Packages changed: kernel-source (5.14.9 -> 5.14.11) libwebp (1.2.0 -> 1.2.1) ndctl nvme-cli salt === Details === ==== kernel-source ==== Version update (5.14.9 -> 5.14.11) - Linux 5.14.11 (bsc#1012628). - Revert "ARM: imx6q: drop of_platform_default_populate() from init_machine" (bsc#1012628). - Revert "brcmfmac: use ISO3166 country code and 0 rev as fallback" (bsc#1012628). - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD (bsc#1012628). - perf/x86: Reset destroy callback on event init failure (bsc#1012628). - KVM: x86: nSVM: restore int_vector in svm_clear_vintr (bsc#1012628). - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] (bsc#1012628). - KVM: x86: reset pdptrs_from_userspace when exiting smm (bsc#1012628). - KVM: do not shrink halt_poll_ns below grow_start (bsc#1012628). - selftests: KVM: Align SMCCC call with the spec in steal_time (bsc#1012628). - kasan: always respect CONFIG_KASAN_STACK (bsc#1012628). - tools/vm/page-types: remove dependency on opt_file for idle page tracking (bsc#1012628). - block: don't call rq_qos_ops->done_bio if the bio isn't tracked (bsc#1012628). - io_uring: allow conditional reschedule for intensive iterators (bsc#1012628). - x86/insn, tools/x86: Fix undefined behavior due to potential unaligned accesses (bsc#1012628). - smb3: correct smb3 ACL security descriptor (bsc#1012628). - irqchip/gic: Work around broken Renesas integration (bsc#1012628). - scsi: ses: Retry failed Send/Receive Diagnostic commands (bsc#1012628). - thermal/drivers/tsens: Fix wrong check for tzd in irq handlers (bsc#1012628). - nvme-fc: avoid race between time out and tear down (bsc#1012628). - nvme-fc: update hardware queues before using them (bsc#1012628). - swiotlb-xen: ensure to issue well-formed XENMEM_exchange requests (bsc#1012628). - Xen/gntdev: don't ignore kernel unmapping error (bsc#1012628). - selftests: kvm: fix get_run_delay() ignoring fscanf() return warn (bsc#1012628). - selftests: kvm: move get_run_delay() into lib/test_util (bsc#1012628). - selftests:kvm: fix get_trans_hugepagesz() ignoring fscanf() return warn (bsc#1012628). - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn (bsc#1012628). - selftests: be sure to make khdr before other targets (bsc#1012628). - habanalabs/gaudi: fix LBW RR configuration (bsc#1012628). - habanalabs: fail collective wait when not supported (bsc#1012628). - habanalabs/gaudi: use direct MSI in single mode (bsc#1012628). - usb: dwc2: check return value after calling platform_get_resource() (bsc#1012628). - usb: testusb: Fix for showing the connection speed (bsc#1012628). - scsi: elx: efct: Do not hold lock while calling fc_vport_terminate() (bsc#1012628). - scsi: sd: Free scsi_disk device via put_device() (bsc#1012628). - drm/amdkfd: fix svm_migrate_fini warning (bsc#1012628). - drm/amdkfd: handle svm migrate init error (bsc#1012628). - ext2: fix sleeping in atomic bugs on error (bsc#1012628). - platform/x86: gigabyte-wmi: add support for B550I Aorus Pro AX (bsc#1012628). - sparc64: fix pci_iounmap() when CONFIG_PCI is not set (bsc#1012628). - xen-netback: correct success/error reporting for the SKB-with-fraglist case (bsc#1012628). - net: mdio: introduce a shutdown method to mdio device drivers (bsc#1012628). - btrfs: fix mount failure due to past and transient device flush error (bsc#1012628). - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling (bsc#1012628). - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN (bsc#1012628). - platform/x86: touchscreen_dmi: Update info for the Chuwi Hi10 Plus (CWI527) tablet (bsc#1012628). - platform/x86: touchscreen_dmi: Add info for the Chuwi HiBook (CWI514) tablet (bsc#1012628). - afs: Add missing vnode validation checks (bsc#1012628). - spi: rockchip: handle zero length transfers without timing out (bsc#1012628). - commit 834dddd - iwlwifi: Fix MODULE_FIRMWARE() for non-existing ucode version (boo#1191417). - commit 6597512 - Linux 5.14.10 (bsc#1012628). - media: hantro: Fix check for single irq (bsc#1012628). - media: cedrus: Fix SUNXI tile size calculation (bsc#1012628). - media: s5p-jpeg: rename JPEG marker constants to prevent build warnings (bsc#1012628). - ASoC: fsl_sai: register platform component before registering cpu dai (bsc#1012628). - ASoC: fsl_esai: register platform component before registering cpu dai (bsc#1012628). - ASoC: fsl_micfil: register platform component before registering cpu dai (bsc#1012628). - ASoC: fsl_spdif: register platform component before registering cpu dai (bsc#1012628). - ASoC: fsl_xcvr: register platform component before registering cpu dai (bsc#1012628). - ASoC: mediatek: common: handle NULL case in suspend/resume function (bsc#1012628). - scsi: elx: efct: Fix void-pointer-to-enum-cast warning for efc_nport_topology (bsc#1012628). - ASoC: SOF: Fix DSP oops stack dump output contents (bsc#1012628). - ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and SRAM types (bsc#1012628). - ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and SRAM types (bsc#1012628). - pinctrl: qcom: spmi-gpio: correct parent irqspec translation (bsc#1012628). - net/mlx4_en: Resolve bad operstate value (bsc#1012628). - s390/qeth: Fix deadlock in remove_discipline (bsc#1012628). - s390/qeth: fix deadlock during failing recovery (bsc#1012628). - m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (bsc#1012628). - NIOS2: fix kconfig unmet dependency warning for SERIAL_CORE_CONSOLE (bsc#1012628). - kasan: fix Kconfig check of CC_HAS_WORKING_NOSANITIZE_ADDRESS (bsc#1012628). - HID: amd_sfh: Fix potential NULL pointer dereference (bsc#1012628). - perf test: Fix DWARF unwind for optimized builds (bsc#1012628). - perf iostat: Use system-wide mode if the target cpu_list is unspecified (bsc#1012628). - perf iostat: Fix Segmentation fault from NULL 'struct perf_counts_values *' (bsc#1012628). - watchdog/sb_watchdog: fix compilation problem due to COMPILE_TEST (bsc#1012628). - tty: Fix out-of-bound vmalloc access in imageblit (bsc#1012628). - cpufreq: schedutil: Use kobject release() method to free sugov_tunables (bsc#1012628). - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS (bsc#1012628). - drm/amdgpu: adjust fence driver enable sequence (bsc#1012628). - drm/amdgpu: avoid over-handle of fence driver fini in s3 test (v2) (bsc#1012628). - drm/amdgpu: stop scheduler when calling hw_fini (v2) (bsc#1012628). - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1012628). - scsi: ufs: ufs-pci: Fix Intel LKF link stability (bsc#1012628). - ALSA: rawmidi: introduce SNDRV_RAWMIDI_IOCTL_USER_PVERSION (bsc#1012628). - ALSA: firewire-motu: fix truncated bytes in message tracepoints (bsc#1012628). - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops (bsc#1012628). - ACPI: NFIT: Use fallback node id when numa info in NFIT table is incorrect (bsc#1012628). - fs-verity: fix signed integer overflow with i_size near S64_MAX (bsc#1012628). - hwmon: (tmp421) handle I2C errors (bsc#1012628). - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (bsc#1012628). - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (bsc#1012628). - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (bsc#1012628). - gpio: pca953x: do not ignore i2c errors (bsc#1012628). - scsi: ufs: Fix illegal offset in UPIU event trace (bsc#1012628). - mac80211: fix use-after-free in CCMP/GCMP RX (bsc#1012628). - platform/x86/intel: hid: Add DMI switches allow list (bsc#1012628). - x86/kvmclock: Move this_cpu_pvti into kvmclock.h (bsc#1012628). - ptp: Fix ptp_kvm_getcrosststamp issue for x86 ptp_kvm (bsc#1012628). - KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() (bsc#1012628). - KVM: x86: nSVM: don't copy virt_ext from vmcb12 (bsc#1012628). - KVM: x86: Clear KVM's cached guest CR3 at RESET/INIT (bsc#1012628). - KVM: x86: Swap order of CPUID entry "index" vs. "significant flag" checks (bsc#1012628). - KVM: nVMX: Filter out all unsupported controls when eVMCS was activated (bsc#1012628). - KVM: SEV: Update svm_vm_copy_asid_from for SEV-ES (bsc#1012628). - KVM: SEV: Pin guest memory for write for RECEIVE_UPDATE_DATA (bsc#1012628). - KVM: SEV: Acquire vcpu mutex when updating VMSA (bsc#1012628). - KVM: SEV: Allow some commands for mirror VM (bsc#1012628). - KVM: SVM: fix missing sev_decommission in sev_receive_start (bsc#1012628). - KVM: nVMX: Fix nested bus lock VM exit (bsc#1012628). - KVM: VMX: Fix a TSX_CTRL_CPUID_CLEAR field mask issue (bsc#1012628). - mmc: renesas_sdhi: fix regression with hard reset on old SDHIs (bsc#1012628). - media: ir_toy: prevent device from hanging during transmit (bsc#1012628). - RDMA/cma: Do not change route.addr.src_addr.ss_family (bsc#1012628). - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests (bsc#1012628). - nbd: use shifts rather than multiplies (bsc#1012628). - drm/amd/display: initialize backlight_ramping_override to false (bsc#1012628). - drm/amd/display: Pass PCI deviceid into DC (bsc#1012628). - drm/amd/display: Fix Display Flicker on embedded panels (bsc#1012628). - drm/amdgpu: force exit gfxoff on sdma resume for rmb s0ix (bsc#1012628). - drm/amdgpu: check tiling flags when creating FB on GFX8- (bsc#1012628). - drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (bsc#1012628). - interconnect: qcom: sdm660: Fix id of slv_cnoc_mnoc_cfg (bsc#1012628). - interconnect: qcom: sdm660: Correct NOC_QOS_PRIORITY shift and mask (bsc#1012628). - drm/i915/gvt: fix the usage of ww lock in gvt scheduler (bsc#1012628). - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 (bsc#1012628). - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog (bsc#1012628). - IB/cma: Do not send IGMP leaves for sendonly Multicast groups (bsc#1012628). - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure (bsc#1012628). - bpf, mips: Validate conditional branch offsets (bsc#1012628). - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (bsc#1012628). - RDMA/irdma: Skip CQP ring during a reset (bsc#1012628). - RDMA/irdma: Validate number of CQ entries on create CQ (bsc#1012628). - RDMA/irdma: Report correct WC error when transport retry counter is exceeded (bsc#1012628). - RDMA/irdma: Report correct WC error when there are MW bind errors (bsc#1012628). - netfilter: nf_tables: unlink table before deleting it (bsc#1012628). - netfilter: log: work around missing softdep backend module (bsc#1012628). - Revert "mac80211: do not use low data rates for data frames with no ack flag" (bsc#1012628). - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (bsc#1012628). - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (bsc#1012628). - mac80211: mesh: fix potentially unaligned access (bsc#1012628). - mac80211-hwsim: fix late beacon hrtimer handling (bsc#1012628). - driver core: fw_devlink: Add support for FWNODE_FLAG_NEEDS_CHILD_BOUND_ON_ADD (bsc#1012628). - net: mdiobus: Set FWNODE_FLAG_NEEDS_CHILD_BOUND_ON_ADD for mdiobus parents (bsc#1012628). - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1012628). - mptcp: don't return sockets in foreign netns (bsc#1012628). - mptcp: allow changing the 'backup' bit when no sockets are open (bsc#1012628). - RDMA/hns: Work around broken constant propagation in gcc 8 (bsc#1012628). - hwmon: (tmp421) report /PVLD condition as fault (bsc#1012628). - hwmon: (tmp421) fix rounding for negative values (bsc#1012628). - net: enetc: fix the incorrect clearing of IF_MODE bits (bsc#1012628). - net: ipv4: Fix rtnexthop len when RTA_FLOW is present (bsc#1012628). - smsc95xx: fix stalled rx after link change (bsc#1012628). - drm/i915/request: fix early tracepoints (bsc#1012628). - drm/i915: Remove warning from the rps worker (bsc#1012628). - dsa: mv88e6xxx: 6161: Use chip wide MAX MTU (bsc#1012628). - dsa: mv88e6xxx: Fix MTU definition (bsc#1012628). - dsa: mv88e6xxx: Include tagger overhead when setting MTU for DSA and CPU ports (bsc#1012628). - e100: fix length calculation in e100_get_regs_len (bsc#1012628). - e100: fix buffer overrun in e100_get_regs (bsc#1012628). - RDMA/hfi1: Fix kernel pointer leak (bsc#1012628). - RDMA/hns: Fix the size setting error when copying CQE in clean_cq() (bsc#1012628). - RDMA/hns: Add the check of the CQE size of the user space (bsc#1012628). - bpf: Exempt CAP_BPF from checks against bpf_jit_limit (bsc#1012628). - libbpf: Fix segfault in static linker for objects without BTF (bsc#1012628). - selftests, bpf: Fix makefile dependencies on libbpf (bsc#1012628). - selftests, bpf: test_lwt_ip_encap: Really disable rp_filter (bsc#1012628). - bpf, x86: Fix bpf mapping of atomic fetch implementation (bsc#1012628). - net: ks8851: fix link error (bsc#1012628). - ionic: fix gathering of debug stats (bsc#1012628). - Revert "block, bfq: honor already-setup queue merges" (bsc#1012628). - scsi: csiostor: Add module softdep on cxgb4 (bsc#1012628). - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup (bsc#1012628). - net: hns3: do not allow call hns3_nic_net_open repeatedly (bsc#1012628). - net: hns3: remove tc enable checking (bsc#1012628). - net: hns3: don't rollback when destroy mqprio fail (bsc#1012628). - net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and HCLGE_FLAG_DCB_ENABLE (bsc#1012628). - net: hns3: fix show wrong state when add existing uc mac address (bsc#1012628). - net: hns3: reconstruct function hns3_self_test (bsc#1012628). - net: hns3: fix always enable rx vlan filter problem after selftest (bsc#1012628). - net: hns3: disable firmware compatible features when uninstall PF (bsc#1012628). - net: phy: bcm7xxx: Fixed indirect MMD operations (bsc#1012628). - net: sched: flower: protect fl_walk() with rcu (bsc#1012628). - net: stmmac: fix EEE init issue when paired with EEE capable PHYs (bsc#1012628). - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (bsc#1012628). - objtool: Teach get_alt_entry() about more relocation types (bsc#1012628). - perf/x86/intel: Update event constraints for ICX (bsc#1012628). - sched/fair: Add ancestors of unthrottled undecayed cfs_rq (bsc#1012628). - sched/fair: Null terminate buffer when updating tunable_scaling (bsc#1012628). - hwmon: (occ) Fix P10 VRM temp sensors (bsc#1012628). - hwmon: (pmbus/mp2975) Add missed POUT attribute for page 1 mp2975 controller (bsc#1012628). - kvm: fix objtool relocation warning (bsc#1012628). - nvme: add command id quirk for apple controllers (bsc#1012628). - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings (bsc#1012628). - driver core: fw_devlink: Improve handling of cyclic dependencies (bsc#1012628). - debugfs: debugfs_create_file_size(): use IS_ERR to check for error (bsc#1012628). - ipack: ipoctal: fix stack information leak (bsc#1012628). - ipack: ipoctal: fix tty registration race (bsc#1012628). - ipack: ipoctal: fix tty-registration error handling (bsc#1012628). - ipack: ipoctal: fix missing allocation-failure check (bsc#1012628). - ipack: ipoctal: fix module reference leak (bsc#1012628). - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1012628). - ext4: limit the number of blocks in one ADD_RANGE TLV (bsc#1012628). - ext4: fix reserved space counter leakage (bsc#1012628). - ext4: add error checking to ext4_ext_replay_set_iblocks() (bsc#1012628). - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1012628). - ext4: flush s_error_work before journal destroy in ext4_fill_super (bsc#1012628). - HID: u2fzero: ignore incomplete packets without data (bsc#1012628). - net: udp: annotate data race around udp_sk(sk)->corkflag (bsc#1012628). - NIOS2: setup.c: drop unused variable 'dram_start' (bsc#1012628). - usb: hso: remove the bailout parameter (bsc#1012628). - HID: betop: fix slab-out-of-bounds Write in betop_probe (bsc#1012628). - netfilter: ipset: Fix oversized kvmalloc() calls (bsc#1012628). - mm: don't allow oversized kvmalloc() calls (bsc#1012628). - HID: usbhid: free raw_report buffers in usbhid_stop (bsc#1012628). - crypto: aesni - xts_crypt() return if walk.nbytes is 0 (bsc#1012628). - KVM: x86: Handle SRCU initialization failure during page track init (bsc#1012628). - netfilter: conntrack: serialize hash resizes and cleanups (bsc#1012628). - netfilter: nf_tables: Fix oversized kvmalloc() calls (bsc#1012628). - drivers: net: mhi: fix error path in mhi_net_newlink (bsc#1012628). - objtool: print out the symbol type when complaining about it (bsc#1012628). - HID: amd_sfh: Fix potential NULL pointer dereference - take 2 (bsc#1012628). - commit 7c980ba - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors (bsc#1190801). - commit 924f4be - rpm: use _rpmmacrodir (boo#1191384) - commit e350c14 ==== libwebp ==== Version update (1.2.0 -> 1.2.1) Subpackages: libwebp7 libwebpdemux2 libwebpmux3 - update to 1.2.1: * minor lossless encoder improvements and x86 color conversion speed up * further security related hardening in libwebp & examples * toolchain updates and bug fixes * use more inclusive language within the source ==== ndctl ==== - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_ndctl-monitor.service.patch ==== nvme-cli ==== - Drop ProtectClock hardening, can cause issues if other device acceess is needed - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_nvmf-connect@.service.patch ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration salt-transactional-update - Fix issues with salt-ssh's extra-filerefs - Added: * fix-issues-with-salt-ssh-s-extra-filerefs.patch - Fix crash when calling manage.not_alive runners - Added: * fix-crash-when-calling-manage.not_alive-runners.patch - Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446) - Added: * 3003.3-do-not-consider-skipped-targets-as-failed-for.patch