is running + (bsc#1203699). +- commit 866431d + +- ALSA: hda: cs35l41: Put the device into safe mode for external + boost (bsc#1203699). +- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699). +- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699). +- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699). +- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib + (bsc#1203699). +- ALSA: cs35l41: Check hw_config before using it (bsc#1203699). +- ALSA: cs35l41: Unify hardware configuration (bsc#1203699). +- commit ac37bc4 + +- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699). +- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg + (bsc#1203699). +- ALSA: hda/cs8409: Support new Warlock MLK Variants + (bsc#1203699). +- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants + (bsc#1203699). +- ALSA: hda/cs8409: Re-order quirk table into ascending order + (bsc#1203699). +- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration + (bsc#1203699). +- commit af84f1a + +- ALSA: hda/realtek: Add mute and micmut LED support for Zbook + Fury 17 G9 (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch. +- commit 7831f17 + +- ASoC: cs35l41: Remove unnecessary param (bsc#1203699). +- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699). +- commit 8ea9da8 + +- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L-024a7ad9eb4d.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L.patch. +- commit a813cc9 + +- ASoC: cs35l41: Fix DSP mbox start command and global enable + order (bsc#1203699). +- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699). +- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699). +- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void + (bsc#1203699). +- ALSA: hda: cs35l41: Tidyup code (bsc#1203699). +- ALSA: hda: cs35l41: Make use of the helper function + dev_err_probe() (bsc#1203699). +- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699). +- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol + namespace (bsc#1203699). +- ALSA: hda: cs35l41: Add calls to newly added test key function + (bsc#1203699). +- ALSA: hda: cs35l41: Avoid overwriting register patch + (bsc#1203699). +- ALSA: hda: cs35l41: fix double free on error in probe() + (bsc#1203699). +- commit 31fd8da + +- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699). +- firmware: cs_dsp: Add pre_stop callback (bsc#1203699). +- ASoC: wm_adsp: Minor clean and redundant code removal + (bsc#1203699). +- ASoC: wm_adsp: Fix event for preloader (bsc#1203699). +- ASoC: wm_adsp: Compressed stream DSP memory structs should be + __packed (bsc#1203699). +- firmware: cs_dsp: Fix overrun of unterminated control name + string (bsc#1203699). +- ASoC: wm_adsp: Expand firmware loading search options + (bsc#1203699). +- ASoC: wm_adsp: Add trace caps to speaker protection FW + (bsc#1203699). +- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699). +- ASoC: wm_adsp: Correct control read size when parsing compressed + buffer (bsc#1203699). +- ASoC: cs35l41: Add support for hibernate memory retention mode + (bsc#1203699). +- ASoC: cs35l41: Update handling of test key registers + (bsc#1203699). +- ASoC: wm_adsp: Add support for "toggle" preloaders + (bsc#1203699). +- firmware: cs_dsp: Clear core reset for cache (bsc#1203699). +- ASoC: cs35l41: Correct handling of some registers in the cache + (bsc#1203699). +- ASoC: cs35l41: Correct DSP power down (bsc#1203699). +- ASoC: cs35l41: Remove incorrect comment (bsc#1203699). +- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699). +- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses + (bsc#1203699). +- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699). +- firmware: cs_dsp: Move lockdep asserts to avoid potential null + pointer (bsc#1203699). +- firmware: cs_dsp: Allow creation of event controls + (bsc#1203699). +- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699). +- firmware: cs_dsp: Clarify some kernel doc comments + (bsc#1203699). +- firmware: cs_dsp: Perform NULL check in + cs_dsp_coeff_write/read_ctrl (bsc#1203699). +- firmware: cs_dsp: Add support for rev 2 coefficient files + (bsc#1203699). +- firmware: cs_dsp: Print messages from bin files (bsc#1203699). +- firmware: cs_dsp: Add pre_run callback (bsc#1203699). +- firmware: cs_dsp: Add version checks on coefficient loading + (bsc#1203699). +- firmware: cs_dsp: Add lockdep asserts to interface functions + (bsc#1203699). +- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h + (bsc#1203699). +- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol + 'ret' (bsc#1203699). +- commit 545439c + +- supported.conf: Add cs_dsp firmware module (bsc#1203699) +- commit af1ea30 + +- Update config files: enable CS35L41 support (bsc#1203699) +- commit 195ddb7 + +- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops + (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch. +- commit 0a4cbdb + +- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop + (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-ALC287-Add-Lenovo-IdeaPad-Slim-9i-14ITL5-sp.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Legion-Y9000X-2019.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch. +- commit b3dce35 + +- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems + (bsc#1203699). +- commit 39ffdf8 + +- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699). +- ASoC: cs35l41: Create shared function for boost configuration + (bsc#1203699). +- ASoC: cs35l41: Create shared function for setting channels + (bsc#1203699). +- ASoC: cs35l41: Create shared function for errata patches + (bsc#1203699). +- ASoC: cs35l41: Move power initializations to reg_sequence + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code + (bsc#1203699). +- ASoC: cs35l41: Convert tables to shared source code + (bsc#1203699). +- ASoC: cs35l41: Fix undefined reference to core functions + (bsc#1203699). +- ASoC: cs35l41: Fix link problem (bsc#1203699). +- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function + (bsc#1203699). +- ASoC: cs35l41: DSP Support (bsc#1203699). +- ASoC: dt-bindings: cs42l42: Convert binding to yaml + (bsc#1203699). +- ASoC: cs35l41: Set the max SPI speed for the whole device + (bsc#1203699). +- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699). +- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699). +- ASoC: wm_adsp: remove a repeated including (bsc#1203699). +- firmware: cs_dsp: add driver to support firmware loading on + Cirrus Logic DSPs (bsc#1203699). +- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops + (bsc#1203699). +- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp + (bsc#1203699). +- ASoC: wm_adsp: move firmware loading to client (bsc#1203699). +- ASoC: wm_adsp: Pass firmware names as parameters when starting + DSP core (bsc#1203699). +- ASoC: wm_adsp: Move check of dsp->running to better place + (bsc#1203699). +- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling + (bsc#1203699). +- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699). +- ASoC: wm_adsp: Split DSP power operations into helper functions + (bsc#1203699). +- ASoC: wm_adsp: Separate some ASoC and generic functions + (bsc#1203699). +- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699). +- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699). +- ASoC: wm_adsp: Cancel ongoing work when removing controls + (bsc#1203699). +- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed + buffers (bsc#1203699). +- ASoC: wm_adsp: Move check for control existence (bsc#1203699). +- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699). +- ASoC: cs35l41: Binding fixes (bsc#1203699). +- misc: cs35l41: Remove unused pdn variable (bsc#1203699). +- ASoC: cs35l41: Fix a bunch of trivial code formating/style + issues (bsc#1203699). +- ASoC: cs35l41: Fixup the error messages (bsc#1203699). +- ASoC: cs35l41: Don't overwrite returned error code + (bsc#1203699). +- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699). +- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot + (bsc#1203699). +- ASoC: cs35l41: Fix use of an uninitialised variable + (bsc#1203699). +- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699). +- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699). +- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699). +- commit 5d21207 + +- kABI: Add back removed struct paca member (bsc#1203664 + ltc#199236). +- Revert "powerpc/rtas: Implement reentrant rtas call" + (bsc#1203664 ltc#199236). +- commit 93ebb75 + +- blacklist.conf: add scsi commit that's too invasive +- commit ed3d357 + +- struct ehci_hcd: hide new element going into a hole (git-fixes). +- commit 859270b + +- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin + (git-fixes). +- commit 71e1e4f + +- xen/usb: don't use arbitrary_virt_to_machine() (git-fixes). +- commit 9497b70 + +- usb: host: xhci: fix a comment typo in xhci_mem_init() + (git-fixes). +- usb: host: xhci: use ffs() in xhci_mem_init() (git-fixes). +- commit f930b4a + +- usb: Drop commas after SoC match table sentinels (git-fixes). +- commit c8fc91a + +- struct xhci_hcd: restore member now dynamically allocated + (git-fixes). +- commit ac47acd + +- USB: core: Fix RST error in hub.c (git-fixes). +- commit 19a77db + +- Update config files. (jsc#PED-1763) +- supported.conf: +- commit 9894f49 + +- fuse: Remove the control interface for virtio-fs (bsc#1203798). +- commit a23dd0d + +- constraints: increase disk space for all architectures + References: bsc#1203693 + aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is + very close to the limit. +- commit 43a9011 + +- usb.h: struct usb_device: hide new member (git-fixes). +- commit fbd8f4a + +- USB: core: Prevent nested device-reset calls (git-fixes). +- commit 9ef8532 + +- usb: dwc3: disable USB core PHY management (git-fixes). +- commit 1a35727 + +- Update patch referecen for ALSA fix (CVE-2022-3303 bsc#1203769) +- commit 9addbc1 + +- ACPI: processor idle: Practically limit "Dummy wait" workaround + to old Intel systems (bsc#1203767). +- commit ec98644 + +- NFSv4.2: Update mode bits after ALLOCATE and DEALLOCATE + (git-fixes). +- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 + (git-fixes). +- md: call __md_stop_writes in md_stop (git-fixes). +- SUNRPC: RPC level errors should set task->tk_rpc_status + (git-fixes). +- NFSv4.2 fix problems with __nfs42_ssc_open (git-fixes). +- net/sunrpc: fix potential memory leaks in + rpc_sysfs_xprt_state_change() (git-fixes). +- SUNRPC: Reinitialise the backchannel request buffers before + reuse (git-fixes). +- NFSv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes). +- NFSv4: Fix races in the legacy idmapper upcall (git-fixes). +- sunrpc: fix expiry of auth creds (git-fixes). +- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly + (git-fixes). +- NFSv4.1: Don't decrease the value of seq_nr_highest_sent + (git-fixes). +- pNFS/flexfiles: Report RDMA connection errors to the server + (git-fixes). +- Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" + (git-fixes). +- lockd: detect and reject lock arguments that overflow + (git-fixes). +- SUNRPC: Fix xdr_encode_bool() (git-fixes). +- nfsd: eliminate the NFSD_FILE_BREAK_* flags (git-fixes). +- md-raid10: fix KASAN warning (git-fixes). +- NFSD: restore EINVAL error translation in nfsd_commit() + (git-fixes). +- NFSD: Clean up the show_nf_flags() macro (git-fixes). +- SUNRPC: Don't leak sockets in xs_local_connect() (git-fixes). +- SUNRPC: Don't call connect() more than once on a TCP socket + (git-fixes). +- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes). +- NFSD: Fix offset type in I/O trace points (git-fixes). +- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests + (git-fixes). +- commit 510ad2f + +- x86/sev: Add missing __init annotations to SEV init routines + (jsc#SLE-19924 jsc#SLE-24814). +- Refresh + patches.suse/x86-sev-Get-the-AP-jump-table-address-from-secrets-page. +- commit e7f768c + +- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" + (git-fixes). +- commit c7d72a7 + +- i2c: mlxbf: Fix frequency calculation (git-fixes). +- i2c: mlxbf: prevent stack overflow in + mlxbf_i2c_smbus_start_transaction() (git-fixes). +- i2c: mlxbf: incorrect base address passed during io write + (git-fixes). +- i2c: imx: If pm_runtime_get_sync() returned 1 device access + is possible (git-fixes). +- commit abc7475 + +- blacklist.conf: remove blacklisted patch + This patch was incorrectly blacklisted, but in fact + is needeed, so remove the blacklist first. +- commit 858de69 + +- serial: fsl_lpuart: Reset prior to registration (git-fixes). +- workqueue: don't skip lockdep work dependency in + cancel_work_sync() (git-fixes). +- arm64: topology: fix possible overflow in amu_fie_setup() + (git-fixes). +- media: flexcop-usb: fix endpoint type check (git-fixes). +- usb: dwc3: core: leave default DMA if the controller does not + support 64-bit DMA (git-fixes). +- drm/panel: simple: Fix innolux_g121i1_l01 bus_format + (git-fixes). +- drm/mediatek: dsi: Move mtk_dsi_stop() call back to + mtk_dsi_poweroff() (git-fixes). +- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, + reset callbacks (git-fixes). +- drm/panfrost: devfreq: set opp to the recommended one to + configure regulator (git-fixes). +- ASoC: nau8824: Fix semaphore unbalance at error paths + (git-fixes). +- regulator: pfuze100: Fix the global-out-of-bounds access in + pfuze100_regulator_probe() (git-fixes). +- net: usb: qmi_wwan: add Quectel RM520N (git-fixes). +- wifi: mac80211_hwsim: check length for virtio packets + (git-fixes). +- tty: serial: atmel: Preserve previous USART mode if RS485 + disabled (git-fixes). +- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes). +- video: fbdev: pxa3xx-gcu: Fix integer overflow in + pxa3xx_gcu_write (git-fixes). +- serial: atmel: remove redundant assignment in rs485_config + (git-fixes). +- video: fbdev: i740fb: Error out if 'pixclock' equals zero + (git-fixes). +- commit 05ff2c7 + +- scsi: mpt3sas: Fix use-after-free warning (git-fixes). +- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes). +- commit 338849f + +- kexec_file: drop weak attribute from functions (bsc#1196444). +- commit 3df1852 + +- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + (bsc#1198189 CVE-2022-1263). +- commit 7717214 + +- kexec, KEYS, s390: Make use of built-in and secondary keyring + for signature verification (bsc#1196444). +- commit a0517d1 + +- arm64: kexec_file: use more system keyrings to verify kernel + image signature (bsc#1196444). +- kexec, KEYS: make the code in bzImage64_verify_sig generic + (bsc#1196444). +- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444). +- kexec: drop weak attribute from functions (bsc#1196444). +- x86/kexec: fix memory leak of elf header buffer (bsc#1196444). +- commit 6bb0d35 + +- arm64: dts: rockchip: Remove 'enable-active-low' from + rk3399-puma (git-fixes). +- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz + (git-fixes). +- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core + (git-fixes). +- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes). +- selftests: forwarding: add shebang for sch_red.sh (git-fixes). +- can: gs_usb: gs_can_open(): fix race dev->can.state condition + (git-fixes). +- gve: Fix GFP flags when allocing pages (git-fixes). +- wifi: mt76: fix reading current per-tid starting sequence + number for aggregation (git-fixes). +- batman-adv: Fix hang up with small MTU hard-interface + (git-fixes). +- net: phy: aquantia: wait for the suspend/resume operations to + finish (git-fixes). +- gpiolib: cdev: Set lineevent_state::irq after IRQ register + successfully (git-fixes). +- gpio: mockup: fix NULL pointer dereference when removing debugfs + (git-fixes). +- selftests: forwarding: Fix failing tests with old libnet + (git-fixes). +- commit 4895eee + +- dt-bindings: Add headers for Host1x and VIC on Tegra234 + (jsc#PED-1763). +- dt-bindings: memory: Add Tegra234 MGBE memory clients + (jsc#PED-1763). +- dt-bindings: Add Tegra234 MGBE clocks and resets (jsc#PED-1763). +- dt-bindings: power: Add Tegra234 MGBE power domains + (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 GPCDMA (jsc#PED-1763). +- dt-bindings: tegra186-hsp: add type for shared mailboxes + (jsc#PED-1763). +- arm64: tegra: Add QSPI controllers on Tegra234 (jsc#PED-1763). +- dt-bindings: memory: Add Tegra234 PCIe memory (jsc#PED-1763). +- dt-bindings: power: Add Tegra234 PCIe power domains + (jsc#PED-1763). +- dt-bindings: Add Tegra234 PCIe clocks and resets (jsc#PED-1763). +- dt-bindings: Add HDA support for Tegra234 (jsc#PED-1763). +- dt-bindings: Add Tegra234 APE support (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 PWM (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 I2C (jsc#PED-1763). +- dt-bindings: gpio: Add Tegra234 support (jsc#PED-1763). +- dt-bindings: memory: tegra: Add Tegra234 support (jsc#PED-1763). +- dt-bindings: Update headers for Tegra234 (jsc#PED-1763). +- commit 44a5986 + +- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes). +- commit a413591 + +- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes). +- commit 7bd201a + +- net: enetc: Use pci_release_region() to release some resources + (git-fixes). +- commit 15bc221 + +- net: dsa: mv88e6xxx: Fix refcount leak in + mv88e6xxx_mdios_register (git-fixes). +- commit 568058d + +- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes). +- commit a7df60c + +- net: stmmac: fix out-of-bounds access in a selftest (git-fixes). +- commit 1d801d7 + +- net: macb: Fix PTP one step sync support (git-fixes). +- commit c6f42d2 + +- net: wwan: iosm: remove pointless null check (git-fixes). +- commit 4eccfc1 + +- eth: sun: cassini: remove dead code (git-fixes). +- commit aa42615 + +- net: stmmac: remove unused get_addr() callback (git-fixes). +- commit 14586bc + +- Revert "ice: Hide bus-info in ethtool for PRs in switchdev mode" + (git-fixes). +- commit 2b88535 + +- net: ethernet: stmmac: fix write to sgmii_adapter_base + (git-fixes). +- commit 63c3906 + +- net: dsa: felix: fix tagging protocol changes with multiple + CPU ports (git-fixes). +- commit 41e3617 + +- net: dsa: introduce helpers for iterating through ports using dp + (git-fixes). +- commit 5001021 + +- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap + (git-fixes). +- commit 1bdfd3c + +- net: hns3: add netdev reset check for hns3_set_tunable() + (git-fixes). +- commit f002bf7 + +- net: phy: at803x: move page selection fix to config_init + (git-fixes). +- commit 02fb6c3 + +- ice: Match on all profiles in slow-path (git-fixes). +- commit 5ba2957 + +- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes). +- commit 1308dcb + +- blacklist.conf: update blacklist +- commit e0df553 + +- blacklist.conf: update blacklist +- commit d975e01 + +- blacklist.conf: update blacklist +- commit 2402036 + +- ALSA: hda: Fix Nvidia dp infoframe (git-fixes). +- ALSA: hda/tegra: set depop delay for tegra (git-fixes). +- ALSA: hda/tegra: Update scratch reg. communication (git-fixes). +- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes). +- commit 636d297 + +- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED + (git-fixes). +- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes). +- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack + (git-fixes). +- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes). +- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 + laptop (git-fixes). +- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 + laptop (git-fixes). +- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes). +- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes). +- commit a4ecf82 + +- dmaengine: ti: k3-udma-private: Fix refcount leak bug in + of_xudma_dev_get() (git-fixes). +- Revert "ALSA: usb-audio: Split endpoint setups for hw_params + and prepare" (git-fixes). +- ALSA: core: Fix double-free at snd_card_new() (git-fixes). +- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes). +- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount + saturation (git-fixes). +- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible + (git-fixes). +- gpio: mockup: remove gpio debugfs when remove device + (git-fixes). +- Input: iforce - add support for Boeder Force Feedback Wheel + (git-fixes). +- Input: goodix - add compatible string for GT1158 (git-fixes). +- Input: goodix - add support for GT1158 (git-fixes). +- drm/msm/rd: Fix FIFO-full deadlock (git-fixes). +- drm/amd/amdgpu: skip ucode loading if ucode_size == 0 + (git-fixes). +- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS + (git-fixes). +- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell + Dot keymap fixes (git-fixes). +- platform/surface: aggregator_registry: Add support for Surface + Laptop Go 2 (git-fixes). +- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes). +- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered + message (git-fixes). +- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo + (git-fixes). +- ACPI: resource: skip IRQ override on AMD Zen platforms + (git-fixes). +- ARM: dts: imx: align SPI NOR node name with dtschema + (git-fixes). +- commit 6a1df1e + +- Refresh patches.suse/iommu-vt-d-Acquiring-lock-in-domain-ID-allocation-helpers + Fix spin deadlock in intel_iommu (bsc#1203505) +- commit 69d294e + +- media: dvb-core: Fix UAF due to refcount races at releasing + (CVE-2022-41218 bsc#1202960). +- commit bdcd7ab + +- cpufreq: tegra194: Staticize struct tegra_cpufreq_soc instances + (jsc#PED-1763). +- commit 2b309dd + +- ASoC: tegra: AHUB routes for OPE module (jsc#PED-1763). +- commit ae8614b + +- PCI: tegra194: Add Tegra234 PCIe support (jsc#PED-1763). +- commit 9848d71 + +- PCI: tegra194: Extend Endpoint mode support (jsc#PED-1763). +- commit 64c6d53 + +- PCI: tegra194: Clean up the exit path for Endpoint mode + (jsc#PED-1763). +- commit 77cf561 + +- PCI: tegra194: Enable support for 256 Byte payload + (jsc#PED-1763). +- commit 3d70757 + +- PCI: tegra194: Clear bandwidth management status (jsc#PED-1763). +- commit 4eb1d6d + +- PCI: tegra194: Find RAS DES PCIe capability offset + (jsc#PED-1763). +- commit 6869f7e + +- Revert "PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie" + (jsc#PED-1763). +- Refresh + patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch. +- commit 7c3a2c4 + +- dmaengine: tegra: Add terminate() for Tegra234 (jsc#PED-1763). +- commit 14777c3 + +- phy: tegra: Add PCIe PIPE2UPHY support for Tegra234 + (jsc#PED-1763). +- commit 8045a50 + +- gpu: host1x: Register context bus unconditionally + (jsc#PED-1763). +- commit 1cdd50a + +- spi: dt-bindings: Add compatible for Tegra241 QSPI + (jsc#PED-1763). +- commit f5277d1 + +- spi: tegra210-quad: Multi-cs support (jsc#PED-1763). +- commit 5df9b77 + +- memory: tegra: Add MGBE memory clients for Tegra234 + (jsc#PED-1763). +- commit fe9c9ad + +- clocksource/drivers/timer-tegra186: Add support for Tegra234 + SoC (jsc#PED-1763). +- commit 9102f99 + +- clocksource: Add Tegra186 timers support (jsc#PED-1763). +- Update config files +- commit f783dd3 + +- gpu: host1x: Add context bus (jsc#PED-1763). +- commit 62055eb + +- iommu/arm-smmu: Support Tegra234 SMMU (jsc#PED-1763). +- commit b6d01d1 + +- cpufreq: tegra194: Add support for Tegra234 (jsc#PED-1763). +- commit 6ccf722 + +- cpufreq: tegra194: add soc data to support multiple soc + (jsc#PED-1763). +- commit d6431d8 + +- dmaengine: tegra: Remove unused switch case (jsc#PED-1763). +- commit 21ff5bc + +- dmaengine: tegra: Fix uninitialized variable usage + (jsc#PED-1763). +- commit 8692e6a + +- dmaengine: tegra: Use platform_get_irq() to get IRQ resource + (jsc#PED-1763). +- commit dce0f23 + +- dmaengine: tegra: Remove unused including + (jsc#PED-1763). +- commit e600cdf + +- dmaengine: tegra: Add tegra gpcdma driver (jsc#PED-1763). +- Update config files. +- supported.conf +- commit 8c4f76d + +- PCI: tegra194: Remove unnecessary MSI enable reg save and + restore (jsc#PED-1763). +- commit 028846a + +- mailbox: tegra-hsp: Add 128-bit shared mailbox support + (jsc#PED-1763). +- commit 2799912 + +- mailbox: tegra-hsp: Add tegra_hsp_sm_ops (jsc#PED-1763). +- commit 301d237 + +- memory: tegra: Add MC error logging on Tegra186 onward + (jsc#PED-1763). +- commit 803123e + +- memory: tegra: Add memory controller channels support + (jsc#PED-1763). +- commit 91c35b0 + +- memory: tegra: Add APE memory clients for Tegra234 + (jsc#PED-1763). +- commit bddcc01 + +- memory: tegra: Add Tegra234 support (jsc#PED-1763). +- commit 15d156c + +- soc/tegra: pmc: Update Tegra234 reset sources (jsc#PED-1763). +- ASoC: tegra: AHUB routes for ASRC module (jsc#PED-1763). +- soc/tegra: pmc: Add Tegra234 wake events (jsc#PED-1763). +- commit 055208f + +- ASoC: tegra: Update AHUB driver for Tegra234 (jsc#PED-1763). +- ALSA: hda/tegra: Hardcode GCAP ISS value on T234 (jsc#PED-1763). +- commit 12ff211 + +- PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie + (jsc#PED-1763). +- Refresh + patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch. +- Refresh + patches.suse/PCI-tegra194-Fix-link-up-retry-sequence.patch. +- commit 43c995b + +- misc: sram: Add compatible string for Tegra234 SYSRAM + (jsc#PED-1763). +- commit c359d28 + +- gpio: tegra186: Add support for Tegra234 (jsc#PED-1763). +- Refresh + patches.suse/gpio-tegra186-Add-support-for-Tegra241.patch. +- commit 794cc29 + +- gpu: host1x: select CONFIG_DMA_SHARED_BUFFER (jsc#PED-1763). +- commit 805f6b6 + +- Update kabi files: import symvers from MU 5.14.21-150400.24.21 +- commit a9db6f7 + +- blacklist.conf: e9b6013a7ce3 x86/speculation: Update link to AMD speculation whitepaper +- commit 2ebf815 + +- EDAC/dmc520: Don't print an error for each unconfigured + interrupt line (bsc#1190497). +- commit c59e321 + +- blacklist.conf: ad2c302bc604 EDAC/sifive: Fix non-kernel-doc comment +- commit 1146177 + +- Update patch reference for media fix (CVE-2022-3239 bsc#1203552) +- commit 9054a9f + +- supported.conf: Add drivers/virt/coco/sevguest/sevguest +- commit 14b71be + +- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814). +- Update config files. +- commit 07e76d6 + +- scsi: smartpqi: Shorten drive visibility after removal + (bsc#1200622). +- commit 575230a + +- x86/sev: Provide support for SNP guest request NAEs + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit eaa3ba3 + +- x86/boot: Add Confidential Computing type to setup_data + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. +- commit cecec70 + +- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924, + jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit d7a984b + +- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit df057b9 + +- x86/sev: Add a helper for the PVALIDATE instruction + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit 27da7ad + +- x86/compressed/64: Detect/setup SEV/SME features earlier during + boot (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/x86-sev-define-the-linux-specific-guest-termination-reasons.patch. +- commit 509599d + +- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Get the AP jump table address from secrets page + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Put globals that are accessed early into the .data + section (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Fix bool function returning negative value + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Fix return value check in alloc_shared_pages() + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add support to get extended report + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add support to derive key (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Register SEV-SNP guest request platform device + (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add a sev= cmdline option (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Use firmware-validated CPUID for SEV-SNP guests + (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924, + jsc#SLE-24814). +- x86/compressed/64: Add identity mapping for Confidential + Computing blob (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Export and rename add_identity_map() + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP + guests (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Add SEV-SNP feature detection/setup + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Add a pointer to Confidential Computing blob in + bootparams (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC + handlers (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Move MSR-based VMGEXITs for CPUID to helper + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: x86: Move lookup of indexed CPUID leafs to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI kexec handling into common code + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI vendor table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI config table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI system table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI detection to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/head/64: Re-enable stack protection (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Use SEV-SNP AP creation to start secondary CPUs + (jsc#SLE-19924, jsc#SLE-24814). +- x86/kernel: Validate ROM memory before accessing when SEV-SNP + is active (jsc#SLE-19924, jsc#SLE-24814). +- x86/kernel: Mark the .bss..decrypted section as shared in the + RMP table (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add helper for validating pages in early enc attribute + changes (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Register GHCB memory when SEV-SNP is active + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Register GHCB memory when SEV-SNP is active + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Add helper for validating pages in the + decompression stage (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Check SEV-SNP features support (jsc#SLE-19924, + jsc#SLE-24814). +- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Detect/setup SEV/SME features earlier in boot + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Use MSR read/write helpers instead of inline assembly + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924, + jsc#SLE-24814). +- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924, + jsc#SLE-24814). +- KVM: SVM: Create a separate mapping for the GHCB save area + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: SVM: Create a separate mapping for the SEV-ES save area + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: SVM: Define sev_features and VMPL field in the VMSA + (jsc#SLE-19924, jsc#SLE-24814). +- commit 08ede5a + +- md: unlock mddev before reap sync_thread in action_store + (bsc#1197659). +- commit b42af07 + +- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type + in mpc85xx (git-fixes). +- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes). +- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes). +- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes). +- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes). +- drm/meson: Correct OSD1 global alpha value (git-fixes). +- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code + for vega (git-fixes). +- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega + (git-fixes). +- of/device: Fix up of_dma_configure_id() stub (git-fixes). +- of: fdt: fix off-by-one error in unflatten_dt_nodes() + (git-fixes). +- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes). +- vfio/type1: Unpin zero pages (git-fixes). +- efi: capsule-loader: Fix use-after-free in efi_capsule_write + (git-fixes). +- efi: libstub: Disable struct randomization (git-fixes). +- fbdev: chipsfb: Add missing pci_disable_device() in + chipsfb_pci_init() (git-fixes). +- commit a8d151e + +- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion + (git-fixes). +- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly + (git-fixes). +- drm/radeon: add a force flush to delay work when radeon + (git-fixes). +- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup + (git-fixes). +- drm/amdgpu: Move psp_xgmi_terminate call from + amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes). +- drm/gem: Fix GEM handle release errors (git-fixes). +- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps + (git-fixes). +- drm/bridge: display-connector: implement bus fmts callbacks + (git-fixes). +- commit a41cdd0 + +- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE + (git-fixes). +- commit 37ef226 + +- xen-blkfront: Cache feature_persistent value before + advertisement (git-fixes). +- commit 3ed3cdd + +- Update references: + - patches.kabi/kabi-return-type-change-of-secure_ipv-46-_port_ephem.patch + - patches.suse/secure_seq-use-the-64-bits-of-the-siphash-for-port-o.patch + - patches.suse/tcp-add-small-random-increments-to-the-source-port.patch + - patches.suse/tcp-drop-the-hash_32-part-from-the-index-calculation.patch + - patches.suse/tcp-dynamically-allocate-the-perturb-table-used-by-s.patch + - patches.suse/tcp-increase-source-port-perturb-table-to-2-16.patch + - patches.suse/tcp-resalt-the-secret-every-10-seconds.patch + - patches.suse/tcp-use-different-parts-of-the-port_offset-for-index.patch + (add CVE-2022-32296 bsc#1200288) +- commit 07e021d + +- xen-netback: only remove 'hotplug-status' when the vif is + actually destroyed (git-fixes). +- commit 33b6bc1 + +- xen-blkfront: Advertise feature-persistent as user requested + (git-fixes). +- commit 55b30a0 + +- xen-blkback: Advertise feature-persistent as user requested + (git-fixes). +- commit aa17727 + +- xen-blkfront: Apply 'feature_persistent' parameter when connect + (git-fixes). +- commit ea0d055 + +- xen-blkback: Apply 'feature_persistent' parameter when connect + (git-fixes). +- commit 8bac828 + +- xen-blkback: fix persistent grants negotiation (git-fixes). +- commit 8c9e86e + +- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes). +- commit 8ae5e2f + +- x86/xen: Remove undefined behavior in setup_features() + (git-fixes). +- commit fe2de2e + +- xen-blkfront: Handle NULL gendisk (git-fixes). +- commit ff9be3a + +- blacklist.conf: add 1dbd11ca75fe ("xen: remove gnttab_query_foreign_access") + as it would break KABI +- commit 893d5df + +- KVM: SVM: fix tsc scaling cache logic (bsc#1203263). +- commit 9311053 + +- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() + (git-fixes). +- commit 4acefb4 + +- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted() + (git-fixes). +- commit c7cc445 + +- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall + (git-fixes). +- commit cfc201b + +- KVM: x86: hyper-v: Drop redundant 'ex' parameter from + kvm_hv_send_ipi() (git-fixes). +- commit 001f866 + +- KVM: X86: Fix when shadow_root_level=5 && guest root_level<4 + (git-fixes). +- commit 4d133af + +- jfs: prevent NULL deref in diFree (bsc#1203389 CVE-2022-3202). +- commit 1259272 + kernel-kvmsmall +- scsi: qedi: Remove redundant flush_workqueue() calls + (jsc#PED-1525). +- Refresh + patches.suse/scsi-iscsi-Fix-session-removal-on-shutdown.patch. +- commit 57a0d4f + +- scsi: qedf: Fix a UAF bug in __qedf_probe() (jsc#PED-1524). +- scsi: qedf: Fix typo in comment (jsc#PED-1524). +- scsi: qedf: Remove redundant variable op (jsc#PED-1524). +- scsi: qedf: Remove an unneeded NULL check on list iterator + (jsc#PED-1524). +- scsi: qedf: Remove unnecessary code (jsc#PED-1524). +- scsi: qedf: Stop using the SCSI pointer (jsc#PED-1524). +- scsi: qedf: Change context reset messages to ratelimited + (jsc#PED-1524). +- scsi: qedf: Fix refcount issue when LOGO is received during TMF + (jsc#PED-1524). +- scsi: qedf: Add stag_work to all the vports (jsc#PED-1524). +- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting + (jsc#PED-1525). +- scsi: qedi: Remove set but unused 'page' variable + (jsc#PED-1525). +- scsi: qedi: Fix cmd_cleanup_cmpl counter mismatch issue + (jsc#PED-1525). +- commit a20fd84 + +- Update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1 +- commit a5edbce + +- usb: gadget: pxa25x_udc: Constify static struct pxa25x_ep_ops + (jsc#PED-1817). +- commit ecf622b + +- usb: gadget: udc: core: Use pr_fmt() to prefix messages + (jsc#PED-1817). +- commit 986d674 + +- USB: gadget: Rename usb_gadget_probe_driver() (jsc#PED-1817). +- commit ec7b016 + +- ALSA: hiface: fix repeated words in comments (git-fixes). +- commit 1897e56 + +- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support + (git-fixes). +- ALSA: scarlett2: Add support for the internal "standalone" + switch (git-fixes). +- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections + (git-fixes). +- ALSA: usb-audio: scarlett2: Use struct_size() helper in + scarlett2_usb() (git-fixes). +- commit 51a746f + +- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos + (git-fixes). +- Refresh + patches.suse/ALSA-usb-audio-More-comprehensive-mixer-map-for-ASUS.patch. +- commit aad3dbe + +- ALSA: line6: remove line6_set_raw declaration (git-fixes). +- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support + (git-fixes). +- ALSA: usb-audio: make read-only array marker static const + (git-fixes). +- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes). +- ALSA: usb/6fire: fix repeated words in comments (git-fixes). +- ALSA: usb-audio: remove redundant assignment to variable c + (git-fixes). +- commit 7b36d72 + +- ring-buffer: Check for NULL cpu_buffer in + ring_buffer_wake_waiters() (bsc#1204705). +- commit 2e712ad + +- USB / dwc3: Fix three doc-build warnings (jsc#PED-1817). +- commit 654acff + +- usb: dwc3: fix backwards compat with rockchip devices + (jsc#PED-1817). +- commit c7590b2 + +- usb: dwc3: core: do not use 3.0 clock when operating in 2.0 mode + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-core-Enable-GUCTL1-bit-10-for-fixing-termin.patch. +- commit 02bd07f + +- usb: dwc3: imx8mp: rename iomem base pointer (jsc#PED-1817). +- commit 0504947 + +- usb: dwc3: drd: Don't check against CONFIG_OF (jsc#PED-1817). +- commit ce7e9f1 + +- usb: dwc3: Program GFLADJ (jsc#PEd-1817). +- commit daeb10e + +- usb: dwc3: Calculate REFCLKPER based on reference clock + (jsc#PED-1817). +- commit a22b861 + +- usb: dwc3: Get clocks individually (jsc#PED-1817). +- blacklist.conf: +- commit 3423db7 + +- usb: dwc3: drd: Add support for usb-conn-gpio based + usb-role-switch (jsc#PED-1817). +- commit 80843c9 + +- Correct JIRA reference for these patches (jsc#PED-1496). + Use implementation, not the Epic: +- Update + patches.suse/scsi-be2iscsi-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- Update patches.suse/scsi-bnx2i-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Fix-harmless-double-shift-bug.patch + (jsc#PED-1496). +- Update patches.suse/scsi-iscsi-Merge-suspend-fields.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Remove-iscsi_get_task-back_lock-requirement.patch + (jsc#PED-1496). +- Update + patches.suse/scsi-iscsi-Rename-iscsi_conn_queue_work.patch + (jsc#PED-1496). +- Update patches.suse/scsi-iscsi-Stop-using-the-SCSI-pointer.patch + (jsc#PED-1496). +- Update patches.suse/scsi-qedi-Switch-to-attribute-groups.patch + (jsc#PED-1496). +- commit 71bf164 + +- scsi: core: Fix early registration of sysfs attributes for + scsi_device (jsc#PED-1561). +- commit dfe7dcb + +- scsi: core: Remove two host template members that are no longer + used (jsc#PED-1561). +- scsi: usb: Switch to attribute groups (jsc#PED-1561). +- scsi: staging: unisys: Remove the shost_attrs member + (jsc#PED-1561). +- commit 036b753 + +- scsi: zfcp: Switch to attribute groups (jsc#PED-1561). +- scsi: message: fusion: Switch to attribute groups + (jsc#PED-1561). +- scsi: RDMA/srp: Switch to attribute groups (jsc#PED-1561). +- scsi: firewire: sbp2: Switch to attribute groups (jsc#PED-1561). +- commit ad14a91 + +- scsi: ata: Switch to attribute groups (jsc#PED-1561). +- libata: Introduce ncq_prio_supported sysfs sttribute + (jsc#PED-1561). +- libata: print feature list on device scan (jsc#PED-1561). +- libata: fix ata_read_log_page() warning (jsc#PED-1561). +- commit dc4d292 + +- libata: cleanup NCQ priority handling (jsc#PED-1561). +- Update + patches.suse/libata-Add-ATA_HORKAGE_NO_NCQ_ON_ATI-for-Samsung-860.patch + (jsc#PED-1561). +- commit d313a88 + +- libata: cleanup ata_dev_configure() (jsc#PED-1561). +- libata: cleanup device sleep capability detection + (jsc#PED-1561). +- libata: simplify ata_scsi_rbuf_fill() (jsc#PED-1561). +- commit 01272a8 + +- scsi: qla2xxx: Switch to attribute groups (jsc#PED-1561). +- Refresh + patches.suse/scsi-qla2xxx-edif-remove-old-doorbell-interface.patch. +- commit 6464680 + +- scsi: lpfc: Switch to attribute groups (jsc#PED-1561). +- Refresh + patches.suse/scsi-lpfc-Remove-Menlo-Hornet-related-code.patch. +- Refresh + patches.suse/scsi-lpfc-Remove-SANDiags-related-code.patch. +- Refresh + patches.suse/scsi-lpfc-Remove-failing-soft_wwn-support.patch. +- Refresh + patches.suse/scsi-lpfc-move-scsi_host_template-outside-dynamically.patch. +- commit 4aeb242 + +- scsi: snic: Switch to attribute groups (jsc#PED-1561). +- scsi: smartpqi: Switch to attribute groups (jsc#PED-1561). +- scsi: qla4xxx: Switch to attribute groups (jsc#PED-1561). +- scsi: qedf: Switch to attribute groups (jsc#PED-1561). +- scsi: pm8001: Switch to attribute groups (jsc#PED-1561). +- scsi: sym53c500_cs: Switch to attribute groups (jsc#PED-1561). +- scsi: ncr53c8xx: Switch to attribute groups (jsc#PED-1561). +- scsi: myrs: Switch to attribute groups (jsc#PED-1561). +- scsi: myrb: Switch to attribute groups (jsc#PED-1561). +- scsi: mvsas: Switch to attribute groups (jsc#PED-1561). +- scsi: mpt3sas: Switch to attribute groups (jsc#PED-1561). +- scsi: megaraid_sas: Switch to attribute groups (jsc#PED-1561). +- scsi: megaraid_mbox: Switch to attribute groups (jsc#PED-1561). +- scsi: isci: Switch to attribute groups (jsc#PED-1561). +- scsi: ipr: Switch to attribute groups (jsc#PED-1561). +- scsi: ibmvfc: Switch to attribute groups (jsc#PED-1561). +- scsi: ibmvscsi: Switch to attribute groups (jsc#PED-1561). +- scsi: hptiop: Switch to attribute groups (jsc#PED-1561). +- scsi: hpsa: Switch to attribute groups (jsc#PED-1561). +- scsi: hisi_sas: Switch to attribute groups (jsc#PED-1561). +- scsi: fnic: Switch to attribute groups (jsc#PED-1561). +- scsi: cxlflash: Switch to attribute groups (jsc#PED-1561). +- scsi: csiostor: Switch to attribute groups (jsc#PED-1561). +- scsi: bnx2fc: Switch to attribute groups (jsc#PED-1561). +- scsi: bfa: Switch to attribute groups (jsc#PED-1561). +- scsi: arcmsr: Switch to attribute groups (jsc#PED-1561). +- scsi: aacraid: Switch to attribute groups (jsc#PED-1561). +- scsi: 53c700: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-xxxx: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-sas: Switch to attribute groups (jsc#PED-1561). +- scsi: 3w-9xxx: Switch to attribute groups (jsc#PED-1561). +- commit 3ddf4fd + +- Update patch references to + patches.suse/0001-floppy-disable-FDRAWCMD-by-default.patch + (bsc#1200692 CVE-2022-33981). +- commit 913147c + +- usb: dwc3: Drop unneeded calls to platform_get_resource_byname() + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-disable-USB-core-PHY-management.patch. +- commit cb5354a + +- usb: gadget: remove unnecessary AND operation when get ep maxp + (jsc#PED-1817). +- commit 528613b + +- usb: gadget: udc: core: Introduce check_config to verify USB + configuration (jsc#PEd-1817). +- commit 69ec7cd + +- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914). +- commit 0d14223 + +- iommu/vt-d: Do not falsely log intel_iommu is unsupported + kernel option (bsc#1204947). +- commit 440c18c + +- wifi: brcmfmac: Fix potential buffer overflow in + brcmf_fweh_event_worker() (CVE-2022-3628 bsc#1204868). +- commit 968feec + +- usb: dwc3: gadget: Support Multi-Stream Transfer (jsc#PED-531). +- commit 0ed805f + +- usb: dwc3: gadget: Skip resizing EP's TX FIFO if already resized + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch. +- commit b389709 + +- usb: dwc3: reference clock period configuration (jsc#PED-1817). +- commit 8ce586b + +- Drop Dell Dock regression fix patch again (bsc#1204719) + It tunred out to be bogus, a different fix is needed +- commit 2c62bb9 + +- usb: dwc3: drd: use helper to get role-switch-default-mode + (jsc#PED-1817). +- commit 7f03301 + +- usb: dwc3: Resize TX FIFOs to meet EP bursting requirements + (jsc#PED-1817). +- Refresh + patches.suse/usb-dwc3-core-Fix-tx-rx-threshold-settings.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-starting-DWC3-gadget-during-UD.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch. +- commit 68d4f6e + +- scsi: lpfc: Update the obsolete adapter list (bsc#1204142). +- commit dc8f2da + +- scsi: qla2xxx: Use transport-defined speed mask for + supported_speeds (bsc#1204963). +- scsi: qla2xxx: Fix serialization of DCBX TLV data request + (bsc#1204963). +- commit d6d1732 + +- Move upstreamed sound patches into sorted section +- commit a5b0f8c + +- ALSA: usb-audio: Fix regression with Dell Dock jack detection + (bsc#1204719). +- commit ec69ec6 + +- Kbuild: add -Wno-shift-negative-value where -Wextra is used + (bsc#1204877). +- Kbuild: use -Wdeclaration-after-statement (bsc#1204877). +- Refresh patches.suse/Kbuild-move-to-std-gnu11.patch. +- Refresh + patches.suse/Kbuild-use-std-gnu11-for-KBUILD_USERCFLAGS.patch. +- commit e76ac45 + +- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957). +- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for + transceiver info (bsc#1204957). +- scsi: lpfc: Log when congestion management limits are in effect + (bsc#1204957). +- scsi: lpfc: Fix hard lockup when reading the rx_monitor from + debugfs (bsc#1204957). +- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is + turned off (bsc#1204957). +- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited" + (bsc#1204957). +- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957). +- commit f06c1f8 + +- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes) + [#] Conflicts: + [#] series.conf +- commit cc60033 + +- RDMA/irdma: Use net_type to check network type (git-fixes) + [#] Conflicts: + [#] series.conf +- commit cc0ac5a + +- Drop verbose nvme logging feature (bsc#1200567) + This feature caused regressions by logging all failed NVMe + commands. Though not all of them are actually a real + error. E.g. libnvme is probing for features and handling fails + correctly. Upstream fixed this by disabling this feature and looking + into making this an opt-in option. +- Delete patches.suse/nvme-add-verbose-error-logging.patch. +- Delete + patches.suse/nvme-don-t-print-verbose-errors-for-internal-passthr.patch. +- commit a82baa8 + +- RDMA/irdma: Validate udata inlen and outlen (git-fixes) +- commit c66230c + +- RDMA/irdma: Add support for address handle re-use (git-fixes) +- commit 456aa9c + +- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes) +- commit 01da806 + +- selftests/livepatch: better synchronize test_klp_callbacks_busy + (bsc#1071995). +- commit 82010dd + +- livepatch: Add a missing newline character in + klp_module_coming() (bsc#1071995). +- commit 82368b9 + +- RDMA/srp: Support more than 255 rdma ports (git-fixes) +- commit 6da7233 + +- RDMA/srp: Handle dev_set_name() failure (git-fixes) +- commit 2aa5768 + +- RDMA/srp: Use the attribute group mechanism for sysfs attributes (git-fixes) +- commit ee393a3 + +- RDMA/srp: Rework the srp_add_port() error path (git-fixes) +- commit cf4fa33 + +- livepatch: fix race between fork and KLP transition + (bsc#1071995). +- commit bc0a77a + +- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes) +- commit fecc405 + +- RDMA/srpt: Fix a use-after-free (git-fixes) +- commit e0cd3e8 + +- RDMA/srpt: Duplicate port name members (git-fixes) +- commit accb2fe + +- Input: applespi - avoid efivars API and invoke EFI services + directly (jsc#PED-1409). +- brcmfmac: Switch to appropriate helper to load EFI variable + contents (jsc#PED-1409). +- iwlwifi: Switch to proper EFI variable store interface + (jsc#PED-1409). +- media: atomisp_gmin_platform: stop abusing efivar API + (jsc#PED-1409). +- commit af0a2c9 + +- Update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch + (bsc#1204693). +- commit 9cde40b + +- efi: libstub: check Shim mode using MokSBStateRT (jsc#PED-1409). +- efi: x86: Wipe setup_data on pure EFI boot (jsc#PED-1409). +- efi: efibc: Guard against allocation failure (jsc#PED-1409). +- efi/x86: libstub: remove unused variable (jsc#PED-1409). +- efi: vars: Move efivar caching layer into efivarfs + (jsc#PED-1409). +- efi: vars: Switch to new wrapper layer (jsc#PED-1409). +- efi: vars: Remove deprecated 'efivars' sysfs interface + (jsc#PED-1409). + Update config files. + Refresh + patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch. +- efi: vars: Drop __efivar_entry_iter() helper which is no longer + used (jsc#PED-1409). +- efi: pstore: Omit efivars caching EFI varstore access layer + (jsc#PED-1409). +- pstore: Add priv field to pstore_record for backend specific + use (jsc#PED-1409). +- pstore: Don't use semaphores in always-atomic-context code + (jsc#PED-1409). +- commit db34623 + +- drivers: fix typo in firmware/efi/memmap.c (jsc#PED-1409). +- efi: vars: Use locking version to iterate over efivars linked + lists (jsc#PED-1409). +- efi: vars: Add thin wrapper around EFI get/set variable + interface (jsc#PED-1409). +- efi: vars: Don't drop lock in the middle of efivar_init() + (jsc#PED-1409). +- efi: efibc: avoid efivar API for setting variables + (jsc#PED-1409). +- efi: avoid efivars layer when loading SSDTs from variables + (jsc#PED-1409). +- efi: Correct comment on efi_memmap_alloc (jsc#PED-1409). +- efi: Make code to find mirrored memory ranges generic + (jsc#PED-1409). + Refresh + patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch. +- commit 8075b46 + +- blacklist.conf: scripts/gdb: Allow to read printk log buffer on + 32-bit systems; hardly needed by anyone +- commit c5107b2 + +- printk: wake waiters for safe and NMI contexts (bsc#1204934). +- commit ccf6fd7 + +- printk: use atomic updates for klogd work (bsc#1204934). +- commit 42aa5d7 + +- printk: add missing memory barrier to wake_up_klogd() + (bsc#1204934). +- commit 91ae0ab + +- Revert "workqueue: remove unused cancel_work()" (bsc#1204933). +- commit a8f292e + +- signal: break out of wait loops on kthread_stop() (bsc#1204926). +- commit 1f81ec4 + +- net/mlx5e: Properly disable vlan strip on non-UL reps + (git-fixes). +- commit ea8a4bd + +- net: ipvtap - add __init/__exit annotations to module init/exit + funcs (git-fixes). +- commit bcfb537 + +- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes). +- commit 0446df6 + +- net: moxa: get rid of asymmetry in DMA mapping/unmapping + (git-fixes). +- commit 6609905 + +- net: ipa: don't assume SMEM is page-aligned (git-fixes). +- commit 41f9dec + +- stmmac: intel: Add a missing clk_disable_unprepare() call in + intel_eth_pci_remove() (git-fixes). +- commit bb8b4d3 + +- Update metadata references +- commit bdfc8f9 + +- Refresh + patches.suse/drm-bridge-lt8912b-fix-corrupted-image-output.patch. + Alt-commit +- commit f154e04 + +- Refresh + patches.suse/drm-bridge-lt8912b-set-hdmi-or-dvi-mode.patch. + Alt-commit +- commit 54a25a3 + +- Refresh patches.suse/drm-bridge-lt8912b-add-vsync-hsync.patch. + Alt-commit +- commit 6755cca + +- Refresh + patches.suse/drm-amdgpu-don-t-register-a-dirty-callback-for-non-a.patch. + Alt-commit +- commit 5548e46 + +- Refresh + patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-SDM660.patch. + Alt-commit +- commit c51fb10 + +- Refresh + patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-msm8996_dsi.patch. + Alt-commit +- commit e910e60 + +- Refresh + patches.suse/drm-msm-dp-delete-DP_RECOVERED_CLOCK_OUT_EN-to-fix-t.patch. + Alt-commit +- commit 8f4fbd6 + +- Refresh + patches.suse/drm-amdgpu-make-sure-to-init-common-IP-before-gmc.patch. + Alt-commit +- commit d839738 + +- Refresh + patches.suse/drm-amdgpu-move-nbio-sdma_doorbell_range-into-sdma-c.patch. + Alt-commit +- commit 4202af7 + +- Refresh + patches.suse/drm-amdgpu-move-nbio-ih_doorbell_range-into-ih-code-.patch. + Alt-commit +- commit 6a84f94 + +- Refresh + patches.suse/drm-simpledrm-Fix-return-type-of-simpledrm_simple_di.patch. + Alt-commit +- commit c6e149e + +- Refresh + patches.suse/drm-nouveau-fix-another-off-by-one-in-nvbios_addr.patch. + Alt-commit +- commit 7c051d6 + +- Refresh + patches.suse/drm-amd-display-Only-use-depth-36-bpp-linebuffers-on.patch. + Alt-commit +- commit e1c296d + +- Refresh + patches.suse/Revert-drm-amdgpu-display-set-vblank_disable_immedia.patch. + Alt-commit +- commit 1bf4062 + +- Refresh + patches.suse/drm-fourcc-fix-integer-type-usage-in-uapi-header.patch. + Alt-commit +- commit 174b777 + +- Refresh + patches.suse/drm-bridge-ti-sn65dsi83-Handle-dsi_lanes-0-as-invali.patch. + Alt-commit +- commit d529823 + +- Refresh + patches.suse/Revert-drm-amd-pm-keep-the-BACO-feature-enabled-for-.patch. + Alt-commit +- commit b27902a + +- docs: security: Add secrets/coco documentation (jsc#PED-1409). +- efi: Register efi_secret platform device if EFI secret area + is declared (jsc#PED-1409). +- commit df905cf + +- virt: Add efi_secret module to expose confidential computing + secrets (jsc#PED-1409). + Refresh patches.suse/virt-Add-SEV-SNP-guest-driver. + Update config files. + CONFIG_EFI_SECRET=y in x86_64/default +- commit edb96ab + +- efi: sysfb_efi: remove unnecessary include + (jsc#PED-1409). +- x86: Fix all occurences of the "the the" typo (jsc#PED-1409). +- efi: clean up Kconfig dependencies on CONFIG_EFI (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. +- efi/x86: libstub: Make DXE calls mixed mode safe (jsc#PED-1409). +- efifb: Remove redundant efifb_setup_from_dmi stub + (jsc#PED-1409). +- efi/cper: Reformat CPER memory error location to more readable + (jsc#PED-1409). +- EDAC/ghes: Unify CPER memory error location reporting + (jsc#PED-1409). +- efi/cper: Add a cper_mem_err_status_str() to decode error + description (jsc#PED-1409). +- efi: stub: prefer mirrored memory for randomized allocations + (jsc#PED-1409). +- efi/arm64: libstub: run image in place if randomized by the + loader (jsc#PED-1409). +- efi: libstub: pass image handle to handle_kernel_image() + (jsc#PED-1409). +- efi: libstub: ensure allocated memory to be executable + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. +- efi: libstub: declare DXE services table (jsc#PED-1409). +- efi: Save location of EFI confidential computing area + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. + Update config files. + CONFIG_EFI_COCO_SECRET=y in x86_64/default, arm64/default and armv7hl/default +- commit 6b0cf79 + +- scsi: iscsi: Remove iscsi_get_task back_lock requirement + (jsc#PED-868). +- scsi: iscsi: Rename iscsi_conn_queue_work() (jsc#PED-868). +- scsi: iscsi: Fix harmless double shift bug (jsc#PED-868). +- commit 5723646 + +- scsi: iscsi: Merge suspend fields (jsc#PED-868). +- Refresh + patches.suse/scsi-iscsi-Fix-NOP-handling-during-conn-recovery.patch. +- commit 1473e45 + +- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes) +- commit a0cf107 + +- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes) +- commit e49e34a + +- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes) +- commit 6b44016 + +- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes) +- commit 61cef3e + +- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes) +- commit 296a57b + +- RDMA/srp: Fix srp_abort() (git-fixes) +- commit 7984b35 + +- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes) +- commit c55a705 + +- RDMA/rxe: Fix the error caused by qp->sk (git-fixes) +- commit 85ed907 + +- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes) +- commit 94f5187 + +- RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey (git-fixes) +- commit cbf3855 + +- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes) +- commit 7306409 + +- RDMA/irdma: Return correct WC error for bind operation failure (git-fixes) +- commit bb7b5cd + +- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes) +- commit e8ec2a2 + +- RDMA/irdma: Report the correct max cqes from query device (git-fixes) +- commit 2b8a0ed + +- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes) +- commit c54f89a + +- usb: typec: Remove retimers properly (jsc#PED-1211). +- commit e583265 + +- usb: typec: retimer: Add missing id check in match callback + (jsc#PED-1211). +- commit cf4d688 + +- USB: xhci: Fix comment typo (jsc#PED-531 jsc#PED-1211). +- commit 2b3e84d + +- usb/typec/tcpm: fix repeated words in comments (jsc#PED-531 + jsc#PED-1211). +- commit 46257dd + +- usb: typec: Add retimer handle to port (jsc#PED-1211). +- commit dde8f08 + +- usb: typec: Add support for retimers (jsc#PED-1211). +- commit cacdd0d + +- usb: typec: mux: Allow muxes to specify mode-switch + (jsc#PED-1211). +- usb: typec: tcpm: Register USB Power Delivery Capabilities + (jsc#PED-531). +- commit f8dc487 + +- usb: typec: USB Power Delivery helpers for ports and partners + (jsc#PED-531 jsc#PED-1211). +- Refresh patches.suse/0001-typeC-add-kABI-padding.patch. +- Refresh patches.suse/typeC-Add-kABI-placeholders.patch. +- commit 629af64 + +- usb: typec: Separate USB Power Delivery from USB Type-C + (jsc#PED-531 jsc#PED-1211). +- commit d284c3e + +- usb: gadget: bdc: fix typo in comment (git-fixes). +- commit 0b9f194 + +- usb: typec: tcpm: fix typo in comment (git-fixes). +- commit a66c855 + +- usb: common: usb-conn-gpio: Allow wakeup from system suspend + (jsc#PED-531). +- commit 61abc68 + +- powerpc/pseries: Move vas_migration_handler early during + migration (bsc#1204799 ltc#200177). +- commit b7aa6a0 + +- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes) +- commit 458db53 + +- RDMA/cma: Fix arguments order in net device validation (git-fixes) +- commit 81952c8 + +- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes) +- commit f572d06 + +- kbuild: Add skip_encoding_btf_enum64 option to pahole + (git-fixes). +- commit 934e48d + +- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes) +- commit 6e82f19 + +- RDMA/rxe: Fix rnr retry behavior (git-fixes) +- commit 7a75da5 + +- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes) +- commit 66293aa + +- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes) +- commit c8934f1 + +- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes) +- commit 79b1a39 + +- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes) +- commit 706d0f6 + +- RDMA: remove useless condition in siw_create_cq() (git-fixes) +- commit 6f61f5a + +- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes) +- commit 026149f + +- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes) +- commit f75f6bd + +- RDMA/irdma: Fix a window for use-after-free (git-fixes) +- commit 5ca4a5f + +- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes) +- commit afef467 + +- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes) +- commit 735c971 + +- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes) +- commit ccc988f + +- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes) +- commit c6a81d4 + +- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes) +- commit 2b22d3a + +- RDMA/hns: Add the detection for CMDQ status in the device initialization process (git-fixes) +- commit 7090c13 + +- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes) +- commit 2a9e949 + +- blacklist.conf: Clarify status of 6f5c672d17f583b081e283927f5040f726c54598. +- commit cfc21b5 + +- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing + pavgroup (git-fixes). +- commit 3602f60 + +- x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly + (jsc#PED-1816). +- x86/fpu: Exclude dynamic states from init_fpstate + (jsc#PED-1816). +- x86/fpu: Fix the init_fpstate size check with the actual size + (jsc#PED-1816). +- x86/fpu: Configure init_fpstate attributes orderly + (jsc#PED-1816). +- commit d47f5a0 + +- drm/amdkfd: export svm_range_list_lock_and_flush_work + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit c19d328 + +- amd/amdkfd: remove svms declaration to avoid werror + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 4bffdd8 + +- drm/amdkfd: fix KFDSVMRangeTest.PartialUnmapSysMemTest fails + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 77d4811 + +- Kbuild: use -std=gnu11 for KBUILD_USERCFLAGS (bsc#1204877). +- Kbuild: move to -std=gnu11 (bsc#1204877). +- commit 00462f0 + +- fbdev: cyber2000fb: fix missing pci_disable_device() + (git-fixes). +- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes). +- iio: bmc150-accel-core: Fix unsafe buffer attributes + (git-fixes). +- iio: adxl372: Fix unsafe buffer attributes (git-fixes). +- iio: temperature: ltc2983: allocate iio channels once + (git-fixes). +- iio: adc: mcp3911: use correct id bits (git-fixes). +- iio: light: tsl2583: Fix module unloading (git-fixes). +- usb: dwc3: gadget: Don't set IMI for no_interrupt (git-fixes). +- usb: dwc3: gadget: Stop processing more requests on IMI + (git-fixes). +- usb: bdc: change state when port disconnected (git-fixes). +- hwmon/coretemp: Handle large core ID value (git-fixes). +- ACPI: video: Make backlight class device registration a separate + step (v2) (git-fixes). +- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes). +- net: usb: r8152: Add in new Devices that are supported for + Mac-Passthru (git-fixes). +- arm64/mm: Consolidate TCR_EL1 fields (git-fixes). +- commit 510527f + +- objtool,efi: Update __efi64_thunk annotation (jsc#PED-1409). + Refresh + patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch. +- efi/mokvar: move up init order (jsc#PED-1409). +- commit de5f614 + +- scsi: iscsi: Stop using the SCSI pointer (jsc#PED-868). +- scsi: qedi: Switch to attribute groups (jsc#PED-868). +- scsi: bnx2i: Switch to attribute groups (jsc#PED-868). +- scsi: be2iscsi: Switch to attribute groups (jsc#PED-868). +- commit 4dde282 + +- tracing: Disable interrupt or preemption before acquiring + arch_spinlock_t (git-fixes). +- commit 2afc9ce + +- tracing: Wake up ring buffer waiters on closing of the file + (git-fixes). +- kABI: Fix after adding trace_iterator.wait_index (git-fixes). +- commit c6de351 + +- tracing: Fix reading strings from synthetic events (git-fixes). +- commit b3d60fe + +- tracing: Add "(fault)" name injection to kernel probes + (git-fixes). +- commit e8dfbfa + +- tracing: Move duplicate code of trace_kprobe/eprobe.c into header + (git-fixes). +- commit 4676a84 + +- ftrace: Fix char print issue in print_ip_ins() (git-fixes). +- commit 40cb188 + +- tracing: Do not free snapshot if tracer is on cmdline + (git-fixes). +- commit 9e07624 + +- tracing: Simplify conditional compilation code in + tracing_set_tracer() (git-fixes). +- commit 35b9e24 + +- ring-buffer: Fix race between reset page and reading page + (git-fixes). +- commit e172e8c + +- tracing: Wake up waiters when tracing is disabled (git-fixes). +- commit e65663f + +- tracing: Add ioctl() to force ring buffer waiters to wake up + (git-fixes). +- commit d726bd0 + +- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes). +- commit 3f155a7 + +- ALSA: rme9652: use explicitly signed char (git-fixes). +- ALSA: au88x0: use explicitly signed char (git-fixes). +- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600 + (git-fixes). +- commit 1285ea5 + +- device property: Fix documentation for *_match_string() APIs + (git-fixes). +- PM: domains: Fix handling of unavailable/disabled idle states + (git-fixes). +- PM: hibernate: Allow hybrid sleep to work with s2idle + (git-fixes). +- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO + (git-fixes). +- mmc: core: Fix kernel panic when remove non-standard SDIO card + (git-fixes). +- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake + (git-fixes). +- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit + bus (git-fixes). +- mtd: rawnand: marvell: Use correct logic for nand-keep-config + (git-fixes). +- ALSA: aoa: Fix I2S device accounting (git-fixes). +- ALSA: Use del_timer_sync() before freeing timer (git-fixes). +- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() + (git-fixes). +- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile + (git-fixes). +- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile + (git-fixes). +- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() + (git-fixes). +- drm/i915/dp: Reset frl trained flag before restarting FRL + training (git-fixes). +- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() + (git-fixes). +- drm/msm/dp: fix IRQ lifetime (git-fixes). +- drm/msm/hdmi: fix memory corruption with too many bridges + (git-fixes). +- drm/msm/dsi: fix memory corruption with too many bridges + (git-fixes). +- drm/msm: fix use-after-free on probe deferral (git-fixes). +- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid + (git-fixes). +- commit a89c8ce + +- efi: Allow to enable EFI runtime services by default on RT + (jsc#PED-1409). + Update config files. +- efi: use default_groups in kobj_type (jsc#PED-1409). +- efi/libstub: measure loaded initrd info into the TPM + (jsc#PED-1409). +- efi/libstub: consolidate initrd handling across architectures + (jsc#PED-1409). +- efi/libstub: x86/mixed: increase supported argument count + (jsc#PED-1409). + Refresh + patches.suse/x86-prepare-asm-files-for-straight-line-speculation.patch. + patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch. +- efi/libstub: add prototype of + efi_tcg2_protocol::hash_log_extend_event() (jsc#PED-1409). +- include/linux/efi.h: Remove unneeded whitespaces before tabs + (jsc#PED-1409). +- efi: Move efifb_setup_from_dmi() prototype from arch headers + (jsc#PED-1409). + Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. +- commit fa39fcf + +- blacklist.conf: add reverted ASoC patches +- commit 67ca727 + +- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter + (git-fixes). +- commit a23c712 + +- net: dsa: sja1105: fix buffer overflow in + sja1105_setup_devlink_regions() (git-fixes). +- commit 9684564 + +- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry + (git-fixes). +- commit bcb13eb + +- Update patch reference for USB fix (bsc#1196018 CVE-2022-28748 bsc#1202686 CVE-2022-2964) +- commit 0ee154e + +- i40e: Fix to stop tx_timeout recovery if GLOBR fails + (git-fixes). +- commit 9ae1da4 + +- iavf: Fix reset error handling (git-fixes). +- commit d4babdd + +- iavf: Fix adminq error handling (git-fixes). +- commit 403a1a3 + +- net: moxa: pass pdev instead of ndev to DMA functions + (git-fixes). +- commit e117a5b + +- mlxsw: spectrum: Clear PTP configuration after unregistering + the netdevice (git-fixes). +- commit 6677912 + +- net: dsa: mv88e6060: prevent crash on an unused port + (git-fixes). +- commit 00d6b8c + +- fec: Fix timer capture timing in `fec_ptp_enable_pps()` + (git-fixes). +- commit 1a47f16 + +- dpaa2-eth: trace the allocated address instead of page struct + (git-fixes). +- commit 1020d1e + +- net: atlantic: fix aq_vec index out of range error (git-fixes). +- commit 46d90a2 + +- plip: avoid rcu debug splat (git-fixes). +- commit eb203b2 + +- net: bgmac: Fix a BUG triggered by wrong bytes_compl + (git-fixes). +- commit cb50cd4 + +- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes). +- commit 1147d60 + +- xen/netback: fix incorrect usage of + RING_HAS_UNCONSUMED_REQUESTS() (bsc#1204570). +- commit 3c5f57f + +- can: j1939: transport: j1939_session_skb_drop_old(): + spin_unlock_irqrestore() before kfree_skb() (git-fixes). +- can: kvaser_usb: Fix possible completions during init_completion + (git-fixes). +- openvswitch: switch from WARN to pr_warn (git-fixes). +- can: mcp251x: mcp251x_can_probe(): add missing + unregister_candev() in error path (git-fixes). +- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing + put_clock() in error path (git-fixes). +- mac802154: Fix LQI recording (git-fixes). +- media: vivid: set num_in/outputs to 0 if not supported + (git-fixes). +- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check + 'interlaced' (git-fixes). +- media: v4l2-dv-timings: add sanity checks for blanking values + (git-fixes). +- media: vivid: dev->bitmap_cap wasn't freed in all cases + (git-fixes). +- media: vivid: s_fbuf: add more sanity checks (git-fixes). +- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency + regression (git-fixes). +- commit 78420ce + +- Add CVE reference to + patches.suse/net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch + (bsc#1196018 CVE-2022-28748 CVE-2022-2964). +- commit 1298a2a + +- hmm-tests: add test for migrate_device_range() (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit ec3f1d0 + +- nouveau/dmem: evict device private memory during release + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit ca9fd32 + +- nouveau/dmem: refactor nouveau_dmem_fault_copy_one() + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 521539d + +- mm/migrate_device.c: add migrate_device_range() (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 63236a4 + +- firmware_loader: move firmware sysctl to its own files + (PED-1263). +- Refresh + patches.suse/firmware_loader-Split-sysfs-support-from-fallback.patch. +- commit 8ae5e5b + +- mm/migrate_device.c: refactor migrate_vma and + migrate_deivce_coherent_page() (jsc#PED-1294, bsc#1204363, + CVE-2022-3523). +- commit 7f2a998 + +- mm/memremap.c: take a pgmap reference on page allocation + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 123f2df + +- mm/memremap: fix memunmap_pages() race with get_dev_pagemap() + (git-fixes). +- commit 980c32f + +- mm/pagealloc: sysctl: change watermark_scale_factor max limit + to 30% (bnc#1189998 (PREEMPT_RT prerequisite backports)). +- Refresh + patches.suse/sysctl-move-some-boundary-constants-from-sysctl.c-to.patch. + This was previously in the SLE15-SP4-RT branch to avoid a change in + behaviour of a sysctl after GA. +- commit dce66e6 + +- fpga: stratix10-soc: Do not use ret uninitialized in s10_probe() + (jsc#PED-1263). +- commit 1865695 + +- fpga: m10bmc-sec: d5005 bmc secure update driver (jsc#PED-1263). +- commit a8f024e + +- fpga: dfl-pci: Add IDs for Intel N6000, N6001 and C6100 cards + (jsc#PED-1263). +- commit 81df1d8 + +- uio: dfl: add IOPLL user-clock feature id (jsc#PED-1263). +- commit b574954 + +- mfd: intel-m10-bmc: Add d5005 bmc secure update driver + (jsc#PED-1263). +- commit ccd0f1e + +- memory: dfl-emif: Update the dfl emif driver support revision 1 + (jsc#PED-1263). +- commit ec569a6 + +- regmap: spi-avmm: Use swabXX_array() helpers (jsc#PED-1263). +- commit 4057de5 + +- swab: Add array operations (jsc#PED-1263). +- commit b633743 + +- fpga: m10bmc-sec: Fix possible memory leak of flash_buf + (jsc#PED-1263). +- commit c627d9d + +- firmware_loader: Fix memory leak in firmware upload + (jsc#PED-1263). +- commit 19ff7e8 + +- firmware_loader: Fix use-after-free during unregister + (jsc#PED-1263). +- commit 4f92a6e + +- fpga: m10bmc-sec: add max10 secure update functions + (jsc#PED-1263). +- commit fb127c6 + +- fpga: m10bmc-sec: expose max10 canceled keys in sysfs + (jsc#PED-1263). +- commit 4d15a2d + +- fpga: m10bmc-sec: expose max10 flash update count + (jsc#PED-1263). +- commit 490a9aa + +- fpga: m10bmc-sec: create max10 bmc secure update (jsc#PED-1263). +- commit bb9fcc7 + +- mfd: intel-m10-bmc: Rename n3000bmc-secure driver + (jsc#PED-1263). +- commit fc33834 + +- firmware_loader: describe 'module' parameter of + firmware_upload_register() (jsc#PED-1263). +- commit 103bb65 + +- firmware_loader: Move definitions from sysfs_upload.h to sysfs.h + (jsc#PED-1263). +- commit 87bae5e + +- firmware_loader: Fix configs for sysfs split (jsc#PED-1263). +- commit 6a7a9b1 + +- firmware_loader: Add sysfs nodes to monitor fw_upload + (jsc#PED-1263). +- commit 7b04b8b + +- firmware_loader: Add firmware-upload support (jsc#PED-1263). +- commit d2144d4 + +- firmware_loader: Split sysfs support from fallback + (jsc#PED-1263). +- commit e6134c4 + +- firmware_loader: Check fw_state_is_done in loading_store + (jsc#PED-1263). +- commit 87cb66d + +- firmware_loader: Clear data and size in fw_free_paged_buf + (jsc#PED-1263). +- commit a0106fc + +- fpga: dfl: Allow Port to be linked to FME's DFL (jsc#PED-1263). +- commit 54d7dcd + +- Documentation: fpga: dfl: add link address of feature id table + (jsc#PED-1263). +- commit ae7ccad + +- fpga: dfl: check feature type before parse irq info + (jsc#PED-1263). +- commit 7ba0e05 + +- fpga: fpga-region: fix kernel-doc formatting issues + (jsc#PED-1263). +- commit 8305210 + +- fpga: fpga-mgr: fix kernel-doc warnings (jsc#PED-1263). +- commit 4a86d8b + +- fpga: fix for coding style issues (jsc#PED-1263). +- commit eefb2bb + +- uio: dfl: add HSSI subsystem feature id (jsc#PED-1263). +- commit 942ce55 + +- hwmon: (intel-m10-bmc-hwmon) use devm_hwmon_sanitize_name() + (jsc#PED-1263). +- commit f3a8650 + +- hwmon: introduce hwmon_sanitize_name() (jsc#PED-1263). +- commit 1fef75a + +- fpga: dfl: pci: Remove usage of the deprecated + "pci-dma-compat.h" API (jsc#PED-1263). +- commit 0f81b21 + +- fpga: region: fix kernel-doc (jsc#PED-1263). +- commit 7e5c728 + +- fpga: region: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 3acc62e + +- fpga: bridge: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 3c81c95 + +- fpga: mgr: Use standard dev_release for class driver + (jsc#PED-1263). +- commit 9311bde + +- fpga: dfl: Avoid reads to AFU CSRs during enumeration + (jsc#PED-1263). +- commit 9490eba + +- mfd: intel-m10-bmc: Add N5010 variant (jsc#PED-1263). +- commit bffc1db + +- spi: spi-altera-dfl: support n5010 feature revision + (jsc#PED-1263). +- Refresh + patches.suse/spi-spi-altera-dfl-Fix-an-error-handling-path.patch. +- commit 88965da + +- fpga: dfl: expose feature revision from struct dfl_device + (jsc#PED-1263). +- commit ac856ca + +- fpga: fpga-mgr: wrap the write_sg() op (jsc#PED-1263). +- commit 8064ded + +- fpga: fpga-mgr: wrap the fpga_remove() op (jsc#PED-1263). +- commit 67d203e + +- fpga: fpga-mgr: wrap the state() op (jsc#PED-1263). +- commit 93c376a + +- fpga: fpga-mgr: wrap the status() op (jsc#PED-1263). +- commit 69714b3 + +- fpga: fpga-mgr: wrap the write() op (jsc#PED-1263). +- commit 5cae3b0 + +- fpga: fpga-mgr: make write_complete() op optional + (jsc#PED-1263). +- commit 58d2ca4 + +- fpga: fpga-mgr: wrap the write_init() op (jsc#PED-1263). +- commit a678a0d + +- fpga: dfl: pci: add device IDs for Silicom N501x PAC cards + (jsc#PED-1263). +- commit decfdaa + +- mm: free device private pages have zero refcount (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 476ed92 + +- fpga: fpga-bridge: removed repeated word (jsc#PED-1263). +- commit 9fd1af8 + +- fpga: fix spelling mistakes (jsc#PED-1263). +- commit 52e3a64 + +- docs: driver-api: fpga: avoid using UTF-8 chars (jsc#PED-1263). +- commit d967010 + +- hwmon: intel-m10-bmc-hwmon: add n5010 sensors (jsc#PED-1263). +- commit 1130849 + +- Update config and supported.conf for Intel FPGA (jsc#PED-1263) + CONFIG_FW_LOADER_SYSFS=y + CONFIG_FW_UPLOAD=y + CONFIG_FPGA_M10_BMC_SEC_UPDATE=m + CONFIG_MFD_INTEL_M10_BMC=m + CONFIG_SENSORS_INTEL_M10_BMC_HWMON=m + CONFIG_REGMAP_SPI_AVMM=m +- commit 20596f5 + +- HID: hidraw: fix memory leak in hidraw_release() (git-fixes). +- commit 0e980ee + +- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register + configuration (git-fixes). +- commit cc822b8 + +- octeontx2-af: Fix key checking for source mac (git-fixes). +- commit 2b15002 + +- octeontx2-af: Fix mcam entry resource leak (git-fixes). +- commit 1934a04 + +- octeontx2-af: suppress external profile loading warning + (git-fixes). +- commit f03aa66 + +- octeontx2-af: Apply tx nibble fixup always (git-fixes). +- commit 127ded0 + +- net: tap: NULL pointer derefence in dev_parse_header_protocol + when skb->dev is null (git-fixes). +- commit fd012c5 + +- nfp: ethtool: fix the display error of `ethtool -m DEVNAME` + (git-fixes). +- commit 145a612 + +- net/ice: fix initializing the bitmap in the switch code + (git-fixes). +- commit 1864c2e + +- s390/pai: Fix multiple concurrent event installation + (jsc#PED-598). +- s390/pai: Prevent invalid event number for pai_crypto PMU + (jsc#PED-598). +- s390/pai: add support for cryptography counters (jsc#PED-598). +- entry: Rename arch_check_user_regs() to + arch_enter_from_user_mode() (jsc#PED-598). +- commit 4a60553 + +- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ + size (git-fixes). +- commit 0f9b4b8 + +- net/mlx5e: Remove WARN_ON when trying to offload an unsupported + TLS cipher/version (git-fixes). +- commit 26fe2e5 + +- netdevsim: fib: Fix reference count leak on route deletion + failure (git-fixes). +- commit ef84aaa + +- ice: do not setup vlan for loopback VSI (git-fixes). +- commit 2f72810 + +- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | + RS) (git-fixes). +- commit c63938e + +- can: kvaser_usb: replace run-time checks with struct + kvaser_usb_driver_info (git-fixes). +- commit 435b54b + +- sfc: disable softirqs for ptp TX (git-fixes). +- commit def7cc9 + +- octeontx2-pf: Fix UDP/TCP src and dst port tc filters + (git-fixes). +- commit a2053ff + +- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes). +- commit 36a8155 + +- selftests: cgroup: add a selftest for memory.reclaim + (jsc#PED-808). +- selftests: cgroup: fix alloc_anon_noexit() instantly freeing + memory (jsc#PED-808). +- selftests: cgroup: return -errno from cg_read()/cg_write() + on failure (jsc#PED-808). +- memcg: introduce per-memcg reclaim interface (jsc#PED-808). +- commit ee3f4a3 + +- thermal: intel_powerclamp: Use first online CPU as control_cpu + (git-fixes). +- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id + (git-fixes). +- staging: rtl8723bs: fix a potential memory leak in + rtw_init_cmd_priv() (git-fixes). +- staging: vt6655: fix potential memory leak (git-fixes). +- usb: add quirks for Lenovo OneLink+ Dock (git-fixes). +- thunderbolt: Explicitly enable lane adapter hotplug events at + startup (git-fixes). +- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes). +- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination + error after resume bug (git-fixes). +- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes). +- usb: host: xhci: Fix potential memory leak in + xhci_alloc_stream_info() (git-fixes). +- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes). +- usb: host: xhci-plat: suspend and resume clocks (git-fixes). +- soundwire: intel: fix error handling on dai registration issues + (git-fixes). +- soundwire: cadence: Don't overwrite msg->buf during write + commands (git-fixes). +- kselftest/arm64: Fix validatation termination record after + EXTRA_CONTEXT (git-fixes). +- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA + (git-fixes). +- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails + (git-fixes). +- spi: Ensure that sg_table won't be used after being freed + (git-fixes). +- wifi: rt2x00: correctly set BBP register 86 for MT7620 + (git-fixes). +- wifi: rt2x00: set SoC wmac clock register (git-fixes). +- wifi: rt2x00: set VGC gain for both chains of MT7620 + (git-fixes). +- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 + (git-fixes). +- wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 + (git-fixes). +- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up + hw value (git-fixes). +- wifi: brcmfmac: fix use-after-free bug in + brcmf_netdev_start_xmit() (git-fixes). +- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() + (git-fixes). +- thunderbolt: Add back Intel Falcon Ridge end-to-end flow + control workaround (git-fixes). +- wifi: brcmfmac: fix invalid address access when enabling SCAN + log level (git-fixes). +- selinux: use "grep -E" instead of "egrep" (git-fixes). +- thermal: cpufreq_cooling: Check the policy first in + cpufreq_cooling_register() (git-fixes). +- thermal: intel_powerclamp: Use get_cpu() instead of + smp_processor_id() to avoid crash (git-fixes). +- selinux: allow FIOCLEX and FIONCLEX with policy capability + (git-fixes). +- commit 2b3f1b5 + +- gcov: support GCC 12.1 and newer compilers (git-fixes). +- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n + (git-fixes). +- drm/amd/display: Fix vblank refcount in vrr transition + (git-fixes). +- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes). +- kbuild: remove the target in signal traps when interrupted + (git-fixes). +- clk: bcm2835: Make peripheral PLLC critical (git-fixes). +- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate + (git-fixes). +- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes). +- staging: rtl8723bs: fix potential memory leak in + rtw_init_drv_sw() (git-fixes). +- iio: pressure: dps310: Reset chip after timeout (git-fixes). +- iio: pressure: dps310: Refactor startup procedure (git-fixes). +- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to + prevent overflow (git-fixes). +- power: supply: adp5061: fix out-of-bounds read in + adp5061_get_chg_type() (git-fixes). +- HID: roccat: Fix use-after-free in roccat_read() (git-fixes). +- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() + (git-fixes). +- drm/amd/display: Remove interface for periodic interrupt 1 + (git-fixes). +- drm/meson: explicitly remove aggregate driver at module unload + time (git-fixes). +- drm/amdgpu: fix initial connector audio value (git-fixes). +- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 + (git-fixes). +- drm: bridge: dw_hdmi: only trigger hotplug event on link change + (git-fixes). +- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes). +- gpu: lontium-lt9611: Fix NULL pointer dereference in + lt9611_connector_init() (git-fixes). +- drm/komeda: Fix handling of atomic commits in the + atomic_commit_tail hook (git-fixes). +- drm/virtio: Check whether transferred 2D BO is shmem + (git-fixes). +- drm: Prevent drm_copy_field() to attempt copying a NULL pointer + (git-fixes). +- drm: Use size_t type for len variable in drm_copy_field() + (git-fixes). +- drm/nouveau/nouveau_bo: fix potential memory leak in + nouveau_bo_alloc() (git-fixes). +- platform/x86: msi-laptop: Change DMI match / alias strings to + fix module autoloading (git-fixes). +- platform/chrome: cros_ec: Notify the PM of wake events during + resume (git-fixes). +- mmc: sdhci-msm: add compatible string check for sdm670 + (git-fixes). +- regulator: core: Prevent integer underflow (git-fixes). +- hwmon: (sht4x) do not overflow clamping operation on 32-bit + platforms (git-fixes). +- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses + (git-fixes). +- openvswitch: Fix overreporting of drops in dropwatch + (git-fixes). +- openvswitch: Fix double reporting of drops in dropwatch + (git-fixes). +- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329 + (git-fixes). +- ima: fix blocking of security.ima xattrs of unsupported + algorithms (git-fixes). +- commit 73e3036 + +- arm64: topology: move store_cpu_topology() to shared code + (git-fixes). +- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to + USB nodes (git-fixes). +- ata: libahci_platform: Sanity check the DT child nodes number + (git-fixes). +- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power + supply (git-fixes). +- ARM: dts: imx6sx: add missing properties for sram (git-fixes). +- ARM: dts: imx6sll: add missing properties for sram (git-fixes). +- ARM: dts: imx6sl: add missing properties for sram (git-fixes). +- ARM: dts: imx6qp: add missing properties for sram (git-fixes). +- ARM: dts: imx6dl: add missing properties for sram (git-fixes). +- ARM: dts: imx6q: add missing properties for sram (git-fixes). +- ARM: dts: imx7d-sdb: config the max pressure for tsc2046 + (git-fixes). +- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n + (git-fixes). +- ASoC: SOF: pci: Change DMI match info to support all Chrome + platforms (git-fixes). +- ALSA: usb-audio: Fix last interface check for registration + (git-fixes). +- ALSA: usb-audio: Register card at the last interface + (git-fixes). +- Bluetooth: L2CAP: Fix user-after-free (git-fixes). +- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple + times (git-fixes). +- Bluetooth: L2CAP: initialize delayed works at + l2cap_chan_create() (git-fixes). +- Bluetooth: RFCOMM: Fix possible deadlock on socket + shutdown/release (git-fixes). +- Bluetooth: btintel: Mark Intel controller to support LE_STATES + quirk (git-fixes). +- can: bcm: check the result of can_send() in bcm_can_tx() + (git-fixes). +- ARM: decompressor: Include .data.rel.ro.local (git-fixes). +- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk + (git-fixes). +- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for + StorageD3Enable (git-fixes). +- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid + phys address (git-fixes). +- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE + (git-fixes). +- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes). +- commit de318d1 + +- blacklist.conf: update blacklist +- commit 78ca650 + +- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state + is toggled (git-fixes). +- commit 8343da0 + +- kABI: Fix kABI after backport Refactoring find_arch_event() to + pmc_perf_hw_id() (git-fixes). +- commit 44b42bd + +- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size + hugetlb page (bsc#1204575). +- commit e6fc5be + +- kABI: Fix kABI after backport Update vPMCs when retiring branch + instructions (git-fixes). +- commit 4209455 + +- kABI: Fix kABI after backport Add pmc->intr to refactor + kvm_perf_overflow{_intr}() (git-fixes). +- commit 9fc8292 + +- platform/x86/intel: pmc/core: Add Raptor Lake support to pmc + core driver (jsc#PED-1035). +- platform/x86/intel/vsec: Add support for Raptor Lake + (jsc#PED-1036). +- commit e86728a + +- drm/amdkfd: use kvcalloc() instead of kvmalloc() in kfd_migrate + (jsc#PED-1294). +- commit ceef9d9 + +- drm/amdkfd: Handle incomplete migration to system memory + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit 002b524 + +- drm/amdkfd: Avoid thrashing of stack and heap (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 61d33f6 + +- drm/amdkfd: avoid conflicting address mappings (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- Refresh + patches.suse/drm-amdkfd-process_info-lock-not-needed-for-svm.patch. +- commit aa4245a + +- drm/amdkfd: unregistered svm range not overlap with TTM range + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit eb3c57d + +- Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573). +- commit 0605d12 + +- drm/amdkfd: Fix SVM_ATTR_PREFERRED_LOC (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 2022943 + +- mm/memory.c: fix race when faulting a device private page + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit fa41dd0 + +- drm/amdkfd: debug message to count successfully migrated pages + (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit a83f8ae + +- drm/amdkfd: clarify the origin of cpages returned by migration + functions (jsc#PED-1294, bsc#1204363, CVE-2022-3523). +- commit b72c8a9 + +- drm/amdkfd: handle svm partial migration cpages 0 (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit 51450c1 + +- drm/amdkfd: ratelimited svm debug messages (jsc#PED-1294, + bsc#1204363, CVE-2022-3523). +- commit f314d31 + +- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors + (git-fixes). +- commit 22e05f5 + +- overflow.h: restore __ab_c_size (git-fixes). +- commit 9dbc158 + +- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes). +- commit 3acb74c + +- KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating + a perf event (git-fixes). +- commit 9a723c2 + +- overflow: Implement size_t saturating arithmetic helpers + (jsc#PED-1211). +- commit fecede0 + +- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset + (bsc#1204753). +- commit d072831 + +- blacklist.conf: Add cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id +- commit 382b2e7 + +- blacklist.conf: Add c530a3c716b9 sched/psi: Fix periodic aggregation shut off +- commit 56b9a2a + +- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which + is a result of RSM (git-fixes). +- commit 274c60f + +- powerpc/fadump: align destination address to pagesize + (bsc#1204728 ltc#200074). +- commit 5377513 + +- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved + state (git-fixes). +- commit cd056ba + +- KVM: x86: nSVM: fix potential NULL derefernce on nested + migration (git-fixes). +- commit 272884f + +- KVM: x86: Sync the states size with the XCR0/IA32_XSS at, + any time (git-fixes). +- commit c927187 + +- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes). +- commit c61458a + +- KVM: x86: Forcibly leave nested virt when SMM state is toggled + (git-fixes). +- commit f22036a + +- Update patches.suse/usb-mon-make-mmapped-memory-read-only.patch + (bsc#1204653 CVE-2022-43750). + Added CVE and bsc +- commit 93b1d48 + +- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES + event (git-fixes). +- commit 436d9eb + +- KVM: x86: Update vPMCs when retiring branch instructions + (git-fixes). +- Refresh + patches.suse/kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch. +- commit 1f8391b + +- KVM: x86: Update vPMCs when retiring instructions (git-fixes). +- commit c4d4a64 + +- KVM: x86/pmu: Add pmc->intr to refactor + kvm_perf_overflow{_intr}() (git-fixes). +- commit 91025b1 + +- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id() + (git-fixes). +- commit 8080b0e + +- kABI: Fix kABI after backport Always set kvm_run->if_flag + (git-fixes). +- KVM: x86: Always set kvm_run->if_flag (git-fixes). +- commit daa5fd4 + +- KVM: x86/mmu: Don't advance iterator after restart due to + yielding (git-fixes). +- commit 86c02c7 + +- KVM: x86/mmu: Retry page fault if root is invalidated by + memslot update (git-fixes). +- commit c96dbdc + +- KVM: fix avic_set_running for preemptable kernels (git-fixes). +- commit 457ae39 + +- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER + (git-fixes). +- commit 58e3def + +- xen/gntdev: Prevent leaking grants (git-fixes). +- commit 73a7df7 + +- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in + WFS (git-fixes). +- commit 8c88ccd + +- KVM: nVMX: Unconditionally purge queued/injected events on + nested "exit" (git-fixes). +- commit f7976c7 + +- KVM: x86/emulator: Fix handing of POP SS to correctly set + interruptibility (git-fixes). +- commit 938654e + +- usb: gadget: f_fs: stricter integer overflow checks (git-fixes). +- commit 07d2846 + +- blacklist.conf: prerequisites too risky +- commit 93c5479 + +- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels + (bnc#1204498). +- commit e73c4d3 + +- lib/string_helpers: Consolidate string helpers implementation + (jsc#PED-1211). +- commit fa50192 + +- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair + (git-fixes). +- commit a0de208 + +- iommu: Add capability for pre-boot DMA protection + (jsc#PED-1211). +- commit 531fe4a + +- iommu: Use right way to retrieve iommu_ops (jsc#PED-1211). +- commit 48ca01b + +- Update patch reference for + patches.suse/devlink-Fix-use-after-free-after-a-failed-reload.patch + (git-fixes bsc#1204637 CVE-2022-3625). +- commit fd50fbc + +- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes). +- dyndbg: let query-modname override actual module name + (git-fixes). +- dyndbg: fix module.dyndbg handling (git-fixes). +- dyndbg: fix static_branch manipulation (git-fixes). +- commit afe6697 + +- io_uring: use original request task for inflight tracking + (CVE-2022-40476 bsc#1203435). +- commit 941d6b4 + +- Update + patches.suse/powerpc-pseries-vas-Pass-hw_cpu_id-to-node-associati.patch + (bsc#1194869 bsc#1204428 ltc#200180). +- commit fe8b379 + +- ring-buffer: Check pending waiters when doing wake ups as well + (git-fixes). +- commit d934ca7 + +- ring-buffer: Have the shortest_full queue be the shortest not + longest (git-fixes). +- commit ed18dc7 + +- ring-buffer: Allow splice to read previous partially read pages + (git-fixes). +- commit 4649dee + +- iommu: Introduce device_iommu_capable() (jsc#PED-1211). +- commit 7a5b8e8 + +- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes). +- commit 554a8e9 + +- net: mvpp2: fix mvpp2 debugfs leak (bsc#1204417 CVE-2022-3535). +- bnx2x: fix potential memory leak in bnx2x_tpa_stop() + (bsc#1204402 CVE-2022-3542). +- nfp: fix use-after-free in area_cache_get() (bsc#1204415 + CVE-2022-3545). +- commit 8e53774 + +- tracing/osnoise: Fix possible recursive locking in + stop_per_cpu_kthreads (git-fixes). +- commit f81f58f + +- tracing: Replace deprecated CPU-hotplug functions (git-fixes). +- Refresh + patches.suse/tracing-osnoise-Fix-missed-cpus_read_unlock-in-start_per_cpu_kthreads.patch. +- commit b1bca55 + +- tracing: kprobe: Make gen test module work in arm and riscv + (git-fixes). +- commit 57b2377 + +- tracing: kprobe: Fix kprobe event gen test module on exit + (git-fixes). +- commit 81447e5 + +- thunderbolt: Add support for XDomain lane bonding + (jsc#PEd-1211). +- commit 75a8fa9 + +- thunderbolt: Ignore port locked error in + tb_port_wait_for_link_width() (jsc#PED-1211). +- commit bf76347 + +- thunderbolt: Split setting link width and lane bonding into + own functions (jsc#PEd-1211). +- commit fc051e6 + +- thunderbolt: Move tb_port_state() prototype to correct place + (jsc#PED-1211). +- commit d0ed8bf + +- nilfs2: fix leak of nilfs_root in case of writer thread creation + failure (CVE-2022-3646 bsc#1204646). +- nilfs2: fix use-after-free bug of struct nilfs_root + (CVE-2022-3649 bsc#1204647). +- commit af91749 + +- Update patch reference for vsock fix (CVE-2022-3629 bsc#1204635) +- commit 6c49703 + +- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() + (CVE-2022-3640 bsc#1204619). +- commit 5d68cf0 + +- can: j1939: j1939_session_destroy(): fix memory leak of skbs + (CVE-2022-3633 bsc#1204650). +- commit da3122e + +- thunderbolt: Add debug logging when lane is enabled/disabled + (jesc#PEd-531). +- commit ca2d7e5 + +- thunderbolt: Link USB4 ports to their USB Type-C connectors + (jsc#PED-1211). +- commit f9e0651 + +- thunderbolt: Make iommu_dma_protection more accurate + (jsc#PED-1211). +- commit 318d5c5 + +- thunderbolt: Dump path config space entries during discovery + (jsc#PED-1211). +- commit 1ac89ca + +- Reference JIRA Impl instead Epic: jsc#PED-448 -> jsc#PED-594 +- Reference JIRA Impl instead Epic: jsc#PED-455 -> jsc#PED-588 +- commit 64fa841 + +- s390/airq: use DMA memory for summary indicators (jsc#PED-596). +- s390/zcrypt: Provide target domain for EP11 cprbs to scheduling + function (jsc#PED-596). +- s390/zcrypt: change reply buffer size offering (jsc#PED-596). +- s390/zcrypt: Support CPRB minor version T7 (jsc#PED-596). +- s390/zcrypt: handle checkstopped cards with new state + (jsc#PED-596). +- s390/zcrypt: CEX8S exploitation support (jsc#PED-596). +- s390/ap/zcrypt: debug feature improvements (jsc#PED-596). +- s390/zcrypt: rework of debug feature messages (jsc#PED-596). +- commit caf5220 + +- KVM: s390x: fix SCK locking (git-fixes). +- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes). +- commit aa7345b + +- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter + (git-fixes). +- media: venus: dec: Handle the case where find_format fails + (git-fixes). +- media: atomisp: prevent integer overflow in + sh_css_set_black_frame() (git-fixes). +- media: ipu3-imgu: Fix NULL pointer dereference in active + selection access (git-fixes). +- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation + (git-fixes). +- media: mceusb: set timeout to at least timeout provided + (git-fixes). +- commit fbd2a07 + +- Update patches.suse/watchdog-hpwdt-Include-nmi.h-only-if-CONFIG_HPWDT_NM.patch (git-fixes, jsc#PED-1694). + Add reference to jsc#PED-1694. +- commit 2064b90 + +- watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-1694) + Enable HP ProLiant iLO2+ Hardware Watchdog Timer +- commit f0e3a55 + +- scsi: core: Remove the 'done' argument from SCSI + queuecommand_lck functions (jsc#PED-1561). +- scsi: fas216: Introduce the function + fas216_queue_command_internal() (jsc#PED-1561). +- scsi: core: Call scsi_done directly (jsc#PED-1561). +- scsi: usb: Call scsi_done() directly (jsc#PED-1561). +- scsi: target: tcm_loop: Call scsi_done() directly + (jsc#PED-1561). +- scsi: staging: rts5208: Call scsi_done() directly + (jsc#PED-1561). +- scsi: xen-scsifront: Call scsi_done() directly (jsc#PED-1561). +- scsi: wd719x: Call scsi_done() directly (jsc#PED-1561). +- scsi: wd33c93: Call scsi_done() directly (jsc#PED-1561). +- scsi: vmw_pvscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: virtio_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: ufs: Call scsi_done() directly (jsc#PED-1561). +- scsi: sym53c8xx_2: Call scsi_done() directly (jsc#PED-1561). +- scsi: storvsc_drv: Call scsi_done() directly (jsc#PED-1561). +- scsi: stex: Call scsi_done() directly (jsc#PED-1561). +- scsi: snic: Call scsi_done() directly (jsc#PED-1561). +- scsi: smartpqi: Call scsi_done() directly (jsc#PED-1561). +- scsi: scsi_debug: Call scsi_done() directly (jsc#PED-1561). +- scsi: qlogicpti: Call scsi_done() directly (jsc#PED-1561). +- scsi: qlogicfas408: Call scsi_done() directly (jsc#PED-1561). +- scsi: qla4xxx: Call scsi_done() directly (jsc#PED-1561). +- commit baefb85 + +- scsi: qla2xxx: Call scsi_done() directly (jsc#PED-1561). +- Refresh + patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch. +- Refresh + patches.suse/scsi-qla2xxx-Stop-using-the-SCSI-pointer.patch. +- commit 47bbcd3 + +- scsi: qla1280: Call scsi_done() directly (jsc#PED-1561). +- scsi: qedf: Call scsi_done() directly (jsc#PED-1561). +- scsi: ps3rom: Call scsi_done() directly (jsc#PED-1561). +- scsi: ppa: Call scsi_done() directly (jsc#PED-1561). +- commit b80549e + +- scsi: pmcraid: Call scsi_done() directly (jsc#PED-1561). +- commit 881416d + +- scsi: pcmcia: Call scsi_done() directly (jsc#PED-1561). +- scsi: nsp32: Call scsi_done() directly (jsc#PED-1561). +- scsi: ncr53c8xx: Call scsi_done() directly (jsc#PED-1561). +- scsi: myrs: Call scsi_done() directly (jsc#PED-1561). +- scsi: myrb: Call scsi_done() directly (jsc#PED-1561). +- scsi: mvumi: Call scsi_done() directly (jsc#PED-1561). +- scsi: mpt3sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: mpi3mr: Call scsi_done() directly (jsc#PED-1561). +- scsi: mesh: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid_sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: megaraid_mbox: Call scsi_done() directly (jsc#PED-1561). +- scsi: mac53c94: Call scsi_done() directly (jsc#PED-1561). +- scsi: lpfc: Call scsi_done() directly (jsc#PED-1561). +- scsi: libsas: Call scsi_done() directly (jsc#PED-1561). +- scsi: libiscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: libfc: Call scsi_done() directly (jsc#PED-1561). +- scsi: ips: Call scsi_done() directly (jsc#PED-1561). +- scsi: ipr: Call scsi_done() directly (jsc#PED-1561). +- scsi: initio: Call scsi_done() directly (jsc#PED-1561). +- scsi: imm: Call scsi_done() directly (jsc#PED-1561). +- commit 76ef02d + +- cpufreq: qcom: fix writes in read-only memory region + (git-fixes). +- cpufreq: qcom: fix memory leak in error path (git-fixes). +- ACPI: extlog: Handle multiple records (git-fixes). +- HID: magicmouse: Do not set BTN_MOUSE on double report + (git-fixes). +- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in + convert_context() (git-fixes). +- commit a940189 + +- ALSA: hda/realtek: Add another HP ZBook G9 model quirks + (bsc#1203699). +- commit 9b4cf06 + +- scsi: ibmvscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: hptiop: Call scsi_done() directly (jsc#PED-1561). +- scsi: hpsa: Call scsi_done() directly (jsc#PED-1561). +- scsi: fnic: Call scsi_done() directly (jsc#PED-1561). +- scsi: fdomain: Call scsi_done() directly (jsc#PED-1561). +- scsi: fas216: Stop using scsi_cmnd.scsi_done (jsc#PED-1561). +- scsi: esp_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: esas2r: Call scsi_done() directly (jsc#PED-1561). +- scsi: dpt_i2o: Call scsi_done() directly (jsc#PED-1561). +- scsi: dc395x: Call scsi_done() directly (jsc#PED-1561). +- scsi: cxlflash: Call scsi_done() directly (jsc#PED-1561). +- scsi: csiostor: Call scsi_done() directly (jsc#PED-1561). +- scsi: bnx2fc: Call scsi_done() directly (jsc#PED-1561). +- scsi: bfa: Call scsi_done() directly (jsc#PED-1561). +- scsi: atp870u: Call scsi_done() directly (jsc#PED-1561). +- scsi: arcmsr: Call scsi_done() directly (jsc#PED-1561). +- scsi: aic7xxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: aha1542: Call scsi_done() directly (jsc#PED-1561). +- scsi: aha152x: Call scsi_done() directly (jsc#PED-1561). +- scsi: advansys: Call scsi_done() directly (jsc#PED-1561). +- scsi: acornscsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: aacraid: Call scsi_done() directly (jsc#PED-1561). +- scsi: aacraid: Introduce aac_scsi_done() (jsc#PED-1561). +- scsi: a100u2w: Call scsi_done() directly (jsc#PED-1561). +- scsi: NCR5380: Call scsi_done() directly (jsc#PED-1561). +- commit 4088abf + +- scsi: BusLogic: Call scsi_done() directly (jsc#PED-1561). +- scsi: 53c700: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-xxxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-sas: Call scsi_done() directly (jsc#PED-1561). +- scsi: 3w-9xxx: Call scsi_done() directly (jsc#PED-1561). +- scsi: zfcp_scsi: Call scsi_done() directly (jsc#PED-1561). +- scsi: message: fusion: Call scsi_done() directly (jsc#PED-1561). +- scsi: ib_srp: Call scsi_done() directly (jsc#PED-1561). +- scsi: firewire: sbp2: Call scsi_done() directly (jsc#PED-1561). +- scsi: ata: Call scsi_done() directly (jsc#PED-1561). +- commit 8b9488f + +- scsi: core: Rename scsi_mq_done() into scsi_done() and export it + (jsc#PED-1561). +- scsi: core: Use a structure member to track the SCSI command + submitter (jsc#PED-1561). +- commit 217e4e6 + +- efi: Simplify arch_efi_call_virt() macro (jsc#PED-1408). +- commit 736e2d1 + +- scsi: pmcraid: Fix missing resource cleanup in error case + (jsc#PED-1561). +- scsi: pmcraid: Fix typo in comment (jsc#PED-1561). +- scsi: pmcraid: Remove unneeded semicolon (jsc#PED-1561). +- scsi: pmcraid: Remove the PMCRAID_PASSTHROUGH_IOCTL ioctl + implementation (jsc#PED-1561). +- scsi: pmcraid: Don't use GFP_DMA in pmcraid_alloc_sglist() + (jsc#PED-1561). +- scsi: pmcraid: Fix a kernel-doc warning (jsc#PED-1561). +- scsi: pmcraid: Switch to attribute groups (jsc#PED-1561). +- scsi: core: Register sysfs attributes earlier (jsc#PED-1561). +- commit 65ed53e + +- blacklist.conf: add an entry for IDXD that has been already fixed +- commit 7531ae1 + +- dmaengine: idxd: force wq context cleanup on device disable path + (git-fixes). +- commit e06ba18 + +- nilfs2: fix NULL pointer dereference at + nilfs_bmap_lookup_at_level() (CVE-2022-3621 bsc#1204574). +- commit f8016b1 + +- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41 + (bsc#1203922). +- commit 1d187cf + +- Move upstreamed sound patches into sorted section +- commit 4c058b6 + +- Bluetooth: L2CAP: Fix memory leak in vhci_write (CVE-2022-3619 + bsc#1204569). +- commit b649754 + +- iommu: Introduce a callback to struct iommu_resv_region + (jsc#PED-1408). +- commit 480aace + +- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes). +- net: phy: dp83822: disable MDI crossover status change interrupt + (git-fixes). +- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() + (git-fixes). +- net: phy: dp83867: Extend RX strap quirk for SGMII mode + (git-fixes). +- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes). +- commit 273eb71 + +- arm64: topology: Remove redundant setting of llc_id in CPU + topology (jsc#PED-1408). +- commit 2ac7bb1 + +- hisi_lpc: Use acpi_dev_for_each_child() (jsc#PED-1408). +- soundwire: Use acpi_dev_for_each_child() (jsc#PED-1408). +- commit a5a010e + +- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU + is not set (bsc#1204413 ltc#200176). +- commit 0850b12 + +- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176). +- Refresh patches.suse/powerpc-Rename-PPC_NATIVE-to-PPC_HASH_MMU_NATIVE.patch. +- commit abb9ade + +- thunderbolt: ACPI: Replace tb_acpi_find_port() with + acpi_find_child_by_adr() (jsc#PED-1408). +- commit b06ed1f + +- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176). +- Refresh patches.suse/lkdtm-disable-return-thunks-in-rodata-c.patch. + Update config files. +- commit 5b2abcf + +- platform/x86/thinkpad_acpi: Use acpi_dev_for_each_child() + (jsc#PED-1408). +- platform/x86: Replace acpi_bus_get_device() (jsc#PED-1408). +- commit e8f90ff + +- fuse: fix deadlock between atomic O_TRUNC and page invalidation + (bsc#1204533). +- commit a0e6630 + +- USB: ACPI: Replace usb_acpi_find_port() with + acpi_find_child_by_adr() (jsc#PED-1408). +- commit 1538aed + +- Correct JIRA reference to Impl entries (jsc#PED-588 jsc#PED-594 jsc#PED-812 jsc#PED-826 jsc#PED-827 jsc#PED-831 jsc#PED-840 jsc#PED-858 jsc#PED-859 jsc#PED-1033 jsc#PED-1035 jsc#PED-1038 jsc#PED-1044 jsc#PED-1046 jsc#PED-1052 jsc#PED-1054 jsc#PED-1096 jsc#PED-1165 jsc#PED-1213 jsc#PED-1516 jsc#PED-1817 jsc#PED-1820) +- commit 048beb0 + +- Correct JIRA reference to Impl entries (jsc#PED-833 jsc#PED-850 jsc#PED-825 jsc#PED-822 jsc#PED-846 jsc#PED-817 jsc#PED-851 jsc#PED-857 jsc#PED-842 jsc#PED-813 jsc#PED-1084 jsc#PED-1096 jsc#PED-1085 jsc#PED-1649 jsc#PED-1082 jsc#PED-856) +- commit c7d3570 + +- mfd: core: Use acpi_dev_for_each_child() (jsc#PED-1408). +- commit 4d37bd2 + +- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413 + ltc#200176). +- powerpc: Ignore DSI error caused by the copy/paste instruction + (bsc#1204413 ltc#200176). +- powerpc/64s: Move hash MMU support code under + CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176). +- Refresh patches.suse/Revert-powerpc-rtas-Implement-reentrant-rtas-call.patch +- Refresh patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch +- Refresh patches.suse/powerpc-pseries-wire-up-rng-during-setup_arch.patch +- powerpc: make memremap_compat_align 64s-only (bsc#1204413 + ltc#200176). +- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e + or radix (bsc#1204413 ltc#200176). +- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c + (bsc#1204413 ltc#200176). +- powerpc/64s: Make flush_and_reload_slb a no-op when radix is + enabled (bsc#1204413 ltc#200176). +- powerpc/pseries: lparcfg don't include slb_size line in radix + mode (bsc#1204413 ltc#200176). +- powerpc/64s: Move and rename do_bad_slb_fault as it is not + hash specific (bsc#1204413 ltc#200176). +- Refresh patches.suse/powerpc-64s-hash-Make-hash-faults-work-in-NMI-contex.patch +- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413 + ltc#200176). + Update config files. +- commit da125ff + +- devdax: Fix soft-reservation memory description (jsc#PED-1408). +- ACPI: property: Remove default association from integer maximum + values (jsc#PED-1408). +- ACPI: property: Ignore already existing data node tags + (jsc#PED-1408). +- ACPI: property: Fix type detection of unified integer reading + functions (jsc#PED-1408). +- arm64: cacheinfo: Fix incorrect assignment of signed error + value to unsigned fw_level (jsc#PED-1408). +- ACPI: property: Fix error handling in acpi_init_properties() + (jsc#PED-1408). +- ACPI: property: Read buffer properties as integers + (jsc#PED-1408). +- ACPI: property: Add support for parsing buffer property UUID + (jsc#PED-1408). +- commit 5677edc + +- ACPI: property: Unify integer value reading functions + (jsc#PED-1408). +- ACPI: property: Switch node property referencing from ifs to + a switch (jsc#PED-1408). +- ACPI: property: Move property ref argument parsing into a new + function (jsc#PED-1408). +- ACPI: property: Use acpi_object_type consistently in property + ref parsing (jsc#PED-1408). +- ACPI: property: Tie data nodes to acpi handles (jsc#PED-1408). +- ACPI: VIOT: Do not dereference fwnode in struct device + (jsc#PED-1408). +- ACPI/IORT: Fix build error implicit-function-declaration + (jsc#PED-1408). +- ACPI/IORT: Add a helper to retrieve RMR info directly + (jsc#PED-1408). +- ACPI/IORT: Add support to retrieve IORT RMR reserved regions + (jsc#PED-1408). +- ACPI/IORT: Provide a generic helper to retrieve reserve regions + (jsc#PED-1408). +- ACPI/IORT: Make iort_iommu_msi_get_resv_regions() return void + (jsc#PED-1408). +- ACPI: PPTT: Leave the table mapped for the runtime usage + (jsc#PED-1408). +- ACPI: Remove the unused find_acpi_cpu_cache_topology() + (jsc#PED-1408). +- ACPI: PPTT: Use table offset as fw_token instead of virtual + address (jsc#PED-1408). +- ACPI: Move PRM config option under the main ACPI config + (jsc#PED-1408). + Update config files. +- ACPI: Enable Platform Runtime Mechanism(PRM) support on ARM64 + (jsc#PED-1408). + Update config files. +- ACPI: PRM: Change handler_addr type to void pointer + (jsc#PED-1408). +- ACPI/PCI: Remove useless NULL pointer checks (jsc#PED-1408). +- ACPI: video: Use native backlight on Dell Inspiron N4010 + (jsc#PED-1408). +- ACPI: video: Drop X86 dependency from Kconfig (jsc#PED-1408). + Update config files. +- ACPI: resource: skip IRQ override on AMD Zen platforms + (jsc#PED-1408). +- ACPI: PM: x86: Print messages regarding LPS0 idle support + (jsc#PED-1408). +- ACPI: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is + unset (jsc#PED-1408). +- Revert "ACPI / PM: LPIT: Register sysfs attributes based on + FADT" (jsc#PED-1408). +- ACPI: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008 + (jsc#PED-1408). +- ACPI: EC: Drop unused ident initializers from dmi_system_id + tables (jsc#PED-1408). +- ACPI: EC: Re-use boot_ec when possible even when + EC_FLAGS_TRUST_DSDT_GPE is set (jsc#PED-1408). +- ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP (jsc#PED-1408). +- ACPI: APEI: Fix double word in a comment (jsc#PED-1408). +- ACPI: processor: Drop leftover acpi_processor_get_limit_info() + declaration (jsc#PED-1408). +- ACPI: processor: Split out thermal initialization from ACPI PSS + (jsc#PED-1408). +- ACPI: bus: Drop unused list heads from struct acpi_device + (jsc#PED-1408). +- ACPI: bus: Drop driver member of struct acpi_device + (jsc#PED-1408). +- ACPI: bus: Drop redundant check in acpi_device_remove() + (jsc#PED-1408). +- ACPI / MMC: PM: Unify fixing up device power (jsc#PED-1408). +- ACPI: scan: Walk ACPI device's children using driver core + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_dev_for_each_child_reverse() + (jsc#PED-1408). +- ACPI: video: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: bus: Export acpi_dev_for_each_child() to modules + (jsc#PED-1408). +- ACPI: property: Use acpi_dev_for_each_child() for child lookup + (jsc#PED-1408). +- ACPI: container: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: glue: Introduce acpi_find_child_by_adr() (jsc#PED-1408). +- ACPI: glue: Introduce acpi_dev_has_children() (jsc#PED-1408). +- ACPI: glue: Use acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: irq: Allow acpi_gsi_to_irq() to have an arch-specific + fallback (jsc#PED-1408). +- APCI: irq: Add support for multiple GSI domains (jsc#PED-1408). +- mmc: sdhci-acpi: Remove special handling for GPD win/pocket + devices (jsc#PED-1408). +- commit 3b82889 + +- r8152: Rate limit overflow messages (CVE-2022-3594 bsc#1204479). +- commit a745ef5 + +- Update patch reference for HID fix (CVE-2022-3577 bsc#1204470) +- commit 3ac3b39 + +- kcm: avoid potential race in kcm_tx_work (bsc#1204355 + CVE-2022-3521). +- commit 2d76ec0 + +- tcp/udp: Fix memory leak in ipv6_renew_options() (bsc#1204354 + CVE-2022-3524). +- commit f8049de + +- Update metadata references +- commit d0bf0fb + +- PCI: hv: Fix synchronization between channel callback and + hv_pci_bus_exit() (bsc#1204017). +- commit ea6713d + +- PCI: hv: Fix synchronization between channel callback and + hv_compose_msi_msg() (bsc#1204017). +- commit 230768b + +- PCI: hv: Use vmbus_requestor to generate transaction IDs for + VMbus hardening (bsc#1204017). +- commit a19c478 + +- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() + (bsc#1204017). +- commit bc36cf4 + +- Drivers: hv: vmbus: Introduce vmbus_request_addr_match() + (bsc#1204017). +- commit 40cb8e4 + +- Drivers: hv: vmbus: Fix handling of messages with transaction + ID of zero (bsc#1204017). +- commit a5b4ebf + +- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() + (bsc#1204017). +- commit 2e0386a + +- sch_sfb: Also store skb len before calling child enqueue + (CVE-2022-3586 bsc#1204439). +- sch_sfb: Don't assume the skb is still around after enqueueing + to child (CVE-2022-3586 bsc#1204439). +- commit 6788943 + +- Update patch reference for mISDN fix (CVE-2022-3565 bsc#1204431) +- commit 5d0836e + +- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() + (git-fixes). +- commit 1ad6725 + +- blacklist.conf: add upstream commit that's too invasive +- commit a605c6e + +- Update config files: enable CONFIG_DMABUF_MOVE_NOTIFY (jsc#PED-975) +- commit a10be66 + +- dmaengine: idxd: deprecate token sysfs attributes for read + buffers (jsc#PED-679). +- commit c137213 + +- dmaengine: idxd: change bandwidth token to read buffers + (jsc#PED-679). +- Refresh + patches.suse/dmaengine-idxd-restore-traffic-class-defaults-after-.patch. +- commit d0c1256 + +- powercap: intel_rapl: Add support for RAPTORLAKE_S + (jsc#PED-1812). +- commit 213e719 + +- Update config files: enable CONFIG_PINCTRL_METEORLAKE (jsc#PED-732) +- supported.conf: add pinctrl-meteorlake +- commit efb9d9f + +- pinctrl: intel: Add Intel Meteor Lake pin controller support + (jsc#PED-732). +- commit 0540896 + +- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732). +- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732). +- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732). +- commit 11c983f + +- Update patch reference for Intel MTL-P USB patch (jsc#PED-732) +- commit 4ca8c18 + +- pinctrl: alderlake: Fix register offsets for ADL-N variant + (jsc#PED-676). +- pinctrl: alderlake: Add Intel Alder Lake-N pin controller + support (jsc#PED-676). +- commit 5492389 + +- Update patch reference for Intel ADL-N eMMC patch (jsc#PED-676) +- commit 4c38b45 + +- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634). +- commit 0ec42f9 + +- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634). +- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs + (jsc#PED-634). +- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S + (jsc#PED-634). +- commit 06d5787 + +- Update patch references for intel_th RPL-S support (jsc#PED-634) +- commit 900e952 + +- i2c: i801: Add support for Intel Raptor Lake PCH-S + (jsc#PED-634). +- i2c: i801: Improve handling of chip-specific feature definitions + (jsc#PED-634). +- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634). +- commit 46a17cc + +- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707). +- commit 356d2a6 + +- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_RPRES.patch (git-fixes, jsc#PED-1159) + Add reference to jsc#PED-1599 +- commit 27aeba3 + +- thermal: int340x: Mode setting with new OS handshake + (jsc#PED-678). +- commit c03fef0 + +- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_AFP.patch (git-fixes, jsc#PED-1159) + Add reference to jsc#PED-1599 +- commit fb87f4f + +- thermal: int340x: Update OS policy capability handshake + (jsc#PED-678). +- commit 2487fcb + +- supported.conf: Add CN10K DDR PMU driver to supported modules (jsc#PED-1765) +- commit ee9c6f0 + +- supported.conf: Add CN10K RNG driver to supported modules (jsc#PED-1765) +- commit f38a789 + +- supported.conf: Add CN10K LLC PMU driver to supported modules (jsc#PED-1765) +- commit ff62505 + +- hwrng: cn10k - Make check_rng_health() return an error code (jsc#PED-1765) +- commit e96e350 + +- hwrng: cn10k - Optimize cn10k_rng_read() (jsc#PED-1765) +- commit 18234b8 + +- hwrng: cn10k - Add random number generator support (jsc#PED-1765) + Update config/arm64/default +- commit 80a71af + +- perf/marvell: Fix !CONFIG_OF build for CN10K DDR PMU driver (jsc#PED-1765) + Update config/arm64/default +- commit d86ecb5 + +- perf/marvell: cn10k DDR perf event core ownership (jsc#PED-1765) +- commit ccedd1a + +- perf/marvell: cn10k DDR perfmon event overflow handling (jsc#PED-1765) +- commit b6ab0c5 + +- perf/marvell: CN10k DDR performance monitor support (jsc#PED-1765) +- commit b13d58a + +- dt-bindings: perf: marvell: cn10k ddr performance monitor (jsc#PED-1765) +- commit 705f151 + +- Update patch reference for macvlan fix (CVE-2022-3526 bsc#1204353) +- commit 740e86c + +- rpm/check-for-config-changes: loosen pattern for AS_HAS_* + This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128. +- commit bdc0bf7 + +- perf/marvell_cn10k: Fix TAD PMU register offset (jsc#PED-1765) +- commit 4ccd5d2 + +- perf/marvell_cn10k: Remove useless license text when (jsc#PED-1765) +- commit b1994db + +- perf/marvell_cn10k: Fix tad_pmu_event_init() to check pmu type first (jsc#PED-1765) +- commit cb2eb6b + +- perf/marvell_cn10k: Fix unused variable warning when W=1 and (jsc#PED-1765) +- commit 4f19277 + +- drivers: perf: marvell_cn10k: fix an IS_ERR() vs NULL check (jsc#PED-1765) +- commit 9e52366 + +- drivers: perf: Add LLC-TAD perf counter support (jsc#PED-1765) + Update config/arm64/default +- commit 15db243 + +- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729). +- powerpc/powernv: add missing of_node_put() in + opal_export_attrs() (bsc#1065729). +- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729). +- commit 7c692ec + +- powerpc/kprobes: Fix null pointer reference in + arch_prepare_kprobe() (jsc#SLE-13847 git-fixes). +- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 + git-fixes). +- commit 5521322 + +- thunderbolt: Use decimal number with port numbers (jsc#PED-531 + jsc#PED-1211). +- commit 1ef4993 + +- thunderbolt: Replace usage of found with dedicated list iterator + variable (jsc#PED-531 jsc#PED-1211). +- commit 3fecfc9 + +- thunderbolt: Clarify register definitions for + `tb_cap_plug_events` (jsc#PED-531). +- commit 68d4307 + +- thunderbolt: Add internal xHCI connect flows for Thunderbolt + 3 devices (jsc#PED-531). +- commit ec0de67 + +- thunderbolt: Do not make DROM read success compulsory + (jsc#PED-531). +- commit 24436e4 + +- thunderbolt: Do not resume routers if UID is not set + (jsc#PED-531). +- thunderbolt: Retry DROM reads for more failure scenarios + (jsc#PED-531). +- commit a78e01a + +- thunderbolt: Drop duplicate NULL checks around + nvmem_unregister() (jsc#PED-531). +- commit 3ea3344 + +- thunderbolt: Replace acpi_bus_get_device() (jsc#PED-531). +- commit 920924a + +- thunderbolt: Remove useless DMA-32 fallback configuration + (jsc#PED-531). +- commit 871dcd2 + +- usb: host: Initiate urb ep with udev ep0 (jsc#PED-531). +- commit f03f8e4 + +- arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes) +- commit 2f51dd9 + +- blacklist.conf: ("arm64/mm: drop HAVE_ARCH_PFN_VALID") +- commit f836660 + +- clk: at91: fix the build with binutils 2.27 (git-fixes). +- commit a34e36d + +- Input: xpad - add supported devices as contributed on github + (git-fixes). +- efi: libstub: drop pointless get_memory_map() call (git-fixes). +- misc: pci_endpoint_test: Fix + pci_endpoint_test_{copy,write,read}() panic (git-fixes). +- misc: pci_endpoint_test: Aggregate params checking for xfer + (git-fixes). +- USB: serial: qcserial: add new usb-id for Dell branded EM7455 + (git-fixes). +- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes). +- commit 4dee064 + +- ALSA: oss: Fix potential deadlock at unregistration (git-fixes). +- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() + (git-fixes). +- ALSA: hda/realtek: Add Intel Reference SSID to support headset + keys (git-fixes). +- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes). +- commit c900b4a + +- ACPI: HMAT: Release platform device in case of + platform_device_add_data() fails (git-fixes). +- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() + (git-fixes). +- ALSA: hda/realtek: Correct pin configs for ASUS G533Z + (git-fixes). +- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 + (git-fixes). +- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or + restored (git-fixes). +- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in + 'performance_levels' (git-fixes). +- Revert "drm/amdgpu: use dirty framebuffer helper" (git-fixes). +- drm/i915/ehl: Update MOCS table for EHL (git-fixes). +- commit 3ca51e4 + +- s390/qeth: Remove OSN deprecation notice (jsc#PED-448 + LTC#198619). +- commit 42319b3 + +- qeth: remove a copy of the NAPI_POLL_WEIGHT define (jsc#PED-448 + LTC#198619). +- Refresh + patches.suse/net-make-drivers-set-the-TSO-limit-not-the-GSO-limit.patch. +- Refresh patches.suse/net-switch-to-netif_napi_add_tx.patch. +- commit f8ee04c + +- s390/qeth: split up L2 netdev_ops (jsc#PED-448 LTC#198619). +- commit f50bd13 + +- s390/qeth: don't keep track of Input Queue count (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qdio-split-do_QDIO. +- commit f07e1f9 + +- s390/qeth: move qdio's QAOB cache into qeth (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qdio-split-do_QDIO. +- commit 7ee14b3 + +- s390/qeth: clean up device_type management (jsc#PED-448 + LTC#198619). +- Refresh patches.suse/s390-qeth-Register-switchdev-event-handler. +- commit 4489d18 + +- s390/qeth: Fix typo 'the the' in comment (jsc#PED-448 + LTC#198619). +- s390/ctcm: fix typo "length to short" -> "length too short" + (jsc#PED-448 LTC#198619). +- s390/net: sort out physical vs virtual pointers usage + (jsc#PED-448 LTC#198619). +- s390/qeth: Remove redundant 'flush_workqueue()' calls + (jsc#PED-448 LTC#198619). +- s390/qeth: remove check for packing mode in + qeth_check_outbound_queue() (jsc#PED-448 LTC#198619). +- s390/qeth: fine-tune .ndo_select_queue() (jsc#PED-448 + LTC#198619). +- s390/qeth: don't offer .ndo_bridge_* ops for OSA devices + (jsc#PED-448 LTC#198619). +- s390/lcs: add braces around empty function body (jsc#PED-448 + LTC#198619). +- s390/ctcm: add __printf format attribute to ctcm_dbf_longtext + (jsc#PED-448 LTC#198619). +- s390/ctcm: fix format string (jsc#PED-448 LTC#198619). +- s390/qeth: allocate RX queue at probe time (jsc#PED-448 + LTC#198619). +- s390/qeth: update kerneldoc for qeth_add_hw_header() + (jsc#PED-448 LTC#198619). +- s390/qeth: fix kernel doc comments (jsc#PED-448 LTC#198619). +- s390/qeth: add __printf format attribute to qeth_dbf_longtext + (jsc#PED-448 LTC#198619). +- s390/qeth: fix various format strings (jsc#PED-448 LTC#198619). +- s390/qeth: clarify remaining dev_kfree_skb_any() users + (jsc#PED-448 LTC#198619). +- s390/qeth: remove .do_ioctl() callback from driver discipline + (jsc#PED-448 LTC#198619). +- s390/qeth: improve trace entries for MAC address + (un)registration (jsc#PED-448 LTC#198619). +- net: s390: constify and use eth_hw_addr_set() (jsc#PED-448 + LTC#198619). +- s390/netiucv: remove incorrect kernel doc indicators + (jsc#PED-448 LTC#198619). +- s390/lcs: remove incorrect kernel doc indicators (jsc#PED-448 + LTC#198619). +- s390/ctcm: remove incorrect kernel doc indicators (jsc#PED-448 + LTC#198619). +- s390/net: replace in_irq() with in_hardirq() (jsc#PED-448 + LTC#198619). +- s390/qeth: clean up QETH_PROT_* naming (jsc#PED-448 LTC#198619). +- commit 595cfd6 + +- x86/cpu: Add CPU model numbers for Meteor Lake (jsc#PED-637). +- x86/cpu: Add new Raptor Lake CPU model number (jsc#PED-716). +- commit 612dc8d + +- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes). +- openvswitch: add nf_ct_is_confirmed check before assigning + the helper (git-fixes). +- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 + (git-fixes). +- wifi: iwlwifi: mvm: fix double list_add at + iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes). +- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of + small packets (git-fixes). +- wifi: mac80211: fix decap offload for stations on AP_VLAN + interfaces (git-fixes). +- wifi: mac80211: fix probe req HE capabilities access + (git-fixes). +- wifi: mac80211: do not drop packets smaller than the LLC-SNAP + header on fast-rx (git-fixes). +- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes). +- can: kvaser_usb_leaf: Fix TX queue out of sync after restart + (git-fixes). +- can: kvaser_usb: Fix use of uninitialized completion + (git-fixes). +- macvlan: enforce a consistent minimal mtu (git-fixes). +- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq + (git-fixes). +- net: ieee802154: return -EINVAL for unknown addr type + (git-fixes). +- watchdog: armada_37xx_wdt: Fix .set_timeout callback + (git-fixes). +- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure + (git-fixes). +- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING + (git-fixes). +- commit cb006e7 + +- Drop a incorrectly doubly applied WiFi fix patch +- commit 9d35b83 + +- s390/qdio: Fix spelling mistake (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify logical vs absolute in QIB's kerneldoc + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unneeded sanity check in qdio_do_sqbs() + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: split do_QDIO() (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: split qdio_inspect_queue() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify handler logic for + qdio_handle_activate_check() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clean up access to queue in + qdio_handle_activate_check() (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: avoid allocating the qdio_irq with GFP_DMA + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: improve handling of CIWs (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: remove QDIO_SBAL_SIZE macro (jsc#PED-455 bsc#1203836 + LTC#198623). +- scsi: zfcp: fix kernel doc comments (jsc#PED-455 bsc#1203836 + LTC#198623). +- scsi: zfcp: Use scsi_cmd_to_rq() instead of scsi_cmnd.request + (jsc#PED-455 bsc#1203836 LTC#198623). +- scsi: zfcp: Use the proper SCSI midlayer interfaces for PI + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unused support for SLIB parameters + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: consolidate QIB code (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: use dev_info() in qdio_print_subchannel_info() + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: fine-tune the queue sync (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clean up SIGA capability tracking (jsc#PED-455 + bsc#1203836 LTC#198623). +- s390/qdio: remove unused sync-after-IRQ infrastructure + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: use absolute data address in ESTABLISH ccw + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unused macros (jsc#PED-455 bsc#1203836 + LTC#198623). +- s390/qdio: clarify reporting of errors to the drivers + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove unneeded siga-sync for Output Queue + (jsc#PED-455 bsc#1203836 LTC#198623). +- s390/qdio: remove remaining tasklet & timer code (jsc#PED-455 + bsc#1203836 LTC#198623). +- commit ccb8c7b + +- wifi: cfg80211: update hidden BSSes to avoid WARN_ON + (git-fixes). +- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate + (git-fixes). +- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes). +- commit b28d368 + +- Move upstramed WiFi fix patches into sorted section +- commit bef1692 + +- net: ethernet: move from strlcpy with unused retval to strscpy + (jsc#PED-1302). +- net: add skb_[inner_]tcp_all_headers helpers (jsc#PED-1302). +- ethernet: Remove vf rate limit check for drivers (jsc#PED-1302). +- rtnetlink: add extack support in fdb del handlers + (jsc#PED-1302). +- net: switch to netif_napi_add_tx() (jsc#PED-1302). +- qlcnic: remove redundant assignment to variable index + (jsc#PED-1302). +- net: qlcnic: use time_is_before_jiffies() instead of open + coding it (jsc#PED-1302). +- qlcnic: Simplify DMA setting (jsc#PED-1302). +- qlcnic: Remove redundant initialization of variable ret + (jsc#PED-1302). +- qlcnic: switch from 'pci_' to 'dma_' API (jsc#PED-1302). +- qlcnic: make the array random_data static const, makes object + smaller (jsc#PED-1302). +- commit c7136a6 + +- clk: bcm: rpi: Add support for VEC clock (bsc#1196632) +- commit 188fe72 + +- nvmem: core: Check input parameter for NULL in + nvmem_unregister() (bsc#1204241). +- commit 66b047b + +- clk: bcm2835: Round UART input clock up (bsc#1188238) +- commit f465b19 + +- ALSA: hda/hdmi: Fix the converter allocation for the silent + stream (git-fixes). +- ALSA: hda/hdmi: change type for the 'assigned' variable + (git-fixes). +- commit 6c73200 + +- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types + (git-fixes). +- irqchip/ls-extirq: Fix invalid wait context by avoiding to + use regmap (git-fixes). +- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes). +- docs: update mediator information in CoC docs (git-fixes). +- mmc: core: Terminate infinite loop in SD-UHS voltage switch + (git-fixes). +- drm/amd/display: skip audio setup when audio stream is enabled + (git-fixes). +- drm/amd/display: update gamut remap if plane has changed + (git-fixes). +- drm/amd/display: Assume an LTTPR is always present on fixed_vs + links (git-fixes). +- drm/amd/display: Fix double cursor on non-video RGB MPO + (git-fixes). +- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer + (git-fixes). +- firmware: arm_scmi: Add SCMI PM driver remove routine + (git-fixes). +- firmware: arm_scmi: Harden accesses to the sensor domains + (git-fixes). +- firmware: arm_scmi: Improve checks in the info_get operations + (git-fixes). +- net/ieee802154: fix uninit value bug in dgram_sendmsg + (git-fixes). +- dmaengine: xilinx_dma: Report error in case of + dma_set_mask_and_coherent API failure (git-fixes). +- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores + property (git-fixes). +- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource + error handling (git-fixes). +- ALSA: hda/hdmi: Fix the converter reuse for the silent stream + (git-fixes). +- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() + (git-fixes). +- mmc: core: Replace with already defined values for readability + (git-fixes). +- commit 07f5789 + +- Drop TI clk patch that has been reverted in 5.15.y stable +- commit bfab74f + +- mm/hmm/test: use char dev with struct device to get device node + (jsc#PED-1294). +- commit 2a441da + +- lib/test_hmm: avoid accessing uninitialized pages + (jsc#PED-1294). +- commit 629e407 + +- mm/memremap: fix wrong function name above memremap_pages() + (jsc#PED-1294). +- commit 99ceafe + +- Updated metadata references for bsc#1200788 CVE-2022-2153: + Updated patches (from Juergen Gross) +- patches.suse/KVM-x86-Avoid-theoretical-NULL-pointer-dereference-i.patch +- patches.suse/KVM-x86-Check-lapic_in_kernel-before-attempting-to-s.patch +- patches.suse/KVM-x86-Forbid-VMM-to-set-SYNIC-STIMER-MSRs-when-Syn.patch +- commit e9364fc + +- selftests/vm: use top_srcdir instead of recomputing relative + paths (jsc#PED-1294). +- commit fcd00bf + +- Kselftests: remove support of libhugetlbfs from kselftests + (jsc#PED-1294). +- commit 5314c14 + +- tools/testing/selftests/vm/hmm-tests.c: fix build + (jsc#PED-1294). +- commit d4e3629 + +- mm/hmm: add a test for cross device private faults + (jsc#PED-1294). +- commit 113260c + +- mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault + (jsc#PED-1294). +- commit 81464f0 + +- tools: update hmm-test to support device coherent type + (jsc#PED-1294). +- commit 7b24afa + +- mm: fix the handling Non-LRU pages returned by follow_page + (jsc#PED-1294). +- commit a0abdab + +- mm/huge_memory: use helper macro IS_ERR_OR_NULL in + split_huge_pages_pid (jsc#PED-1294). +- commit 64365f4 + +- mm: remove unneeded local variable follflags (jsc#PED-1294). +- commit f1da2a0 + +- mm/migrate_device.c: fix a misleading and outdated comment + (jsc#PED-1294). +- commit 2496c30 + +- mm: migration: fix the FOLL_GET failure on following huge page + (jsc#PED-1294). +- commit 7c67379 + +- mm: re-allow pinning of zero pfns (again) (jsc#PED-1294). +- commit 4e32fd5 + +- nvdimm/pmem: cleanup the disk if pmem_release_disk() is yet + assigned (jsc#PED-1294). +- commit 519f490 + +- thunderbolt: Fix buffer allocation of devices with no + DisplayPort adapters (git-fixes). +- commit 2534904 + +- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-2978 + bsc#1202700). +- commit e1802d7 + +- thunderbolt: Add missing device ID to + tb_switch_is_alpine_ridge() (git-fixes). +- commit 9447425 + +- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes). +- commit 9dce26f + +- usb/hcd: Fix dma_map_sg error check (git-fixes). +- commit 82f7672 + +- mm/gup.c: fix formatting in check_and_migrate_movable_page() + (jsc#PED-1294). +- commit 6bb21eb + +- tools: add selftests to hmm for COW in device memory + (jsc#PED-1294). +- commit fbb5441 + +- tools: add hmm gup tests for device coherent type + (jsc#PED-1294). +- commit ccae011 + +- tools: update test_hmm script to support SP config + (jsc#PED-1294). +- commit 32be4d6 + +- lib: add support for device coherent type in test_hmm + (jsc#PED-1294). +- commit 5bcf5a6 + +- lib: test_hmm add module param for zone device type + (jsc#PED-1294). +- commit e22f0bf + +- lib: test_hmm add ioctl to get zone device type (jsc#PED-1294). +- commit 87c4e9c + +- drm/amdkfd: add SPM support for SVM (jsc#PED-1294). +- commit 9d8092a + +- drm/amdkfd: fix resource_size.cocci warnings (jsc#PED-1294). +- commit 589703d + +- mm/gup: migrate device coherent pages when pinning instead of + failing (jsc#PED-1294). +- commit f57d4bb + +- kabi/severities: ignore CS35L41-specific exports (bsc#1203699) +- commit 9f486fe + +- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699). +- ALSA: hda: cs35l41: Remove suspend/resume hda hooks + (bsc#1203699). +- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls + (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before + reading/writing controls (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code + removal (bsc#1203699). +- commit 54175bd + +- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3 + (git-fixes). +- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges + (git-fixes). +- dt-bindings: PCI: microchip,pcie-host: fix missing clocks + properties (git-fixes). +- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge + (git-fixes). +- PCI: Fix used_buses calculation in pci_scan_child_bus_extend() + (git-fixes). +- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes). +- PCI/ASPM: Ignore L1 PM Substates if device lacks capability + (git-fixes). +- i2c: designware: Fix handling of real but unexpected device + interrupts (git-fixes). +- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return + value check (git-fixes). +- pinctrl: armada-37xx: Checks for errors in gpio_request_enable + callback (git-fixes). +- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 + (git-fixes). +- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes). +- Input: i8042 - fix refount leak on sparc (git-fixes). +- Input: synaptics-rmi4 - fix firmware update operations with + bootloader v8 (git-fixes). +- Input: xpad - fix wireless 360 controller breaking after suspend + (git-fixes). +- commit 6628947 + +- Add cherry-picked ID for AMDGPU patch +- commit 005b431 + +- mm: add device coherent vma selection for memory migration + (jsc#PED-1294). +- commit c7f49b6 + +- mm: handling Non-LRU pages returned by vm_normal_pages + (jsc#PED-1294). +- commit e689445 + +- mm/migration: fix possible do_pages_stat_array racing with + memory offline (jsc#PED-1294). +- commit f5b7a8c + +- mm: add zone device coherent type memory support (jsc#PED-1294). +- commit c80982a + +- mm: re-allow pinning of zero pfns (jsc#PED-1294). +- commit 541ae7e + +- octeontx2-pf: cn10k: Fix egress ratelimit configuration + (git-fixes). +- commit dfc0a0a + +- net: sungem_phy: Add of_node_put() for reference returned by + of_get_parent() (git-fixes). +- commit cc0874b + +- net: pcs: xpcs: propagate xpcs_read error to + xpcs_get_state_c37_sgmii (git-fixes). +- commit 6750e0f + +- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication + (git-fixes). +- commit 6f3b54a + +- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy + (git-fixes). +- commit afc53c0 + +- iavf: Fix handling of dummy receive descriptors (git-fixes). +- commit e9bd3c0 + +- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings + (git-fixes). +- commit 155ccd4 + +- net: dsa: sja1105: silent spi_device_id warnings (git-fixes). +- commit ee0b547 + +- net: stmmac: remove redunctant disable xPCS EEE call + (git-fixes). +- commit 9493b1a + +- ixgbe: Add locking to prevent panic when setting sriov_numvfs + to zero (git-fixes). +- commit 53fbc66 + +- net: stmmac: fix dma queue left shift overflow issue + (git-fixes). +- commit 1deb58f + +- net: dsa: microchip: ksz_common: Fix refcount leak bug + (git-fixes). +- commit c46e25b + +- net: stmmac: fix unbalanced ptp clock issue in suspend/resume + flow (git-fixes). +- commit dff326f + +- net: stmmac: fix pm runtime issue in stmmac_dvr_remove() + (git-fixes). +- commit e347cfb + +- ip: Fix data-races around sysctl_ip_fwd_update_priority + (git-fixes). +- commit 4ea8f18 + +- sfc: fix kernel panic when creating VF (git-fixes). +- commit 33eba8c + +- sfc: fix use after free when disabling sriov (git-fixes). +- commit 2fa14d7 + +- net: stmmac: fix leaks in probe (git-fixes). +- commit 97831ef + +- mm: move page zone helpers from mm.h to mmzone.h (jsc#PED-1294). +- commit 57ef364 + +- KVM: x86: Register perf callbacks after calling vendor's + hardware_setup() (git-fixes). +- Refresh + patches.suse/KVM-x86-Register-Processor-Trace-interrupt-hook-iff-.patch. +- commit 871c62a + +- mm: build migrate_vma_* for all configs with ZONE_DEVICE support + (jsc#PED-1294). +- Update config files. +- commit 0314c06 + +- USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM + (git-fixes). +- commit 31ce443 + +- KVM: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes). +- commit cc0ea0c + +- usb: ehci: Fix a function name in comments (git-fixes). +- commit 610087d + +- usb: host: remove dead EHCI support for on-chip PMC MSP71xx + USB controller (jsc#PED-531). +- commit 62f8e77 + +- x86/mce: Retrieve poison range from hardware (jsc#PED-1408). +- ACPI: CPPC: Don't require flexible address space if + X86_FEATURE_CPPC is supported (jsc#PED-1408). +- ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory + (jsc#PED-1408). +- commit ac7776e + +- xhci: remove unused lpm_failed_dev member from struct xhci_hcd + (jsc#PED-531). +- commit 85de64c + +- xhci: remove unused command member from struct xhci_hcd struct + (jsc#PED-531). +- commit 5e975fe + +- USB: xhci: make xhci_get_endpoint_address static (jsc#PED-531). +- commit dcf3baa + +- ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported + (jsc#PED-1408). +- tools headers cpufeatures: Sync with the kernel sources + (jsc#PED-1408). +- x86/cpufeatures: Add AMD Collaborative Processor Performance + Control feature flag (jsc#PED-1408). + Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch. +- commit bf4cd56 + +- USB: hcd-pci: Drop the unused id parameter from + usb_hcd_pci_probe() (jsc#PED-531). +- commit b826b6a + +- xen: update ring.h (jsc#PED-531). +- commit 4472a2b + +- xen/xenbus: add xenbus_setup_ring() service function + (jsc#PED-531). +- commit f043eec + +- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled + (git-fixes). +- commit 93cdb54 + +- net: ftgmac100: Hold reference returned by + of_get_child_by_name() (git-fixes). +- commit 0961942 + +- bnxt_en: Fix bnxt_refclk_read() (git-fixes). +- commit 4187bc1 + +- bnxt_en: fix livepatch query (git-fixes). +- commit cc62415 + +- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes). +- commit e387d75 + +- bnxt_en: reclaim max resources if sriov enable fails + (git-fixes). +- commit 9161aa5 + +- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes). +- commit 7fdc3a9 + +- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded + (git-fixes). +- commit 5e19505 + +- KVM: x86: do not report preemption if the steal time cache is + stale (git-fixes). +- commit c293d6b + +- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence + (git-fixes). +- commit 385f6b7 + +- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness + conversion (git-fixes). +- commit 368984e + +- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct + length to read dev_id (git-fixes). +- commit 809cb98 + +- usb: renesas-xhci: Do not print any log while fw verif success + (jsc#PED-531). +- commit bad9850 + +- xen/usbfront: use xenbus_setup_ring() and xenbus_teardown_ring() + (jsc#PED-531). +- commit 41ef599 + +- xen/usb: switch xen-hcd to use INVALID_GRANT_REF (jsc#PED-531). +- commit e4f01cd + +- xen/usb: harden xen_hcd against malicious backends + (jsc#PED-531). +- commit 36bb0d3 + +- xen/grant-table: remove readonly parameter from functions + (jsc#PED-531). +- Refresh + patches.suse/xen-blkfront-force-data-bouncing-when-backend-is-unt.patch. +- commit 80f5ba9 + +- xen/usb: don't use arbitrary_virt_to_machine() (jsc#PED-531). +- commit 71d02c4 + +- mm: move the migrate_vma_* device migration code into its own + file (jsc#PED-1294). +- Update config files. +- commit ffdaa32 + +- mm/migrate: remove redundant variables used in a for-loop + (jsc#PED-1294). +- commit 53fa906 + +- x86/PCI: Revert "x86/PCI: Clip only host bridge windows for + E820 regions" (jsc#PED-1408). +- ACPI: clean up white space in a few places for consistency + (jsc#PED-1408). +- ACPI: video: improve PM notifer callback (jsc#PED-1408). +- ACPI: battery: Make "not-charging" the default on no charging + or full info (jsc#PED-1408). +- ACPI: CPPC: fix typo in comment (jsc#PED-1408). +- ACPI: processor: idle: Expose max_cstate/nocst/bm_check_disable + read-only in sysfs (jsc#PED-1408). +- ACPI: glue: Rearrange find_child_checks() (jsc#PED-1408). +- ACPI: DPTF: Support Meteor Lake (jsc#PED-1408). +- ACPI: NFIT: Drop nfit_device_lock() (jsc#PED-1408). +- PCI/ACPI: negotiate CXL _OSC (jsc#PED-1408). +- PCI/ACPI: Prefer CXL _OSC instead of PCIe _OSC for CXL host + bridges (jsc#PED-1408). +- PCI/ACPI: add a helper for retrieving _OSC Control DWORDs + (jsc#PED-1408). +- acpi/nfit: rely on mce->misc to determine poison granularity + (jsc#PED-1408). +- x86/PCI: Disable E820 reserved region clipping starting in 2023 + (jsc#PED-1408). +- x86/PCI: Disable E820 reserved region clipping via quirks + (jsc#PED-1408). +- x86/PCI: Add kernel cmdline options to use/ignore E820 reserved + regions (jsc#PED-1408). +- x86/PCI: Clip only host bridge windows for E820 regions + (jsc#PED-1408). +- x86: Log resource clipping for E820 regions (jsc#PED-1408). +- x86/PCI: Eliminate remove_e820_regions() common subexpressions + (jsc#PED-1408). +- device property: Add irq_get to fwnode operation (jsc#PED-1408). +- ACPI: property: Move acpi_fwnode_device_get_match_data() up + (jsc#PED-1408). +- device property: Convert device_{dma_supported,get_dma_attr} + to fwnode (jsc#PED-1408). +- cpufreq: CPPC: Enable fast_switch (jsc#PED-1408). +- ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is + supported (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. +- ACPI: CPPC: Check _OSC for flexible address space + (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. +- x86/ACPI: Preserve ACPI-table override during hibernation + (jsc#PED-1408). +- x86: ACPI: Make mp_config_acpi_gsi() a void function + (jsc#PED-1408). +- ACPI: DPTF: Add support for high frequency impedance + notification (jsc#PED-1408). +- ACPI: DPTF: Correct description of INT3407 / INT3532 attributes + (jsc#PED-1408). +- ACPI, APEI, EINJ: Refuse to inject into the zero page + (jsc#PED-1408). +- ACPI: APEI: Fix missing ERST record id (jsc#PED-1408). +- ACPI: BGRT: use static for BGRT_SHOW kobj_attribute defines + (jsc#PED-1408). +- ACPI: SPCR: Add support for NVIDIA 16550-compatible port subtype + (jsc#PED-1408). +- ACPI: bus: Avoid non-ACPI device objects in walks over children + (jsc#PED-1408). +- PCI: ACPI: PM: Power up devices in D3cold before scanning them + (jsc#PED-1408). +- ACPI: PM: Introduce acpi_dev_power_up_children_with_adr() + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_dev_for_each_child() (jsc#PED-1408). +- ACPI: PM: Always print final debug message in + acpi_device_set_power() (jsc#PED-1408). +- ACPI: PM: Unify debug messages in acpi_device_set_power() + (jsc#PED-1408). +- ACPI: PM: Change pr_fmt() in device_pm.c (jsc#PED-1408). +- ACPI: PM: Convert debug message in acpi_device_get_power() + (jsc#PED-1408). +- Revert "ACPICA: executer/exsystem: Warn about sleeps greater + than 10 ms" (jsc#PED-1408). +- ACPICA: Update version to 20220331 (jsc#PED-1408). +- ACPICA: exsystem.c: Use ACPI_FORMAT_UINT64 for 64-bit output + (jsc#PED-1408). +- ACPICA: IORT: Updates for revision E.d (jsc#PED-1408). +- ACPICA: executer/exsystem: Fix some typo mistakes + (jsc#PED-1408). +- ACPICA: iASL/MADT: Add OEM-defined subtable (jsc#PED-1408). +- ACPICA: executer/exsystem: Warn about sleeps greater than 10 ms + (jsc#PED-1408). +- ACPICA: executer/exsystem: Inform users about ACPI spec + violation (jsc#PED-1408). +- ACPICA: Add support for ARM Performance Monitoring Unit Table + (jsc#PED-1408). +- ACPICA: executer/exsystem: Add units to time variable names + (jsc#PED-1408). +- ACPICA: Headers: Replace zero-length array with flexible-array + member (jsc#PED-1408). +- ACPICA: Removed some tabs and // comments (jsc#PED-1408). +- ACPICA: Update copyright notices to the year 2022 + (jsc#PED-1408). +- ACPICA: Clean up double word in comment (jsc#PED-1408). +- ACPICA: Add new ACPI 6.4 semantics for LoadTable() operator + (jsc#PED-1408). +- ACPICA: Add new ACPI 6.4 semantics to the Load() operator + (jsc#PED-1408). +- ACPICA: iASL: NHLT: Rename linux specific strucures to + device_info (jsc#PED-1408). +- ACPICA: iASL: NHLT: Fix parsing undocumented bytes at the end + of Endpoint Descriptor (jsc#PED-1408). +- ACPICA: iASL: NHLT: Treat Terminator as specific_config + (jsc#PED-1408). +- ACPICA: Add the subtable CFMWS to the CEDT table (jsc#PED-1408). +- ACPICA: Add support for the Windows 11 _OSI string + (jsc#PED-1408). +- ACPI: utils: include UUID in _DSM evaluation warning + (jsc#PED-1408). +- ACPI: Add perf low power callback (jsc#PED-1408). + Refresh + patches.suse/ACPI-acpi_pad-Do-not-launch-acpi_pad-threads-on-idle-cpus.patch. +- commit 54d6015 + +- ACPI: APEI: do not add task_work to kernel thread to avoid + memory leak (git-fixes). +- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall + (git-fixes). +- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property + (git-fixes). +- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle + (git-fixes). +- crypto: cavium - prevent integer overflow loading firmware + (git-fixes). +- crypto: marvell/octeontx - prevent integer overflows + (git-fixes). +- crypto: inside-secure - Replace generic aes with libaes + (git-fixes). +- Revert "crypto: qat - reduce size of mapped region" (git-fixes). +- crypto: inside-secure - Change swab to swab32 (git-fixes). +- crypto: ccp - Release dma channels before dmaengine unrgister + (git-fixes). +- crypto: akcipher - default implementation for setting a private + key (git-fixes). +- crypto: qat - fix default value of WDT timer (git-fixes). +- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr + (git-fixes). +- crypto: sahara - don't sleep when in softirq (git-fixes). +- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes). +- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes). +- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes). +- drm/amd/display: Correct MPC split policy for DCN301 + (git-fixes). +- commit 353fbde + +- Update + patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch + (CVE-2022-42703, bsc#1204168, git-fixes, bsc#1203098). +- commit fef8e31 + +- mm/migrate.c: rework migration_entry_wait() to not take a + pageref (jsc#PED-1294). +- commit 313eb0c + +- blacklist.conf: 30ea703a38ef x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype +- commit fdb1f20 + +- misc: sgi-gru: fix use-after-free error in + gru_set_context_option, gru_fault and gru_handle_user_call_os + (CVE-2022-3424 bsc#1204166). +- commit bbc730f + +- wifi: mac80211: fix crash in beacon protection for P2P-device + (CVE-2022-42722 bsc#1204125). +- commit 38da0b9 + +- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC + (git-fixes). +- blacklist.conf: outside kABI fixes build fixes are important +- Update config files. +- commit 8852d4a + +- powerpc/kvm: Remove obsolete and unneeded select (git-fixes). +- blacklist.conf: outside kABI freezes, build fixes are important +- commit 329cacc + +- net: delete redundant function declaration (git-fixes). +- blacklist.conf: broke kABI, applicable in SP5 +- commit b7a266b + +- habanalabs: select CRC32 (git-fixes). +- blacklist.conf: outside kABI freezes build fixes are important +- commit 33fa2e9 + +- tracing: Fix smatch warning for do while check in + event_hist_trigger_parse() (git-fixes). +- blacklist.conf: no longer unreasonable in SP5 +- commit 7c1653b + +- tracing: Tag trace_percpu_buffer as a percpu pointer + (git-fixes). +- blacklist.conf: broke kABI in a hard to fix way, hence can be applied + in SP5 +- commit 36fd9f7 + +- x86/Kconfig: Fix an unused variable error in dell-smm-hwmon + (git-fixes). +- blacklist.conf: can be unblacklisted in SP5 and will make backporting + easier +- commit 59cf2b3 + +- wifi: mac80211: fix MBSSID parsing use-after-free + (CVE-2022-42719 bsc#1204051). +- commit bab6e58 + +- mac80211: fix memory leaks with element parsing (CVE-2022-42719 + bsc#1204051). +- commit f9a2be2 + +- wifi: mac80211: refactor elements parsing with parameter struct + (CVE-2022-42719 bsc#1204051). +- mac80211: always allocate struct ieee802_11_elems + (CVE-2022-42719 bsc#1204051). +- mac80211: mlme: find auth challenge directly (CVE-2022-42719 + bsc#1204051). +- mac80211: move CRC into struct ieee802_11_elems (CVE-2022-42719 + bsc#1204051). +- commit b28a982 + +- ipv4: Handle attempt to delete multipath route when fib_info + contains an nh reference (bsc#1204171 CVE-2022-3435). +- commit 1b0c1c8 + +- selftests: net: fix nexthop warning cleanup double ip typo + (bsc#1204171 CVE-2022-3435). +- commit e3962a5 + +- selftests: net: add delete nexthop route warning test + (bsc#1204171 CVE-2022-3435). +- commit 85deab0 + +- wifi: cfg80211: avoid nontransmitted BSS list corruption + (CVE-2022-42721 bsc#1204060). +- wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720 + bsc#1204059). +- commit 82311e4 + +- net: ipv4: fix route with nexthop object delete warning + (bsc#1204171 CVE-2022-3435). +- commit a94edc1 + +- Update metadata references +- commit 61773f9 + +- powercap: RAPL: Add Power Limit4 support for Alder Lake-N and + Raptor Lake-P (jsc#PED-769). +- powercap: intel_rapl: Add support for RAPTORLAKE_P + (jsc#PED-686). +- powercap: intel_rapl: add support for ALDERLAKE_N (jsc#PED-695). +- powercap: RAPL: Add Power Limit4 support for RaptorLake + (jsc#PED-769). +- powercap: intel_rapl: add support for RaptorLake (jsc#PED-769). +- powercap: intel_rapl: support new layout of Psys PowerLimit + Register on SPR (jsc#PED-648). +- powercap: Add Power Limit4 support for Alder Lake SoC + (jsc#PED-769). +- commit ee363a4 + +- selftests/powerpc: Skip energy_scale_info test on older firmware + (git-fixes). +- commit 1eff3d6 + +- Revert "SUNRPC: Remove unreachable error condition" (git-fixes). +- NFS: Fix another fsync() issue after a server reboot + (git-fixes). +- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes). +- commit 80742b5 + +- blacklist.conf: and unwanted md patches +- commit 96bda12 + +- scsi: stex: Properly zero out the passthrough command structure + (bsc#1203514 CVE-2022-40768). +- commit f2b2e4a + +- ALSA: hda: Fix position reporting on Poulsbo (git-fixes). +- ALSA: usb-audio: Fix potential memory leaks (git-fixes). +- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes). +- commit 6c7f2c9 + +- sbitmap: Avoid leaving waitqueue in invalid state in + __sbq_wake_up() (git-fixes). +- commit 3c6ffc4 + +- staging: vt6655: fix some erroneous memory clean-up loops + (git-fixes). +- virt: vbox: convert to use dev_groups (git-fixes). +- usb: mtu3: fix failed runtime suspend in host only mode + (git-fixes). +- Revert "usb: storage: Add quirk for Samsung Fit flash" + (git-fixes). +- usb: mon: make mmapped memory read only (git-fixes). +- xhci: Don't show warning for reinit on known broken suspend + (git-fixes). +- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes). +- commit 4feb234 + +- usb: gadget: function: fix dangling pnp_string in f_printer.c + (git-fixes). +- USB: serial: console: move mutex_unlock() before + usb_serial_put() (git-fixes). +- usb: common: debug: Check non-standard control requests + (git-fixes). +- tty: serial: fsl_lpuart: disable dma rx/tx use flags in + lpuart_dma_shutdown (git-fixes). +- tty: xilinx_uartps: Fix the ignore_status (git-fixes). +- uas: ignore UAS for Thinkplus chips (git-fixes). +- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes). +- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes). +- thunderbolt: Explicitly reset plug events delay back to USB4 + spec value (git-fixes). +- commit d8ee195 + +- soc: sunxi_sram: Make use of the helper function + devm_platform_ioremap_resource() (git-fixes). +- Refresh + patches.suse/soc-sunxi-sram-Prevent-the-driver-from-being-unbound.patch. +- commit a85e811 + +- spmi: pmic-arb: correct duplicate APID to PPID mapping logic + (git-fixes). +- spmi: pmic-arb: do not ack and clear peripheral interrupts in + cleanup_irq (git-fixes). +- slimbus: qcom-ngd: cleanup in probe error path (git-fixes). +- slimbus: qcom-ngd: use correct error in message of + pdr_add_lookup() failure (git-fixes). +- soc: qcom: smem_state: Add refcounting for the 'state->of_node' + (git-fixes). +- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() + (git-fixes). +- soc: sunxi: sram: Fix probe function ordering issues + (git-fixes). +- commit 3e1f43f + +- serial: 8250: Fix restoring termios speed after suspend + (git-fixes). +- drivers: serial: jsm: fix some leaks in probe (git-fixes). +- remoteproc: imx_rproc: Simplify some error message (git-fixes). +- sbitmap: fix possible io hung due to lost wakeup (git-fixes). +- platform/x86: msi-laptop: Fix resource cleanup (git-fixes). +- platform/x86: msi-laptop: Fix old-ec check for backlight + registering (git-fixes). +- commit a448666 + +- misc: ocxl: fix possible refcount leak in afu_ioctl() + (git-fixes). +- phy: qualcomm: call clk_disable_unprepare in the error handling + (git-fixes). +- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference + returned by of_get_parent() (git-fixes). +- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes). +- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() + (git-fixes). +- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes). +- mtd: rawnand: intel: Don't re-define NAND_DATA_IFACE_CHECK_ONLY + (git-fixes). +- mtd: rawnand: intel: Remove undocumented compatible string + (git-fixes). +- mtd: rawnand: intel: Read the chip-select line from the correct + OF node (git-fixes). +- mtd: devices: docg3: check the return value of devm_ioremap() + in the probe (git-fixes). +- platform/x86: asus-wmi: Document the panel_od sysfs attribute + (git-fixes). +- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute + (git-fixes). +- platform/x86: asus-wmi: Document the dgpu_disable sysfs + attribute (git-fixes). +- platform/chrome: cros_ec_typec: Correct alt mode index + (git-fixes). +- platform/chrome: fix memory corruption in ioctl (git-fixes). +- platform/chrome: fix double-free in chromeos_laptop_prepare() + (git-fixes). +- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT + failure (git-fixes). +- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() + (git-fixes). +- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() + (git-fixes). +- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 + (git-fixes). +- commit b26b1a7 + +- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg + (git-fixes). +- mailbox: mpfs: account for mbox offsets while sending + (git-fixes). +- mailbox: mpfs: fix handling of the reg property (git-fixes). +- mfd: sm501: Add check for platform_driver_register() + (git-fixes). +- mfd: fsl-imx25: Fix check for platform_get_irq() errors + (git-fixes). +- mfd: lp8788: Fix an error handling path in lp8788_irq_init() + and lp8788_irq_init() (git-fixes). +- mfd: lp8788: Fix an error handling path in lp8788_probe() + (git-fixes). +- mfd: fsl-imx25: Fix an error handling path in + mx25_tsadc_setup_irq() (git-fixes). +- mfd: intel_soc_pmic: Fix an error handling path in + intel_soc_pmic_i2c_probe() (git-fixes). +- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init + (git-fixes). +- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes). +- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes). +- media: meson: vdec: add missing clk_disable_unprepare on error + in vdec_hevc_start() (git-fixes). +- media: cedrus: Fix endless loop in cedrus_h265_skip_bits() + (git-fixes). +- media: cedrus: Set the platform driver data earlier (git-fixes). +- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() + (git-fixes). +- memory: of: Fix refcount leak bug in of_get_ddr_timings() + (git-fixes). +- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() + (git-fixes). +- media: v4l2-compat-ioctl32.c: zero buffer passed to + v4l2_compat_get_array_args() (git-fixes). +- commit f4e8a30 + +- iio: adc: ad7923: fix channel readings for some variants + (git-fixes). +- iio: ltc2497: Fix reading conversion results (git-fixes). +- iio: dac: ad5593r: Fix i2c read protocol requirements + (git-fixes). +- iio: magnetometer: yas530: Change data type of hard_offsets + to signed (git-fixes). +- iio: ABI: Fix wrong format of differential capacitance channel + ABI (git-fixes). +- iio: inkern: fix return value in + devm_of_iio_channel_get_by_name() (git-fixes). +- iio: inkern: only release the device node when done with it + (git-fixes). +- iio: adc: at91-sama5d2_adc: disable/prepare buffer on + suspend/resume (git-fixes). +- iio: adc: at91-sama5d2_adc: lock around oversampling and sample + freq (git-fixes). +- iio: adc: at91-sama5d2_adc: check return status for pressure + and touch (git-fixes). +- commit b02859c + +- firmware: google: Test spinlock on panic path to avoid lockups + (git-fixes). +- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX + (git-fixes). +- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() + (git-fixes). +- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells + property (git-fixes). +- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property + (git-fixes). +- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value + (git-fixes). +- dt-bindings: mtd: intel: lgm-nand: Fix compatible string + (git-fixes). +- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes). +- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes). +- HID: multitouch: Add memory barriers (git-fixes). +- hid: hid-logitech-hidpp: avoid unnecessary assignments in + hidpp_connect_event (git-fixes). +- drm/omap: dss: Fix refcount leak bugs (git-fixes). +- drm/msm/dp: correct 1.62G link rate at + dp_catalog_ctrl_config_msa() (git-fixes). +- drm/msm/dp: Silence inconsistent indent warning (git-fixes). +- drm/msm/dpu: Fix comment typo (git-fixes). +- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes). +- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table + (git-fixes). +- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table + (git-fixes). +- commit 71c6639 + +- drm/scheduler: quieten kernel-doc warnings (git-fixes). +- commit 95b96ec + +- drm/amdgpu: add missing pci_disable_device() in + amdgpu_pmops_runtime_resume() (git-fixes). +- drm/bridge: megachips: Fix a null pointer dereference bug + (git-fixes). +- drm: fix drm_mipi_dbi build errors (git-fixes). +- drm/msm: Make .remove and .shutdown HW shutdown consistent + (git-fixes). +- drm:pl111: Add of_node_put() when breaking out of + for_each_available_child_of_node() (git-fixes). +- drm/bridge: parade-ps8640: Fix regulator supply order + (git-fixes). +- drm/virtio: Unlock reservations on + virtio_gpu_object_shmem_init() error (git-fixes). +- drm/mipi-dsi: Detach devices when removing the host (git-fixes). +- commit f6c9019 + +- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration + (git-fixes). +- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes). +- dmaengine: ioat: stop mod_timer from resurrecting deleted + timer in __cleanup() (git-fixes). +- dmaengine: mxs: use platform_driver_register (git-fixes). +- dmaengine: hisilicon: Add multi-thread support for a DMA channel + (git-fixes). +- dmaengine: hisilicon: Fix CQ head update (git-fixes). +- dmaengine: hisilicon: Disable channels when unregister hisi_dma + (git-fixes). +- drm/bridge: Avoid uninitialized variable warning (git-fixes). +- drm/nouveau: fix a use-after-free in + nouveau_gem_prime_import_sg_table() (git-fixes). +- drm: bridge: adv7511: fix CEC power down control register offset + (git-fixes). +- commit 89292ab + +- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent + (git-fixes). +- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes). +- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD + (git-fixes). +- clk: imx: scu: fix memleak on platform_device_add() fails + (git-fixes). +- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical + (git-fixes). +- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying + num_parents (git-fixes). +- clk: ast2600: BCLK comes from EPLL (git-fixes). +- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent + (git-fixes). +- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe + (git-fixes). +- commit c248e05 + +- clk: tegra20: Fix refcount leak in tegra20_clock_init + (git-fixes). +- clk: tegra: Fix refcount leak in tegra114_clock_init + (git-fixes). +- clk: tegra: Fix refcount leak in tegra210_clock_init + (git-fixes). +- clk: sprd: Hold reference returned by of_get_parent() + (git-fixes). +- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes). +- clk: qoriq: Hold reference returned by of_get_parent() + (git-fixes). +- clk: oxnas: Hold reference returned by of_get_parent() + (git-fixes). +- clk: meson: Hold reference returned by of_get_parent() + (git-fixes). +- ata: fix ata_id_has_dipm() (git-fixes). +- ata: fix ata_id_has_ncq_autosense() (git-fixes). +- ata: fix ata_id_has_devslp() (git-fixes). +- ata: fix ata_id_sense_reporting_enabled() and + ata_id_has_sense_reporting() (git-fixes). +- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe + (git-fixes). +- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe + (git-fixes). +- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe + (git-fixes). +- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe + (git-fixes). +- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes). +- ASoC: da7219: Fix an error handling path in + da7219_register_dai_clks() (git-fixes). +- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx + API (git-fixes). +- ASoC: wm_adsp: Handle optional legacy support (git-fixes). +- commit 8f6277f + +- Move upstreamed DRM, NVMe and sound patches into sorted section +- commit 48ff6f0 + +- arm64: ftrace: fix module PLTs with mcount (git-fixes). +- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes). +- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen + (git-fixes). +- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family + (git-fixes). +- ARM: dts: turris-omnia: Add label for wan port (git-fixes). +- ARM: dts: armada-38x: Add gpio-ranges for pin muxing + (git-fixes). +- ARM: dts: kirkwood: lsxl: remove first ethernet port + (git-fixes). +- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes). +- ARM: dts: turris-omnia: Fix mpp26 pin name and comment + (git-fixes). +- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes). +- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes). +- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus + (git-fixes). +- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes). +- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes). +- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes). +- ARM: defconfig: clean up multi_v4t and multi_v5 configs + (git-fixes). +- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes). +- ASoC: tas2764: Fix mute/unmute (git-fixes). +- ASoC: tas2764: Drop conflicting set_bias_level power setting + (git-fixes). +- ASoC: tas2764: Allow mono streams (git-fixes). +- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes). +- ASoC: mt6359: fix tests for platform_get_irq() failure + (git-fixes). +- ALSA: hda/hdmi: Don't skip notification handling during PM + operation (git-fixes). +- ALSA: dmaengine: increment buffer pointer atomically + (git-fixes). +- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() + (git-fixes). +- ASoC: wcd934x: fix order of Slimbus unprepare/disable + (git-fixes). +- ASoC: wcd9335: fix order of Slimbus unprepare/disable + (git-fixes). +- ARM: dts: integrator: Tag PCI host with device_type (git-fixes). +- commit 5a02ba2 + +- i40e: Fix dropped jumbo frames statistics (git-fixes). +- commit b407b7d + +- net: bonding: fix use-after-free after 802.3ad slave unbind + (git-fixes). +- commit 05b9579 + +- net: bonding: fix possible NULL deref in rlb code (git-fixes). +- commit 8542934 + +- net: dp83822: disable rx error interrupt (git-fixes). +- commit f74888c + +- net: dp83822: disable false carrier interrupt (git-fixes). +- commit ba1cc16 + +- net: dsa: bcm_sf2: force pause link settings (git-fixes). +- commit 5258d4a + +- net/dsa/hirschmann: Add missing of_node_get() in + hellcreek_led_setup() (git-fixes). +- commit 29e4721 + +- ice: Fix switchdev rules book keeping (git-fixes). +- commit 5c21799 + +- igb: Make DMA faster when CPU is active on the PCIe link + (git-fixes). +- commit db90cd9 + +- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers + (git-fixes). +- commit da7ba2e + +- igb: fix a use-after-free issue in igb_clean_tx_ring + (git-fixes). +- commit 12acd2f + +- net: bgmac: Fix an erroneous kfree() in bgmac_remove() + (git-fixes). +- commit 547f6a9 + +- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes). +- commit f2c7808 + +- net: hns3: don't push link state to VF if unalive (git-fixes). +- commit 7f6680c + +- net: hns3: set port base vlan tbl_sta to false before removing + old vlan (git-fixes). +- commit 8c8d58b + +- i40e: Fix call trace in setup_tx_descriptors (git-fixes). +- commit 7d70f11 + +- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes). +- commit 6a72a8e + +- ixgbe: fix bcast packets Rx on VF after promisc removal + (git-fixes). +- commit ddb5b75 + +- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling + an_complete (git-fixes). +- commit b8286fc + +- net: altera: Fix refcount leak in altera_tse_mdio_create + (git-fixes). +- commit e80ff1b + +- net/mlx4_en: Fix wrong return value on ioctl EEPROM query + failure (git-fixes). +- commit a76859c + +- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list + (git-fixes). +- commit 04259d9 + +- stmmac: intel: Fix an error handling path in + intel_eth_pci_probe() (git-fixes). +- commit fed21d9 + +- net: ethernet: bgmac: Fix refcount leak in + bcma_mdio_mii_register (git-fixes). +- commit 2227ee5 + +- net: bgmac: support MDIO described in DT (git-fixes). +- commit bf1f5f9 + +- mm/migrate.c: remove MIGRATE_PFN_LOCKED (jsc#PED-1294). +- commit 53d0a98 + +- mm: refactor the ZONE_DEVICE handling in migrate_vma_pages + (jsc#PED-1294). +- commit 5ff0982 + +- mm: refactor the ZONE_DEVICE handling in migrate_vma_insert_page + (jsc#PED-1294). +- commit c27db83 + +- mm: refactor check_and_migrate_movable_pages (jsc#PED-1294). +- commit a588dc0 + +- mm: generalize the pgmap based page_free infrastructure + (jsc#PED-1294). +- commit 2037cd5 + +- fsdax: depend on ZONE_DEVICE || FS_DAX_LIMITED (jsc#PED-1294). +- commit 00cc65d + +- mm: remove the extra ZONE_DEVICE struct page refcount + (jsc#PED-1294). +- commit 0cba7f0 + +- memremap: remove support for external pgmap refcounts + (jsc#PED-1294). +- commit 2a29910 + +- nvdimm/pmem: stop using q_usage_count as external pgmap refcount + (jsc#PED-1294). +- commit fa7e3a6 + +- mm/memremap: add ZONE_DEVICE support for compound pages + (jsc#PED-1294). +- commit fabe0fa + +- mm/page_alloc: refactor memmap_init_zone_device() page init + (jsc#PED-1294). +- commit f04239b + +- mm/page_alloc: split prep_compound_page into head and tail + subparts (jsc#PED-1294). +- commit a82c6bd + +- drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472) + Backporting notes: + * context changes +- commit 0261ec2 + +- drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472) + Backporting notes: + * remove changes to non-existing 201 and 31 directories +- commit e6a9bdd + +- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472) + Backporting notes: + * replace IP_VERSION() with CHIP_ constants +- commit d27747b + +- blacklist.conf: Append 'drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled' +- commit e1d0d55 + +- blacklist.conf: Append 'drm/amd/display: Fix wrong format specifier in amdgpu_dm.c' +- commit debed4c + +- blacklist.conf: Append 'drm/amdgpu: Fix resource leak on probe error path' +- commit 116f3cc + +- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472) + Backporting notes: + * also fix default branch +- commit 0bf8eb3 + +- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489) + Backporting notes: + * update additional patch on top +- commit 1550ef2 + +- Update + patches.suse/ACPI-processor-idle-Practically-limit-Dummy-wait-wor.patch + (bsc#1203767,bsc#1203802). +- commit c6ebacb + +- Update + patches.suse/x86-cpu-Add-new-Alderlake-and-Raptorlake-CPU-model-n.patch + (jsc#PED-743 jsc#PED-740). + Add a reference. +- commit 1883c41 + +- mm: don't include in + (jsc#PED-1294). +- commit b73066e + +- mm: simplify freeing of devmap managed pages (jsc#PED-1294). +- commit e54adcf + +- mm: move free_devmap_managed_page to memremap.c (jsc#PED-1294). +- commit e5afda3 + +- nvme: ensure subsystem reset is single threaded (bsc#1203290 + CVE-2022-3169). +- commit f73d666 + +- mm: remove pointless includes from (jsc#PED-1294). +- commit 5917f7a + +- mm: remove the __KERNEL__ guard from + (jsc#PED-1294). +- commit 1864b4d + +- mm: remove a pointless CONFIG_ZONE_DEVICE check in + memremap_pages (jsc#PED-1294). +- commit b4b9519 + +- nvme: restrict management ioctls to admin (bsc#1203290 + CVE-2022-3169). +- commit c28a770 + +- net/mlx5e: Update netdev features after changing XDP state + (git-fixes). +- commit 5d7478c + +- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race + condition (git-fixes). +- commit 92e1426 + +- hinic: Avoid some over memory allocation (git-fixes). +- commit 41f381d + +- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc() + (git-fixes). +- commit b92d6d0 + +- net: chelsio: cxgb4: Avoid potential negative array offset + (git-fixes). +- commit 4cc759d + +- net/mlx5e: TC, fix decap fallback to uplink when int port not + supported (git-fixes). +- commit 35c9b8d + +- net: dsa: ksz9477: port mirror sniffing limited to one port + (git-fixes). +- commit 9996ff6 + +- nvme: don't print verbose errors for internal passthrough + requests (bsc#1202187). +- commit eaa4989 + +- blacklist.conf: update the list +- commit 78eff9b + +- s390/smp: enforce lowcore protection on CPU restart (git-fixes). +- KVM: s390: pv: don't present the ecall interrupt twice + (bsc#1203229 LTC#199905). +- commit aed7a32 + +- x86: Expose init_freq_invariance() to topology header + (jsc#PED-1408). +- commit c0d8e97 + +- ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init() + (jsc#PED-1408). +- ACPI, APEI: Use the correct variable for sizeof() + (jsc#PED-1408). +- ACPI: tables: Make LAPIC_ADDR_OVR address readable in message + (jsc#PED-1408). +- ACPI: IPMI: replace usage of found with dedicated list iterator + variable (jsc#PED-1408). +- ACPI: CPPC: Change default error code and clean up debug + messages in probe (jsc#PED-1408). + Refresh + patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch. + patches.suse/ACPI-CPPC-Do-not-prevent-CPPC-from-working-in-the-fu.patch. +- ACPI / x86: Add support for LPS0 callback handler + (jsc#PED-1408). +- Input: soc_button_array - add support for Microsoft Surface 3 + (MSHW0028) buttons (jsc#PED-1408). +- PM: hibernate: Honour ACPI hardware signature by default for + virtual guests (jsc#PED-1408). +- ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and + Reset device (jsc#PED-1408). + Update config files. +- ACPI: APEI: rename ghes_init() with an "acpi_" prefix + (jsc#PED-1408). + Refresh patches.suse/ACPI-VIOT-Fix-ACS-setup.patch. +- ACPI: LPSS: Provide an SSP type to the driver (jsc#PED-1408). +- ACPI: LPSS: Constify properties member in struct + lpss_device_desc (jsc#PED-1408). +- ACPI: platform: Constify properties parameter in + acpi_create_platform_device() (jsc#PED-1408). +- ACPI: fan: Add additional attributes for fine grain control + (jsc#PED-1408). +- ACPI: fan: Properly handle fine grain control (jsc#PED-1408). +- ACPI: fan: Optimize struct acpi_fan_fif (jsc#PED-1408). +- ACPI: fan: Separate file for attributes creation (jsc#PED-1408). +- ACPI: fan: Fix error reporting to user space (jsc#PED-1408). +- x86, ACPI: rename init_freq_invariance_cppc() to + arch_init_invariance_cppc() (jsc#PED-1408). +- ACPI: EC: Rearrange code in acpi_ec_submit_event() + (jsc#PED-1408). +- ACPI: EC: Reduce indentation level in acpi_ec_submit_event() + (jsc#PED-1408). +- ACPI: EC: Do not return result from advance_transaction() + (jsc#PED-1408). +- x86/ACPI: CPPC: Move init_freq_invariance_cppc() into x86 CPPC + (jsc#PED-1408). +- x86/ACPI: CPPC: Move AMD maximum frequency ratio setting + function into x86 CPPC (jsc#PED-1408). +- x86/ACPI: CPPC: Rename cppc_msr.c to cppc.c (jsc#PED-1408). +- ACPI / x86: Add skip i2c clients quirk for Lenovo Yoga Tablet + 1050F/L (jsc#PED-1408). +- ACPI / x86: Add skip i2c clients quirk for Nextbook Ares 8 + (jsc#PED-1408). +- ACPI: clean up double words in two comments (jsc#PED-1408). +- ACPI: property: Get rid of redundant 'else' (jsc#PED-1408). +- ACPI: EC / PM: Print additional debug message in + acpi_ec_dispatch_gpe() (jsc#PED-1408). +- ACPI: PM: Print additional debug message in acpi_s2idle_wake() + (jsc#PED-1408). +- ACPI: tables: Add AGDI to the list of known table signatures + (jsc#PED-1408). +- ACPI: tables: Add CEDT signature to the list of known tables + (jsc#PED-1408). +- ACPI: bus: Introduce acpi_bus_for_each_dev() (jsc#PED-1408). +- ACPI: OSL: Fix and clean up acpi_os_read/write_port() + (jsc#PED-1408). +- ACPICA: Use uintptr_t and offsetof() in Linux kernel builds + (jsc#PED-1408). +- ACPI: scan: Use ida_alloc() instead of ida_simple_get() + (jsc#PED-1408). +- commit 2486d41 + +- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment. +- commit 20a025b + +- Clean up kernel-config settings via run_oldconfig.sh + Invoke run_oldconfig.sh to clean the kernel-config settings from + unset symbols. Otherwise these settings interfere with actual config + changes. +- commit 8a799ae + +- blacklist.conf: not relevant in our configurations +- commit 586058b + +- media: imx-jpeg: Disable slot interrupt when frame done + (git-fixes). +- commit 36d622f + +- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes). +- commit e2ddfcf + +- media: imx-jpeg: Fix potential array out of bounds in + queue_setup (git-fixes). +- commit 8041860 + +- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes). +- commit d514aa5 + +- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969). +- commit c020446 + +- media: imx-jpeg: Leave a blank space before the configuration + data (git-fixes). +- commit a2d45c7 + +- blacklist.conf: Append 'sysfb: Enable boot time VESA graphic mode selection' +- commit b93ba64 + +- media: imx-jpeg: Correct some definition according specification + (git-fixes). +- commit bdf4126 + +- blacklist.conf: not relevant in our configurations +- commit 8171bfe + +- media: vsp1: Fix offset calculation for plane cropping. +- commit dc309b5 + +- media: exynos4-is: Change clk_disable to clk_disable_unprepare + (git-fixes). +- commit 332ca3f + +- media: st-delta: Fix PM disable depth imbalance in delta_probe + (git-fixes). +- commit 30518b0 + +- media: exynos4-is: Fix PM disable depth imbalance in + fimc_is_probe (git-fixes). +- commit f62e31e + +- media: aspeed: Fix an error handling path in + aspeed_video_probe() (git-fixes). +- commit c014d5c + +- media: coda: Add more H264 levels for CODA960 (git-fixes). +- commit 75d6462 + +- media: coda: Fix reported H264 profile (git-fixes). +- commit 1533555 + +- Revert "constraints: increase disk space for all architectures" + (bsc#1203693). + This reverts commit 43a9011f904bc7328d38dc340f5e71aecb6b19ca. +- commit 3d33373 + +- blacklist.conf: Append 'fbdev: Hot-unplug firmware fb devices on forced removal' +- commit 0b6410b + +- blacklist.conf: Append 'Revert "fbdev: fbmem: add a helper to determine if an aperture is used by a fw fb"' +- commit b1ae504 + +- spi: s3c64xx: Fix large transfers with DMA (git-fixes). +- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes). +- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes). +- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM + (git-fixes). +- wifi: ath11k: fix number of VHT beamformee spatial streams + (git-fixes). +- wifi: mt76: mt7915: do not check state before configuring + implicit beamform (git-fixes). +- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in + mt7615_sta_set_decap_offload (git-fixes). +- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes). +- wifi: rtl8xxxu: Remove copy-paste leftover in + gen2_update_rate_mask (git-fixes). +- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration + (git-fixes). +- wifi: rtl8xxxu: Fix skb misuse in TX queue selection + (git-fixes). +- wifi: rtw88: add missing destroy_workqueue() on error path in + rtw_core_init() (git-fixes). +- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() + (git-fixes). +- wifi: ath10k: add peer map clean up for peer delete in + ath10k_sta_state() (git-fixes). +- wifi: mac80211: allow bw change during channel switch in mesh + (git-fixes). +- wifi: rtlwifi: 8192de: correct checking of IQK reload + (git-fixes). +- commit 3bb5d97 + +- spi/omap100k:Fix PM disable depth imbalance in + omap1_spi100k_probe (git-fixes). +- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe + (git-fixes). +- spi: meson-spicc: do not rely on busy flag in pow2 clk ops + (git-fixes). +- spi: qup: add missing clk_disable_unprepare on error in + spi_qup_pm_resume_runtime() (git-fixes). +- spi: qup: add missing clk_disable_unprepare on error in + spi_qup_resume() (git-fixes). +- spi: mt7621: Fix an error message in mt7621_spi_probe() + (git-fixes). +- regulator: qcom_rpm: Fix circular deferral regression + (git-fixes). +- net: wwan: iosm: Call mutex_init before locking it (git-fixes). +- mwifiex: fix sleep in atomic context bugs caused by + dev_coredumpv (git-fixes). +- net: thunderbolt: Enable DMA paths only after rings are enabled + (git-fixes). +- commit e714654 + +- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase + mp2888 controller (git-fixes). +- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API + (git-fixes). +- i2c: mlxbf: support lock mechanism (git-fixes). +- mISDN: fix use-after-free bugs in l1oip timer handlers + (git-fixes). +- eth: alx: take rtnl_lock on resume (git-fixes). +- Bluetooth: hci_core: Fix not handling link timeouts propertly + (git-fixes). +- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() + failure (git-fixes). +- Bluetooth: btusb: mediatek: fix WMT failure during runtime + suspend (git-fixes). +- can: rx-offload: can_rx_offload_init_queue(): fix typo + (git-fixes). +- commit ac7ee01 + +- blacklist.conf: df5b035b5683 x86/cacheinfo: Add a cpu_llc_shared_mask() UP variant +- commit bc73e4e + +- blacklist.conf: 00da0cb385d0 Documentation/ABI: Mention retbleed vulnerability info file for sysfs +- commit 4726e8f + +- Drop the ACPI patch temporarily as it causes a regression (bsc#1203794) + Delete patches.suse/ACPI-resource-skip-IRQ-override-on-AMD-Zen-platforms.patch +- commit 8842ef4 + +- fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472) +- commit 7656242 + +- parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489) +- commit dee3343 + +- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489) +- commit daa8575 + +- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489) +- commit f86cf76 + +- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472) + Backporting changes: + * context fixes in other patch + * update config +- commit 68203bf + +- parisc/sticon: fix reverse colors (bsc#1152489) +- commit f94c66b + +- char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops + (CVE-2022-41848 bsc#1203987). +- commit a144c48 + +- fbdev: smscufx: Fix use-after-free in ufx_ops_open() + (CVE-2022-41849 bsc#1203992). +- commit db3bfe7 + +- net: mana: Add rmb after checking owner bits (git-fixes). +- commit 85bfc78 + +- Makefile.debug: re-enable debug info for .S files (git-fixes). +- commit 50458f2 + +- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL + (bsc#1194869). +- commit 48283d1 + +- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() + (git-fixes). +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch. +- commit 0719451 + +- usb: typec: ucsi: Remove incorrect warning (git-fixes). +- media: rkvdec: Disable H.264 error detection (git-fixes). +- media: dvb_vb2: fix possible out of bound access (git-fixes). +- ASoC: cs42l42: Only report button state if there was a button + interrupt (git-fixes). +- commit 06be809 + +- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529). +- commit 209f0a1 + +- Add cherry-picked commit id for an AMDGPU patch (git-fixes) +- commit 505fbbc + +- usb: dwc3: gadget: Refactor pullup() (git-fixes). +- commit f481a77 + +- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind + (git-fixes). +- Refresh + patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch. +- Refresh + patches.suse/usb-dwc3-gadget-Prevent-repeat-pullup.patch. +- commit 6d90a05 + +- wifi: mac80211: fix regression with non-QoS drivers (git-fixes). +- selftests: Fix the if conditions of in test_extra_filter() + (git-fixes). +- net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume() + (git-fixes). +- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes). +- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes). +- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes). +- soc: sunxi: sram: Prevent the driver from being unbound + (git-fixes). +- soc: sunxi: sram: Actually claim SRAM regions (git-fixes). +- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx + accounting (git-fixes). +- serial: tegra: Use uart_xmit_advance(), fixes icount.tx + accounting (git-fixes). +- serial: Create uart_xmit_advance() (git-fixes). +- USB: serial: option: add Quectel RM520N (git-fixes). +- USB: serial: option: add Quectel BG95 0x0203 composition + (git-fixes). +- thunderbolt: Add support for Intel Maple Ridge single port + controller (git-fixes). +- Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes). +- usb: add quirks for Lenovo OneLink+ Dock (git-fixes). +- commit ce89825 + +- gpio: mvebu: Fix check for pwm support on non-A8K platforms + (git-fixes). +- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address + (git-fixes). +- Input: iqs62x-keys - drop unused device node references + (git-fixes). +- Input: melfas_mip4 - fix return value check in mip4_probe() + (git-fixes). +- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 + (git-fixes). +- mmc: hsq: Fix data stomping during mmc recovery (git-fixes). +- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width + (git-fixes). +- commit 02160f0 + +- drm/i915/gt: Restrict forced preemption to the active context + (git-fixes). +- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare + in suspend/resume time" (git-fixes). +- drm/bridge: lt8912b: fix corrupted image output (git-fixes). +- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes). +- drm/bridge: lt8912b: add vsync hsync (git-fixes). +- Revert "firmware: arm_scmi: Add clock management to the SCMI + power domain" (git-fixes). +- drm/amdgpu: don't register a dirty callback for non-atomic + (git-fixes). +- firmware: arm_scmi: Fix the asynchronous reset requests + (git-fixes). +- firmware: arm_scmi: Harden accesses to the reset domains + (git-fixes). +- commit 509f7ae + +- clk: iproc: Do not rely on node name for correct PLL setup + (git-fixes). +- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI + clocks (git-fixes). +- clk: ingenic-tcu: Properly enable registers before accessing + timers (git-fixes). +- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes). +- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes). +- ASoC: tas2770: Reinit regcache on reset (git-fixes). +- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes). +- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid + (git-fixes). +- drm/gma500: Fix BUG: sleeping function called from invalid + context errors (git-fixes). +- drm/amdgpu: make sure to init common IP before gmc (git-fixes). +- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline + for stack usage (git-fixes). +- drm/amd/display: Reduce number of arguments of dml31's + CalculateFlipSchedule() (git-fixes). +- drm/amd/display: Reduce number of arguments of dml31's + CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes). +- drm/amd/display: Limit user regamma to a valid value + (git-fixes). +- drm/amdgpu: use dirty framebuffer helper (git-fixes). +- drm/amd/pm: disable BACO entry/exit completely on several + sienna cichlid cards (git-fixes). +- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV + (git-fixes). +- drm/amdgpu: Separate vf2pf work item init from virt data + exchange (git-fixes). +- commit 931f4f4 + +- Add blacklist and alt-commit for ASoC cs35l41 patches (bsc#1203699) +- commit b1bfeae + +- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529). +- commit 6f3c833 + +- scsi: smartpqi: Add module param to disable managed ints + (bsc#1203893). +- commit e1af9a1 + +- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939). +- scsi: lpfc: Fix various issues reported by tools (bsc#1203939). +- scsi: lpfc: Add reporting capability for Link Degrade Signaling + (bsc#1203939). +- scsi: lpfc: Rework FDMI attribute registration for unintential + padding (bsc#1203939). +- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and + consistency (bsc#1203939). +- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd + (bsc#1203939). +- scsi: lpfc: Update congestion mode logging for Emulex SAN + Manager application (bsc#1203939). +- scsi: lpfc: Move scsi_host_template outside dynamically + allocated/freed phba (bsc#1185032 bsc#1203939). + Dropped: + patches.suse/lpfc-decouple-port_template-and-vport_template.patch +- scsi: lpfc: Fix multiple NVMe remoteport registration calls + for the same NPort ID (bsc#1203939). +- scsi: lpfc: Add missing free iocb and nlp kref put for early + return VMID cases (bsc#1203939). +- scsi: lpfc: Fix mbuf pool resource detected as busy at driver + unload (bsc#1203939). +- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology + (bsc#1203939). +- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling + (bsc#1203939). +- scsi: lpfc: Remove unneeded result variable (bsc#1203939). +- scsi: lpfc: Remove the unneeded result variable (bsc#1203939). +- commit 23fee86 + +- supported.conf: mark spi-pxa2xx-platform as supported (bsc#1203699) + It's required for the sound on recent Intel machines +- commit d17d5e0 + +- scsi: lpfc: Add missing destroy_workqueue() in error path + (bsc#1203939). +- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of + DID_REQUEUE (bsc#1203939). +- commit 495ecbc + +- wifi: cfg80211: ensure length byte is present before access + (CVE-2022-41674 bsc#1203770). +- wifi: cfg80211/mac80211: reject bad MBSSID elements + (CVE-2022-41674 bsc#1203770). +- wifi: cfg80211: fix u8 overflow in + cfg80211_update_notlisted_nontrans() (CVE-2022-41674 + bsc#1203770). +- commit 79b409a + +- scsi: qla2xxx: Remove unused declarations for qla2xxx + (bsc#1203935). +- scsi: qla2xxx: Fix spelling mistake "definiton" -> "definition" + (bsc#1203935). +- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935). +- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935). +- scsi: qla2xxx: Define static symbols (bsc#1203935). +- scsi: qla2xxx: Enhance driver tracing with separate tunable + and more (bsc#1203935). +- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image + Status (bsc#1203935). +- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935). +- scsi: qla2xxx: Fix response queue handler reading stale packets + (bsc#1203935). +- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue + handler reading stale packets" (bsc#1203935). +- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as + informational (bsc#1203935). +- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935). +- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from + qlt_stop_phase1() (bsc#1203935). +- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935). +- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935). +- commit 76fee71 + +- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() + (bsc#1203935). +- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port + ISP27XX (bsc#1203935). +- commit df43957 + +- mm: rename is_pinnable_page() to is_longterm_pinnable_page() + (jsc#PED-1294). +- commit 8c9ae5e + +- mm: fix is_pinnable_page against a cma page (jsc#PED-1294). +- commit e5e0125 + +- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() + (bsc#1196869). +- commit 421a33e + +- ALSA: hda/realtek: More robust component matching for CS35L41 + (bsc#1203699). +- commit 13ee63f + +- kABI: fix adding another field to scsi_device (bsc#1203039). +- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD + (bsc#1203039). +- Refresh + patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch. +- Refresh patches.kabi/kABI-fix-adding-field-to-scsi_device.patch. +- commit 38a6998 + +- mm: Fix PASID use-after-free issue (bsc#1203908). +- commit e2ea645 + +- cgroup: cgroup_get_from_id() must check the looked-up kn is + a directory (bsc#1203906). +- commit 2c277d7 + +- spi: propagate error code to the caller of + acpi_spi_device_alloc() (bsc#1203699). +- spi: Return deferred probe error when controller isn't yet + available (bsc#1203699). +- commit 719f957 + +- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock + (bsc#1196869). +- commit 20ffc1f + +- kABI workaround for spi changes (bsc#1203699). +- commit 57d4f4f + +- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902). +- commit ec3105d + +- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model + (bsc#1203699). +- commit 274acc0 + +- cs-dsp and serial-multi-instantiate enablement (bsc#1203699) +- Update config files +- Update supported.conf +- commit 6b0538d + +- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop + (bsc#1203699). +- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699). +- ACPI / scan: Create platform device for CS35L41 (bsc#1203699). +- platform/x86: serial-multi-instantiate: Add SPI support + (bsc#1203699). +- platform/x86: serial-multi-instantiate: Reorganize I2C functions + (bsc#1203699). +- platform/x86: i2c-multi-instantiate: Rename it for a generic + serial driver name (bsc#1203699). +- spi: Add API to count spi acpi resources (bsc#1203699). +- spi: Support selection of the index of the ACPI Spi Resource + before alloc (bsc#1203699). +- spi: Create helper API to lookup ACPI info for spi device + (bsc#1203699). +- i2c: acpi: Add an i2c_acpi_client_count() helper function + (bsc#1203699). +- commit 66cfc1c + +- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699). +- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7 + (bsc#1203699). +- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD + Properties (bsc#1203699). +- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41 + (bsc#1203699). +- ASoC: cs35l41: Read System Name from ACPI _SUB to identify + firmware (bsc#1203699). +- commit 3025b3b + +- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- commit d934822 + +- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699). +- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define + (bsc#1203699). +- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops + (bsc#1203699). +- commit 6e401a7 + +- Revert "ALSA: hda: cs35l41: Allow compilation test on non-ACPI + configurations" (bsc#1203699). +- ALSA: hda: cs35l41: Add module parameter to control firmware + load (bsc#1203699). +- ALSA: hda: cs35l41: Support Firmware switching and reloading + (bsc#1203699). +- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config + sequence (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699). +- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI + variables (bsc#1203699). +- ALSA: hda: cs35l41: Support Hibernation during Suspend + (bsc#1203699). +- commit 8707600 + +- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID + (bsc#1203699). +- ASoC: cs35l41: Do not print error when waking from hibernation + (bsc#1203699). +- ASoC: cs35l41: Add common cs35l41 enter hibernate function + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared + code (bsc#1203699). +- ALSA: hda: cs35l41: Support Speaker ID for laptops + (bsc#1203699). +- ALSA: hda: cs35l41: Support multiple load paths for firmware + (bsc#1203699). +- ALSA: hda: cs35l41: Support reading subsystem id from ACPI + (bsc#1203699). +- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver + (bsc#1203699). +- ALSA: hda: cs35l41: Add initial DSP support and firmware loading + (bsc#1203699). +- ALSA: hda: cs35l41: Save codec object inside component struct + (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls + directly (bsc#1203699). +- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA + controls (bsc#1203699). +- ALSA: hda: cs35l41: Consolidate selections under + SND_HDA_SCODEC_CS35L41 (bsc#1203699). +- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699). +- ALSA: hda: cs35l41: Allow compilation test on non-ACPI + configurations (bsc#1203699). +- ALSA: hda: cs35l41: Don't dereference fwnode handle + (bsc#1203699). +- ALSA: hda: cs35l41: Improve dev_err_probe() messaging + (bsc#1203699). +- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate + reference (bsc#1203699). +- commit 0179f7c + +- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to + static (bsc#1203699). +- ASoC: cs35l41: Add ASP TX3/4 source to register patch + (bsc#1203699). +- ASoC: cs35l41: Correct some control names (bsc#1203699). +- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver + (bsc#1203699). +- commit f2b0e66 + +- ASoC: cs35l41: Fix an out-of-bounds access in + otp_packed_element_t (bsc#1203699). +- ASoC: cs35l41: Add one more variable in the debug log + (bsc#1203699). +- commit a26b9a2 + +- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP + Laptops (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch. +- commit 342e19c + +- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41 + s-codec (bsc#1203699). +- commit 0fd2db1 + +- ALSA: hda: cs35l41: Add Amp Name based on channel and index + (bsc#1203699). +- ASoC: cs35l41: Move cs_dsp config struct into shared code + (bsc#1203699). +- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic + boost on EliteBook 845/865 G9 (bsc#1203699). +- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN + (bsc#1203699). +- ASoC: cs35l41: Add one more variable in the debug log + (bsc#1203699). +- commit 4800a47 + +- ASoC: cs35l41: Move cs35l41 fs errata into shared code + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code + (bsc#1203699). +- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops + (bsc#1203699). +- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699). +- ALSA: hda: cs35l41: Remove Set Channel Map api from binding + (bsc#1203699). +- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop + (bsc#1203699). +- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name + (bsc#1203699). +- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock + (bsc#1203699). +- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg + (bsc#1203699). +- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699). +- commit 346d9b0 + +- ALSA: hda/cs8409: Support manual mode detection for CS42L42 + (bsc#1203699). +- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda + driver (bsc#1203699). +- ASoC: cs35l41: Support external boost (bsc#1203699). +- ALSA: hda: cs35l41: Move external boost handling to lib for + ASoC use (bsc#1203699). +- ALSA: hda: cs35l41: Handle all external boost setups the same + way (bsc#1203699). +- ALSA: hda: cs35l41: Reorganize log for playback actions + (bsc#1203699). +- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct + (bsc#1203699). +- ALSA: hda: cs35l41: Move boost config to initialization code + (bsc#1203699). +- ALSA: cs35l41: Enable Internal Boost in shared lib + (bsc#1203699). +- ALSA: hda: cs35l41: Mute the device before shutdown + (bsc#1203699). +- commit e34c590 + +- ASoC: cs42l42: Move CS42L42 register descriptions to general + include (bsc#1203699). +- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START + (bsc#1203699). +- ASoC: cs42l42: Handle system suspend (bsc#1203699). +- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ + handling (bsc#1203699). +- ASoC: cs42l42: Report full jack status when plug is detected + (bsc#1203699). +- ASoC: cs42l42: Report initial jack state (bsc#1203699). +- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699). +- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699). +- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG + masks (bsc#1203699). +- ASoC: cs42l42: Remove redundant writes to DETECT_MODE + (bsc#1203699). +- ASoC: cs42l42: Add control for audio slow-start switch + (bsc#1203699). +- ASoC: cs42l42: free_irq() before powering-down on probe() fail + (bsc#1203699). +- ASoC: cs42l42: Reset and power-down on remove() and failed + probe() (bsc#1203699). +- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler + (bsc#1203699). +- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume + callbacks (bsc#1203699). +- ASoC: cs42l42: Use two thresholds and increased wait time for + manual type detection (bsc#1203699). +- ASoC: cs42l42: Implement Manual Type detection as fallback + (bsc#1203699). +- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl + script (bsc#1203699). +- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts + (bsc#1203699). +- ASoC: cs42l42: Fix WARN in remove() if running without an + interrupt (bsc#1203699). +- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile + (bsc#1203699). +- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699). +- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable + (bsc#1203699). +- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699). +- ASoC: cs42l42: Don't claim to support 192k (bsc#1203699). +- ASoC: cs42l42: Don't reconfigure the PLL while it is running + (bsc#1203699). +- commit 866431d + +- ALSA: hda: cs35l41: Put the device into safe mode for external + boost (bsc#1203699). +- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699). +- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699). +- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699). +- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib + (bsc#1203699). +- ALSA: cs35l41: Check hw_config before using it (bsc#1203699). +- ALSA: cs35l41: Unify hardware configuration (bsc#1203699). +- commit ac37bc4 + +- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699). +- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg + (bsc#1203699). +- ALSA: hda/cs8409: Support new Warlock MLK Variants + (bsc#1203699). +- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants + (bsc#1203699). +- ALSA: hda/cs8409: Re-order quirk table into ascending order + (bsc#1203699). +- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration + (bsc#1203699). +- commit af84f1a + +- ALSA: hda/realtek: Add mute and micmut LED support for Zbook + Fury 17 G9 (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch. +- commit 7831f17 + +- ASoC: cs35l41: Remove unnecessary param (bsc#1203699). +- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699). +- commit 8ea9da8 + +- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L-024a7ad9eb4d.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L.patch. +- commit a813cc9 + +- ASoC: cs35l41: Fix DSP mbox start command and global enable + order (bsc#1203699). +- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699). +- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699). +- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void + (bsc#1203699). +- ALSA: hda: cs35l41: Tidyup code (bsc#1203699). +- ALSA: hda: cs35l41: Make use of the helper function + dev_err_probe() (bsc#1203699). +- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699). +- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol + namespace (bsc#1203699). +- ALSA: hda: cs35l41: Add calls to newly added test key function + (bsc#1203699). +- ALSA: hda: cs35l41: Avoid overwriting register patch + (bsc#1203699). +- ALSA: hda: cs35l41: fix double free on error in probe() + (bsc#1203699). +- commit 31fd8da + +- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699). +- firmware: cs_dsp: Add pre_stop callback (bsc#1203699). +- ASoC: wm_adsp: Minor clean and redundant code removal + (bsc#1203699). +- ASoC: wm_adsp: Fix event for preloader (bsc#1203699). +- ASoC: wm_adsp: Compressed stream DSP memory structs should be + __packed (bsc#1203699). +- firmware: cs_dsp: Fix overrun of unterminated control name + string (bsc#1203699). +- ASoC: wm_adsp: Expand firmware loading search options + (bsc#1203699). +- ASoC: wm_adsp: Add trace caps to speaker protection FW + (bsc#1203699). +- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699). +- ASoC: wm_adsp: Correct control read size when parsing compressed + buffer (bsc#1203699). +- ASoC: cs35l41: Add support for hibernate memory retention mode + (bsc#1203699). +- ASoC: cs35l41: Update handling of test key registers + (bsc#1203699). +- ASoC: wm_adsp: Add support for "toggle" preloaders + (bsc#1203699). +- firmware: cs_dsp: Clear core reset for cache (bsc#1203699). +- ASoC: cs35l41: Correct handling of some registers in the cache + (bsc#1203699). +- ASoC: cs35l41: Correct DSP power down (bsc#1203699). +- ASoC: cs35l41: Remove incorrect comment (bsc#1203699). +- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699). +- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses + (bsc#1203699). +- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699). +- firmware: cs_dsp: Move lockdep asserts to avoid potential null + pointer (bsc#1203699). +- firmware: cs_dsp: Allow creation of event controls + (bsc#1203699). +- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699). +- firmware: cs_dsp: Clarify some kernel doc comments + (bsc#1203699). +- firmware: cs_dsp: Perform NULL check in + cs_dsp_coeff_write/read_ctrl (bsc#1203699). +- firmware: cs_dsp: Add support for rev 2 coefficient files + (bsc#1203699). +- firmware: cs_dsp: Print messages from bin files (bsc#1203699). +- firmware: cs_dsp: Add pre_run callback (bsc#1203699). +- firmware: cs_dsp: Add version checks on coefficient loading + (bsc#1203699). +- firmware: cs_dsp: Add lockdep asserts to interface functions + (bsc#1203699). +- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h + (bsc#1203699). +- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol + 'ret' (bsc#1203699). +- commit 545439c + +- supported.conf: Add cs_dsp firmware module (bsc#1203699) +- commit af1ea30 + +- Update config files: enable CS35L41 support (bsc#1203699) +- commit 195ddb7 + +- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops + (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch. +- commit 0a4cbdb + +- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop + (bsc#1203699). +- Refresh + patches.suse/ALSA-hda-ALC287-Add-Lenovo-IdeaPad-Slim-9i-14ITL5-sp.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Legion-Y9000X-2019.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch. +- Refresh + patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch. +- Refresh + patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch. +- commit b3dce35 + +- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems + (bsc#1203699). +- commit 39ffdf8 + +- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699). +- ASoC: cs35l41: Create shared function for boost configuration + (bsc#1203699). +- ASoC: cs35l41: Create shared function for setting channels + (bsc#1203699). +- ASoC: cs35l41: Create shared function for errata patches + (bsc#1203699). +- ASoC: cs35l41: Move power initializations to reg_sequence + (bsc#1203699). +- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code + (bsc#1203699). +- ASoC: cs35l41: Convert tables to shared source code + (bsc#1203699). +- ASoC: cs35l41: Fix undefined reference to core functions + (bsc#1203699). +- ASoC: cs35l41: Fix link problem (bsc#1203699). +- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function + (bsc#1203699). +- ASoC: cs35l41: DSP Support (bsc#1203699). +- ASoC: dt-bindings: cs42l42: Convert binding to yaml + (bsc#1203699). +- ASoC: cs35l41: Set the max SPI speed for the whole device + (bsc#1203699). +- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699). +- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699). +- ASoC: wm_adsp: remove a repeated including (bsc#1203699). +- firmware: cs_dsp: add driver to support firmware loading on + Cirrus Logic DSPs (bsc#1203699). +- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops + (bsc#1203699). +- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp + (bsc#1203699). +- ASoC: wm_adsp: move firmware loading to client (bsc#1203699). +- ASoC: wm_adsp: Pass firmware names as parameters when starting + DSP core (bsc#1203699). +- ASoC: wm_adsp: Move check of dsp->running to better place + (bsc#1203699). +- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling + (bsc#1203699). +- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699). +- ASoC: wm_adsp: Split DSP power operations into helper functions + (bsc#1203699). +- ASoC: wm_adsp: Separate some ASoC and generic functions + (bsc#1203699). +- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699). +- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699). +- ASoC: wm_adsp: Cancel ongoing work when removing controls + (bsc#1203699). +- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed + buffers (bsc#1203699). +- ASoC: wm_adsp: Move check for control existence (bsc#1203699). +- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699). +- ASoC: cs35l41: Binding fixes (bsc#1203699). +- misc: cs35l41: Remove unused pdn variable (bsc#1203699). +- ASoC: cs35l41: Fix a bunch of trivial code formating/style + issues (bsc#1203699). +- ASoC: cs35l41: Fixup the error messages (bsc#1203699). +- ASoC: cs35l41: Don't overwrite returned error code + (bsc#1203699). +- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699). +- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot + (bsc#1203699). +- ASoC: cs35l41: Fix use of an uninitialised variable + (bsc#1203699). +- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699). +- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699). +- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699). +- commit 5d21207 + +- kABI: Add back removed struct paca member (bsc#1203664 + ltc#199236). +- Revert "powerpc/rtas: Implement reentrant rtas call" + (bsc#1203664 ltc#199236). +- commit 93ebb75 + +- blacklist.conf: add scsi commit that's too invasive +- commit ed3d357 + +- struct ehci_hcd: hide new element going into a hole (git-fixes). +- commit 859270b + +- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin + (git-fixes). +- commit 71e1e4f + +- xen/usb: don't use arbitrary_virt_to_machine() (git-fixes). +- commit 9497b70 + +- usb: host: xhci: fix a comment typo in xhci_mem_init() + (git-fixes). +- usb: host: xhci: use ffs() in xhci_mem_init() (git-fixes). +- commit f930b4a + +- usb: Drop commas after SoC match table sentinels (git-fixes). +- commit c8fc91a + +- struct xhci_hcd: restore member now dynamically allocated + (git-fixes). +- commit ac47acd + +- USB: core: Fix RST error in hub.c (git-fixes). +- commit 19a77db + +- Update config files. (jsc#PED-1763) +- supported.conf: +- commit 9894f49 + +- fuse: Remove the control interface for virtio-fs (bsc#1203798). +- commit a23dd0d + +- constraints: increase disk space for all architectures + References: bsc#1203693 + aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is + very close to the limit. +- commit 43a9011 + +- usb.h: struct usb_device: hide new member (git-fixes). +- commit fbd8f4a + +- USB: core: Prevent nested device-reset calls (git-fixes). +- commit 9ef8532 + +- usb: dwc3: disable USB core PHY management (git-fixes). +- commit 1a35727 + +- Update patch referecen for ALSA fix (CVE-2022-3303 bsc#1203769) +- commit 9addbc1 + +- ACPI: processor idle: Practically limit "Dummy wait" workaround + to old Intel systems (bsc#1203767). +- commit ec98644 + +- NFSv4.2: Update mode bits after ALLOCATE and DEALLOCATE + (git-fixes). +- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 + (git-fixes). +- md: call __md_stop_writes in md_stop (git-fixes). +- SUNRPC: RPC level errors should set task->tk_rpc_status + (git-fixes). +- NFSv4.2 fix problems with __nfs42_ssc_open (git-fixes). +- net/sunrpc: fix potential memory leaks in + rpc_sysfs_xprt_state_change() (git-fixes). +- SUNRPC: Reinitialise the backchannel request buffers before + reuse (git-fixes). +- NFSv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes). +- NFSv4: Fix races in the legacy idmapper upcall (git-fixes). +- sunrpc: fix expiry of auth creds (git-fixes). +- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly + (git-fixes). +- NFSv4.1: Don't decrease the value of seq_nr_highest_sent + (git-fixes). +- pNFS/flexfiles: Report RDMA connection errors to the server + (git-fixes). +- Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" + (git-fixes). +- lockd: detect and reject lock arguments that overflow + (git-fixes). +- SUNRPC: Fix xdr_encode_bool() (git-fixes). +- nfsd: eliminate the NFSD_FILE_BREAK_* flags (git-fixes). +- md-raid10: fix KASAN warning (git-fixes). +- NFSD: restore EINVAL error translation in nfsd_commit() + (git-fixes). +- NFSD: Clean up the show_nf_flags() macro (git-fixes). +- SUNRPC: Don't leak sockets in xs_local_connect() (git-fixes). +- SUNRPC: Don't call connect() more than once on a TCP socket + (git-fixes). +- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes). +- NFSD: Fix offset type in I/O trace points (git-fixes). +- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests + (git-fixes). +- commit 510ad2f + +- x86/sev: Add missing __init annotations to SEV init routines + (jsc#SLE-19924 jsc#SLE-24814). +- Refresh + patches.suse/x86-sev-Get-the-AP-jump-table-address-from-secrets-page. +- commit e7f768c + +- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" + (git-fixes). +- commit c7d72a7 + +- i2c: mlxbf: Fix frequency calculation (git-fixes). +- i2c: mlxbf: prevent stack overflow in + mlxbf_i2c_smbus_start_transaction() (git-fixes). +- i2c: mlxbf: incorrect base address passed during io write + (git-fixes). +- i2c: imx: If pm_runtime_get_sync() returned 1 device access + is possible (git-fixes). +- commit abc7475 + +- blacklist.conf: remove blacklisted patch + This patch was incorrectly blacklisted, but in fact + is needeed, so remove the blacklist first. +- commit 858de69 + +- serial: fsl_lpuart: Reset prior to registration (git-fixes). +- workqueue: don't skip lockdep work dependency in + cancel_work_sync() (git-fixes). +- arm64: topology: fix possible overflow in amu_fie_setup() + (git-fixes). +- media: flexcop-usb: fix endpoint type check (git-fixes). +- usb: dwc3: core: leave default DMA if the controller does not + support 64-bit DMA (git-fixes). +- drm/panel: simple: Fix innolux_g121i1_l01 bus_format + (git-fixes). +- drm/mediatek: dsi: Move mtk_dsi_stop() call back to + mtk_dsi_poweroff() (git-fixes). +- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, + reset callbacks (git-fixes). +- drm/panfrost: devfreq: set opp to the recommended one to + configure regulator (git-fixes). +- ASoC: nau8824: Fix semaphore unbalance at error paths + (git-fixes). +- regulator: pfuze100: Fix the global-out-of-bounds access in + pfuze100_regulator_probe() (git-fixes). +- net: usb: qmi_wwan: add Quectel RM520N (git-fixes). +- wifi: mac80211_hwsim: check length for virtio packets + (git-fixes). +- tty: serial: atmel: Preserve previous USART mode if RS485 + disabled (git-fixes). +- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes). +- video: fbdev: pxa3xx-gcu: Fix integer overflow in + pxa3xx_gcu_write (git-fixes). +- serial: atmel: remove redundant assignment in rs485_config + (git-fixes). +- video: fbdev: i740fb: Error out if 'pixclock' equals zero + (git-fixes). +- commit 05ff2c7 + +- scsi: mpt3sas: Fix use-after-free warning (git-fixes). +- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes). +- commit 338849f + +- kexec_file: drop weak attribute from functions (bsc#1196444). +- commit 3df1852 + +- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + (bsc#1198189 CVE-2022-1263). +- commit 7717214 + +- kexec, KEYS, s390: Make use of built-in and secondary keyring + for signature verification (bsc#1196444). +- commit a0517d1 + +- arm64: kexec_file: use more system keyrings to verify kernel + image signature (bsc#1196444). +- kexec, KEYS: make the code in bzImage64_verify_sig generic + (bsc#1196444). +- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444). +- kexec: drop weak attribute from functions (bsc#1196444). +- x86/kexec: fix memory leak of elf header buffer (bsc#1196444). +- commit 6bb0d35 + +- arm64: dts: rockchip: Remove 'enable-active-low' from + rk3399-puma (git-fixes). +- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz + (git-fixes). +- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core + (git-fixes). +- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes). +- selftests: forwarding: add shebang for sch_red.sh (git-fixes). +- can: gs_usb: gs_can_open(): fix race dev->can.state condition + (git-fixes). +- gve: Fix GFP flags when allocing pages (git-fixes). +- wifi: mt76: fix reading current per-tid starting sequence + number for aggregation (git-fixes). +- batman-adv: Fix hang up with small MTU hard-interface + (git-fixes). +- net: phy: aquantia: wait for the suspend/resume operations to + finish (git-fixes). +- gpiolib: cdev: Set lineevent_state::irq after IRQ register + successfully (git-fixes). +- gpio: mockup: fix NULL pointer dereference when removing debugfs + (git-fixes). +- selftests: forwarding: Fix failing tests with old libnet + (git-fixes). +- commit 4895eee + +- dt-bindings: Add headers for Host1x and VIC on Tegra234 + (jsc#PED-1763). +- dt-bindings: memory: Add Tegra234 MGBE memory clients + (jsc#PED-1763). +- dt-bindings: Add Tegra234 MGBE clocks and resets (jsc#PED-1763). +- dt-bindings: power: Add Tegra234 MGBE power domains + (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 GPCDMA (jsc#PED-1763). +- dt-bindings: tegra186-hsp: add type for shared mailboxes + (jsc#PED-1763). +- arm64: tegra: Add QSPI controllers on Tegra234 (jsc#PED-1763). +- dt-bindings: memory: Add Tegra234 PCIe memory (jsc#PED-1763). +- dt-bindings: power: Add Tegra234 PCIe power domains + (jsc#PED-1763). +- dt-bindings: Add Tegra234 PCIe clocks and resets (jsc#PED-1763). +- dt-bindings: Add HDA support for Tegra234 (jsc#PED-1763). +- dt-bindings: Add Tegra234 APE support (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 PWM (jsc#PED-1763). +- dt-bindings: Add headers for Tegra234 I2C (jsc#PED-1763). +- dt-bindings: gpio: Add Tegra234 support (jsc#PED-1763). +- dt-bindings: memory: tegra: Add Tegra234 support (jsc#PED-1763). +- dt-bindings: Update headers for Tegra234 (jsc#PED-1763). +- commit 44a5986 + +- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes). +- commit a413591 + +- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes). +- commit 7bd201a + +- net: enetc: Use pci_release_region() to release some resources + (git-fixes). +- commit 15bc221 + +- net: dsa: mv88e6xxx: Fix refcount leak in + mv88e6xxx_mdios_register (git-fixes). +- commit 568058d + +- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes). +- commit a7df60c + +- net: stmmac: fix out-of-bounds access in a selftest (git-fixes). +- commit 1d801d7 + +- net: macb: Fix PTP one step sync support (git-fixes). +- commit c6f42d2 + +- net: wwan: iosm: remove pointless null check (git-fixes). +- commit 4eccfc1 + +- eth: sun: cassini: remove dead code (git-fixes). +- commit aa42615 + +- net: stmmac: remove unused get_addr() callback (git-fixes). +- commit 14586bc + +- Revert "ice: Hide bus-info in ethtool for PRs in switchdev mode" + (git-fixes). +- commit 2b88535 + +- net: ethernet: stmmac: fix write to sgmii_adapter_base + (git-fixes). +- commit 63c3906 + +- net: dsa: felix: fix tagging protocol changes with multiple + CPU ports (git-fixes). +- commit 41e3617 + +- net: dsa: introduce helpers for iterating through ports using dp + (git-fixes). +- commit 5001021 + +- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap + (git-fixes). +- commit 1bdfd3c + +- net: hns3: add netdev reset check for hns3_set_tunable() + (git-fixes). +- commit f002bf7 + +- net: phy: at803x: move page selection fix to config_init + (git-fixes). +- commit 02fb6c3 + +- ice: Match on all profiles in slow-path (git-fixes). +- commit 5ba2957 + +- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes). +- commit 1308dcb + +- blacklist.conf: update blacklist +- commit e0df553 + +- blacklist.conf: update blacklist +- commit d975e01 + +- blacklist.conf: update blacklist +- commit 2402036 + +- ALSA: hda: Fix Nvidia dp infoframe (git-fixes). +- ALSA: hda/tegra: set depop delay for tegra (git-fixes). +- ALSA: hda/tegra: Update scratch reg. communication (git-fixes). +- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes). +- commit 636d297 + +- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED + (git-fixes). +- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes). +- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack + (git-fixes). +- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes). +- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 + laptop (git-fixes). +- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 + laptop (git-fixes). +- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes). +- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes). +- commit a4ecf82 + +- dmaengine: ti: k3-udma-private: Fix refcount leak bug in + of_xudma_dev_get() (git-fixes). +- Revert "ALSA: usb-audio: Split endpoint setups for hw_params + and prepare" (git-fixes). +- ALSA: core: Fix double-free at snd_card_new() (git-fixes). +- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes). +- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount + saturation (git-fixes). +- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible + (git-fixes). +- gpio: mockup: remove gpio debugfs when remove device + (git-fixes). +- Input: iforce - add support for Boeder Force Feedback Wheel + (git-fixes). +- Input: goodix - add compatible string for GT1158 (git-fixes). +- Input: goodix - add support for GT1158 (git-fixes). +- drm/msm/rd: Fix FIFO-full deadlock (git-fixes). +- drm/amd/amdgpu: skip ucode loading if ucode_size == 0 + (git-fixes). +- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS + (git-fixes). +- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell + Dot keymap fixes (git-fixes). +- platform/surface: aggregator_registry: Add support for Surface + Laptop Go 2 (git-fixes). +- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes). +- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered + message (git-fixes). +- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo + (git-fixes). +- ACPI: resource: skip IRQ override on AMD Zen platforms + (git-fixes). +- ARM: dts: imx: align SPI NOR node name with dtschema + (git-fixes). +- commit 6a1df1e + +- Refresh patches.suse/iommu-vt-d-Acquiring-lock-in-domain-ID-allocation-helpers + Fix spin deadlock in intel_iommu (bsc#1203505) +- commit 69d294e + +- media: dvb-core: Fix UAF due to refcount races at releasing + (CVE-2022-41218 bsc#1202960). +- commit bdcd7ab + +- cpufreq: tegra194: Staticize struct tegra_cpufreq_soc instances + (jsc#PED-1763). +- commit 2b309dd + +- ASoC: tegra: AHUB routes for OPE module (jsc#PED-1763). +- commit ae8614b + +- PCI: tegra194: Add Tegra234 PCIe support (jsc#PED-1763). +- commit 9848d71 + +- PCI: tegra194: Extend Endpoint mode support (jsc#PED-1763). +- commit 64c6d53 + +- PCI: tegra194: Clean up the exit path for Endpoint mode + (jsc#PED-1763). +- commit 77cf561 + +- PCI: tegra194: Enable support for 256 Byte payload + (jsc#PED-1763). +- commit 3d70757 + +- PCI: tegra194: Clear bandwidth management status (jsc#PED-1763). +- commit 4eb1d6d + +- PCI: tegra194: Find RAS DES PCIe capability offset + (jsc#PED-1763). +- commit 6869f7e + +- Revert "PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie" + (jsc#PED-1763). +- Refresh + patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch. +- commit 7c3a2c4 + +- dmaengine: tegra: Add terminate() for Tegra234 (jsc#PED-1763). +- commit 14777c3 + +- phy: tegra: Add PCIe PIPE2UPHY support for Tegra234 + (jsc#PED-1763). +- commit 8045a50 + +- gpu: host1x: Register context bus unconditionally + (jsc#PED-1763). +- commit 1cdd50a + +- spi: dt-bindings: Add compatible for Tegra241 QSPI + (jsc#PED-1763). +- commit f5277d1 + +- spi: tegra210-quad: Multi-cs support (jsc#PED-1763). +- commit 5df9b77 + +- memory: tegra: Add MGBE memory clients for Tegra234 + (jsc#PED-1763). +- commit fe9c9ad + +- clocksource/drivers/timer-tegra186: Add support for Tegra234 + SoC (jsc#PED-1763). +- commit 9102f99 + +- clocksource: Add Tegra186 timers support (jsc#PED-1763). +- Update config files +- commit f783dd3 + +- gpu: host1x: Add context bus (jsc#PED-1763). +- commit 62055eb + +- iommu/arm-smmu: Support Tegra234 SMMU (jsc#PED-1763). +- commit b6d01d1 + +- cpufreq: tegra194: Add support for Tegra234 (jsc#PED-1763). +- commit 6ccf722 + +- cpufreq: tegra194: add soc data to support multiple soc + (jsc#PED-1763). +- commit d6431d8 + +- dmaengine: tegra: Remove unused switch case (jsc#PED-1763). +- commit 21ff5bc + +- dmaengine: tegra: Fix uninitialized variable usage + (jsc#PED-1763). +- commit 8692e6a + +- dmaengine: tegra: Use platform_get_irq() to get IRQ resource + (jsc#PED-1763). +- commit dce0f23 + +- dmaengine: tegra: Remove unused including + (jsc#PED-1763). +- commit e600cdf + +- dmaengine: tegra: Add tegra gpcdma driver (jsc#PED-1763). +- Update config files. +- supported.conf +- commit 8c4f76d + +- PCI: tegra194: Remove unnecessary MSI enable reg save and + restore (jsc#PED-1763). +- commit 028846a + +- mailbox: tegra-hsp: Add 128-bit shared mailbox support + (jsc#PED-1763). +- commit 2799912 + +- mailbox: tegra-hsp: Add tegra_hsp_sm_ops (jsc#PED-1763). +- commit 301d237 + +- memory: tegra: Add MC error logging on Tegra186 onward + (jsc#PED-1763). +- commit 803123e + +- memory: tegra: Add memory controller channels support + (jsc#PED-1763). +- commit 91c35b0 + +- memory: tegra: Add APE memory clients for Tegra234 + (jsc#PED-1763). +- commit bddcc01 + +- memory: tegra: Add Tegra234 support (jsc#PED-1763). +- commit 15d156c + +- soc/tegra: pmc: Update Tegra234 reset sources (jsc#PED-1763). +- ASoC: tegra: AHUB routes for ASRC module (jsc#PED-1763). +- soc/tegra: pmc: Add Tegra234 wake events (jsc#PED-1763). +- commit 055208f + +- ASoC: tegra: Update AHUB driver for Tegra234 (jsc#PED-1763). +- ALSA: hda/tegra: Hardcode GCAP ISS value on T234 (jsc#PED-1763). +- commit 12ff211 + +- PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie + (jsc#PED-1763). +- Refresh + patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch. +- Refresh + patches.suse/PCI-tegra194-Fix-link-up-retry-sequence.patch. +- commit 43c995b + +- misc: sram: Add compatible string for Tegra234 SYSRAM + (jsc#PED-1763). +- commit c359d28 + +- gpio: tegra186: Add support for Tegra234 (jsc#PED-1763). +- Refresh + patches.suse/gpio-tegra186-Add-support-for-Tegra241.patch. +- commit 794cc29 + +- gpu: host1x: select CONFIG_DMA_SHARED_BUFFER (jsc#PED-1763). +- commit 805f6b6 + +- Update kabi files: import symvers from MU 5.14.21-150400.24.21 +- commit a9db6f7 + +- blacklist.conf: e9b6013a7ce3 x86/speculation: Update link to AMD speculation whitepaper +- commit 2ebf815 + +- EDAC/dmc520: Don't print an error for each unconfigured + interrupt line (bsc#1190497). +- commit c59e321 + +- blacklist.conf: ad2c302bc604 EDAC/sifive: Fix non-kernel-doc comment +- commit 1146177 + +- Update patch reference for media fix (CVE-2022-3239 bsc#1203552) +- commit 9054a9f + +- supported.conf: Add drivers/virt/coco/sevguest/sevguest +- commit 14b71be + +- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814). +- Update config files. +- commit 07e76d6 + +- scsi: smartpqi: Shorten drive visibility after removal + (bsc#1200622). +- commit 575230a + +- x86/sev: Provide support for SNP guest request NAEs + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit eaa3ba3 + +- x86/boot: Add Confidential Computing type to setup_data + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. +- commit cecec70 + +- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924, + jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit d7a984b + +- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit df057b9 + +- x86/sev: Add a helper for the PVALIDATE instruction + (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch. +- commit 27da7ad + +- x86/compressed/64: Detect/setup SEV/SME features earlier during + boot (jsc#SLE-19924, jsc#SLE-24814). +- Refresh + patches.suse/x86-sev-define-the-linux-specific-guest-termination-reasons.patch. +- commit 509599d + +- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Get the AP jump table address from secrets page + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Put globals that are accessed early into the .data + section (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Fix bool function returning negative value + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Fix return value check in alloc_shared_pages() + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add support to get extended report + (jsc#SLE-19924, jsc#SLE-24814). +- virt: sevguest: Add support to derive key (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Register SEV-SNP guest request platform device + (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add a sev= cmdline option (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Use firmware-validated CPUID for SEV-SNP guests + (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924, + jsc#SLE-24814). +- x86/compressed/64: Add identity mapping for Confidential + Computing blob (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Export and rename add_identity_map() + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP + guests (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Add SEV-SNP feature detection/setup + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Add a pointer to Confidential Computing blob in + bootparams (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC + handlers (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Move MSR-based VMGEXITs for CPUID to helper + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: x86: Move lookup of indexed CPUID leafs to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI kexec handling into common code + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI vendor table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI config table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI system table lookup to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed/acpi: Move EFI detection to helper + (jsc#SLE-19924, jsc#SLE-24814). +- x86/head/64: Re-enable stack protection (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Use SEV-SNP AP creation to start secondary CPUs + (jsc#SLE-19924, jsc#SLE-24814). +- x86/kernel: Validate ROM memory before accessing when SEV-SNP + is active (jsc#SLE-19924, jsc#SLE-24814). +- x86/kernel: Mark the .bss..decrypted section as shared in the + RMP table (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Add helper for validating pages in early enc attribute + changes (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Register GHCB memory when SEV-SNP is active + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Register GHCB memory when SEV-SNP is active + (jsc#SLE-19924, jsc#SLE-24814). +- x86/compressed: Add helper for validating pages in the + decompression stage (jsc#SLE-19924, jsc#SLE-24814). +- x86/sev: Check SEV-SNP features support (jsc#SLE-19924, + jsc#SLE-24814). +- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924, + jsc#SLE-24814). +- x86/sev: Detect/setup SEV/SME features earlier in boot + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Use MSR read/write helpers instead of inline assembly + (jsc#SLE-19924, jsc#SLE-24814). +- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924, + jsc#SLE-24814). +- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924, + jsc#SLE-24814). +- KVM: SVM: Create a separate mapping for the GHCB save area + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: SVM: Create a separate mapping for the SEV-ES save area + (jsc#SLE-19924, jsc#SLE-24814). +- KVM: SVM: Define sev_features and VMPL field in the VMSA + (jsc#SLE-19924, jsc#SLE-24814). +- commit 08ede5a + +- md: unlock mddev before reap sync_thread in action_store + (bsc#1197659). +- commit b42af07 + +- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type + in mpc85xx (git-fixes). +- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes). +- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes). +- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes). +- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes). +- drm/meson: Correct OSD1 global alpha value (git-fixes). +- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code + for vega (git-fixes). +- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega + (git-fixes). +- of/device: Fix up of_dma_configure_id() stub (git-fixes). +- of: fdt: fix off-by-one error in unflatten_dt_nodes() + (git-fixes). +- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes). +- vfio/type1: Unpin zero pages (git-fixes). +- efi: capsule-loader: Fix use-after-free in efi_capsule_write + (git-fixes). +- efi: libstub: Disable struct randomization (git-fixes). +- fbdev: chipsfb: Add missing pci_disable_device() in + chipsfb_pci_init() (git-fixes). +- commit a8d151e + +- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion + (git-fixes). +- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly + (git-fixes). +- drm/radeon: add a force flush to delay work when radeon + (git-fixes). +- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup + (git-fixes). +- drm/amdgpu: Move psp_xgmi_terminate call from + amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes). +- drm/gem: Fix GEM handle release errors (git-fixes). +- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps + (git-fixes). +- drm/bridge: display-connector: implement bus fmts callbacks + (git-fixes). +- commit a41cdd0 + +- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE + (git-fixes). +- commit 37ef226 + +- xen-blkfront: Cache feature_persistent value before + advertisement (git-fixes). +- commit 3ed3cdd + +- Update references: + - patches.kabi/kabi-return-type-change-of-secure_ipv-46-_port_ephem.patch + - patches.suse/secure_seq-use-the-64-bits-of-the-siphash-for-port-o.patch + - patches.suse/tcp-add-small-random-increments-to-the-source-port.patch + - patches.suse/tcp-drop-the-hash_32-part-from-the-index-calculation.patch + - patches.suse/tcp-dynamically-allocate-the-perturb-table-used-by-s.patch + - patches.suse/tcp-increase-source-port-perturb-table-to-2-16.patch + - patches.suse/tcp-resalt-the-secret-every-10-seconds.patch + - patches.suse/tcp-use-different-parts-of-the-port_offset-for-index.patch + (add CVE-2022-32296 bsc#1200288) +- commit 07e021d + +- xen-netback: only remove 'hotplug-status' when the vif is + actually destroyed (git-fixes). +- commit 33b6bc1 + +- xen-blkfront: Advertise feature-persistent as user requested + (git-fixes). +- commit 55b30a0 + +- xen-blkback: Advertise feature-persistent as user requested + (git-fixes). +- commit aa17727 + +- xen-blkfront: Apply 'feature_persistent' parameter when connect + (git-fixes). +- commit ea0d055 + +- xen-blkback: Apply 'feature_persistent' parameter when connect + (git-fixes). +- commit 8bac828 + +- xen-blkback: fix persistent grants negotiation (git-fixes). +- commit 8c9e86e + +- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes). +- commit 8ae5e2f + +- x86/xen: Remove undefined behavior in setup_features() + (git-fixes). +- commit fe2de2e + +- xen-blkfront: Handle NULL gendisk (git-fixes). +- commit ff9be3a + +- blacklist.conf: add 1dbd11ca75fe ("xen: remove gnttab_query_foreign_access") + as it would break KABI +- commit 893d5df + +- KVM: SVM: fix tsc scaling cache logic (bsc#1203263). +- commit 9311053 + +- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() + (git-fixes). +- commit 4acefb4 + +- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted() + (git-fixes). +- commit c7cc445 + +- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall + (git-fixes). +- commit cfc201b + +- KVM: x86: hyper-v: Drop redundant 'ex' parameter from + kvm_hv_send_ipi() (git-fixes). +- commit 001f866 + +- KVM: X86: Fix when shadow_root_level=5 && guest root_level<4 + (git-fixes). +- commit 4d133af + +- jfs: prevent NULL deref in diFree (bsc#1203389 CVE-2022-3202). +- commit 1259272 + libebml +- Update to version 1.4.4 + * Fix ABI compatibility: unfortunately release 1.4.3 broke ABI + compatibility. This release restores the compatibility with + release 1.4.2. Please use it instead of release 1.4.3. In + other words: 1.4.2 & 1.4.4 are compatible, while 1.4.3 is + compatible with neither 1.4.2 nor 1.4.4. + +- update to 1.4.3: + * A C++14 compliant C++ compiler is now required. + * Fix compilation with g++ 11. Fixes #80. + * Remove Coremake project files + * Updated the bundled utf8cpp to v3.2.1. + * Fixed several problems in `EbmlBinary:` potential segfault by + writing to a `nullptr`, potential memory leak under certain error + conditions. + * Fixed problems with the generated `pkg-config` files if any of the + installation paths are absolute. +- drop 0001-include-appropriate-header-files-for-std-numeric_lim.patch (upstream) + libheif +- Add missing gdk-pixbuf loader scriptlets (bsc#1199987). + libksba +- Security fix: [bsc#1204357, CVE-2022-3515] + * Detect a possible overflow directly in the TLV parser. + * Add libksba-CVE-2022-3515.patch + -- add libtool as buildrequire to avoid implicit dependency - -- update to libksba-1.2.0 - - New functions to allow the creation of X.509 certificates. - - Interface changes relative to the 1.1.0 release: - ksba_certreq_set_serial NEW - ksba_certreq_set_issuer NEW - ksba_certreq_set_validity NEW - ksba_certreq_set_siginfo NEW - -- update to libksba-1.1.0 - * New functions to fix a leak in dirmngr. - * Interface changes relative to the 1.0.0 release: - ksba_reader_set_release_notify NEW - ksba_writer_set_release_notify NEW -- clean up specfile - -- Use %_smp_mflags - -- update to libksba-1.0.8 - * Fixed a CMS parsing bug exhibited by Lotus Notes. - -- update to libksba-1.0.7 - * Detect overflow while parsing OIDs. Map BER encoded OIDs to well - known names. - * Allow mixed case names in DNs. - -- update to libksba-1.0.6 - * Support SHA-{384,512} based signature generation. - * The RSA algorithmIdentifier ASN.1 sequence is now emitted with an - explicit NULL parameter. Despite the interop testing we did in the - past, some software still requires this and thus we better follow - the best current practise. - -- remove static libraries and "la" files -- fix buildrequires and -devel package dependencies - libmad +- length-check.patch: incorporate previous frame_length.diff checks + +- length-check.patch: replaces frame_length.diff. Fixes now also + bsc#1036968, bsc#1036969 (CVE-2017-8373, CVE-2017-8372) +- use %license for the license + -- Fixup to adhere openSUSE specfile requirements. - -- fix build on > 12.1 by BuildRequires: autoconf automake libtool -- call autoreconf to rebuild configure from patched configure.ac - -- disable static and remove .la files -- patch away CFLAGS mangling completely - -- add patch to keep -O2 in CFLAGS -- pass --enable-accuracy - libmatroska +- update to 1.7.1: + * Fix ABI compatibility: unfortunately release 1.7.0 broke ABI + compatibility. This release restores the compatibility with + release 1.6.3. Please use it instead of release 1.7.0. In other + words: 1.6.3 & 1.7.1 are compatible, while 1.7.0 is compatible + with neither 1.6.3 nor 1.7.1. + +- update to 1.7.0: + * A C++14 compliant C++ compiler is now required. + * libEBML v1.4.3 is now required. + * Remove Coremake project files + * Add `KaxInternalBlock::GetRelativeTimestamp()` to access unscaled + block timestamps. + * Fixed problems with the generated `pkg-config` files if any of the + installation paths are absolute. + * Added several enums in `namespace libmatroska` for the various + elements that are constrained to a set of options: + `MatroskaTrackType`, `MatroskaTrackEncodingCompAlgo`, + `MatroskaChapterTranslateCodec`, `MatroskaTrackTranslateCodec`, + `MatroskaVideoFlagInterlaced`, `MatroskaVideoFieldOrder`, + `MatroskaVideoStereoMode`, `MatroskaVideoAlphaMode`, + `MatroskaVideoOldStereoMode`, `MatroskaVideoDisplayUnit`, + `MatroskaVideoAspectRatioType`, `MatroskaVideoMatrixCoefficients`, + `MatroskaColourChromaSitingHorz`, `MatroskaColourChromaSitingVert`, + `MatroskaVideoRange`, `MatroskaVideoTransferCharacteristics`, + `MatroskaVideoPrimaries`, `MatroskaVideoProjectionType`, + `MatroskaAudioEmphasis`, `MatroskaTrackPlaneType`, + `MatroskaContentEncodingScope`, `MatroskaContentEncodingType`, + `MatroskaContentEncodingAlgo`, `MatroskaAESSettingsCipherMode`, + `MatroskaContentSignatureAlgo`, `MatroskaContentSigHashAlgo`, + `MatroskaChapterSkipType`, `MatroskaChapterProcessTime` and + `MatroskaTargetTypeValue`. + * Updated the semantics to the latest specifications, deprecating the + following elements by preventing code to write them: + `KaxClusterSilentTracks`, `KaxClusterSilentTrackNumber`, + `KaxSlices`, `KaxReferenceFrame`, `KaxReferenceOffset`, + `KaxReferenceTimeCode`, `KaxTrackTimecodeScale`, + `KaxCodecDecodeAll`, `KaxVideoAspectRatio`, `KaxTrickTrackUID`, + `KaxTrickTrackSegmentUID`, `KaxTrickTrackFlag`, + `KaxTrickMasterTrackUID`, `KaxTrickMasterTrackSegmentUID`, + `KaxContentSignature`, `KaxContentSigKeyID`, `KaxContentSigAlgo` and + `KaxContentSigHashAlgo`. + * Updated the semantics to the latest specifications, making the + following elements mandatory (but having default values): + `KaxCodecDelay`, `KaxVideoPixelCropBottom`, `KaxVideoPixelCropTop`, + `KaxVideoPixelCropLeft`, `KaxVideoPixelCropRight`, + `KaxVideoBitsPerChannel`, `KaxCueCodecState`, + `KaxTagTargetTypeValue`, `KaxTrackLanguage`, `KaxVideoStereoMode`, + `KaxVideoAlphaMode`, `KaxEditionFlagOrdered`, + `KaxVideoChromaSitHorz`, `KaxVideoChromaSitVert`, + `KaxVideoColourRange`, `KaxVideoColourMatrix`, + `KaxVideoColourTransferCharacter`, `KaxVideoColourPrimaries` and + `KaxVideoDisplayUnit`. + * Updated the semantics to the latest specifications, removing the + default values from the following elements: `KaxCueBlockNumber`, + `KaxFlagHearingImpaired`, `KaxFlagVisualImpaired`, + `KaxFlagTextDescriptions`, and `KaxFlagOriginal`. + * Updated the semantics to the latest specifications, adding the + following new elements: `TagDefaultBogus` (as a placeholder for + accidentally used but wrong EBML ID 0x44b4), `KaxEmphasis`, + libmbim +- update to 1.26.4: + * meson: force building doc on normal builds, not only during install. + * meson: fix 'export_packages' in GIR setup. + * compat: deprecate the MbimLteAttachStatus type. + * net-port-manager: use unaligned netlink attribute length. + * include MBIM proxy control service in docs. + * codegen: add section doc for each service. + * utils: add missing short description in section. + * compat: add missing MbimLteAttachStatus doc. + * device: add missing mbim_device_list_links() doc. + * device: fix MbimDevice 'device-in-session' property doc. + * version: add missing MBIM_CHECK_VERSION() documentation. + * device: fix wrong reference to QmiDevice + * Several other minor improvements and fixes. + libmediawiki +- Update to 5.38.0 + * compile fixes for current Qt +- Drop Fix-compilation-error-with-Qt-5.15.patch, merged upstream +- Add signature file and keyring +- Add needed dependencies to the devel package + libnettle +- POWER10 performance enhancements for cryptography [jsc#PED-546] + * Backport the P0 performance enhancements. + * Add patches: + - libnettle-PowerPC-Implement-Poly1305-single-block-update-based.patch + - libnettle-PowerPC-Use-defined-structure-constants-of-P1305-in.patch + - libnettle-Workaround-for-qemu-bug-affecting-the-ppc-intruction.patch + libogg -- Orthographic fixes to descriptions. RPM group fix. - -- Update to version 1.3.2 - * Fix an bug in oggpack_writecopy(). - -- Xiph libogg 1.3.1 - * Guard against very large packets. - * Respect the configure --docdir override. - * Documentation fixes. -- fix SLE build - -- own aclocal directory - -- -O20 optimization level does not exist, use -O3 - -- updated to version 1.3.0 - * Add ogg_stream_flush_fill() call - This produces longer packets on flush, similar to - what ogg_stream_pageout_fill() does for single pages. -- run spec-cleaner on it -- remove "SLES10 -> SLES11 upgrade path" parts since the upgrade - already happened and anyway the entry in bugzilla is not public - -- replace _service with real file - -- update to version 1.2.2 - * Build fix (types correction) for Mac OS X - * Update win32 project files to Visual Studio 2008 - * ogg_stream_pageout_fill documentation fix - -- update to version 1.2.1 - * Various build updates (see SVN) - * Add ogg_stream_pageout_fill() to API to allow applications - greater explicit flexibility in page sizing. - * Documentation updates including multiplexing description, - terminology and API (incl. ogg_packet_clear(), - ogg_stream_pageout_fill()) - * Correct possible buffer overwrite in stream encoding on 32 bit - when a single packet exceed 250MB. - * Correct read-buffer overrun [without side effects] under - similar circumstances. - * Update unit testing to work properly with new page spill - heuristic. - * Alter default flushing behavior to span less often and use - larger page sizes when packet sizes are large. - * Build fixes for additional compilers - * Documentation updates -- run spec-cleaner -- removed configure.dif (reapply if -fsigned-char causes problems) -- removed libogg-compile-warning-fix.diff (upstreamed) - -- add baselibs.conf as a source - libreoffice +- Update to 7.3.6.2 (jsc#SLE-23447): + https://wiki.documentfoundation.org/Releases/7.3.6/RC2 + https://wiki.documentfoundation.org/Releases/7.3.6/RC1 + https://wiki.documentfoundation.org/Releases/7.3.5/RC2 + https://wiki.documentfoundation.org/Releases/7.3.5/RC1 + https://wiki.documentfoundation.org/Releases/7.3.4/RC2 + https://wiki.documentfoundation.org/Releases/7.3.4/RC1 + https://wiki.documentfoundation.org/Releases/7.3.3/RC2 + https://wiki.documentfoundation.org/Releases/7.3.3/RC1 +- LO-L3: Empty table rows appear with lower height + * bsc1197498.patch +- LO-L3: PPTX saved from LO shows with different colors in MSO + * bsc1200009.patch +- LO-L3: PPTX: transparency of PNG image not "shown" + * bsc1201093.patch +- LO-L3: video stops after one iteration instead of playing in loop + * bsc1202032.patch +- LO-L3: Video is "blown" up, distorting proportions + * bsc1202114.patch +- Fix CVE-2022-3140, Macro URL arbitrary script execution + (CVE-2022-3140, bsc#1203209) + * CVE-2022-3140-4.patch +- Updated bundled dependencies: + * curl-7.79.1 -> curl-7.83.1 +- Remove upstreamed patches: + * bsc1192616.patch + + * fixes for the following security vulnerabilities: + CVE-2022-26305 (bsc#1201868) + CVE-2022-26307 (bsc#1201872) libstorage-ng +- merge gh#openSUSE/libstorage-ng#901 +- set used feature flag for quota (bsc#1204773) +- 4.5.48 + +- merge gh#openSUSE/libstorage-ng#900 +- make result of ParitionTable::is_partition_id_supported() depend + on parted version +- 4.5.47 + +- merge gh#openSUSE/libstorage-ng#899 +- allow to work with other linux flavours +- 4.5.46 + +- merge gh#openSUSE/libstorage-ng#898 +- allow blkid to exit with exit status 2 (bsc#1203285) +- 4.5.45 + libtasn1 +- Add libtasn1-CVE-2021-46848.patch: Fixed off-by-one array size check + that affects asn1_encode_simple_der (CVE-2021-46848, bsc#1204690). + libtheora -- update to version 1.0 final - * new additional encoder and decoder libs with new api. - libupnp +- Update to release 1.14.14 + * Skip leading UTF-8 BOM in XML documents + libxml2 +- Update to version 2.10.3 (bsc#1204366, CVE-2022-40303, bsc#1204367, CVE-2022-40304): + + Security: + - [CVE-2022-40304] Fix dict corruption caused by entity + reference cycles + - [CVE-2022-40303] Fix integer overflows with XML_PARSE_HUGE + - Fix overflow check in SAX2.c + + Build system: cmake: Set SOVERSION +- Rebase patches with quilt. + +- Build for now with --with-legacy to enable APIs that have been + deprecated recently. (bsc#1202965) + +- Update to version 2.10.2: + * Improvements: + + Remove set-but-unused variable in xmlXPathScanName + + Silence -Warray-bounds warning + * Build system + + build: require automake-1.16.3 or later + + Remove generated files from distribution + * Test suite: Don't create missing.xml when running testapi +- Add configure --with-python=%{__python3} inbefore python build, + as upstream no longer ships pre-grenerated files. +- Use sed to fix env-script-interpreter in documentation example. +- Pass with-ftp to configure, build ftp support. + +- Update to version 2.10.1: + * Regressions: Fix xmlCtxtReadDoc with encoding + * Bug fixes: Fix HTML parser with threads and --without-legacy + * Build system: + + Fix build with Python 3.10 + + cmake: Disable version script on macOS + + Remove Makefile rule to build testapi.c + * Documentation: + + Switch back to HTML output for API documentation + + Port doc/examples/index.py to Python 3 + + Fix order of exports in libxml2-api.xml + + Remove libxml2-refs.xml + +- Update to 2.10.0: + * Security + + [CVE-2022-2309] Reset nsNr in xmlCtxtReset + + Reserve byte for NUL terminator and report errors consistently in xmlBuf and + xmlBuffer + + Fix missing NUL terminators in xmlBuf and xmlBuffer functions + + Fix integer overflow in xmlBufferDump() + + xmlBufAvail() should return length without including a byte for NUL + terminator + + Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc() + + Use xmlNewDocText in xmlXIncludeCopyRange + + Fix use-after-free bugs when calling xmlTextReaderClose() before + xmlFreeTextReader() on post-validating parser + + Use UPDATE_COMPAT() consistently in buf.c + + fix: xmlXPathParserContext could be double-delete in OOM case. + * Removals and deprecations + + Disable XPointer location support by default + + Remove outdated xml2Conf.sh + + Deprecate module init and cleanup functions + + Remove obsolete XML Software Autoupdate (XSA) file + + Remove DOCBparser + + Remove obsolete Python test framework + + Remove broken VxWorks support + + Remove broken Mac OS 9 support + + Remove broken bakefile support + + Remove broken Visual Studio 2010 support + + Remove broken Windows CE support + + Deprecate IDREF-related functions in valid.h + + Deprecate legacy functions + + Disable legacy support by default + + Deprecate all functions in nanoftp.h + + Disable FTP support by default + + Add XML_DEPRECATED macro + + Remove elfgcchack.h + * Regressions + + Skip incorrectly opened HTML comments + + Restore behavior of htmlDocContentDumpFormatOutput() + * Bug fixes + + Fix memory leak with invalid XSD + + Make XPath depth check work with recursive invocations + + Fix memory leak in xmlLoadEntityContent error path + + Avoid double-free if malloc fails in inputPush + + Properly fold whitespace around the QName value when validating an XSD + schema. + + Add whitespace folding for some atomic data types that it's missing on. + + Don't add IDs containing unexpanded entity references + * Improvements + + Avoid calling xmlSetTreeDoc + + Simplify xmlFreeNode + + Don't reset nsDef when changing node content + + Fix unintended fall-through in xmlNodeAddContentLen + + Remove unused xmlBuf functions + + Implement xpath1() XPointer scheme + + Add configuration flag for XPointer locations support + + Fix compiler warnings in Python code + + Mark more static data as `const` + + Make xmlStaticCopyNode non-recursive + + Clean up encoding switching code + + Simplify recursive pthread mutex + + Use non-recursive mutex in dict.c + + Fix parser progress checks + + Avoid arithmetic on freed pointers + + Improve buffer allocation scheme + + Remove unneeded #includes + + Add support for some non-standard escapes in regular expressions. + + htmlParseComment: handle abruptly-closed comments + + Add let variable tag support + + Add value-of tag support + + Remove useless call to xmlRelaxNGCleanupTypes + + Don't include ICU headers in public headers + + Update `xmlStrlen()` to use POSIX / ISO C `strlen()` + + Fix unused variable warnings with disabled features + + Only warn on invalid redeclarations of predefined entities + + Remove unneeded code in xmlreader.c + + Rework validation context flags + * Portability + + Use NAN/INFINITY if available to init XPath NaN/Inf + + Fix Python tests on macOS + + Fix xmlCleanupThreads on Windows + + Fix reinitialization of library on Windows + + Don't mix declarations and code in runtest.c + + Use portable python shebangs + + Use critical sections as mutex on Windows + + Don't set HAVE_WIN32_THREADS in win32config.h + + Use stdint.h with newer MSVC + + Remove cruft from win32config.h + + Remove isinf/isnan emulation in win32config.h + + Always fopen files with "rb" + + Remove __DJGPP__ checks + + Remove useless __CYGWIN__ checks + * Build system + + Don't autogenerate doc/examples/Makefile.am + + cmake: Install libxml.m4 on UNIX-like platforms + + cmake: Use symbol versioning on UNIX-like platforms + + Port genUnicode.py to Python 3 + + Port gentest.py to Python 3 + + cmake: Fix build without thread support + + cmake: Install documentation in CMAKE_INSTALL_DOCDIR + + cmake: Remove non needed files in docs dir + + configure: move XML_PRIVATE_LIBS after WIN32_EXTRA_LIBADD is set + + Move local Autoconf macros into m4 directory + + Use XML_PRIVATE_LIBS in libxml2_la_LIBADD + + Update libxml-2.0-uninstalled.pc.in + + Remove LIBS from XML_PRIVATE_LIBS + + Add WIN32_EXTRA_LIBADD to XML_PRIVATE_LIBS + + Don't overlink executables + + cmake: Adjust paths for UNIX or UNIX-like target systems + + build: Make use of variables in libxml's pkg-config file + + Avoid obsolescent `test -a` constructs + + Move AM_MAINTAINER_MODE to AM section + + configure.ac: make AM_SILENT_RULES([yes]) unconditional + + Streamline documentation installation + + Don't try to recreate COPYING symlink + + Detect libm using libtool's macros + + configure.ac: disable static libraries by default + + python/Makefile.am: nest python docs in $(docdir) + + python/Makefile.am: rely on global AM_INIT_AUTOMAKE + + Makefile.am: install examples more idiomatically + + configure.ac: remove useless AC_SUBST + + Respect `--sysconfdir` in source files + + Ignore configure backup file created by recent autoreconf too + + Only install *.html and *.c example files + + Remove --with-html-dir option + + Rework documentation build system + + Remove old website + + Use AM_PATH_PYTHON/PKG_CHECK_MODULES for python bindings + + Update genChRanges.py + + Update build_glob.py + + Remove ICONV_CONST test + + Remove obsolete AC_HEADER checks + + Don't check for standard C89 library functions + + Don't check for standard C89 headers + + Remove special configuration for certain maintainers + * Test suite, CI + + Disable network in API tests + + testapi: remove leading slash from "/missing.xml" + + Build Autotools CI tests out of source tree (VPATH) + + Add --with-minimum build to CI tests + + Fix warnings when testing --with-minimum build + + cmake: Run all tests when threads are disabled + + Also build CI tests with -Werror + + Move doc/examples tests to new test suite + + Simplify 'make check' targets + + Fix schemas and relaxng tests + + Remove unused result files + + Allow missing result files in runtest + + Move regexp tests to runtest + + Move SVG tests to runtest.c + + Move testModule to new test suite + + Move testThreads to new test suite + + Remove major parts of old test suite + + Make testchar return an error on failure + + Add CI job for static build + + python/tests: open() relative to test scripts + + Port some test scripts to Python 3 + * Documentation + + Improve documentation of tree manipulation API + + Update xml2-config man page + + Consolidate man pages + + Rename xmlcatalog_man.xml + + Make examples a standalone HTML page + + Fix documentation in entities.c + + Add note about optimization flags + libzypp +- Resolver: Fix missing --[no]-recommends initialization in + update (fixes #openSUSE/zypper#459, bsc#1201972) +- Log ONLY_NAMESPACE_RECOMMENDED because this is what corresponds + to --[no]-recommends. +- version 17.31.2 (22) + +- UsrEtc: Store logrotate files in %{_distconfdir} if defined + (fixes #402) +- Log backtrace on SIGABRT too. +- Need to explicitly enable building experimental code. Otherwise + an old Notcurses++ package which happens to be present in the + buildenv breaks the build (fixes #412). +- Work around libyui/libyui#78 on code 15.4 and older. +- Stop using std::*ary_function; deprecated and removed in c++17. +- Don't expose header files which use types not available in + c++11. In 15.3 and older, YAST and PK compile with -std=c++11. +- Remove no longer needed %post code (bsc#1203649) +- Enable zck support for SLE15-SP4 and newer. On Leap it is enabled + since 15.1 (bsc#1189282) +- version 17.31.1 (22) + live555 +- update to 2022.10.01: + - Updated the previous revision so that the virtual function "specialHandlingOfAuthenticationFailure()" + is now called only if there is an actual authentication failure - not on the first time that + we send back a "401 Unauthorized" response. + - Added a new virtual function "specialHandlingOfAuthenticationFailure()" to "RTSPServer" to + allow a subclassed "RTSPServer" to take special action (e.g., statistics logging) + whenever an authentication failure occurs. + lvm2 +- dracut-initqueue timeouts with 5.3.18-150300.59.63 kernel on ppc64le (bsc#1199074) + - in lvm2.spec, change device_mapper_version from 1.02.185 to %{lvm2_version}_1.02.185 + +- lvm.conf should re-enable commented out option use_lvmlockd (bsc#1204219) + - re-enable "use_lvmlockd = 0" in lvm.conf + lvm2:devicemapper +- dracut-initqueue timeouts with 5.3.18-150300.59.63 kernel on ppc64le (bsc#1199074) + - in lvm2.spec, change device_mapper_version from 1.02.185 to %{lvm2_version}_1.02.185 + +- lvm.conf should re-enable commented out option use_lvmlockd (bsc#1204219) + - re-enable "use_lvmlockd = 0" in lvm.conf + manpages-l10n +- Add manpages-l10n-4.15.0-fix-links.patch: Fix incorrect links in + man2 (boo#1202798). + manufacturer-PPDs +- use grep -E instead of egrep to be compatible with newer grep versions + -- Add a line-feed to the end of all PPDs to fix those PPDs where - it is missing. See Novell/Suse Bugzilla bug #309832: - Unix/Linux text files must end with a line-feed. - Otherwise reading the last line results EOF and then some - programs may ignore the last line. - mariadb +- Update to 10.6.10: + https://mariadb.com/kb/en/library/mariadb-10610-release-notes + https://mariadb.com/kb/en/library/mariadb-10610-changelog + * fixes for the following security vulnerabilities: + 10.6.10: none + + CVE-2022-38791 (bsc#1202863) mcelog +- Includes following SLE 15 SP5 jira features: + * jsc#PED-671 mcelog: Update to latest release + * jsc#PED-686 [CPU Features] Update mcelog support for ADL-N + * jsc#PED-638 [CPU Features] Update mcelog support for MTL-P +- Update to version 189: + * mcelog: Add another Raptor Lake CPU model + * Fix generation of cputype files + * mcelog: Add missing model numbers for Broadwell and Raptorlake + * mcelog: Makefile: Only touch cputype.h if needed to create it + * Makefile: add install-nodoc target + * Use env as the shebang target + * Add missing dependencies for cputype include files + * mcelog: Reverse sens of check to call resolveaddr() + * mcelog: Reverse the sense of the check to set memory_error_support + * mcelog: Drop CASE_INTEL define + * mcelog: Generate cpu_choices[] from table + * mcelog: Generate the cputype_name[] array from the table + * mcelog: Add CPU model numbers to table and generate switch function + * mcelog: Generate CPU_* enums from a table + * mcelog: Add two more Alderlake model numbers + * mcelog: Reduce default threshold for corrected error page offline + * Make genconfig use python3 + * mcelog: Add support for Raptorlake + * Fix warnings in sysfs.c + * mcelog: Change "DDR4" string to "DDR" for i10nm platforms + * Fix logrotate syntax + * remove outdated mcelog.conf.5 manual file + * add furture print function for Python2 + * fix python errors in genconfig.py + * fix the buf not freed in read_field + * mcelog: Print warning for locked down kernel + * mcelog: Handle sysfs files without length +- Had to adopt to latest CPU identification model + mainline patch: + b54ee05056a76e mcelog: Drop CASE_INTEL define + and friends + A add_new_amd_cpu_defines + D add-defines.patch + M Start-consolidating-AMD-specific-stuff.patch + M add-f10h-support.patch + M add-f11h-support.patch + M add-f12h-support.patch + M add-f14h-support.patch + M add-f15h-support.patch + M add-f16h-support.patch + M email.patch + M fix_setgroups_missing_call.patch + metamail +- Update ot mimelang-0.3 + * Avoid to run on NULL if no UTF-8 marker is found + -- rename getline to my_getline to avoid conflict with function - from glibc - mosh +- Update to version 1.4.0: + * New features: + Support OSC 52 clipboard copy integration (Alex Cornejo) + Allow non-inserting prediction (--predict-overwrite) (John Hood) + Don't do prediction on large pastes into mosh-client (John Hood) + Add true color support (Kang Jianbin) + Add syslog logging of connections (Tom Judge) + If exec()ing the remote command fails, pause briefly (John Hood) + * Bug fixes: + ignore unknown renditions (Keith Winstein) + Overlays were getting set to the wrong colors (John Hood) + Fix issue with incorrect true-color background erase colors (John Hood) + Use HAVE_UTEMPTER instead of HAVE_UPTEMPTER (Michael Jarvis) + Apply latest consecutive resize, not earliest (Peter Edwards) + Use CLOCK_MONOTONIC_RAW when available (Harry Sintonen) + Add tmux and alacritty to title_term_types (Naïm Favier) + Don't sometimes hang just after launching ssh (Kalle Samuels) + * Internal changes: + Reformat printed strings in source (John Hood) + Code cleanups (John Hood, Anders Kaseorg, Benjamin Barenblat, Alex Chernyakhovsky) + Always use non-blocking sockets for recvmsg() (John Hood) + Add Perl compile (John Hood) + Improvements to the test suite (John Hood) + Fixes to autoconf configure (Anders Kaseorg) + Cleanups to our cryptography code (Benjamin Barenblat, Alex Chernyakhovsky) + * Infrastructure changes: + Add support for OCLint static checker (John Hood) + Switch from Travis-CI to Github Actions (Wolfgang E. Sanyer, Alex Chernyakhovsky) + Add code coverage and fuzzing infrastructure (Alex Chernyakhovsky) + multipath-tools +- Update to version 0.9.2+59+suse.ac8942d: + * Fix segfault in "multipath -t" command (boo#1204731) + +- Update to version 0.9.2+57+suse.cf3c1e9: + * Fix multipathd authorization bypass and symlink attack + (bsc#1202739 CVE-2022-41973 CVE-2022-41974) + * add multipath-dracut.conf: dracut config file to install + tmpfiles.d/multipath.conf in initramfs + * Use "queue_mode bio" for NVMeoF/TCP devices + * Upstream bug fixes and hwtable updates +- Drop recompress.service, it just slows down build + ntfs-3g_ntfsprogs +- Add patches to fix CVE-2022-40284 (bsc#1204734): + * ntfs-3g-CVE-2022-40284-0001-Rejected-zero-sized-runs.patch + * ntfs-3g-CVE-2022-40284-0002-Avoided-merging-runlists-with-no-runs.patch + openjpeg2 + openjpeg2-CVE-2018-20846.patch (CVE-2018-20846, bsc#1140205), + openjpeg2-CVE-2018-21010.patch (CVE-2018-21010, bsc#1149789), + openjpeg2-CVE-2020-27814.patch (CVE-2020-27814, bsc#1179594), + openjpeg2-CVE-2020-27824.patch (CVE-2020-27824, bsc#1179821), + openjpeg2-CVE-2020-27841.patch (CVE-2020-27841, bsc#1180042), + openjpeg2-CVE-2020-27842.patch (CVE-2020-27842, bsc#1180043), + openjpeg2-CVE-2020-27843.patch (CVE-2020-27843, bsc#1180044), + openjpeg2-CVE-2020-27845.patch (CVE-2020-27845, bsc#1180046). + +- Add security fixes: -- version 2.0.1 - - New Features: - * Digital Cinema profiles have been fixed and updated - * New option to disable MCT if needed - * extended RAW support: it is now possible to input raw images - with subsampled color components (422, 420, etc) - - API/ABI modifications: (see abi_compat_report_2.0.1.html in dev-utils/scripts) - * No changes, API/ABI fully compatible with 2.0.0 - - Misc: - * OpenJPEG is now officialy conformant with JPEG 2000 Part-1 - and will soon become official reference software at the - JPEG committee. - * Huge amount of bug fixes. See CHANGES for details. -- adjust library name - openssl-1_1 +- FIPS: Default to RFC-7919 groups for genparam and dhparam + * Add openssl-1_1-FIPS-default-RFC7919.patch [bsc#1180995] + +- FIPS: list only FIPS approved digest and public key algorithms + [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472] + * Add openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch + * Disabled test 15-test_ec.t in FIPS mode + +- FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069] + * Add openssl-1_1-fips-drbg-selftest.patch + +- FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293] + * The FIPS_drbg implementation is not FIPS validated anymore. To + provide backwards compatibility for applications that need FIPS + compliant RNG number generation and use FIPS_drbg_generate, + this function was re-wired to call the FIPS validated DRBG + instance instead through the RAND_bytes() call. + * Add openssl-1_1-FIPS_drbg-rewire.patch + +- Fix memory leaks introduced by openssl-1.1.1-fips.patch [bsc#1203046] + * Add patch openssl-1.1.1-fips-fix-memory-leaks.patch + +- FIPS: OpenSSL: Port openssl to use jitterentropy + [bsc#1202148, jsc#SLE-24941] + * Add openssl-1_1-jitterentropy-3.4.0.patch + * Add build dependency on jitterentropy-devel >= 3.4.0 and + libjitterentropy3 >= 3.4.0 + +- FIPS: OpenSSL Provide a service-level indicator [bsc#1190651] + * Add patches: + - openssl-1_1-ossl-sli-000-fix-build-error.patch + - openssl-1_1-ossl-sli-001-fix-faults-preventing-make-update.patch + - openssl-1_1-ossl-sli-002-ran-make-update.patch + - openssl-1_1-ossl-sli-003-add-sli.patch + +- FIPS: Add zeroization of temporary variables to the hmac integrity + function FIPSCHECK_verify(). [bsc#1190653] + * Add openssl-1_1-Zeroization.patch + opensuse-welcome +- Update to version 0.1.9+git.0.66be0d8: + * fix: it's called Plasma + * fix: make openSUSE welcome work again (boo#1194380) + * fix: undead the URLs to Telegram groups + * Translation updates + ovmf +- Update to edk2-stable202208 (jsc#PED-1410) + - Features (https://github.com/tianocore/edk2/releases): + Add CRC16 and CRC32C to MdePkg + IntelFsp2Pkg/ConfigEditor: Support FSP 2.3 header + Extend SecureBootVariableLib interfaces + UEFI HTTPS Boot Support for HTTP Client Authentication (Basic or Digest) + Support 64bit FspResetType for X64 build + IntelFsp2Pkg/FspSecCore: Add FSP-I entry for SMM support + Add PCI_DEVICE_PPI definition to EDK2 + Support to assign the subject name to sign the capsule file + - Patches (git log --oneline --reverse edk2-stable202205..edk2-stable202208): + 7f0890776e MdeModulePkg/UniversalPayload: Align Identifier value with UPL spec + b4be5f05dd UefiPayloadPkg: Align Identifier value with UPL spec + dac2fc8146 UefiPayloadPkg: Align SpecRevision value with UPL spec + 3ca7326b37 OvmfPkg/VirtioGpuDxe: replace struct copy with CopyMem call + fa2b212d61 IntelFsp2Pkg: Add FSP 2.3 header support + 11d8abcba2 IntelFsp2Pkg: FSP_TEMP_RAM_INIT call must follow X64 Calling Convention + df1c7e91b4 IntelFsp2WrapperPkg: FSP_TEMP_RAM_INIT call for X64 Calling Convention + 62044aa99b OvmfPkg/ResetVector: Removing SEV-ES CPUID bit check + 54cd0d9b2f OvmfPkg: Fix TDVMCALL error in ApRunLoop.nasm + 64706ef761 OvmfPkg: Search EFI_RESOURCE_MEMORY_UNACCEPTED for Fw hoblist + 81ab97b7b9 OvmfPkg/AmdSev: remove unused SMM bits from .dsc and .fdf files + 0223898f3e OvmfPkg/Microvm: drop CODE and VARS files + b57911c84c OvmfPkg/FdtPciHostBridgeLib: io range is not mandatory + 47f44097eb OvmfPkg/Platform: unfix PcdPciExpressBaseAddress + ad3bafa7d5 OvmfPkg/Microvm/pcie: no vbeshim please + bd10d4e201 OvmfPkg/Microvm/pcie: mPhysMemAddressWidth tweak + 632574ced1 OvmfPkg/Microvm/pcie: add pcie support + 5c9f151e0c OvmfPkg: CloudHv: Fix FW_BASE_ADDRESS + 43f3cfce19 OvmfPkg: Check for QemuFwCfg availability before accessing it + 3129ed374c OvmfPkg: CloudHv: Rely on QemuFwCfgLibNull implementation + bf25f27e00 OvmfPkg: Don't access A20 gate register on Cloud Hypervisor + 72c5afd0b4 Security: Add HashLibTdx + b1567b2e15 CryptoPkg: Add SecCryptLib + dc443e4437 SecurityPkg: Add definition of EFI_CC_EVENT_HOB_GUID + a708536dce OvmfPkg: Introduce SecMeasurementLib + 4b0a622635 OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV + ac03c339de OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table + f8264e1303 MdePkg: Define CC Measure EventLog ACPI Table + 57a6ee3461 OvmfPkg/IntelTdx: Add TdTcg2Dxe + 0a4019ec9d OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot + 0b36dea3f8 BaseTools: Fix dependency issue in PcdValueInit + 4f89e4b3e8 .pytool: UncrustifyCheck: Set IgnoreFiles path relative to package path + 2818fda9bc Security: Add SecTpmMeasurementLibTdx + ff0ffe5999 OvmfPkg: Implement MeasureHobList/MeasureFvImage + a81a650da1 OvmfPkg: Delete SecMeasurementLibTdx + ff36b2550f OvmfPkg/Sec: fix stack switch + 21a9b605b8 CpuException: Avoid allocating code pages for DXE instance + 34d505123e CpuException: Init global variables in-place + 2fbc5ff0a5 CpuException: Avoid allocating page but using global variables + 2a09527ebc CpuException: Remove InitializeCpuInterruptHandlers + e7abb94d1f CpuException: Add InitializeSeparateExceptionStacks + 54aeed7e00 MpInitLib: Allocate code buffer for PEI phase + 76323c3145 MpInitLib: remove unneeded global ASM_PFX + b4d7b9d2b5 MpInitLib: Put SEV logic in separate file + 283ab9437a MpInitLib: Only allocate below 1MB memory for 16bit code + ccc269756f MpInitLib: Move the Above1Mb vector allocation to MpInitLibInitialize + f0b97e165e Revert "OvmfPkg/Sec: fix stack switch" + b09ada6edc MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c + 92288f4334 MdePkg/BaseLib: Add CRC16-ANSI and CRC32c implementations + e2ae0bed29 ArmPkg/ArmExceptionLib: Follow new CpuExceptionHandlerLib APIs + 6676162f64 DxeMain: Fix the bug that StackGuard is not enabled + 16d97fa601 OvmfPkg: Use PcdOvmfWorkAreaBase instead of PcdSevEsWorkAreaBase + 05e57cc9ce SecurityPkg/HashLibTdx: Return EFI_UNSUPPORTED if it is not Tdx guest + 92ab049719 BaseTools: output the intermediate library instance when error occurs + cc2db6ebfb UefiPayloadPkg: Increase the PcdMaximumUnicodeStringLength + e8034b534a UefiPayloadPkg: Always split page table entry to 4K if it covers stack. + cfe165140a UefiPayloadPkg: UniversalPayloadBuild.py to support --pcd feature + b97243dea3 MdeModulePkg/XhciDxe: Check return value of XHC_PAGESIZE register + 3930d1791a ArmPlatformPkg: Remove overly verbose DEBUG lines in LcdGraphicsBlt + aa1bce0e5e OvmfPkg: reduce the number of dsc include files for tpm libs + 6c9f218bc0 OvmfPkg/Library: Create base HardwareInfoLib for PCI Host Bridges + 2b1a5b8c61 Ovmf/HardwareInfoLib: Create Pei lib to parse directly from fw-cfg + a1bd79c514 Ovmf/HardwareInfoLib: Add Dxe lib to dynamically parse heterogenous data + 3497fd5c26 Ovmf/PlatformPei: Use host-provided GPA end if available + 3f5b1b9132 OvmfPkg/PciHostBridgeUtilityLib: Initialize RootBridges apertures with spec + f304308e1c ArmPlatformPkg: Add PCD for serial debug port interrupt + 4bfd668e5e UefiCpuPkg: CpuDxe: Set RW and P Attributes on Split Pages + 2aee08c0b6 UefiPayloadPkg: Backward support with python 3.6 + 8f0722434b ArmVirtPkg: Include DxeHardwareInfoLib library class in dsc + 15b25045e6 Ovmf: Include HardwareInfoLib library classes for IntelTdx + b600f253b3 BaseTools/Ecc: Fix grammar in Ecc error message + 7f4eca4cc2 MdeModulePkg/XhciDxe: Add access xHCI Extended Capabilities Pointer + 5914128871 BaseTools: Fix the GenMake bug for .cpp source file + c13377153f MdePkg/Acpi62: Add type 7 NFIT Platform Capabilities Structure support + 21e6ef7522 UefiPayloadPkg: Align Attribute value with UPL spec + 8d0564deaf pip-requirements.txt: Update basetools version to 0.1.24 + f966093f5b OvmfPkg/PlatformCI: add IntelTdxBuild.py + 70586d4e3a MdePkg/Acpi62: Add bit definitions to NFIT Platform Capabilities Structure + 7861b24dc9 ArmPkg/Drivers: ArmGicIsInterruptEnabled returns incorrect value + e1eef3a8b0 NetworkPkg: Add Wi-Fi Wpa3 support in WifiConnectManager + 134fbd552c SecurityPkg: UefiSecureBoot: Definitions of cert and payload structures + d6bee54c45 SecurityPkg: PlatformPKProtectionLib: Added PK protection interface + 56c717aafa SecurityPkg: SecureBootVariableLib: Updated time based payload creator + 6de7c084db SecurityPkg: SecureBootVariableLib: Updated signature list creator + 6eb4079475 SecurityPkg: SecureBootVariableLib: Added newly supported interfaces + fe73e9cd89 SecurityPkg: SecureBootVariableProvisionLib: Updated implementation + d2a0f379d5 SecurityPkg: Secure Boot Drivers: Added common header files + 5678ebb42b SecurityPkg: SecureBootConfigDxe: Updated invocation pattern + dbc4e3675f SecurityPkg: SecureBootVariableLib: Added unit tests + 152e37cc5a OvmfPkg: Pipeline: Resolve SecureBootVariableLib dependency + f193b945ea EmulatorPkg: Pipeline: Resolve SecureBootVariableLib dependency + 9ab18fec82 StandaloneMmPkg: Fix issue about SpPcpuSharedBufSize field + 31d3eeb103 StandaloneMmPkg: Replace DEBUG_INFO with DEBUG_ERROR + 5496c763aa StandaloneMmPkg: Fix check buffer address failed issue from TF-A + e93bc6309b UefiCpuPkg/SecCore: Add debug messages to illuminate data flow + 86a0f84470 ArmVirtPkg: Pipeline: Resolving newly introduced dependency + c8e30482fd .gitignore: Ignore build tools build logs + f6f3cc7ead UefiPayloadPkg: Add CryptoDxe driver to UefiPayload + 12dd064a18 MdePkg/include: Update DMAR definitions to Intel VT-d spec ver4.0 + 9ab389c01b UefiCpuPkg: Update SEC_IDT_TABLE struct + 470206ba7f IntelFsp2Pkg: Update SEC_IDT_TABLE struct + 0d23c447d6 DynamicTablesPkg: Add support to specify FADT minor revision + 07c8e5e59b UefiPayloadPkg/PlatformBootManagerLib: Evenly space boot prompt + 176016387f BaseTools: add '-p' for Linux 'cp' command. + 039bdb4d3e BaseTools: Fix DSC LibraryClass precedence rule + fc4a132c0e DynamicTables: Fix DT PCI interrupt flags parsing + 792ebb6374 DynamicTablesPkg: Fix generated _HID value for SBSA + c966204049 IntelFsp2Pkg: Add Definition of EDKII_PEI_VARIABLE_PPI + 586b4a104b Maintainers.txt: Add IntelFsp2*Pkg Maintainer + e18a5f813c Maintainers.txt: Update Maintainers/reviewers for UefiPayloadPkg + e21b203911 UefiPayloadPkg: Add macro to support selective driver in UPL + f0064ac3af Maintainers.txt: Update email address + 6cda306da1 DynamicTablesPkg: AcpiSsdtPcieLibArm: Correct translation value + 9ac155bf0b DynamicTablesPkg: AcpiSsdtPcieLibArm: Support UID > 0xF + 19a8768365 DynamicTablesPkg: AcpiSsdtPcieLibArm: Create support library + 671b0cea51 NetworkPkg/HttpBootDxe: Add Support for HTTP Boot Basic Authentication + 140446cd59 IntelFsp2Pkg: Support 64bit FspResetType for X64 build. + 24eac4caf3 IntelFsp2WrapperPkg: Support 64bit FspResetType for X64 build. + 4824924377 IntelFsp2Pkg/FspSecCore: Add FSP-I API for SMM support. + 3b8cee1781 Maintainers.txt: update Gary's email address + 7ef91af84c EmulatorPkg/PosixFileSystem: Add NULL check on memory allocation + 494f333aba MdeModulePkg/CoreDxe: Allow DXE Drivers to use untested memory + 343f37b5c0 MdeModulePkg/SetupBrowserDxe:Follow spec'd way to reconnect driver + c8af26627a ArmPkg/CpuDxe: drop ARM_PROCESSOR_TABLE pseudo-ACPI table + 5a3641bfcd IntelFsp2Pkg: Add FSPI_ARCH_UPD. + bf1ff540d9 MdePkg/UefiDevicePathLib: Add support for PEIMs + 6964b5c48c MdeModulePkg/Include: Long debug string is truncated to 104 char + d32a84b5ad BaseTools: INF should use latest Pcd value instead of default value + 8ee26529d1 BaseTools/VolInfo: Correct alignment attributes display + c0b7679aac BaseTools/VolInfo: Increase define for highest section value + fca5de51e1 BaseTools/VolInfo: Correct EFI_SECTION_VERSION display + 8a5782d704 UefiCpuPkg: Fix nasm warning "signed byte value exceeds" + a47241f133 UefiPayloadPkg: Add macro to support selection of CryptoDxe driver + 69f76d0f72 Maintainers.txt: Remove OvmfPkg/XenTimerDxe reference + a8c4fe23c4 Maintainers.txt: Add missing github ids + 7f1c89f167 Maintainers.txt: Remove reviewer Harry Han + b68d566439 BaseTools/Capsule: Support signtool input subject name to sign capsule file + e3d468acb9 BaseTools/VolInfo: Show encapsulation sections + 2677286307 UefiPayloadPkg: Fix RelaAddress type always mismatch in if condition + f26b70cb9f UefiPayloadPkg: Add support for logging to CBMEM console + 57783adfb5 OvmfPkg: Change default to disable MptScsi and PvScsi + 1774a44ad9 Maintainers.txt: Remove MptScsi and PvScsi reviewers + 0e7add1d75 OvmfPkg/XenHypercallLib: Fix naming of AArch64 + 3eca64f157 IntelFsp2Pkg: FSPI_UPD is not mandatory. + 0d0bfcb457 IntelFsp2Pkg: Fix GenCfgOpt bug for FSPI_UPD support. + 8a210b9ac0 ShellPkg: Acpiview: Abbreviate field names to preserve alignment + 65c4f3f2be DynamicTablesPkg: Handle error when IdMappingToken is NULL + f5cea604a6 DynamicTablesPkg: IORT set reference to Id array only if present + 238f903e8d DynamicTablesPkg: IORT set reference to interrupt array if present + 4c55f6394f MdePkg: IORT header update for IORT Rev E.d spec + cd67efa1b2 ShellPkg: Acpiview: IORT parser update for IORT Rev E.d spec + de200b7e2c DynamicTablesPkg: Update ArmNameSpaceObjects for IORT Rev E.d + e9150618ec DynamicTablesPkg: IORT generator updates for Rev E.d spec + 6f4e10d6db SecurityPkg: Add retry mechanism for tpm command + 19cbfaa431 OvmfPkg/QemuVideoDxe: Zero out PixelInformation in QueryMode + a551de0d93 ArmVirtPkg: Fix KVM Guest Firmware + 0dc9b78a46 Maintainers.txt: Add missing Github IDs for OvmfPkg TPM/TGC modules + d219119721 UefiPayloadPkg/PlatformBootManagerLib: Correct spacing in boot prompt + 79aab22fca UefiPayloadPkg: Add a Macro to enable Boot Logo + 444260d45e UefiPayloadPkg: Load Boot Logo into ACPI table + 86757f0b47 MdeModulePkg: Add EDKII_PCI_DEVICE_PPI definition + a8f59e2eb4 MdeModulePkg/AhciPei: Use PCI_DEVICE_PPI to manage AHCI device + 3e599bbc10 DynamicTablesPkg: Fix using RmrNodeCount unitlitialised + a0a03b5154 BaseTools/GenSec: Fix typo + f5f8c08db9 BaseTools/VolInfo: Show FV section boundaries + d241a09afb BaseTools/VolInfo: Parse EFI_SECTION_FREEFORM_SUBTYPE_GUID header + cf02322c98 BaseTools/GenSec: Support EFI_SECTION_FREEFORM_SUBTYPE_GUID sections + 1ee1622817 Basetools/GenFw: Allow AARCH64 builds to use the --prm flag + 9f197e44b1 PrmPkg: Enable external visibility on PRM symbols + 21200d9fe6 PrmPkg: Build Prm Samples with GCC for AARCH64 + 57faeb782a PrmPkg: Support AArch64 builds using GCC + 1da2012d93 PrmPkg: Add details on AArch64 build to the Readme. + 0f7bccf584 UefiCpuPkg: Simplify InitializeSeparateExceptionStacks + 9a24c3546e MdeModulePkg: Move CPU_EXCEPTION_INIT_DATA to UefiCpuPkg + f1688ec9da UefiCpuPkg: Simplify the struct definition of CPU_EXCEPTION_INIT_DATA + 75e3c2435c UefiCpuPkg: Create CpuPageTableLib for manipulating X86 paging structs + f336e30ba1 UefiCpuPkg/CpuPageTableLib: Return error on invalid parameters + bf334513b3 CpuPageTableLib: Fix a bug when a bit is 1 in Attribute, 0 in Mask + 13a0471bfd CpuPageTableLib: Refactor the logic + 9cb8974f06 CpuPageTableLib: Split the page entry when LA is aligned but PA is not + c16f02f776 CpuPageTableLib: Avoid treating non-leaf entry as leaf one + f4c845e46b CpuPageTableLib: Fix parent attributes are not inherited properly + 9f53fd4ba7 CpuPageTableLib: Fix a bug to avoid unnecessary changing to page table + 927113c83b CpuPageTableLib: Fix bug that wrongly requires extra size for mapping + e9e2ecab2d CpuPageTableLib: define IA32_PAGE_LEVEL enum type internally + e76496530c MdePkg/Library/UefiDevicePathLib: Add back StandaloneMm INF file + bd06717863 MdeModulePkg: Enhance bus scan for all root bridge instances + 74f44d920a ShellPkg/SmbiosView: Display extended memory info in smbiosview -t 17 + 83d5871184 UefiCpuPkg/PiSmmCpuDxeSmm: Add a new mIsShadowStack flag + 7b4754904e UefiCpuPkg/PiSmmCpuDxeSmm: Remove mInternalCr3 in PiSmmCpuDxeSmm + 62391b4ce9 MdeModulePkg/DxeIpl: Remove clearing CR0.WP when protecting pagetable + 803ed060ee UefiPayloadPkg: Remove clearing CR0.WP when protecting pagetable + a2b61de2f6 IntelFsp2Pkg: FSPM_ARCH2_UPD mismatching bug. + 809b5a3d2a MdeModulePkg: Update the SMBIOS version by UPL + 2812668bfc UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test + 30d62f5e31 OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments + b94836b224 OvmfPkg/VirtioGpuDxe: Check QueryMode arguments + 3f282f4510 OvmfPkg/VirtioFsDxe: Check GetDriverName arguments + 64a20bea97 MdeModulePkg/DumpDynPcd: Remove unsupported format specifiers + 9102518d29 MdePkg: Improved Smbios Type9 table and Smbios spec v3.5.0 Changes + 35d167ef3c ShellPkg: Improved Smbios Type 9 table changes in PrintInfo.c + 68bf712d4f MdePkg: Added support for SMBIOS spec v3.6.0 to Smbios.h + e2ac68a23b BaseTools/Source/C/GenSec: Fix EFI_SECTION_FREEFORM_SUBTYPE_GUID header + d5fd86f256 ShellPkg: Adds Local APIC parser to AcpiView + 2bb0020675 UefiPayloadPkg: Return PciRootBridges instead of NULL + c15c9fa420 UefiPayloadPkg: Add macro to control NvmExpressDxe + 938430741f RedfishPkg/RedfishDiscoverDxe: USB Redfish host interface is not supported + eebef1b3b7 RedfishPkg: Redfish modules may need to use the functions which are private + f2bf043aaa RedfishPkg: Redfish functions for REST requests are not fully spec complied + dfdba857a6 UefiPayloadPkg: Fix Coverity report defect + 4d83ee04f4 ShellPkg: Add revision check for DSDT Header on Arm + 0ede7cad73 Maintainers.txt: Update maintainers list + 722e03bc2e Revert "UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test" + 166c49c212 Revert "ShellPkg: Adds Local APIC parser to AcpiView" + 39ff9769ca Revert "BaseTools: Fix DSC LibraryClass precedence rule" + ba0e0e4c6a BaseTools: Fix DevicePath GNUmakefile for macOS + - Respin the following patches: + ovmf-Revert-UefiCpuPkg-Replace-Opcode-with-the-correspond.patch + +- Add patches to disable option ROM on sev (bsc#1199156) + ovmf-bsc1199156-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch + package-update-indicator +- Update to version 8: + * Add setting to disable preferences widgets + * Fix typos and improve German translations + * Add new setting to hide indicator menu items + * Add new setting "always-active" + * Add Brazilian Portugese translations + * Add Dutch translations + * Do not hardcode pkg-config + * Fix desktop files + * Remove translated icon names + * Add Spanish translations +- remove obsolete patch + org.guido-berhoerster.code.package-update-indicator.desktop.in.patch +- Changes by Mihai Moldovan : + * Update copyright notice. + * Add properly extracted license. + * Check destroot with fdupes for good measure. + * Make some dependencies more explicit and remove duplicate + ones (xsltproc vs. libxml2-tools). + * Add glib gsettings schemas macros. + * Reflow description to 67 characters. + * Use more (single) quotes. + * Re-sort files list alphabetically, use %{name} to avoid + redundancy. + perl-Image-ExifTool +- Update to version 12.45: + * Added new IPTC Video Metadata version 1.3 tags + * Added a couple of new Canon lenses (thanks Norbert Wasser) + * Added a new Sony LensType (thanks Jos Roost) + * Added known Unknown value for IPTC ChromaticityColorant (thanks Herb) + * Added new Nikon WhiteBalanceFineTune tag (thanks Milos Komarcevic) + * Extract the raw thermal data from all frames of a SEQ file when -ee2 is used + * Decode individual tags in QuickTime ColorRepresentation + * Decode a new Matroska tag + * Improved verbose "nothing changed" messages when writing + * Patched -ee option to extract metadata after the first Cluster in MKV videos + (previously only -U and -v did this) + * Patched to differentiate Java bytecode .class files from Mach-O fat binaries + * Patched to avoid "Use of uninitialized value" warning when deleting GPS + coordinates via the newly writable Composite tags + * Patched to avoid duplicating raw data when writing Sony ARW images where the + raw data is double-referenced as both strips and tiles (affects ARW images + from some newer models like the ILCE-1 when SonyRawFileType is "Lossless + Compressed RAW 2") + * Patched to avoid "fixing" the order of IFD entries in TIFF-based RAW files + to improve compatibility with some RAW viewers + * Minor change to Composite FileNumber to remove "-" when -n is used + * Fixed problem extracting some timed metadata when "-api ignoretags=all" was + used with "-api requesttags" to request the specific information + * Fixed -validate feature to avoid incorrectly warning about non-capitalized + boolean values in XMP + permissions + * permissions for enlightenment helper on 32bit arches (bsc#1194047) + +- Update to version 20201225: + * fix regression introduced by backport of security fix (bsc#1203911) + +- Update to version 20201225: polkit -- CVE-2021-4115: fixed a denial of service via file descriptor leak (bsc#1195542) - added CVE-2021-4115.patch +- obsolete libpolkit0 also from baselibs. -- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568) - added CVE-2021-4034-pkexec-fix.patch +- Update to version 121: + + Addition of duktape as a JS engine backend. + + Other small fixes and improvements. For more details, visit: + gitlab.freedesktop.org/polkit/polkit/-/blob/121/NEWS.md + + Updated translations. +- Drop merged-upstream patches: + + CVE-2021-4034-pkexec-fix.patch; + + 0001-CVE-2021-4115-GHSL-2021-077-fix.patch; + + duktape-support.patch; + + pkexec.patch. +- Replace Intltool with Gettext as a build requirement following + the migration from last release (0.120). +- Add Meson as a build requirement while dropping Libtool and + replace all Autotools macros with Meson ones. And pass the + following options to Meson: session_tracking=libsystemd-login; + systemdsystemunitdir=%{_unitdir}; os_type=suse; + pam_module_dir=%{_pam_moduledir}; pam_prefix=%{_pam_vendordir}; + examples=true; tests=true; gtk_doc=true; man=true and + js_engine=duktape. +- Drop no longer needed Libtool as a build requirement, following + Autotools replacement. +- Add explicit pkgconfig module build requirements for glib-2.0 and + gobject-2.0 that are searched by the build scripts. They were + already being pulled by their siblings [pkgconfig(gio-2.0) and + pkgconfig(gio-unix-2.0)]. +- Drop conditional macro, which was wrapping "BuildArch: noarch" + for the doc subpackage, based on long gone EOLed (open)SUSE + release (11.2). +- Add missing 'Requires(post): permissions' for the pkexec + subpackage. +- Add python3-dbus-python and python3-python-dbusmock as build + requirements in order to run test in the check section. +- Add polkit-fix-pam-prefix.patch to use the value of pam_prefix + Meson option, like it was designed to, rather than hard-coded + path for pam configuration files. +- Remove unneeded executable bit from 50-default.rules file. + +- Use %_pam_vendordir + +- add split-provides for polkit:/usr/bin/pkexec. (bsc#1202070) + +- split out pkexec into seperate package to make system hardening + easier (to avoid installing it jsc#PED-132 jsc#PED-148). + +- Fixed denial of service via file descriptor leak (bsc#1195542 CVE-2021-4115) + 0001-CVE-2021-4115-GHSL-2021-077-fix.patch + +- Switch from mozjs to duktape: + * Add duktape-support.patch + +- Fixed pkexec Local Privilege Escalation aka pwnkit (CVE-2021-4034 bsc#1194568) + CVE-2021-4034-pkexec-fix.patch + +- update to 0.120: + * transition from Intltool to gettext + * several tarball, meson and pipeline fixups + * Portuguese translation + * Romanian translation + * meson build system added + * CVE-2021-3560 mitigation + * properties in text listener + * typos fixups + * Update Hungarian translation +- drop CVE-2021-3560.patch (upstream) + +- fork libpolkit0 package into libpolkit-agent-1-0 and libpolkit-gobject-1-0 + as mandated. bsc#1191781 + +- Change to using systemd-sysusers +- Remove unneeded shadow dependency, no longer required due to + systemd-sysusers +- Fix 50-default.rules file-parent-ownership-mismatch warning +- Remove --with-pic, no effect with --disable-static + +- Move /etc/polkit-1/rules.d/50-default.rules to + /usr/share/polkit-1/rules.d/50-default.rules. The first location + is only for admin changes. +- Move /etc/dbus-1/system.d to /usr/share/dbus-1/system.d, the + first location is only for admin changes +- Move pam configuration to /usr/etc/pam.d + +- also set libprivdir during build, otherwhise systemd and D-Bus service files + contain the wrong path and we'll get runtime errors. + +- Update to version 0.118: + + Updated dependency to mozjs78. + + Tarball fixes. +- Replace pkgconfig(mozjs-68) for pkgconfig(mozjs-78) + BuildRequires following upstreams port. + +- Update to version 0.117: + + Activated Gitlab CI. + + Updated dependency to mozjs68. + + Memory management fixes. + + Updated translations. +- Replace pkgconfig(mozjs-60) for pkgconfig(mozjs-68) + BuildRequires following upstreams port. + pragha +- Bump gupnp version requirement to fix Tumbleweed build + python-lxml -- add CVE-2022-2309.patch (bsc#1201253, CVE-2022-2309) +- Update BR for libxml2-devel to the current version. +- Add missing BR for python-base. -- With the new update to 4.7.1, the old Bugzilla entries are also - fixed: - - bsc#1118088 (related to CVE-2018-19787) - - bsc#1184177 (related to CVE-2021-28957) -- Update to 4.7.1 (officially released 2021-12-13) - Features added - - Chunked Unicode string parsing via parser.feed() now encodes the input - data to the native UTF-8 encoding directly, instead of going through - Py_UNICODE / wchar_t encoding first, which previously required duplicate - recoding in most cases. - Bugs fixed - - The standard namespace prefixes were mishandled during "C14N2" - serialisation - on Python 3. - See - https://mail.python.org/archives/list/lxml@python.org/thread/ - 6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/ - - lxml.objectify previously accepted non-XML numbers with underscores - (like "1_000") as integers or float values in Python 3.6 and later. - It now adheres to the number format of the XML spec again. - - LP#1939031: Static wheels of lxml now contain the header files of zlib - and libiconv (in addition to the already provided headers of - libxml2/libxslt/libexslt). - Other changes - - Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows). -- Update to 4.7.0 (2021-12-13) - - Release retracted due to missing files in lxml/includes/. -- UPdate to 4.6.5 (2021-12-12) - Bugs fixed - - A vulnerability (GHSL-2021-1038) in the HTML cleaner - - allowed sneaking script content through SVG images - - (bnc#1193752, CVE-2021-43818). - - A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed - - sneaking script content through CSS imports and other crafted - - constructs (CVE-2021-43818). -- Update 4.6.4 (2021-11-01) - Features added - - GH#317: A new property system_url was added to DTD entities. - - Patch by Thirdegree. - - GH#314: The STATIC_* variables in setup.py can now be passed - - via env vars. - - Patch by Isaac Jurado. -- Update 4.6.3 (2021-03-21) - Bugs fixed - - A vulnerability (CVE-2021-28957) was discovered in the HTML - - Cleaner by Kevin Chung, which allowed JavaScript to pass through. - - The cleaner now removes the HTML5 formaction attribute. -- Update 4.6.2 (2020-11-26) - Bugs fixed - - A vulnerability (bnc#1179534, CVE-2020-27783) was discovered in the HTML - Cleaner - - by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner - - now removes more sneaky "style" content. -- Update 4.6.1 (2020-10-18) - Bugs fixed - - A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, - - which allowed JavaScript to pass through. The cleaner now removes - - more sneaky "style" content. -- Update 4.6.0 (2020-10-17) - Features added - - GH#310: lxml.html.InputGetter supports __len__() to count the number - - of input fields. Patch by Aidan Woolley. - - lxml.html.InputGetter has a new .items() method to ease processing - - all input fields. - - lxml.html.InputGetter.keys() now returns the field names in document - - order. - - GH-309: The API documentation is now generated using sphinx-apidoc. - - Patch by Chris Mayo. - Bugs fixed - - LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes - - when a default namespace was defined. - - TreeBuilder.close() raised AssertionError in some error cases where - - it should have raised XMLSyntaxError. It now raises a combined - - exception to keep up backwards compatibility, while switching to - - XMLSyntaxError as an interface. -- Update 4.5.2 (2020-07-09) - Bugs fixed - - Cleaner() now validates that only known configuration options - - can be set. - - LP#1882606: Cleaner.clean_html() discarded comments and PIs - - regardless of the corresponding configuration option, if - - remove_unknown_tags was set. - - LP#1880251: Instead of globally overwriting the document loader - - in libxml2, lxml now sets it per parser run, which improves the - - interoperability with other users of libxml2 such as libxmlsec. - - LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21. - - The setup options "--with-xml2-config" and "--with-xslt-config" - - were accidentally renamed to "--xml2-config" and "--xslt-config" - - in 4.5.1 and are now available again. -- Update 4.5.1 (2020-05-19) - Bugs fixed - - LP#1570388: Fix failures when serialising documents larger than - - 2GB in some cases. - - LP#1865141, GH#298: QName values were not accepted by the - - el.iter() method. Patch by xmo-odoo. - - LP#1863413, GH#297: The build failed to detect libraries on Linux - - that are only configured via pkg-config. Patch by Hugh McMaster. -- Update 4.5.0 (2020-01-29) - Features added - - A new function indent() was added to insert tail whitespace for - - pretty-printing an XML tree. - Bugs fixed - - LP#1857794: Tail text of nodes that get removed from a document - using item deletion disappeared silently instead of sticking with - the node that was removed. - Other changes - - MacOS builds are 64-bit-only by default. Set CFLAGS and LDFLAGS - explicitly to override it. - - Linux/MacOS Binary wheels now use libxml2 2.9.10 and libxslt 1.1.34. - - LP#1840234: The package version number is now available as - lxml.__version__. -- Update 4.4.3 (2020-01-28) - Bugs fixed - - LP#1844674: itertext() was missing tail text of comments and PIs - since 4.4.0. +- update to version 4.9.1 (bsc#1201253, CVE-2022-2309): + * Bugs fixed + + A crash was resolved when using iterwalk() (or canonicalize()) + after parsing certain incorrect input. Note that iterwalk() can + crash on valid input parsed with the same parser after failing + to parse the incorrect input. + +- update to 4.9.0: + * The mixin inheritance order in ``lxml.html`` was corrected. + * Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12. + +- update to 4.8.0: + * GH#337: Path-like objects are now supported throughout the API instead of + just strings. + * The ``ElementMaker`` now supports ``QName`` values as tags, which always + override the default namespace of the factory. + * GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in + lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively. + * Built with Cython 0.29.28. + +- update to 4.7.1: + * Chunked Unicode string parsing via ``parser.feed()`` now encodes the input data + to the native UTF-8 encoding directly, instead of going through ``Py_UNICODE`` / + ``wchar_t`` encoding first, which previously required duplicate recoding in most cases. + * The standard namespace prefixes were mishandled during "C14N2" serialisation on Python 3. + * ``lxml.objectify`` previously accepted non-XML numbers with underscores (like "1_000") + as integers or float values in Python 3.6 and later. It now adheres to the number + format of the XML spec again. + * LP#1939031: Static wheels of lxml now contain the header files of zlib and libiconv + (in addition to the already provided headers of libxml2/libxslt/libexslt). + * Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows). + +- update to 4.6.5 (bsc#1193752, CVE-2021-43818): + * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script + content through SVG images. + * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script + content through CSS imports and other crafted constructs. + +- update to 4.6.4: + * A new property ``system_url`` was added to DTD entities. + * The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars. +- remove python-lxml-test_etree.patch (upstream) + +- Add missing dependency on python-base for the devel subpackage. + +- Adapt test_etree.py to a behavioural change in libxml2 2.9.11+ + * Add python-lxml-test_etree.patch + +- update to 4.6.3: + * A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, + which allowed JavaScript to pass through. The cleaner now removes the HTML5 + ``formaction`` attribute. (bsc#1184177) + +- update to 4.6.2: + * A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry, + which allowed JavaScript to pass through. The cleaner now removes more sneaky + "style" content. (bsc#1179534) + * A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed + JavaScript to pass through. The cleaner now removes more sneaky "style" content. + * GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields. + Patch by Aidan Woolley. + * ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields. + * ``lxml.html.InputGetter.keys()`` now returns the field names in document order. + * GH-309: The API documentation is now generated using ``sphinx-apidoc``. + * LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes + when a default namespace was defined. + * ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it + should have raised ``XMLSyntaxError``. It now raises a combined exception to + keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an + interface. + +- update to 4.5.2: + * ``Cleaner()`` now validates that only known configuration options can be set. + * LP#1882606: ``Cleaner.clean_html()`` discarded comments and PIs regardless of the + corresponding configuration option, if ``remove_unknown_tags`` was set. + * LP#1880251: Instead of globally overwriting the document loader in libxml2, lxml now + sets it per parser run, which improves the interoperability with other users of libxml2 + such as libxmlsec. + * LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21. + * The setup options "--with-xml2-config" and "--with-xslt-config" were accidentally renamed + to "--xml2-config" and "--xslt-config" in 4.5.1 and are now available again. + +- Update to 4.5.1 + * LP#1570388: Fix failures when serialising documents larger + than 2GB in some cases. + * LP#1865141, GH#298: QName values were not accepted by the + el.iter() method. Patch by xmo-odoo. + * LP#1863413, GH#297: The build failed to detect libraries on + Linux that are only configured via pkg-config. + +- Remove explicit Provides of python-doc, which is just wrong. + +- update to 4.5.0 + * A new function indent() was added to insert tail whitespace + for pretty-printing an XML tree. + * LP#1857794 Tail text of nodes that get removed from a document + using item deletion disappeared silently instead of sticking with the node + that was removed. + * LP#1840234: The package version number is now available as lxml.__version__ - Security problem found by Omar Eissa. + Security problem found by Omar Eissa. (CVE-2018-19787, bsc#1118088) qemu +- qtests test are not realiable when run inside OBS builders, so + let's disable that part of the testsuite for now. There is work + ongoing to run it somewhere else (on dedicated hosts) to avoid + loosing coverage. (bsc#1204566) + +- Improve dependency handling (e.g., what's recommended vs. what's + required. +- Add a subpackage (qemu-headless) that brings in all the packages + that are needed for creating VMs with tools like virt-install + or VirtManager, run either locally or from a remote host. + (bsc#1202166) + +- Build fails due to exceeding 10 GB disk limit (10430 MB): + raise disk space contraint to 12 GB + +- Fixes bsc#1204082 + * Patches added: + block-io_uring-revert-Use-io_uring_regis.patch + +- Due to change in where some documentation files are, if + qemu-guest-agent is installed, we need to make sure we update it + to our version (bsc#1203995) + +- The links in the forsplit dirs, in each subpackage, born to deal with + package & subpackage splitting, are not really used. In fact, they're + "Provides:"-ed by a bunch of subpackages, but there's no "Requires:" + for any of them. Let's just get rid of them. + +- The old qemu-binfmt weappers around the various qemu-$ARCH Linux + user emulation binaries (see, e.g., bsc#1186256) are not necessary + any longer, and bsc#1143725 can now be considered fixed. + * Patches dropped: + linux-user-add-binfmt-wrapper-for-argv-0.patch + linux-user-binfmt-support-host-binaries.patch + +- Fix bsc#1204001. Patches are not upstream, and have been picked up + and backported from the ML. This is something we usually prefer to + avoid, but this is urgent, and the patches looks fine, with high + chances for them to be included as they are (and if they're not, we + will revisit this, i.e., drop them and re-include the ones that are + actually committed) + * Patches added: + linux-user-add-more-compat-ioctl-definit.patch + linux-user-drop-conditionals-for-obsolet.patch + linux-user-remove-conditionals-for-many-.patch + meson-enforce-a-minimum-Linux-kernel-hea.patch + +- Improve the output of update_git.sh, by including the list of + repos to which we have downstream patches. + +- Fix: bsc#1202665, CVE-2022-2962 + * Patches added: + net-tulip-Restrict-DMA-engine-to-memorie.patch + +- skip tests that don't work under qemu-linux-user emulation + rdma-core +- Add rdma-ndd-disable-systemd-ProtectHostName-feature.patch to fix issue + where rdma-ndd would not be aware of dynamic hostnames retrived through DHCP + +- Update to v42.0 + - Fixes for all providers +- Dropped patches merged upstream: + - util-Add-barriers-support-for-RISC-V.patch + - cmake-Make-modprobe.d-path-configurable.patch +- Update gen-pandoc.sh to support python3 + +- skip valgrind on riscv64 + +- Update to v39.1 + - Major fixes for hns provider + - Bug fixes for all providers + - systemd hardening + - NDR rate support +- Dropped srp_daemon-Detect-proper-path-to-systemctl.patch + as it was fixed upstream + +- util-Add-barriers-support-for-RISC-V.patch: Backport from upstream: Add + barriers support for RISC-V + rsync +- Fix --delay-updates never updates after interruption [bsc#1204538] + * Added patch rsync-fix-delay-updates-never-updates-after-interruption.patch + +- Add support for --trust-sender parameter (patch by Jie Gong in + bsc#1202970). (related to CVE-2022-29154, bsc#1201840) + * Added patch rsync-CVE-2022-29154-trust-sender-1.patch + * Added patch rsync-CVE-2022-29154-trust-sender-2.patch + sushi +- Update to version 43.0: + + Another stable Sushi release. +- Changes from version 43.rc: + + Make Webkit-4.1 a hard dependency. + swtpm -- Update to version 0.5.3 +- remove selinux support for now. + +- Updated to version 0.7.3: + - swtpm: + - Use uint64_t in tlv_data_append() to avoid integer overflows + - Use uint64_t to avoid integer wrap-around when adding a uint32_t +- removed allow-FORTIFY_SOURCE=3.patch (upstreamed) + +- Cheery-pick upstream patch allow-FORTIFY_SOURCE=3.patch. + +- Update to version 0.7.2: + - swtpm: + - Do not chdir(/) when using --daemon + - swtpm-localca: + - Re-implement variable resolution for swtpm-localca.conf + - tests: + - Use ${WORKDIR} in config files to test env. var replacement + - man pages: + - Add missing .config directory to path description when using ${HOME} + - build-sys: + - Add probing for -fstack-protector + +- Update to version 0.7.1: - - Fix --print-capabilities for 'swtpm chardev' + +- Update to version 0.7.0: + - swtpm: + - Support for linear file storage backend (file://) + - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what + libtpms supports + - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs + - Wipe keys from stack and heap + - Many other small changes + - Make --daemon not racy + - swtpm_setup: + - Only activate SHA256 PCR bank, not SHA1 bank anymore by default + - Support for linear file storage backend (file://) + - Implement option --create-config-files to create config files + - Use non-deprecated APIs to contruct RSA key (OSSL 3) + - Report stderr as returned by external tool (swtpm-localcal) + - Replace '+' and ',' characters in VMId's to make work with + common name in X509 subject + - Add support for --reconfigure flag to change active PCR banks + - swtpm_localca: + - Created certificates for CAs and TPM that do not expire - - Rename deprecated libtasn1 types - - man pages: - - Update the doc of the flag to connect to TPM via UnixIO socket + - Allow passing -1 for days to get a non-expiring certificate + - test: + - ASAN-related test changes and skipping of tests if ASAN is used + - Fix tests using tpm2-abrmd by preventing concurrency + - Skip chardev related tests after checking for chardev support + - exit with error code if mktemp fails + - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test + - build-sys: + - Introduce --enable-sanitizers to configure + - Remove check for pip3 that was used by python swtpm_setup + - Allow passing of aditional CFLAGS during build + +- Update to version 0.6.1: + - swtpm: + - Clear keys from stack and heap + - swtpm-localca: + - Add missing else branch for pkcs11 and PIN + - swtpm_setup: + - Initialize Gerror and free it + - Replace '\\s' in regex with [[:space:]] to fix cygwin + - tests: + - Kill tpm2-abrmd with SIGKILL rather SIGTERM + - build-sys: + - Use -DOPENSSL_SUPPRESS_DEPRECATED to suppress deprecation warnings (OSSL 3) + - Enable configuring with CFLAGS and passing additional CFLAGS on build + +- Update to version 0.6.0: + - Addressed potential symlink attack issue (CVE-2020-28407) + - Rewritten in 'C'; needs json-glib + - Use timeouts for communicating with swtpm (Unix socket) + - Fix --print-capabilities for 'swtpm chardev' + - Various cleanups and fixes (coverity) +- Enable selinux support +- Removed swtpm-rename_deprecated_libtasn1_types.patch: upstream +- Fix rpmlint errors + +- swtpm_cert: rename deprecated libtasn1 types. + * https://github.com/stefanberger/swtpm/pull/443 + * Add swtpm-rename_deprecated_libtasn1_types.patch tiff +- security update: + * CVE-2022-2519 [bsc#1202968] + * CVE-2022-2520 [bsc#1202973] + * CVE-2022-2521 [bsc#1202971] + + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch + * CVE-2022-2867 [bsc#1202466] + * CVE-2022-2868 [bsc#1202467] + * CVE-2022-2869 [bsc#1202468] + + tiff-CVE-2022-2867,CVE-2022-2868,CVE-2022-2869.patch + +- CVE-2022-34266 [bsc#1201971] and [bsc#1201723]: + Rename tiff-CVE-2022-0561.patch to + tiff-CVE-2022-0561,CVE-2022-34266.patch + This CVE is actually a duplicate. + +- security update: + * CVE-2022-34526 [bsc#1202026] + + tiff-CVE-2022-34526.patch + tumbler +- Exclude RAW thumbnailer on Leap 15.5+ as well + +- Allow building against libgepub-0.7 (boo#1203644): + + Adjust BuildRequires to work with libgepub-0.6 or libgepub-0.7. + + Replace libgepub-0.6 occurences in configure script with + libgepub-0.7 when libgepub 0.7 is present. + +- Update to version 4.16.1 + * gst-thumbnailer: Add mime type check (gxo#xfce/tumbler#65) + * desktop-thumbnailer: Guard against null path + * Fix typo in gthread version (gxo#xfce/tumbler!14) + +- Exclude RAW thumbnailer on Tumbleweed only to fix build on Leap + +- RelMgr override: do not package raw thumbnailer, as tumbler does + not yet support openraw 0.3. + util-linux +- Fix file conflict during upgrade (boo#1204211). + util-linux-systemd +- Fix file conflict during upgrade (boo#1204211). + vigra +- Drop baselibs.conf, not necessary +- Use %autosetup +- Add patch to fix build against newer hdf5 (boo#1202460): + * 0001-Add-compatibility-for-hdf5-1-12.patch + -- Version bump to 1.9.0 - * see http://hci.iwr.uni-heidelberg.de/vigra/doc/vigra/CreditsChangelog.html -- Update openexr finding and libdir target. - xen +- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may + take excessively long (XSA-410) + xsa410-01.patch + xsa410-02.patch + xsa410-03.patch + xsa410-04.patch + xsa410-05.patch + xsa410-06.patch + xsa410-07.patch + xsa410-08.patch + xsa410-09.patch + xsa410-10.patch +- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in + transitive grant copy handling (XSA-411) + xsa411.patch + +- bsc#1201994 - Xen DomU unable to emulate audio device + 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch + +- Things are compiling fine now with gcc12. + Drop gcc12-fixes.patch + +- Update to Xen 4.16.2 bug fix release (bsc#1027519) + xen-4.16.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Drop patches contained in new tarball + 625fca42-VT-d-reserved-CAP-ND.patch + 626f7ee8-x86-MSR-handle-P5-MC-reads.patch + 627549d6-IO-shutdown-race.patch + 62a1e594-x86-clean-up-_get_page_type.patch + 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch + 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch + 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch + 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch + 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch + 62a1e649-x86-track-and-flush-non-coherent.patch + 62a99614-IOMMU-x86-gcc12.patch + 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch + 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch + 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch + 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch + 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch + 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch + 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch + 62cc31ee-cmdline-extend-parse_boolean.patch + 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch + 62cd91d0-x86-spec-ctrl-rework-context-switching.patch + 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch + 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch + 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch + 62cd91d5-x86-cpuid-BTC_NO-enum.patch + 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch + 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch + xsa408.patch + +- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels + A previous change to the built-in default had a logic error, + effectively restoring the upstream limit of 1023 channels per domU. + Fix the logic to calculate the default based on the number of vcpus. + adjust libxl.max_event_channels.patch + xfce4-notifyd +- Update to version 0.6.4 + - settings: Improve app icon and name matching + - settings: Sort known apps by notification count + - settings: Show 'Unspecified app' instead of empty line + - daemon: Improve application icon matching + - Correctly reset position during slideout (gxo#apps/xfce4-notifyd#42) + - panel-plugin: Remove duplicate function call (gxo#apps/xfce4-notifyd#40) + - panel-plugin: Fix file monitor (gxo#apps/xfce4-notifyd#40) + - Properly free the GKeyFile + - tests: Add logging test + - Fix compiler warnings + - Fix tooltip grammar + - build: Fix intltool lock file problem during make distcheck + - Update gitignore + - Update COPYING (gxo#apps/xfce4-notifyd#61) + - Translation Updates + xfce4-panel +- Update to 4.16.5 + * systray: Help to keep status notifiers from vanishing + (gxo#xfce/xfce4-panel#102,gxo#xfce/xfce4-panel#243, gxo#xfce/xfce4-panel#599) + * panel: Populate item dialog after setting dialog screen (gxo#xfce/xfce4-panel#62) + * systray: Perform sanity checks also for "NewStatus" signal (gxo#xfce/xfce4-panel#602) + * pager: Properly disconnect signal handler + * tasklist: Guard against null workspace + * panel: Be sure to save plugins before xfconf_shutdown() + * tasklist: Fix critical warning when starting on a disconnected device + * Update `.gitignore` + * libxfce4panel: Destroy plugin prefs dialog on plugin "destroy" signal + * build: Fix intltool lock file problem during make distcheck + * prefs-dialog: Filter out irrelevant selection changes in "Items" tab + * wrapper: Ensure that provider stays alive when processing "g-signal" + * Revert "panel: Keep a reference on item during drag and drop" + * tasklist: Fix wireframe for CSD windows (v2) (gxo#xfce/xfce4-panel#562) + * Translation Updates + xfce4-pulseaudio-plugin +- Update to version 0.4.5 + * Use Source Output Info for recording indicator + to reduce flickering (gxo#panel-plugins/xfce4-pulseaudio-plugin#81) + and to hide it with pavucontrol + (gxo#panel-plugins/xfce4-pulseaudio-plugin#80) + * Display notification on mic volume changes + (gxo#panel-plugins/xfce4-pulseaudio-plugin#42) + * Fix accidental toggling of the mute switch + (gxo#panel-plugins/xfce4-pulseaudio-plugin#64) + * Show notification even when volume is already at max/min + (gxo#panel-plugins/xfce4-pulseaudio-plugin#52) + * Optionally play system sound on volume changes + (gxo#panel-plugins/xfce4-pulseaudio-plugin#4) + * Fix menu position when panel autohide is enabled + * Fix compilation with gcc 10 + * about: Bump copyright year + * Fix typos + * Translation Updates + +- Update to version 0.4.4 + - Add a recording indicator + - Filter out multiple button press events + - Bump urls + - Fix make distcheck + - autoconf: AC_OUTPUT -> AC_CONFIG_FILES + AC_OUTPUT + - Update `.gitignore` + - Create new README.md. Update configure.ac.in + - Add basic GitLab pipeline + - Translation Updates + xfce4-screenshooter +- Update to version 1.9.11 + * Add support to WebP (gxo#apps/xfce4-screenshooter#76) + * Fix window capture in HiDPI mode (gxo#apps/xfce4-screenshooter#73) + * Fix intltool lock file problem during make distcheck + * Add option to Show in File Manager when saving + (gxo#apps/xfce4-screenshooter#47) + * Do not quit after dismissing dialog if invoked from plugin + (gxo#apps/xfce4-screenshooter#71) + * Update COPYING (gxo#apps/xfce4-screenshooter#70) + * Translation Updates + xfdesktop +- Update to version 4.16.1 + - Resolve deadlock on background change (gxo#xfce/xfdesktop#188) + - Allocate memory after error processing + - Remove unused function call (gxo#xfce/xfdesktop#157) + - autoconf: Remove AC_HEADER_STDC + - Do not delete property not set + - Set a pixmap XID, not the XID of the root window (gxo#xfce/xfdesktop#62) + - Fix next background (gxo#xfce/xfdesktop!16) + - build: Fix intltool lock file problem during make distcheck + - Increase opacity of xfce-verticals bg (gxo#xfce/xfdesktop#125) + - Fix Applications Menu memory leak (gxo#xfce/xfdesktop#102) + - Fix gettext extraction from settings/xfce-backdrop-settings.desktop.in.in + - Translation Updates + xorg-x11-server +- U_xkb-proof-GetCountedString-against-request-length-at.patch + * security update for CVE-2022-3550 (bsc#1204412) +- U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch + * security update for CVE-2022-3551 (bsc#1204416) + yast2 +- Improve logging in the ProductControl module, use the new + "log.group" call to group logs for each workflow step + (bsc#1204625) +- 4.5.18 + +- remove #postprocess_url from RelURL class (jsc#SLE-22578, jsc#SLE-24584) +- 4.5.17 + yast2-add-on +- support 'repo' scheme for add-ons (jsc#SLE-22578, jsc#SLE-24584) +- 4.5.2 + yast2-bootloader +- prevent leak of grub2 password to logs(bsc#1201962) +- 4.5.7 + yast2-country +- Use Canadian (CSA) instead of Canadian (Multilingual) keyboard + layout, adapting to xkeyboard-config-2.37 (bsc#1204573) +- 4.5.2 + yast2-firstboot +- Compute properly dependencies of WSL GUI pattern (jsc#PM-3439) +- 4.5.5 + +- Add client to select product in WSL (jsc#PED-1380). +- Allow installing WSL GUI pattern (jsc#PM-3439). +- 4.5.4 + yast2-installation +- add 'repo', 'cd', 'dvd', 'hd', and 'label' schemes to + Yast::Transfer::FileFromUrl (jsc#SLE-22578, jsc#SLE-24584) +- 4.5.8 + yast2-iscsi-client +- Call external commands without path (bsc#1204959) +- 4.5.6 + yast2-network +- Do not assume wicked will be installed by default anymore and + return the needed packages by the selected backend when them + are not installed (bsc#1201235, bsc#1201435) +- 4.5.9 + yast2-packager +- support 'repo' scheme for add-ons (jsc#SLE-22578, jsc#SLE-24584) +- 4.5.6 + yast2-ruby-bindings +- Added "log.group" method for grouping the log messages + (bsc#1204625) +- Update Rakefile to allow installing the Ruby files in inst-sys + using the "yupdate" command +- 4.5.4 + yast2-storage-ng +- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) +- 4.5.11 + +- Unit tests adapted to a recent behavior change in libstorage-ng + (gh#openSUSE/libstorage-ng#900). +- 4.5.10 + zlib -- Fix heap-based buffer over-read or buffer overflow in inflate via - large gzip header extra field (bsc#1202175, CVE-2022-37434, - CVE-2022-37434-extra-header-1.patch, - CVE-2022-37434-extra-header-2.patch). +- Add Power8 optimizations: + * zlib-1.2.12-add-optimized-slide_hash-for-power.patch + * zlib-1.2.12-add-vectorized-longest_match-for-power.patch + * zlib-1.2.12-adler32-vector-optimizations-for-power.patch + * zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch +- Update zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch -- CVE-2018-25032: Fix memory corruption on deflate, bsc#1197459 - * bsc1197459.patch +- Update to 1.2.12: + * A lot of bug fixes + * Improve speed of crc32 functions + * Use ARM crc32 instructions if the ARM architecture has them + For the complete changes, see ChangeLog +- Fixes CVE-2022-37434, heap-based buffer over-read or buffer overflow in + inflate.c via a large gzip header extra field + (CVE-2022-37434, bsc#1202175) +- Added patches: + * zlib-1.2.11-covscan-issues-rhel9.patch + * zlib-1.2.11-covscan-issues.patch + * zlib-1.2.12-s390-vectorize-crc32.patch + * zlib-1.2.12-optimized-crc32-power8.patch + * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch + * zlib-1.2.12-fix-configure.patch + * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch + * zlib-1.2.12-fix-CVE-2022-37434.patch + * zlib-1.2.5-minizip-fixuncrypt.patch +- Removed patches: + * bsc1197459.patch (upstreamed) + * zlib-power8-fate325307.patch + (replaced by zlib-1.2.12-optimized-crc32-power8.patch) + * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch + (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch) + * 410.patch + (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch) +- Refreshed patches: + * zlib-format.patch + * zlib-no-version-check.patch +- Disable profiling since it breaks tests +- Update zlib-rpmlintrc -- Update 410.patch to include new fixes from upstream, - fixes bsc#1192688 +- switch to https urls + +- Fix memory corruption on deflate, bsc#1197459 + * bsc1197459.patch - CVE-2018-25032 +- Update 410.patch + * Remove included patches: + bsc1174551-fxi-imcomplete-raw-streams.patch + zlib-compression-switching.patch + zlib-s390x-z15-fix-hw-compression.patch - to match upstream commit -- Drop patches which changes have been merged in 410.patch: - * zlib-compression-switching.patch - * zlib-390x-z15-fix-hw-compression.patch - * bsc1174551-fxi-imcomplete-raw-streams.patch + +- Don't install (internal) crypt.h header in minizip + * minizip-dont-install-crypt-header.patch +- install to /usr (boo#1029961) + +- Provide a testsuite subpackage to run post-build validation + zypper +- BuildRequires: libzypp-devel >= 17.31.2. +- Fix --[no]-allow-vendor-change feedback in install command + (bsc#1201972) +- version 1.14.57 + +- UsrEtc: Store logrotate files in %{_distconfdir} if defined + (fixes #441, fixes #444) +- Remove unneeded code to compute the PPP status. + Since libzypp 17.23.0 the PPP status is auto established. No + extra solver run is needed. +- Make sure 'up' respects solver related CLI options (bsc#1201972) +- Fix tests to use locale "C.UTF-8" rather than "en_US". +- Fix man page (fixes #451) +- version 1.14.56 +